castle-rb 4.2.1 → 7.0.0

data/spec/lib/castle/api/track_spec.rb

@@ -0,0 +1,72 @@
+# frozen_string_literal: true
+
+describe Castle::API::Track do
+  subject(:call) { described_class.call(options) }
+
+  let(:ip) { '1.2.3.4' }
+  let(:cookie_id) { 'abcd' }
+  let(:ua) { 'Chrome' }
+  let(:env) do
+    Rack::MockRequest.env_for(
+      '/',
+      'HTTP_USER_AGENT' => ua,
+      'HTTP_X_FORWARDED_FOR' => ip,
+      'HTTP_COOKIE' => "__cid=#{cookie_id};other=efgh"
+    )
+  end
+  let(:request) { Rack::Request.new(env) }
+  let(:context) { Castle::Context::Prepare.call(request) }
+  let(:time_now) { Time.now }
+  let(:time_auto) { time_now.utc.iso8601(3) }
+  let(:time_user) { (Time.now - 10_000).utc.iso8601(3) }
+  let(:response_body) { {}.to_json }
+
+  before do
+    Timecop.freeze(time_now)
+    stub_const('Castle::VERSION', '2.2.0')
+    stub_request(:any, /api.castle.io/)
+      .with(basic_auth: ['', 'secret'])
+      .to_return(status: 200, body: response_body, headers: {})
+  end
+
+  after { Timecop.return }
+
+  describe 'track' do
+    let(:request_body) do
+      { event: '$login.succeeded', context: context, user_id: '1234', sent_at: time_auto }
+    end
+
+    before { call }
+
+    context 'when used with symbol keys' do
+      let(:options) { { event: '$login.succeeded', user_id: '1234', context: context } }
+
+      it do
+        assert_requested :post, 'https://api.castle.io/v1/track', times: 1 do |req|
+          JSON.parse(req.body) == JSON.parse(request_body.to_json)
+        end
+      end
+
+      context 'when passed timestamp in options and no defined timestamp' do
+        let(:options) do
+          { event: '$login.succeeded', user_id: '1234', timestamp: time_user, context: context }
+        end
+        let(:request_body) do
+          {
+            event: '$login.succeeded',
+            user_id: '1234',
+            context: context,
+            timestamp: time_user,
+            sent_at: time_auto
+          }
+        end
+
+        it do
+          assert_requested :post, 'https://api.castle.io/v1/track', times: 1 do |req|
+            JSON.parse(req.body) == JSON.parse(request_body.to_json)
+          end
+        end
+      end
+    end
+  end
+end

data/spec/lib/castle/api_spec.rb

@@ -3,35 +3,34 @@
 describe Castle::API do
   subject(:call) { described_class.call(command) }
 
-  let(:command) { Castle::Commands::Track.new({}).build(event: '$login.succeeded') }
+  let(:command) { Castle::Commands::Track.build(event: '$login.succeeded') }
 
   context 'when request timeouts' do
     before { stub_request(:any, /api.castle.io/).to_timeout }
 
-    it do
-      expect do
-        call
-      end.to raise_error(Castle::RequestError)
-    end
+    it { expect { call }.to raise_error(Castle::RequestError) }
   end
 
   context 'when non-OK response code' do
     before { stub_request(:any, /api.castle.io/).to_return(status: 400) }
 
-    it do
-      expect do
-        call
-      end.to raise_error(Castle::BadRequestError)
-    end
+    it { expect { call }.to raise_error(Castle::BadRequestError) }
   end
 
   context 'when no api_secret' do
     before { allow(Castle.config).to receive(:api_secret).and_return('') }
 
-    it do
-      expect do
-        call
-      end.to raise_error(Castle::ConfigurationError)
+    it { expect { call }.to raise_error(Castle::ConfigurationError) }
+  end
+
+  context 'when custom config' do
+    let(:config) { Castle::Configuration.new }
+
+    before do
+      config.api_secret = 'test'
+      stub_request(:any, /api.castle.io/)
     end
+
+    it { expect { call }.not_to raise_error }
   end
 end

data/spec/lib/castle/{extractors/client_id_spec.rb → client_id/extract_spec.rb}

@@ -1,16 +1,14 @@
 # frozen_string_literal: true
 
-describe Castle::Extractors::ClientId do
+describe Castle::ClientId::Extract do
   subject(:extractor) { described_class.new(formatted_headers, cookies) }
 
