RubyGems - castle-rb - Versions diffs - 4.2.1 → 7.0.0 - Mend

castle-rb 4.2.1 → 7.0.0

Files changed (144) hide show

checksums.yaml +4 -4
data/README.md +160 -45
data/lib/castle.rb +49 -28
data/lib/castle/api.rb +21 -14
data/lib/castle/api/approve_device.rb +20 -0
data/lib/castle/api/authenticate.rb +37 -0
data/lib/castle/api/end_impersonation.rb +24 -0
data/lib/castle/api/filter.rb +37 -0
data/lib/castle/api/get_device.rb +20 -0
data/lib/castle/api/get_devices_for_user.rb +20 -0
data/lib/castle/api/log.rb +37 -0
data/lib/castle/api/report_device.rb +20 -0
data/lib/castle/api/risk.rb +37 -0
data/lib/castle/api/start_impersonation.rb +24 -0
data/lib/castle/api/track.rb +21 -0
data/lib/castle/client.rb +78 -51
data/lib/castle/{extractors/client_id.rb → client_id/extract.rb} +2 -2
data/lib/castle/commands/approve_device.rb +17 -0
data/lib/castle/commands/authenticate.rb +13 -13
data/lib/castle/commands/end_impersonation.rb +25 -0
data/lib/castle/commands/filter.rb +23 -0
data/lib/castle/commands/get_device.rb +17 -0
data/lib/castle/commands/get_devices_for_user.rb +17 -0
data/lib/castle/commands/log.rb +23 -0
data/lib/castle/commands/report_device.rb +17 -0
data/lib/castle/commands/risk.rb +23 -0
data/lib/castle/commands/start_impersonation.rb +25 -0
data/lib/castle/commands/track.rb +12 -13
data/lib/castle/configuration.rb +57 -32
data/lib/castle/context/{default.rb → get_default.rb} +5 -6
data/lib/castle/context/{merger.rb → merge.rb} +3 -3
data/lib/castle/context/prepare.rb +18 -0
data/lib/castle/context/{sanitizer.rb → sanitize.rb} +1 -1
data/lib/castle/core/get_connection.rb +27 -0
data/lib/castle/{api/response.rb → core/process_response.rb} +8 -3
data/lib/castle/core/process_webhook.rb +25 -0
data/lib/castle/core/send_request.rb +42 -0
data/lib/castle/errors.rb +38 -12
data/lib/castle/failover/prepare_response.rb +18 -0
data/lib/castle/failover/strategy.rb +23 -0
data/lib/castle/headers/extract.rb +47 -0
data/lib/castle/headers/filter.rb +40 -0
data/lib/castle/headers/format.rb +24 -0
data/lib/castle/{extractors/ip.rb → ips/extract.rb} +31 -9
data/lib/castle/logger.rb +19 -0
data/lib/castle/payload/prepare.rb +26 -0
data/lib/castle/secure_mode.rb +7 -2
data/lib/castle/session.rb +18 -0
data/lib/castle/singleton_configuration.rb +9 -0
data/lib/castle/support/hanami.rb +2 -6
data/lib/castle/support/rails.rb +1 -3
data/lib/castle/utils/clean_invalid_chars.rb +22 -0
data/lib/castle/utils/clone.rb +15 -0
data/lib/castle/utils/deep_symbolize_keys.rb +45 -0
data/lib/castle/utils/get_timestamp.rb +15 -0
data/lib/castle/utils/{merger.rb → merge.rb} +3 -3
data/lib/castle/utils/secure_compare.rb +22 -0
data/lib/castle/validators/not_supported.rb +1 -0
data/lib/castle/validators/present.rb +1 -0
data/lib/castle/verdict.rb +15 -0
data/lib/castle/version.rb +1 -1
data/lib/castle/webhooks/verify.rb +45 -0
data/spec/integration/rails/rails_spec.rb +42 -14
data/spec/integration/rails/support/application.rb +3 -1
data/spec/integration/rails/support/home_controller.rb +50 -6
data/spec/lib/castle/api/approve_device_spec.rb +21 -0
data/spec/lib/castle/api/authenticate_spec.rb +136 -0
data/spec/lib/castle/api/end_impersonation_spec.rb +65 -0
data/spec/lib/castle/api/filter_spec.rb +5 -0
data/spec/lib/castle/api/get_device_spec.rb +19 -0
data/spec/lib/castle/api/get_devices_for_user_spec.rb +19 -0
data/spec/lib/castle/api/log_spec.rb +5 -0
data/spec/lib/castle/api/report_device_spec.rb +21 -0
data/spec/lib/castle/api/risk_spec.rb +5 -0
data/spec/lib/castle/api/start_impersonation_spec.rb +65 -0
data/spec/lib/castle/api/track_spec.rb +72 -0
