castle-rb 4.2.1 → 7.0.0

data/lib/castle/{extractors/client_id.rb → client_id/extract.rb}

@@ -1,9 +1,9 @@
 # frozen_string_literal: true
 
 module Castle
-  module Extractors
+  module ClientId
     # used for extraction of cookies and headers from the request
-    class ClientId
+    class Extract
       # @param headers [Hash]
       # @param cookies [NilClass|Hash]
       def initialize(headers, cookies)

data/lib/castle/commands/approve_device.rb

@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+module Castle
+  module Commands
+    # Generates the payload for the PUT devices/#{device_token}/approve request
+    class ApproveDevice
+      class << self
+        # @param options [Hash]
+        # @return [Castle::Command]
+        def build(options = {})
+          Castle::Validators::Present.call(options, %i[device_token])
+          Castle::Command.new("devices/#{options[:device_token]}/approve", nil, :put)
+        end
+      end
+    end
+  end
+end

data/lib/castle/commands/authenticate.rb

@@ -2,21 +2,21 @@
 
 module Castle
   module Commands
+    # Generates the payload for the authenticate request
     class Authenticate
-      def initialize(context)
-        @context = context
-      end
-
-      def build(options = {})
-        Castle::Validators::Present.call(options, %i[event])
-        context = Castle::Context::Merger.call(@context, options[:context])
-        context = Castle::Context::Sanitizer.call(context)
+      class << self
+        # @param options [Hash]
+        # @return [Castle::Command]
+        def build(options = {})
+          Castle::Validators::Present.call(options, %i[event])
+          context = Castle::Context::Sanitize.call(options[:context])
 
-        Castle::Command.new(
-          'authenticate',
-          options.merge(context: context, sent_at: Castle::Utils::Timestamp.call),
-          :post
-        )
+          Castle::Command.new(
+            'authenticate',
+            options.merge(context: context, sent_at: Castle::Utils::GetTimestamp.call),
+            :post
+          )
+        end
       end
     end
   end

data/lib/castle/commands/end_impersonation.rb

@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+
+module Castle
+  module Commands
+    # builder for impersonate command
+    class EndImpersonation
+      class << self
+        # @param options [Hash]
+        # @return [Castle::Command]
+        def build(options = {})
+          Castle::Validators::Present.call(options, %i[user_id])
+          context = Castle::Context::Sanitize.call(options[:context])
+
+          Castle::Validators::Present.call(context, %i[user_agent ip])
+
+          Castle::Command.new(
+            'impersonate',
+            options.merge(context: context, sent_at: Castle::Utils::GetTimestamp.call),
+            :delete
+          )
+        end
+      end
+    end
+  end
+end

data/lib/castle/commands/filter.rb

@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+module Castle
+  module Commands
+    # Generates the payload for the filter request
+    class Filter
+      class << self
+        # @param options [Hash]
+        # @return [Castle::Command]
+        def build(options = {})
+          Castle::Validators::Present.call(options, %i[event])
+          context = Castle::Context::Sanitize.call(options[:context])
+
+          Castle::Command.new(
+            'filter',
+            options.merge(context: context, sent_at: Castle::Utils::GetTimestamp.call),
+            :post
+          )
+        end
+      end
+    end
+  end
+end

data/lib/castle/commands/get_device.rb

@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+module Castle
+  module Commands
+    # Generates the payload for the GET devices/#{device_token} request
+    class GetDevice
+      class << self
+        # @param options [Hash]
+        # @return [Castle::Command]
+        def build(options = {})
+          Castle::Validators::Present.call(options, %i[device_token])
+          Castle::Command.new("devices/#{options[:device_token]}", nil, :get)
+        end
+      end
+    end
+  end
+end

data/lib/castle/commands/get_devices_for_user.rb

@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+module Castle
+  module Commands
+    # Generates the payload for the GET users/#{user_id}/devices request
+    class GetDevicesForUser
+      class << self
+        # @param options [Hash]
+        # @return [Castle::Command]
+        def build(options = {})
+          Castle::Validators::Present.call(options, %i[user_id])
+          Castle::Command.new("users/#{options[:user_id]}/devices", nil, :get)
+        end
+      end
+    end
+  end
+end

data/lib/castle/commands/log.rb

@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+module Castle
+  module Commands
+    # Generates the payload for the log request
+    class Log
+      class << self
+        # @param options [Hash]
+        # @return [Castle::Command]
+        def build(options = {})
+          Castle::Validators::Present.call(options, %i[event])
+          context = Castle::Context::Sanitize.call(options[:context])
+
+          Castle::Command.new(
+            'log',
+            options.merge(context: context, sent_at: Castle::Utils::GetTimestamp.call),
+            :post
+          )
+        end
+      end
+    end
+  end
+end

