castle-rb 4.2.0 → 6.0.1

data/spec/lib/castle/failover/strategy_spec.rb

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+describe Castle::Failover::Strategy do
+  subject(:strategy) { described_class }
+
+  it { expect(strategy::ALLOW).to be_eql(:allow) }
+  it { expect(strategy::DENY).to be_eql(:deny) }
+  it { expect(strategy::CHALLENGE).to be_eql(:challenge) }
+  it { expect(strategy::THROW).to be_eql(:throw) }
+
+  it { expect(Castle::Failover::STRATEGIES).to be_eql(%i[allow deny challenge throw]) }
+end

data/spec/lib/castle/{extractors/headers_spec.rb → headers/extract_spec.rb}

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
-describe Castle::Extractors::Headers do
-  subject(:headers) { described_class.new(formatted_headers).call }
+describe Castle::Headers::Extract do
+  subject(:extract_call) { described_class.new(formatted_headers).call }
 
   let(:formatted_headers) do
     {
@@ -16,11 +16,11 @@ describe Castle::Extractors::Headers do
   end
 
   after do
-    Castle.config.whitelisted = %w[]
-    Castle.config.blacklisted = %w[]
+    Castle.config.allowlisted = %w[]
+    Castle.config.denylisted = %w[]
   end
 
-  context 'when whitelist is not set in the configuration' do
+  context 'when allowlist is not set in the configuration' do
     let(:result) do
       {
         'Accept' => 'application/json',
@@ -33,11 +33,11 @@ describe Castle::Extractors::Headers do
       }
     end
 
-    it { expect(headers).to eq(result) }
+    it { expect(extract_call).to eq(result) }
   end
 
-  context 'when whitelist is set in the configuration' do
-    before { Castle.config.whitelisted = %w[Accept OK] }
+  context 'when allowlist is set in the configuration' do
+    before { Castle.config.allowlisted = %w[Accept OK] }
 
     let(:result) do
       {
@@ -51,10 +51,10 @@ describe Castle::Extractors::Headers do
       }
     end
 
-    it { expect(headers).to eq(result) }
+    it { expect(extract_call).to eq(result) }
   end
 
-  context 'when blacklist is set in the configuration' do
+  context 'when denylist is set in the configuration' do
     context 'with a User-Agent' do
       let(:result) do
         {
@@ -68,9 +68,9 @@ describe Castle::Extractors::Headers do
         }
       end
 
-      before { Castle.config.blacklisted = %w[User-Agent] }
+      before { Castle.config.denylisted = %w[User-Agent] }
 
-      it { expect(headers).to eq(result) }
+      it { expect(extract_call).to eq(result) }
     end
 
     context 'with a different header' do
@@ -86,20 +86,20 @@ describe Castle::Extractors::Headers do
         }
       end
 
-      before { Castle.config.blacklisted = %w[Accept] }
+      before { Castle.config.denylisted = %w[Accept] }
 
-      it { expect(headers).to eq(result) }
+      it { expect(extract_call).to eq(result) }
     end
   end
 
-  context 'when a header is both whitelisted and blacklisted' do
+  context 'when a header is both allowlisted and denylisted' do
     before do
-      Castle.config.whitelisted = %w[Accept]
-      Castle.config.blacklisted = %w[Accept]
+      Castle.config.allowlisted = %w[Accept]
+      Castle.config.denylisted = %w[Accept]
     end
 
     it do
-      expect(headers['Accept']).to eq(true)
+      expect(extract_call['Accept']).to eq(true)
     end
   end
 end

data/spec/lib/castle/{headers_filter_spec.rb → headers/filter_spec.rb}

@@ -1,21 +1,22 @@
 # frozen_string_literal: true
 
-describe Castle::HeadersFilter do
-  subject(:headers) { described_class.new(request).call }
+describe Castle::Headers::Filter do
+  subject(:filter_call) { described_class.new(request).call }
 