data/spec/lib/castle/api_spec.rb +14 -15
data/spec/lib/castle/{extractors/client_id_spec.rb → client_id/extract_spec.rb} +6 -15
data/spec/lib/castle/client_spec.rb +108 -93
data/spec/lib/castle/commands/approve_device_spec.rb +24 -0
data/spec/lib/castle/commands/authenticate_spec.rb +15 -31
data/spec/lib/castle/commands/end_impersonation_spec.rb +79 -0
data/spec/lib/castle/commands/filter_spec.rb +99 -0
data/spec/lib/castle/commands/get_device_spec.rb +24 -0
data/spec/lib/castle/commands/{review_spec.rb → get_devices_for_user_spec.rb} +7 -7
data/spec/lib/castle/commands/log_spec.rb +100 -0
data/spec/lib/castle/commands/report_device_spec.rb +24 -0
data/spec/lib/castle/commands/risk_spec.rb +100 -0
data/spec/lib/castle/commands/start_impersonation_spec.rb +79 -0
data/spec/lib/castle/commands/track_spec.rb +14 -34
data/spec/lib/castle/configuration_spec.rb +8 -141
data/spec/lib/castle/context/{default_spec.rb → get_default_spec.rb} +9 -10
data/spec/lib/castle/context/{merger_spec.rb → merge_spec.rb} +1 -1
data/spec/lib/castle/context/prepare_spec.rb +43 -0
data/spec/lib/castle/context/{sanitizer_spec.rb → sanitize_spec.rb} +1 -1
data/spec/lib/castle/core/get_connection_spec.rb +43 -0
data/spec/lib/castle/{api/response_spec.rb → core/process_response_spec.rb} +49 -1
data/spec/lib/castle/core/process_webhook_spec.rb +46 -0
data/spec/lib/castle/core/send_request_spec.rb +77 -0
data/spec/lib/castle/failover/strategy_spec.rb +12 -0
data/spec/lib/castle/{extractors/headers_spec.rb → headers/extract_spec.rb} +18 -20
data/spec/lib/castle/headers/filter_spec.rb +39 -0
data/spec/lib/castle/headers/format_spec.rb +25 -0
data/spec/lib/castle/{extractors/ip_spec.rb → ips/extract_spec.rb} +27 -8
data/spec/lib/castle/logger_spec.rb +38 -0
data/spec/lib/castle/payload/prepare_spec.rb +55 -0
data/spec/lib/castle/session_spec.rb +65 -0
data/spec/lib/castle/singleton_configuration_spec.rb +14 -0
data/spec/lib/castle/utils/clean_invalid_chars_spec.rb +69 -0
data/spec/lib/castle/utils/{cloner_spec.rb → clone_spec.rb} +3 -3
data/spec/lib/castle/utils/deep_symbolize_keys_spec.rb +50 -0
data/spec/lib/castle/utils/{timestamp_spec.rb → get_timestamp_spec.rb} +1 -1
data/spec/lib/castle/utils/merge_spec.rb +15 -0
data/spec/lib/castle/validators/present_spec.rb +5 -6
data/spec/lib/castle/verdict_spec.rb +9 -0
data/spec/lib/castle/webhooks/verify_spec.rb +53 -0
data/spec/lib/castle_spec.rb +4 -10
data/spec/spec_helper.rb +3 -3
data/spec/support/shared_examples/action_request.rb +152 -0
data/spec/support/shared_examples/configuration.rb +101 -0
metadata +146 -64
data/lib/castle/api/request.rb +0 -42
data/lib/castle/api/session.rb +0 -39
data/lib/castle/commands/identify.rb +0 -23
data/lib/castle/commands/impersonate.rb +0 -26
data/lib/castle/commands/review.rb +0 -14
data/lib/castle/events.rb +0 -49
data/lib/castle/extractors/headers.rb +0 -45
data/lib/castle/failover_auth_response.rb +0 -21
data/lib/castle/headers_filter.rb +0 -35
data/lib/castle/headers_formatter.rb +0 -22
data/lib/castle/review.rb +0 -11
data/lib/castle/utils.rb +0 -55
data/lib/castle/utils/cloner.rb +0 -11
data/lib/castle/utils/timestamp.rb +0 -12
data/spec/lib/castle/api/request_spec.rb +0 -72
data/spec/lib/castle/commands/identify_spec.rb +0 -88
data/spec/lib/castle/commands/impersonate_spec.rb +0 -107
data/spec/lib/castle/events_spec.rb +0 -5
data/spec/lib/castle/headers_filter_spec.rb +0 -37
data/spec/lib/castle/headers_formatter_spec.rb +0 -25
data/spec/lib/castle/review_spec.rb +0 -19
data/spec/lib/castle/utils/merger_spec.rb +0 -13
data/spec/lib/castle/utils_spec.rb +0 -156