-  let(:formatted_headers) { Castle::HeadersFilter.new(request).call }
+  let(:formatted_headers) { Castle::Headers::Filter.new(request).call }
   let(:client_id_cookie) { 'abcd' }
   let(:client_id_header) { 'abcde' }
   let(:cookies) { request.cookies }
   let(:request) { Rack::Request.new(env) }
-  let(:env) do
-    Rack::MockRequest.env_for('/', headers)
-  end
+  let(:env) { Rack::MockRequest.env_for('/', headers) }
 
   context 'with client_id' do
     let(:headers) do
@@ -20,17 +18,12 @@ describe Castle::Extractors::ClientId do
       }
     end
 
-    it do
-      expect(extractor.call).to eql(client_id_cookie)
-    end
+    it { expect(extractor.call).to eql(client_id_cookie) }
   end
 
   context 'with X-Castle-Client-Id header' do
     let(:headers) do
-      {
-        'HTTP_X_FORWARDED_FOR' => '1.2.3.4',
-        'HTTP_X_CASTLE_CLIENT_ID' => client_id_header
-      }
+      { 'HTTP_X_FORWARDED_FOR' => '1.2.3.4', 'HTTP_X_CASTLE_CLIENT_ID' => client_id_header }
     end
 
     it 'appends the client_id' do
@@ -42,9 +35,7 @@ describe Castle::Extractors::ClientId do
     let(:cookies) { nil }
     let(:headers) { {} }
 
-    it do
-      expect(extractor.call).to eql('')
-    end
+    it { expect(extractor.call).to eql('') }
   end
 
   context 'with X-Castle-Client-Id header and cookies client' do

data/spec/lib/castle/client_spec.rb

@@ -14,26 +14,26 @@ describe Castle::Client do
   end
   let(:request) { Rack::Request.new(env) }
   let(:client) { described_class.from_request(request) }
-  let(:request_to_context) { described_class.to_context(request) }
+  let(:request_to_context) { Castle::Context::Prepare.call(request) }
   let(:client_with_user_timestamp) do
-    described_class.new(request_to_context, timestamp: time_user)
+    described_class.new(context: request_to_context, timestamp: time_user)
   end
-  let(:client_with_no_timestamp) { described_class.new(request_to_context) }
+  let(:client_with_no_timestamp) { described_class.new(context: request_to_context) }
 
   let(:headers) do
-    {
-      'Content-Length': '0', 'User-Agent': ua, 'X-Forwarded-For': ip.to_s, 'Cookie': true
-    }
+    { 'Content-Length': '0', 'User-Agent': ua, 'X-Forwarded-For': ip.to_s, 'Cookie': true }
   end
   let(:context) do
     {
       client_id: 'abcd',
       active: true,
-      origin: 'web',
       user_agent: ua,
       headers: headers,
       ip: ip,
-      library: { name: 'castle-rb', version: '2.2.0' }
+      library: {
+        name: 'castle-rb',
+        version: '2.2.0'
+      }
     }
   end
 
@@ -45,53 +45,43 @@ describe Castle::Client do
   before do
     Timecop.freeze(time_now)
     stub_const('Castle::VERSION', '2.2.0')
-    stub_request(:any, /api.castle.io/).with(
-      basic_auth: ['', 'secret']
-    ).to_return(status: 200, body: response_body, headers: {})
+    stub_request(:any, /api.castle.io/)
+      .with(basic_auth: ['', 'secret'])
+      .to_return(status: 200, body: response_body, headers: {})
   end
 
   after { Timecop.return }
 
   describe 'parses the request' do
-    before do
-      allow(Castle::API).to receive(:request).and_call_original
-    end
+    before { allow(Castle::API).to receive(:send_request).and_call_original }
 
     it do
       client.authenticate(event: '$login.succeeded', user_id: '1234')
-      expect(Castle::API).to have_received(:request)
-    end
-  end
-
-  describe 'to_context' do
-    it do
-      expect(described_class.to_context(request)).to eql(context)
+      expect(Castle::API).to have_received(:send_request)
     end
   end
 