   let(:env) do
-    Rack::MockRequest.env_for(
+    result = Rack::MockRequest.env_for(
       '/',
       'Action-Dispatch.request.content-Type' => 'application/json',
       'HTTP_AUTHORIZATION' => 'Basic 123456',
       'HTTP_COOKIE' => '__cid=abcd;other=efgh',
-      'http-ok' => 'OK',
       'HTTP_ACCEPT' => 'application/json',
       'HTTP_X_FORWARDED_FOR' => '1.2.3.4',
       'HTTP_USER_AGENT' => 'Mozilla 1234',
       'TEST' => '1',
       'REMOTE_ADDR' => '1.2.3.4'
     )
+    result[:HTTP_OK] = 'OK'
+    result
   end
   let(:filtered) do
     {
@@ -32,6 +33,6 @@ describe Castle::HeadersFilter do
   let(:request) { Rack::Request.new(env) }
 
   context 'with list of header' do
-    it { expect(headers).to eq(filtered) }
+    it { expect(filter_call).to eq(filtered) }
   end
 end

data/spec/lib/castle/headers/format_spec.rb

@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+
+describe Castle::Headers::Format do
+  subject(:format) { described_class }
+
+  it 'removes HTTP_' do
+    expect(format.call('HTTP_X_TEST')).to be_eql('X-Test')
+  end
+
+  it 'capitalizes header' do
+    expect(format.call('X_TEST')).to be_eql('X-Test')
+  end
+
+  it 'ignores letter case and -_ divider' do
+    expect(format.call('http-X_teST')).to be_eql('X-Test')
+  end
+
+  it 'does not remove http if there is no _- char' do
+    expect(format.call('httpX_teST')).to be_eql('Httpx-Test')
+  end
+
+  it 'capitalizes' do
+    expect(format.call(:clearance)).to be_eql('Clearance')
+  end
+end

data/spec/lib/castle/{extractors/ip_spec.rb → ips/extract_spec.rb}

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-describe Castle::Extractors::IP do
+describe Castle::IPs::Extract do
   subject(:extractor) { described_class.new(headers) }
 
   describe 'ip' do
@@ -44,7 +44,7 @@ describe Castle::Extractors::IP do
 
     context 'with all the trusted proxies' do
       let(:http_x_header) do
-        '127.0.0.1,10.0.0.1,172.31.0.1,192.168.0.1,::1,fd00::,localhost,unix,unix:/tmp/sock'
+        '127.0.0.1,10.0.0.1,172.31.0.1,192.168.0.1'
       end
 
       let(:headers) { { 'Remote-Addr' => '127.0.0.1', 'X-Forwarded-For' => http_x_header } }
@@ -54,6 +54,34 @@ describe Castle::Extractors::IP do
       end
     end
 
+    context 'with trust_proxy_chain option' do
+      let(:http_x_header) do
+        '6.6.6.6, 2.2.2.3, 6.6.6.5'
+      end
+
+      let(:headers) { { 'Remote-Addr' => '6.6.6.4', 'X-Forwarded-For' => http_x_header } }
+
+      before { Castle.config.trust_proxy_chain = true }
+
+      it 'selects first available header' do
+        expect(extractor.call).to eql('6.6.6.6')
+      end
+    end
+
+    context 'with trusted_proxy_depth option' do
+      let(:http_x_header) do
+        '6.6.6.6, 2.2.2.3, 6.6.6.5'
+      end
+
+      let(:headers) { { 'Remote-Addr' => '6.6.6.4', 'X-Forwarded-For' => http_x_header } }
+
+      before { Castle.config.trusted_proxy_depth = 1 }
+
+      it 'selects first available header' do
+        expect(extractor.call).to eql('2.2.2.3')
+      end
+    end
+
     context 'when list of not trusted ips provided in X_FORWARDED_FOR' do
       let(:headers) do
         {