data/spec/lib/castle/verdict_spec.rb ADDED Viewed

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+describe Castle::Verdict do
+  subject(:verdict) { described_class }
+  it { expect(verdict::ALLOW).to be_eql('allow') }
+  it { expect(verdict::DENY).to be_eql('deny') }
+  it { expect(verdict::CHALLENGE).to be_eql('challenge') }
+end

data/spec/lib/castle/webhooks/verify_spec.rb ADDED Viewed

@@ -0,0 +1,53 @@
+# frozen_string_literal: true
+describe Castle::Webhooks::Verify do
+  describe '#call' do
+    subject(:call) { described_class.call(webhook) }
+    let(:env) { Rack::MockRequest.env_for('/', 'HTTP_X_CASTLE_SIGNATURE' => signature) }
+    let(:webhook) { Rack::Request.new(env) }
+    let(:user_id) { '12345' }
+    let(:webhook_body) do
+      {
+        api_version: 'v1',
+        app_id: '12345',
+        type: '$incident.confirmed',
+        created_at: '2020-12-18T12:55:21.779Z',
+        data: {
+          id: 'test',
+          device_token: 'token',
+          user_id: user_id,
+          trigger: '$login.succeeded',
+          context: {},
+          location: {},
+          user_agent: {}
+        },
+        user_traits: {},
+        properties: {},
+        policy: {}
+      }.to_json
+    end
+    context 'when success' do
+      let(:signature) { '3ptx3rUOBnGEqPjMrbcJn2UUfzwTKP54dFyP5uyPY+Y=' }
+      before { allow(Castle::Core::ProcessWebhook).to receive(:call).and_return(webhook_body) }
+      it { expect { call }.not_to raise_error }
+    end
+    context 'when signature is malformed' do
+      let(:signature) { '123' }
+      before { allow(Castle::Core::ProcessWebhook).to receive(:call).and_return(webhook_body) }
+      it do
+        expect { call }.to raise_error(
+          Castle::WebhookVerificationError,
+          'Signature not matching the expected signature'
+        )
+      end
+    end
+  end
+end

data/spec/lib/castle_spec.rb CHANGED Viewed

@@ -42,11 +42,7 @@ describe Castle do
     end
     context 'with block and options' do
-      before do
-        castle.configure(request_timeout: timeout) do |config|
-          config.api_secret = value
-        end
-      end
+      before { castle.configure(request_timeout: timeout) { |config| config.api_secret = value } }
       it_behaves_like 'config_setup'
     end
@@ -56,11 +52,9 @@ describe Castle do
     let(:value) { 'new_secret' }
     it do
-      expect do
-        castle.configure do |config|
-          config.wrong_config = value
-        end
-      end.to raise_error(Castle::ConfigurationError)
+      expect { castle.configure { |config| config.wrong_config = value } }.to raise_error(
+        Castle::ConfigurationError
+      )
     end
   end
 end

data/spec/spec_helper.rb CHANGED Viewed

@@ -14,11 +14,11 @@ require 'castle'
 WebMock.disable_net_connect!(allow_localhost: true)
+Dir['./spec/support/**/*.rb'].sort.each { |f| require f }
 RSpec.configure do |config|
   config.before do
     Castle.config.reset
-    Castle.configure do |cfg|
-      cfg.api_secret = 'secret'
-    end
+    Castle.configure { |cfg| cfg.api_secret = 'secret' }
   end
 end