-  describe 'to_options' do
-    let(:options) { { user_id: '1234', user_traits: { name: 'Jo' } } }
-    let(:result) { { user_id: '1234', user_traits: { name: 'Jo' }, timestamp: time_auto } }
-
-    it do
-      expect(described_class.to_options(options)).to eql(result)
-    end
-  end
-
-  describe 'impersonate' do
+  describe 'end impersonation' do
     let(:impersonator) { 'test@castle.io' }
     let(:request_body) do
-      { user_id: '1234', timestamp: time_auto, sent_at: time_auto,
-        impersonator: impersonator, context: context }
+      {
+        user_id: '1234',
+        timestamp: time_auto,
+        sent_at: time_auto,
+        properties: {
+          impersonator: impersonator
+        },
+        context: context
+      }
     end
     let(:response_body) { { success: true }.to_json }
-    let(:options) { { user_id: '1234', impersonator: impersonator } }
+    let(:options) { { user_id: '1234', properties: { impersonator: impersonator } } }
 
     context 'when used with symbol keys' do
-      before { client.impersonate(options) }
+      before { client.end_impersonation(options) }
 
       it do
-        assert_requested :post, 'https://api.castle.io/v1/impersonate', times: 1 do |req|
+        assert_requested :delete, 'https://api.castle.io/v1/impersonate', times: 1 do |req|
           JSON.parse(req.body) == JSON.parse(request_body.to_json)
         end
       end
@@ -100,64 +90,43 @@ describe Castle::Client do
     context 'when request is not successful' do
       let(:response_body) { {}.to_json }
 
-      it { expect { client.impersonate(options) }.to raise_error(Castle::ImpersonationFailed) }
+      it do
+        expect { client.end_impersonation(options) }.to raise_error(Castle::ImpersonationFailed)
+      end
     end
   end
 
-  describe 'identify' do
+  describe 'start impersonation' do
+    let(:impersonator) { 'test@castle.io' }
     let(:request_body) do
-      { user_id: '1234', timestamp: time_auto,
-        sent_at: time_auto, context: context, user_traits: { name: 'Jo' } }
+      {
+        user_id: '1234',
+        timestamp: time_auto,
+        sent_at: time_auto,
+        properties: {
+          impersonator: impersonator
+        },
+        context: context
+      }
     end
-
-    before { client.identify(options) }
+    let(:response_body) { { success: true }.to_json }
+    let(:options) { { user_id: '1234', properties: { impersonator: impersonator } } }
 
     context 'when used with symbol keys' do
-      let(:options) { { user_id: '1234', user_traits: { name: 'Jo' } } }
+      before { client.start_impersonation(options) }
 
       it do
-        assert_requested :post, 'https://api.castle.io/v1/identify', times: 1 do |req|
+        assert_requested :post, 'https://api.castle.io/v1/impersonate', times: 1 do |req|
           JSON.parse(req.body) == JSON.parse(request_body.to_json)
         end
       end
-
-      context 'when passed timestamp in options and no defined timestamp' do
-        let(:client) { client_with_no_timestamp }
-        let(:options) { { user_id: '1234', user_traits: { name: 'Jo' }, timestamp: time_user } }
-        let(:request_body) do
-          { user_id: '1234', user_traits: { name: 'Jo' }, context: context,
-            timestamp: time_user, sent_at: time_auto }
-        end
-
-        it do
-          assert_requested :post, 'https://api.castle.io/v1/identify', times: 1 do |req|
-            JSON.parse(req.body) == JSON.parse(request_body.to_json)
-          end
-        end
-      end
-
-      context 'with client initialized with timestamp' do
-        let(:client) { client_with_user_timestamp }
-        let(:request_body) do
-          { user_id: '1234', timestamp: time_user, sent_at: time_auto,
-            context: context, user_traits: { name: 'Jo' } }
-        end
-
-        it do
-          assert_requested :post, 'https://api.castle.io/v1/identify', times: 1 do |req|
-            JSON.parse(req.body) == JSON.parse(request_body.to_json)
-          end
-        end
-      end
     end
 
-    context 'when used with string keys' do
-      let(:options) { { 'user_id' => '1234', 'user_traits' => { 'name' => 'Jo' } } }
+    context 'when request is not successful' do
+      let(:response_body) { {}.to_json }
 
       it do
-        assert_requested :post, 'https://api.castle.io/v1/identify', times: 1 do |req|
-          JSON.parse(req.body) == JSON.parse(request_body.to_json)
-        end
+        expect { client.start_impersonation(options) }.to raise_error(Castle::ImpersonationFailed)
       end
     end
   end
@@ -166,8 +135,13 @@ describe Castle::Client do
     let(:options) { { event: '$login.succeeded', user_id: '1234' } }
     let(:request_response) { client.authenticate(options) }
     let(:request_body) do
-      { event: '$login.succeeded', user_id: '1234', context: context,
-        timestamp: time_auto, sent_at: time_auto }
+      {
+        event: '$login.succeeded',
+        user_id: '1234',
+        context: context,
+        timestamp: time_auto,
+        sent_at: time_auto
+      }
     end
 