data/spec/lib/castle/logger_spec.rb

@@ -0,0 +1,42 @@
+# frozen_string_literal: true
+
+# tmp logger for testing
+class TmpLogger
+  # @param _message [String]
+  def info(_message); end
+end
+
+describe Castle::Logger do
+  subject(:log) do
+    described_class.call(message, data)
+  end
+
+  let(:message) { 'https://localhost/test:' }
+  let(:integration_logger) { TmpLogger.new }
+  let(:data) { { a: 1 }.to_json }
+  let(:logger_message) { "[CASTLE] #{message} #{data}" }
+
+  before do
+    allow(integration_logger).to receive(:info).and_call_original
+  end
+
+  describe '.call' do
+    context 'without logger' do
+      before do
+        Castle.config.logger = nil
+        log
+      end
+
+      it { expect(integration_logger).not_to have_received(:info) }
+    end
+
+    context 'with logger' do
+      before do
+        Castle.config.logger = integration_logger
+        log
+      end
+
+      it { expect(integration_logger).to have_received(:info).with(logger_message) }
+    end
+  end
+end

data/spec/lib/castle/payload/prepare_spec.rb

@@ -0,0 +1,54 @@
+# frozen_string_literal: true
+
+describe Castle::Payload::Prepare do
+  let(:ip) { '1.2.3.4' }
+  let(:cookie_id) { 'abcd' }
+  let(:ua) { 'Chrome' }
+  let(:env) do
+    Rack::MockRequest.env_for(
+      '/',
+      'HTTP_USER_AGENT' => ua,
+      'HTTP_X_FORWARDED_FOR' => ip,
+      'HTTP_COOKIE' => "__cid=#{cookie_id};other=efgh"
+    )
+  end
+  let(:request) { Rack::Request.new(env) }
+
+  let(:headers) do
+    {
+      'Content-Length': '0', 'User-Agent': ua, 'X-Forwarded-For': ip.to_s, 'Cookie': true
+    }
+  end
+  let(:context) do
+    {
+      client_id: 'abcd',
+      active: true,
+      user_agent: ua,
+      headers: headers,
+      ip: ip,
+      library: { name: 'castle-rb', version: '2.2.0' }
+    }
+  end
+
+  let(:time_now) { Time.now }
+  let(:time_formatted) { time_now.utc.iso8601(3) }
+  let(:payload_options) { { user_id: '1234', user_traits: { name: 'Jo' } } }
+  let(:result) do
+    { user_id: '1234', user_traits: { name: 'Jo' }, timestamp: time_formatted, context: context }
+  end
+
+  before do
+    Timecop.freeze(time_now)
+    stub_const('Castle::VERSION', '2.2.0')
+  end
+
+  after { Timecop.return }
+
+  describe '#call' do
+    subject(:generated) { described_class.call(payload_options, request) }
+
+    context 'when active true' do
+      it { is_expected.to eql(result) }
+    end
+  end
+end