data/spec/support/shared_examples/action_request.rb ADDED Viewed

@@ -0,0 +1,152 @@
+# frozen_string_literal: true
+RSpec.shared_examples_for 'action request' do |action|
+  subject(:request_response) { client.send(action.to_sym, options) }
+  let(:options) do
+    {
+      request_token: request_token,
+      event: event,
+      status: status,
+      user: user,
+      context: context,
+      properties: properties
+    }
+  end
+  let(:request_token) { '7e51335b-f4bc-4bc7-875d-b713fb61eb23-bf021a3022a1a302' }
+  let(:event) { '$login' }
+  let(:status) { '$succeeded' }
+  let(:user) { { id: '1234', email: 'foobar@mail.com' } }
+  let(:properties) { {} }
+  let(:request_body) do
+    {
+      request_token: request_token,
+      event: event,
+      status: status,
+      user: user,
+      context: context,
+      properties: properties,
+      timestamp: time_auto,
+      sent_at: time_auto
+    }
+  end
+  context 'when used with symbol keys' do
+    it do
+      request_response
+      assert_requested :post, "https://api.castle.io/v1/#{action}", times: 1 do |req|
+        JSON.parse(req.body) == JSON.parse(request_body.to_json)
+      end
+    end
+    context 'when passed timestamp in options and no defined timestamp' do
+      let(:client) { client_with_no_timestamp }
+      before do
+        options[:timestamp] = time_user
+        request_body[:timestamp] = time_user
+        request_response
+      end
+      it do
+        assert_requested :post, "https://api.castle.io/v1/#{action}", times: 1 do |req|
+          JSON.parse(req.body) == JSON.parse(request_body.to_json)
+        end
+      end
+    end
+    context 'with client initialized with timestamp' do
+      let(:client) { client_with_user_timestamp }
+      before do
+        request_body[:timestamp] = time_user
+        request_response
+      end
+      it do
+        assert_requested :post, "https://api.castle.io/v1/#{action}", times: 1 do |req|
+          JSON.parse(req.body) == JSON.parse(request_body.to_json)
+        end
+      end
+    end
+  end
+  context 'when used with string keys' do
+    before { request_response }
+    it do
+      assert_requested :post, "https://api.castle.io/v1/#{action}", times: 1 do |req|
+        JSON.parse(req.body) == JSON.parse(request_body.to_json)
+      end
+    end
+  end
+  context 'when tracking enabled' do
+    before { request_response }
+    it do
+      assert_requested :post, "https://api.castle.io/v1/#{action}", times: 1 do |req|
+        JSON.parse(req.body) == JSON.parse(request_body.to_json)
+      end
+    end
+    it { expect(request_response[:failover]).to be false }
+    it { expect(request_response[:failover_reason]).to be_nil }
+  end
+  context 'when tracking disabled' do
+    before do
+      client.disable_tracking
+      request_response
+    end
+    it { assert_not_requested :post, "https://api.castle.io/v1/#{action}" }
+    it { expect(request_response[:action]).to be_eql(Castle::Verdict::ALLOW) }
+    it { expect(request_response[:user_id]).to be_eql('1234') }
+    it { expect(request_response[:failover]).to be true }
+    it { expect(request_response[:failover_reason]).to be_eql('Castle is set to do not track.') }
+  end
+  context 'when request with fail' do
+    before do
+      allow(Castle::API).to receive(:send_request).and_raise(
+        Castle::RequestError.new(Timeout::Error)
+      )
+    end
+    context 'with request error and throw strategy' do
+      before { allow(Castle.config).to receive(:failover_strategy).and_return(:throw) }
+      it { expect { request_response }.to raise_error(Castle::RequestError) }
+    end
+    context 'with request error and not throw on eg deny strategy' do
+      it { assert_not_requested :post, "https:/:secret@api.castle.io/v1/#{action}" }
+      it { expect(request_response[:action]).to be_eql('allow') }
+      it { expect(request_response[:user_id]).to be_eql('1234') }
+      it { expect(request_response[:failover]).to be true }
+      it { expect(request_response[:failover_reason]).to be_eql('Castle::RequestError') }
+    end
+  end
+  context 'when request is internal server error' do
+    before { allow(Castle::API).to receive(:send_request).and_raise(Castle::InternalServerError) }
+    describe 'throw strategy' do
+      before { allow(Castle.config).to receive(:failover_strategy).and_return(:throw) }
+      it { expect { request_response }.to raise_error(Castle::InternalServerError) }
+    end
+    describe 'not throw on eg deny strategy' do
+      it { assert_not_requested :post, "https:/:secret@api.castle.io/v1/#{action}" }
+      it { expect(request_response[:action]).to be_eql('allow') }
+      it { expect(request_response[:user_id]).to be_eql('1234') }
+      it { expect(request_response[:failover]).to be true }
+      it { expect(request_response[:failover_reason]).to be_eql('Castle::InternalServerError') }
+    end
+  end
+end