     context 'when used with symbol keys' do
@@ -183,8 +157,13 @@ describe Castle::Client do
         let(:client) { client_with_no_timestamp }
         let(:options) { { event: '$login.succeeded', user_id: '1234', timestamp: time_user } }
         let(:request_body) do
-          { event: '$login.succeeded', user_id: '1234', context: context,
-            timestamp: time_user, sent_at: time_auto }
+          {
+            event: '$login.succeeded',
+            user_id: '1234',
+            context: context,
+            timestamp: time_user,
+            sent_at: time_auto
+          }
         end
 
         it do
@@ -197,8 +176,13 @@ describe Castle::Client do
       context 'with client initialized with timestamp' do
         let(:client) { client_with_user_timestamp }
         let(:request_body) do
-          { event: '$login.succeeded', user_id: '1234', context: context,
-            timestamp: time_user, sent_at: time_auto }
+          {
+            event: '$login.succeeded',
+            user_id: '1234',
+            context: context,
+            timestamp: time_user,
+            sent_at: time_auto
+          }
         end
 
         it do
@@ -241,7 +225,7 @@ describe Castle::Client do
       end
 
       it { assert_not_requested :post, 'https://api.castle.io/v1/authenticate' }
-      it { expect(request_response[:action]).to be_eql('allow') }
+      it { expect(request_response[:action]).to be_eql(Castle::Verdict::ALLOW) }
       it { expect(request_response[:user_id]).to be_eql('1234') }
       it { expect(request_response[:failover]).to be true }
       it { expect(request_response[:failover_reason]).to be_eql('Castle is set to do not track.') }
@@ -249,7 +233,9 @@ describe Castle::Client do
 
     context 'when request with fail' do
       before do
-        allow(Castle::API).to receive(:request).and_raise(Castle::RequestError.new(Timeout::Error))
+        allow(Castle::API).to receive(:send_request).and_raise(
+          Castle::RequestError.new(Timeout::Error)
+        )
       end
 
       context 'with request error and throw strategy' do
@@ -268,7 +254,9 @@ describe Castle::Client do
     end
 
     context 'when request is internal server error' do
-      before { allow(Castle::API).to receive(:request).and_raise(Castle::InternalServerError) }
+      before do
+        allow(Castle::API).to receive(:send_request).and_raise(Castle::InternalServerError)
+      end
 
       describe 'throw strategy' do
         before { allow(Castle.config).to receive(:failover_strategy).and_return(:throw) }
@@ -288,8 +276,13 @@ describe Castle::Client do
 
   describe 'track' do
     let(:request_body) do
-      { event: '$login.succeeded', context: context, user_id: '1234',
-        timestamp: time_auto, sent_at: time_auto }
+      {
+        event: '$login.succeeded',
+        context: context,
+        user_id: '1234',
+        timestamp: time_auto,
+        sent_at: time_auto
+      }
     end
 
     before { client.track(options) }
@@ -307,8 +300,13 @@ describe Castle::Client do
         let(:client) { client_with_no_timestamp }
         let(:options) { { event: '$login.succeeded', user_id: '1234', timestamp: time_user } }
         let(:request_body) do
-          { event: '$login.succeeded', user_id: '1234', context: context,
-            timestamp: time_user, sent_at: time_auto }
+          {
+            event: '$login.succeeded',
+            user_id: '1234',
+            context: context,
+            timestamp: time_user,
+            sent_at: time_auto
+          }
         end
 
         it do
@@ -321,8 +319,13 @@ describe Castle::Client do
       context 'with client initialized with timestamp' do
         let(:client) { client_with_user_timestamp }
         let(:request_body) do
-          { event: '$login.succeeded', context: context, user_id: '1234',
-            timestamp: time_user, sent_at: time_auto }
+          {
+            event: '$login.succeeded',
+            context: context,
+            user_id: '1234',
+            timestamp: time_user,
+            sent_at: time_auto
+          }
         end
 
         it do
@@ -357,4 +360,16 @@ describe Castle::Client do
       it { expect(client).to be_tracked }
     end
   end
+
+  describe 'filter' do
+    it_behaves_like 'action request', :filter
+  end
+
+  describe 'risk' do
+    it_behaves_like 'action request', :risk
+  end
+
+  describe 'log' do
+    it_behaves_like 'action request', :log
+  end
 end