data/spec/lib/castle/session_spec.rb

@@ -0,0 +1,88 @@
+# frozen_string_literal: true
+
+describe Castle::Session do
+  describe '.call' do
+    context 'when ssl false' do
+      let(:localhost) { 'localhost' }
+      let(:port) { 3002 }
+
+      before do
+        Castle.config.base_url = 'http://localhost:3002'
+        stub_request(:get, 'localhost:3002/test').to_return(status: 200, body: '{}', headers: {})
+      end
+
+      context 'with block' do
+        let(:api_url) { '/test' }
+        let(:request) { Net::HTTP::Get.new(api_url) }
+
+        before do
+          allow(Net::HTTP)
+            .to receive(:new)
+            .with(localhost, port)
+            .and_call_original
+
+          described_class.call do |http|
+            http.request(request)
+          end
+        end
+
+        it do
+          expect(Net::HTTP)
+            .to have_received(:new)
+            .with(localhost, port)
+        end
+
+        it do
+          expect(a_request(:get, 'localhost:3002/test'))
+            .to have_been_made.once
+        end
+      end
+
+      context 'without block' do
+        before { described_class.call }
+
+        it do
+          expect(a_request(:get, 'localhost:3002/test'))
+            .not_to have_been_made
+        end
+      end
+    end
+
+    context 'when ssl true' do
+      let(:localhost) { 'localhost' }
+      let(:port) { 443 }
+
+      before do
+        Castle.config.base_url = 'https://localhost'
+        stub_request(:get, 'https://localhost/test').to_return(
+          status: 200, body: '{}', headers: {}
+        )
+      end
+
+      context 'with block' do
+        let(:api_url) { '/test' }
+        let(:request) { Net::HTTP::Get.new(api_url) }
+
+        before do
+          allow(Net::HTTP)
+            .to receive(:new)
+            .with(localhost, port)
+            .and_call_original
+
+          allow(Net::HTTP)
+            .to receive(:start)
+
+          described_class.call do |http|
+            http.request(request)
+          end
+        end
+
+        it do
+          expect(Net::HTTP)
+            .to have_received(:new)
+            .with(localhost, port)
+        end
+      end
+    end
+  end
+end

data/spec/lib/castle/singleton_configuration_spec.rb

@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+
+describe Castle::SingletonConfiguration do
+  subject(:config) do
+    described_class.instance
+  end
+
+  it_behaves_like 'configuration_host'
+  it_behaves_like 'configuration_request_timeout'
+  it_behaves_like 'configuration_allowlisted'
+  it_behaves_like 'configuration_denylisted'
+  it_behaves_like 'configuration_failover_strategy'
+  it_behaves_like 'configuration_api_secret'
+
+  it do
+    expect(config.api_secret).to be_eql('secret')
+  end
+end

data/spec/lib/castle/utils/clean_invalid_chars_spec.rb

@@ -0,0 +1,69 @@
+# frozen_string_literal: true
+
+describe Castle::Utils::CleanInvalidChars do
+  describe '::call' do
+    subject { described_class.call(input) }
+
+    context 'when input is a string' do
+      let(:input) { '1234' }
+
+      it { is_expected.to eq input }
+    end
+
+    context 'when input is an array' do
+      let(:input) { [1, 2, 3, '4'] }
+
+      it { is_expected.to eq input }
+    end
+
+    context 'when input is a hash' do
+      let(:input) { { user_id: 1 } }
+
+      it { is_expected.to eq input }
+    end
+
+    context 'when input is nil' do
+      let(:input) { nil }
+
+      it { is_expected.to eq input }
+    end
+
+    context 'when input is a nested hash' do
+      let(:input) { { user: { id: 1 } } }
+
+      it { is_expected.to eq input }
+    end
+
+    context 'with invalid UTF-8 characters' do
+      context 'when input is a hash' do
+        let(:input) { { user_id: "inv\xC4lid" } }
+
+        it { is_expected.to eq(user_id: 'inv�lid') }
+      end
+
+      context 'when input is a nested hash' do
+        let(:input) { { user: { id: "inv\xC4lid" } } }
+
+        it { is_expected.to eq(user: { id: 'inv�lid' }) }
+      end
+
+      context 'when input is an array of hashes' do
+        let(:input) { [{ user: "inv\xC4lid" }] * 2 }
+
+        it { is_expected.to eq([{ user: 'inv�lid' }, { user: 'inv�lid' }]) }
+      end
+
+      context 'when input is an array' do
+        let(:input) { ["inv\xC4lid"] * 2 }
+
+        it { is_expected.to eq(['inv�lid', 'inv�lid']) }
+      end
+
+      context 'when input is a hash with array in key' do
+        let(:input) { { items: ["inv\xC4lid"] * 2 } }
+
+        it { is_expected.to eq(items: ['inv�lid', 'inv�lid']) }
+      end
+    end
+  end
+end