data/spec/support/shared_examples/configuration.rb ADDED Viewed

@@ -0,0 +1,101 @@
+# frozen_string_literal: true
+shared_examples 'configuration_host' do
+  describe 'host' do
+    context 'with default' do
+      it { expect(config.base_url.host).to be_eql('api.castle.io') }
+    end
+    context 'with setter' do
+      before { config.base_url = 'http://api.castle.dev/v2' }
+      it { expect(config.base_url.host).to be_eql('api.castle.dev') }
+    end
+  end
+end
+shared_examples 'configuration_request_timeout' do
+  describe 'request_timeout' do
+    it { expect(config.request_timeout).to be_eql(1000) }
+    context 'with setter' do
+      let(:value) { 50.0 }
+      before { config.request_timeout = value }
+      it { expect(config.request_timeout).to be_eql(value) }
+    end
+  end
+end
+shared_examples 'configuration_allowlisted' do
+  describe 'allowlisted' do
+    it { expect(config.allowlisted.size).to be_eql(0) }
+    context 'with setter' do
+      before { config.allowlisted = ['header'] }
+      it { expect(config.allowlisted).to be_eql(['Header']) }
+    end
+  end
+end
+shared_examples 'configuration_denylisted' do
+  describe 'denylisted' do
+    it { expect(config.denylisted.size).to be_eql(0) }
+    context 'with setter' do
+      before { config.denylisted = ['header'] }
+      it { expect(config.denylisted).to be_eql(['Header']) }
+    end
+  end
+end
+shared_examples 'configuration_failover_strategy' do
+  describe 'failover_strategy' do
+    it { expect(config.failover_strategy).to be_eql(Castle::Failover::Strategy::ALLOW) }
+    context 'with setter' do
+      before { config.failover_strategy = Castle::Failover::Strategy::DENY }
+      it { expect(config.failover_strategy).to be_eql(Castle::Failover::Strategy::DENY) }
+    end
+    context 'when broken' do
+      it do
+        expect { config.failover_strategy = :unicorn }.to raise_error(Castle::ConfigurationError)
+      end
+    end
+  end
+end
+shared_examples 'configuration_api_secret' do
+  describe 'api_secret' do
+    context 'with env' do
+      let(:secret_key_env) { 'secret_key_env' }
+      let(:secret_key) { 'secret_key' }
+      before do
+        allow(ENV).to receive(:fetch).with('CASTLE_API_SECRET', '').and_return(secret_key_env)
+        config.reset
+      end
+      it { expect(config.api_secret).to be_eql(secret_key_env) }
+      context 'when key is overwritten' do
+        before { config.api_secret = secret_key }
+        it { expect(config.api_secret).to be_eql(secret_key) }
+      end
+    end
+    context 'with setter' do
+      let(:value) { 'new_secret' }
+      before { config.api_secret = value }
+      it { expect(config.api_secret).to be_eql(value) }
+    end
+  end
+end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: castle-rb
 version: !ruby/object:Gem::Version
-  version: 4.2.1
+  version: 7.0.0
 platform: ruby
 authors:
 - Johan Brissmyr
-autorequire:
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-04-07 00:00:00.000000000 Z
+date: 2021-06-03 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: appraisal
@@ -34,81 +34,135 @@ files:
 - lib/castle-rb.rb
 - lib/castle.rb
 - lib/castle/api.rb
-- lib/castle/api/request.rb
-- lib/castle/api/response.rb
-- lib/castle/api/session.rb
+- lib/castle/api/approve_device.rb