data/lib/castle/commands/report_device.rb

@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+module Castle
+  module Commands
+    # Generates the payload for the PUT devices/#{device_token}/report request
+    class ReportDevice
+      class << self
+        # @param options [Hash]
+        # @return [Castle::Command]
+        def build(options = {})
+          Castle::Validators::Present.call(options, %i[device_token])
+          Castle::Command.new("devices/#{options[:device_token]}/report", nil, :put)
+        end
+      end
+    end
+  end
+end

data/lib/castle/commands/risk.rb

@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+module Castle
+  module Commands
+    # Generates the payload for the risk request
+    class Risk
+      class << self
+        # @param options [Hash]
+        # @return [Castle::Command]
+        def build(options = {})
+          Castle::Validators::Present.call(options, %i[event])
+          context = Castle::Context::Sanitize.call(options[:context])
+
+          Castle::Command.new(
+            'risk',
+            options.merge(context: context, sent_at: Castle::Utils::GetTimestamp.call),
+            :post
+          )
+        end
+      end
+    end
+  end
+end

data/lib/castle/commands/start_impersonation.rb

@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+
+module Castle
+  module Commands
+    # builder for impersonate command
+    class StartImpersonation
+      class << self
+        # @param options [Hash]
+        # @return [Castle::Command]
+        def build(options = {})
+          Castle::Validators::Present.call(options, %i[user_id])
+          context = Castle::Context::Sanitize.call(options[:context])
+
+          Castle::Validators::Present.call(context, %i[user_agent ip])
+
+          Castle::Command.new(
+            'impersonate',
+            options.merge(context: context, sent_at: Castle::Utils::GetTimestamp.call),
+            :post
+          )
+        end
+      end
+    end
+  end
+end

data/lib/castle/commands/track.rb

@@ -3,20 +3,19 @@
 module Castle
   module Commands
     class Track
-      def initialize(context)
-        @context = context
-      end
-
-      def build(options = {})
-        Castle::Validators::Present.call(options, %i[event])
-        context = Castle::Context::Merger.call(@context, options[:context])
-        context = Castle::Context::Sanitizer.call(context)
+      class << self
+        # @param options [Hash]
+        # @return [Castle::Command]
+        def build(options = {})
+          Castle::Validators::Present.call(options, %i[event])
+          context = Castle::Context::Sanitize.call(options[:context])
 
-        Castle::Command.new(
-          'track',
-          options.merge(context: context, sent_at: Castle::Utils::Timestamp.call),
-          :post
-        )
+          Castle::Command.new(
+            'track',
+            options.merge(context: context, sent_at: Castle::Utils::GetTimestamp.call),
+            :post
+          )
+        end
       end
     end
   end

data/lib/castle/configuration.rb

@@ -1,31 +1,29 @@
 # frozen_string_literal: true
 
-require 'singleton'
+require 'uri'
 
 module Castle
   # manages configuration variables
   class Configuration
-    include Singleton
-
-    HOST = 'api.castle.io'
-    PORT = 443
-    URL_PREFIX = '/v1'
-    FAILOVER_STRATEGY = :allow
-    REQUEST_TIMEOUT = 500 # in milliseconds
-    FAILOVER_STRATEGIES = %i[allow deny challenge throw].freeze
+    # API endpoint
+    BASE_URL = 'https://api.castle.io/v1'
+    REQUEST_TIMEOUT = 1000 # in milliseconds
+
     # regexp of trusted proxies which is always appended to the trusted proxy list
-    TRUSTED_PROXIES = [/
+    TRUSTED_PROXIES = [
+      /
       \A127\.0\.0\.1\Z|
       \A(10|172\.(1[6-9]|2[0-9]|30|31)|192\.168)\.|
       \A::1\Z|\Afd[0-9a-f]{2}:.+|
       \Alocalhost\Z|
       \Aunix\Z|
       \Aunix:
-    /ix].freeze
+    /ix
+    ].freeze
 
-    # @note this value is not assigned as we don't recommend using a whitelist. If you need to use
+    # @note this value is not assigned as we don't recommend using a allowlist. If you need to use
     #   one, this constant is provided as a good default.
-    DEFAULT_WHITELIST = %w[
+    DEFAULT_ALLOWLIST = %w[
       Accept
       Accept-Charset
       Accept-Datetime
@@ -35,46 +33,65 @@ module Castle
       Connection
       Content-Length
       Content-Type
+      Dnt
       Host
       Origin
       Pragma
       Referer
-      TE
+      Sec-Fetch-Dest
+      Sec-Fetch-Mode
+      Sec-Fetch-Site
+      Sec-Fetch-User
+      Te
       Upgrade-Insecure-Requests
+      User-Agent
       X-Castle-Client-Id
+      X-Requested-With
     ].freeze
 