+- lib/castle/api/authenticate.rb
+- lib/castle/api/end_impersonation.rb
+- lib/castle/api/filter.rb
+- lib/castle/api/get_device.rb
+- lib/castle/api/get_devices_for_user.rb
+- lib/castle/api/log.rb
+- lib/castle/api/report_device.rb
+- lib/castle/api/risk.rb
+- lib/castle/api/start_impersonation.rb
+- lib/castle/api/track.rb
 - lib/castle/client.rb
+- lib/castle/client_id/extract.rb
 - lib/castle/command.rb
+- lib/castle/commands/approve_device.rb
 - lib/castle/commands/authenticate.rb
-- lib/castle/commands/identify.rb
-- lib/castle/commands/impersonate.rb
-- lib/castle/commands/review.rb
+- lib/castle/commands/end_impersonation.rb
+- lib/castle/commands/filter.rb
+- lib/castle/commands/get_device.rb
+- lib/castle/commands/get_devices_for_user.rb
+- lib/castle/commands/log.rb
+- lib/castle/commands/report_device.rb
+- lib/castle/commands/risk.rb
+- lib/castle/commands/start_impersonation.rb
 - lib/castle/commands/track.rb
 - lib/castle/configuration.rb
-- lib/castle/context/default.rb
-- lib/castle/context/merger.rb
-- lib/castle/context/sanitizer.rb
+- lib/castle/context/get_default.rb
+- lib/castle/context/merge.rb
+- lib/castle/context/prepare.rb
+- lib/castle/context/sanitize.rb
+- lib/castle/core/get_connection.rb
+- lib/castle/core/process_response.rb
+- lib/castle/core/process_webhook.rb
+- lib/castle/core/send_request.rb
 - lib/castle/errors.rb
-- lib/castle/events.rb
-- lib/castle/extractors/client_id.rb
-- lib/castle/extractors/headers.rb
-- lib/castle/extractors/ip.rb
-- lib/castle/failover_auth_response.rb
-- lib/castle/headers_filter.rb
-- lib/castle/headers_formatter.rb
-- lib/castle/review.rb
+- lib/castle/failover/prepare_response.rb
+- lib/castle/failover/strategy.rb
+- lib/castle/headers/extract.rb
+- lib/castle/headers/filter.rb
+- lib/castle/headers/format.rb
+- lib/castle/ips/extract.rb
+- lib/castle/logger.rb
+- lib/castle/payload/prepare.rb
 - lib/castle/secure_mode.rb
+- lib/castle/session.rb
+- lib/castle/singleton_configuration.rb
 - lib/castle/support/hanami.rb
 - lib/castle/support/padrino.rb
 - lib/castle/support/rails.rb
 - lib/castle/support/sinatra.rb
-- lib/castle/utils.rb
-- lib/castle/utils/cloner.rb
-- lib/castle/utils/merger.rb
-- lib/castle/utils/timestamp.rb
+- lib/castle/utils/clean_invalid_chars.rb
+- lib/castle/utils/clone.rb
+- lib/castle/utils/deep_symbolize_keys.rb
+- lib/castle/utils/get_timestamp.rb
+- lib/castle/utils/merge.rb
+- lib/castle/utils/secure_compare.rb
 - lib/castle/validators/not_supported.rb
 - lib/castle/validators/present.rb
+- lib/castle/verdict.rb
 - lib/castle/version.rb
+- lib/castle/webhooks/verify.rb
 - spec/integration/rails/rails_spec.rb
 - spec/integration/rails/support/all.rb
 - spec/integration/rails/support/application.rb
 - spec/integration/rails/support/home_controller.rb
-- spec/lib/castle/api/request_spec.rb
-- spec/lib/castle/api/response_spec.rb
+- spec/lib/castle/api/approve_device_spec.rb
+- spec/lib/castle/api/authenticate_spec.rb
+- spec/lib/castle/api/end_impersonation_spec.rb
+- spec/lib/castle/api/filter_spec.rb
+- spec/lib/castle/api/get_device_spec.rb
+- spec/lib/castle/api/get_devices_for_user_spec.rb
+- spec/lib/castle/api/log_spec.rb
+- spec/lib/castle/api/report_device_spec.rb
+- spec/lib/castle/api/risk_spec.rb
+- spec/lib/castle/api/start_impersonation_spec.rb
+- spec/lib/castle/api/track_spec.rb
 - spec/lib/castle/api_spec.rb
+- spec/lib/castle/client_id/extract_spec.rb
 - spec/lib/castle/client_spec.rb
 - spec/lib/castle/command_spec.rb
+- spec/lib/castle/commands/approve_device_spec.rb
 - spec/lib/castle/commands/authenticate_spec.rb
-- spec/lib/castle/commands/identify_spec.rb
-- spec/lib/castle/commands/impersonate_spec.rb
-- spec/lib/castle/commands/review_spec.rb
+- spec/lib/castle/commands/end_impersonation_spec.rb
+- spec/lib/castle/commands/filter_spec.rb
+- spec/lib/castle/commands/get_device_spec.rb
+- spec/lib/castle/commands/get_devices_for_user_spec.rb
+- spec/lib/castle/commands/log_spec.rb
+- spec/lib/castle/commands/report_device_spec.rb
+- spec/lib/castle/commands/risk_spec.rb
+- spec/lib/castle/commands/start_impersonation_spec.rb
 - spec/lib/castle/commands/track_spec.rb
 - spec/lib/castle/configuration_spec.rb
-- spec/lib/castle/context/default_spec.rb
-- spec/lib/castle/context/merger_spec.rb
-- spec/lib/castle/context/sanitizer_spec.rb
-- spec/lib/castle/events_spec.rb
-- spec/lib/castle/extractors/client_id_spec.rb
-- spec/lib/castle/extractors/headers_spec.rb
-- spec/lib/castle/extractors/ip_spec.rb
-- spec/lib/castle/headers_filter_spec.rb
-- spec/lib/castle/headers_formatter_spec.rb
-- spec/lib/castle/review_spec.rb
+- spec/lib/castle/context/get_default_spec.rb
+- spec/lib/castle/context/merge_spec.rb
+- spec/lib/castle/context/prepare_spec.rb
+- spec/lib/castle/context/sanitize_spec.rb
+- spec/lib/castle/core/get_connection_spec.rb
+- spec/lib/castle/core/process_response_spec.rb
+- spec/lib/castle/core/process_webhook_spec.rb
+- spec/lib/castle/core/send_request_spec.rb
+- spec/lib/castle/failover/strategy_spec.rb
+- spec/lib/castle/headers/extract_spec.rb
+- spec/lib/castle/headers/filter_spec.rb
+- spec/lib/castle/headers/format_spec.rb
+- spec/lib/castle/ips/extract_spec.rb
+- spec/lib/castle/logger_spec.rb
+- spec/lib/castle/payload/prepare_spec.rb
 - spec/lib/castle/secure_mode_spec.rb
-- spec/lib/castle/utils/cloner_spec.rb
-- spec/lib/castle/utils/merger_spec.rb
-- spec/lib/castle/utils/timestamp_spec.rb
-- spec/lib/castle/utils_spec.rb
+- spec/lib/castle/session_spec.rb
+- spec/lib/castle/singleton_configuration_spec.rb
+- spec/lib/castle/utils/clean_invalid_chars_spec.rb
+- spec/lib/castle/utils/clone_spec.rb
+- spec/lib/castle/utils/deep_symbolize_keys_spec.rb
+- spec/lib/castle/utils/get_timestamp_spec.rb
+- spec/lib/castle/utils/merge_spec.rb
 - spec/lib/castle/validators/not_supported_spec.rb
 - spec/lib/castle/validators/present_spec.rb
+- spec/lib/castle/verdict_spec.rb
 - spec/lib/castle/version_spec.rb
+- spec/lib/castle/webhooks/verify_spec.rb
 - spec/lib/castle_spec.rb
 - spec/spec_helper.rb
+- spec/support/shared_examples/action_request.rb
+- spec/support/shared_examples/configuration.rb
 homepage: https://castle.io
 licenses:
 - MIT
 metadata: {}
-post_install_message:
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -124,7 +178,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubygems_version: 3.0.6
-signing_key:
+signing_key:
 specification_version: 4
 summary: Castle
 test_files:
@@ -133,33 +187,61 @@ test_files:
 - spec/integration/rails/support/all.rb
 - spec/integration/rails/support/home_controller.rb
 - spec/integration/rails/rails_spec.rb