-    attr_accessor :host, :port, :request_timeout, :url_prefix
-    attr_reader :api_secret, :whitelisted, :blacklisted, :failover_strategy, :ip_headers, :trusted_proxies
+    attr_accessor :request_timeout, :trust_proxy_chain, :logger
+    attr_reader :api_secret,
+                :allowlisted,
+                :denylisted,
+                :failover_strategy,
+                :ip_headers,
+                :trusted_proxies,
+                :trusted_proxy_depth,
+                :base_url
 
     def initialize
-      @formatter = Castle::HeadersFormatter
+      @header_format = Castle::Headers::Format
       @request_timeout = REQUEST_TIMEOUT
       reset
     end
 
     def reset
-      self.failover_strategy = FAILOVER_STRATEGY
-      self.host = HOST
-      self.port = PORT
-      self.url_prefix = URL_PREFIX
-      self.whitelisted = [].freeze
-      self.blacklisted = [].freeze
+      self.failover_strategy = Castle::Failover::Strategy::ALLOW
+      self.base_url = BASE_URL
+      self.allowlisted = [].freeze
+      self.denylisted = [].freeze
       self.api_secret = ENV.fetch('CASTLE_API_SECRET', '')
       self.ip_headers = [].freeze
       self.trusted_proxies = [].freeze
+      self.trust_proxy_chain = false
+      self.trusted_proxy_depth = nil
+      self.logger = nil
+    end
+
+    def base_url=(value)
+      @base_url = URI(value)
     end
 
     def api_secret=(value)
       @api_secret = value.to_s
     end
 
-    def whitelisted=(value)
-      @whitelisted = (value ? value.map { |header| @formatter.call(header) } : []).freeze
+    def allowlisted=(value)
+      @allowlisted = (value ? value.map { |header| @header_format.call(header) } : []).freeze
     end
 
-    def blacklisted=(value)
-      @blacklisted = (value ? value.map { |header| @formatter.call(header) } : []).freeze
+    def denylisted=(value)
+      @denylisted = (value ? value.map { |header| @header_format.call(header) } : []).freeze
     end
 
     # sets ip headers
@@ -82,23 +99,31 @@ module Castle
     def ip_headers=(value)
       raise Castle::ConfigurationError, 'ip headers must be an Array' unless value.is_a?(Array)
 
-      @ip_headers = value.map { |header| @formatter.call(header) }.freeze
+      @ip_headers = value.map { |header| @header_format.call(header) }.freeze
     end
 
     # sets trusted proxies
-    # @param value [Array<String|Regexp>]
+    # @param value [Array<String,Regexp>]
     def trusted_proxies=(value)
-      raise Castle::ConfigurationError, 'trusted proxies must be an Array' unless value.is_a?(Array)
+      unless value.is_a?(Array)
+        raise Castle::ConfigurationError, 'trusted proxies must be an Array'
+      end
 
       @trusted_proxies = value
     end
 
+    # @param value [String,Number,NilClass]
+    def trusted_proxy_depth=(value)
+      @trusted_proxy_depth = value.to_i
+    end
+
     def valid?
-      !api_secret.to_s.empty? && !host.to_s.empty? && !port.to_s.empty?
+      !api_secret.to_s.empty? && !base_url.host.to_s.empty? && !base_url.port.to_s.empty?
     end
 
     def failover_strategy=(value)
-      @failover_strategy = FAILOVER_STRATEGIES.detect { |strategy| strategy == value.to_sym }
+      @failover_strategy =
+        Castle::Failover::STRATEGIES.detect { |strategy| strategy == value.to_sym }
       raise Castle::ConfigurationError, 'unrecognized failover strategy' if @failover_strategy.nil?
     end
 

data/lib/castle/context/{default.rb → get_default.rb}

@@ -2,9 +2,9 @@
 
 module Castle
   module Context
-    class Default
+    class GetDefault
       def initialize(request, cookies = nil)
-        @pre_headers = HeadersFilter.new(request).call
+        @pre_headers = Castle::Headers::Filter.new(request).call
         @cookies = cookies || request.cookies
         @request = request
       end
@@ -13,7 +13,6 @@ module Castle
         {
           client_id: client_id,
           active: true,
-          origin: 'web',
           headers: headers,
           ip: ip,
           library: {
@@ -40,18 +39,18 @@ module Castle
 
       # @return [String]
       def ip
-        Extractors::IP.new(@pre_headers).call
+        Castle::IPs::Extract.new(@pre_headers).call
       end
 
       # @return [String]
       def client_id
-        Extractors::ClientId.new(@pre_headers, @cookies).call
+        Castle::ClientId::Extract.new(@pre_headers, @cookies).call
       end
 
       # formatted and filtered headers
       # @return [Hash]
       def headers
-        Extractors::Headers.new(@pre_headers).call
+        Castle::Headers::Extract.new(@pre_headers).call
       end
     end
   end