+- spec/support/shared_examples/action_request.rb
+- spec/support/shared_examples/configuration.rb
 - spec/lib/castle_spec.rb
-- spec/lib/castle/review_spec.rb
-- spec/lib/castle/headers_filter_spec.rb
+- spec/lib/castle/session_spec.rb
+- spec/lib/castle/verdict_spec.rb
 - spec/lib/castle/client_spec.rb
-- spec/lib/castle/context/default_spec.rb
-- spec/lib/castle/context/merger_spec.rb
-- spec/lib/castle/context/sanitizer_spec.rb
+- spec/lib/castle/context/get_default_spec.rb
+- spec/lib/castle/context/prepare_spec.rb
+- spec/lib/castle/context/sanitize_spec.rb
+- spec/lib/castle/context/merge_spec.rb
+- spec/lib/castle/core/get_connection_spec.rb
+- spec/lib/castle/core/process_webhook_spec.rb
+- spec/lib/castle/core/send_request_spec.rb
+- spec/lib/castle/core/process_response_spec.rb
+- spec/lib/castle/ips/extract_spec.rb
 - spec/lib/castle/api_spec.rb
+- spec/lib/castle/logger_spec.rb
+- spec/lib/castle/client_id/extract_spec.rb
 - spec/lib/castle/configuration_spec.rb
 - spec/lib/castle/version_spec.rb
-- spec/lib/castle/utils/cloner_spec.rb
-- spec/lib/castle/utils/timestamp_spec.rb
-- spec/lib/castle/utils/merger_spec.rb
+- spec/lib/castle/payload/prepare_spec.rb
+- spec/lib/castle/utils/clean_invalid_chars_spec.rb
+- spec/lib/castle/utils/deep_symbolize_keys_spec.rb
+- spec/lib/castle/utils/get_timestamp_spec.rb
+- spec/lib/castle/utils/clone_spec.rb
+- spec/lib/castle/utils/merge_spec.rb
 - spec/lib/castle/command_spec.rb
-- spec/lib/castle/headers_formatter_spec.rb
-- spec/lib/castle/api/request_spec.rb
-- spec/lib/castle/api/response_spec.rb
-- spec/lib/castle/commands/review_spec.rb
+- spec/lib/castle/headers/format_spec.rb
+- spec/lib/castle/headers/extract_spec.rb
+- spec/lib/castle/headers/filter_spec.rb
+- spec/lib/castle/api/report_device_spec.rb
+- spec/lib/castle/api/authenticate_spec.rb
+- spec/lib/castle/api/track_spec.rb
+- spec/lib/castle/api/get_device_spec.rb
+- spec/lib/castle/api/risk_spec.rb
+- spec/lib/castle/api/start_impersonation_spec.rb
+- spec/lib/castle/api/log_spec.rb
+- spec/lib/castle/api/approve_device_spec.rb
+- spec/lib/castle/api/get_devices_for_user_spec.rb
+- spec/lib/castle/api/end_impersonation_spec.rb
+- spec/lib/castle/api/filter_spec.rb
+- spec/lib/castle/commands/report_device_spec.rb
 - spec/lib/castle/commands/authenticate_spec.rb
 - spec/lib/castle/commands/track_spec.rb
-- spec/lib/castle/commands/impersonate_spec.rb
-- spec/lib/castle/commands/identify_spec.rb
+- spec/lib/castle/commands/get_device_spec.rb
+- spec/lib/castle/commands/risk_spec.rb
+- spec/lib/castle/commands/start_impersonation_spec.rb
+- spec/lib/castle/commands/log_spec.rb
+- spec/lib/castle/commands/approve_device_spec.rb
+- spec/lib/castle/commands/get_devices_for_user_spec.rb
+- spec/lib/castle/commands/end_impersonation_spec.rb
+- spec/lib/castle/commands/filter_spec.rb
 - spec/lib/castle/validators/not_supported_spec.rb
 - spec/lib/castle/validators/present_spec.rb
-- spec/lib/castle/extractors/ip_spec.rb
-- spec/lib/castle/extractors/headers_spec.rb
-- spec/lib/castle/extractors/client_id_spec.rb
-- spec/lib/castle/utils_spec.rb
+- spec/lib/castle/webhooks/verify_spec.rb
+- spec/lib/castle/failover/strategy_spec.rb
 - spec/lib/castle/secure_mode_spec.rb
-- spec/lib/castle/events_spec.rb
+- spec/lib/castle/singleton_configuration_spec.rb