castle-rb 4.3.0 → 5.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 0dd544ffa6fc2660fc67c058011df5b9d83a8078b48506ab611809166960f501
-  data.tar.gz: 1720630a7f1925ba1142208114198cf176a8a3fec5c04be480aa4d2384e03de2
+  metadata.gz: 441cbae1aed67e419bff1683c41183abb10c3890d5a159f3365c0b4bd3855f0b
+  data.tar.gz: 6ef7663b21e2de6b1ef833917dd4b62ee1891f017e33f88a1cb57252e5c3bcc4
 SHA512:
-  metadata.gz: 71320c8ff0a5dd2a137723efc76c5530449bdf4635eed38f4c5fcad8bcb9253c5b2557b9113071cd606528eb58d3d66921fa1a728e6ea123d65ab2173e71ad59
-  data.tar.gz: d2f57e05bd976a294385808757b148248f01b2319cd99e88277bc18e104d4a2fabbcd2d1aa55057d7fc5a12e4ab7e3ec66086502c74ba6d8e5f6b8e51acfba01
+  metadata.gz: b54200b206ea055878d2e4a6b46f82960cda186c4b57009765c7e4c8cce28c7f00c66ad216840f8fa5412a7ed876224f285a18388620bf7df9201425a0efb055
+  data.tar.gz: cf9f8b5019377138fe5e61ced02b6323aa27464dc117c521fe560a6832115416bbd7e92a64a4710b96939adcd49af12feb538f3d24392d9654b14a21a48021a5

data/README.md

@@ -1,6 +1,6 @@
 # Ruby SDK for Castle
 
-[![Build Status](https://travis-ci.org/castle/castle-ruby.svg?branch=master)](https://travis-ci.org/castle/castle-ruby)
+[![Build Status](https://circleci.com/gh/castle/castle-ruby.svg?style=shield&branch=master)](https://circleci.com/gh/castle/castle-ruby)
 [![Coverage Status](https://coveralls.io/repos/github/castle/castle-ruby/badge.svg?branch=coveralls)](https://coveralls.io/github/castle/castle-ruby?branch=coveralls)
 [![Gem Version](https://badge.fury.io/rb/castle-rb.svg)](https://badge.fury.io/rb/castle-rb)
 
@@ -65,37 +65,43 @@ Castle.configure do |config|
   # Castle::RequestError is raised when timing out in milliseconds (default: 500 milliseconds)
   config.request_timeout = 2000
 
-  # Whitelisted and Blacklisted headers are case insensitive and allow to use _ and - as a separator, http prefixes are removed
-  # Whitelisted headers
+  # Allowlisted and Denylisted headers are case insensitive and allow to use _ and - as a separator, http prefixes are removed
+  # Allowlisted headers
   # By default, the SDK sends all HTTP headers, except for Cookie and Authorization.
-  # If you decide to use a whitelist, the SDK will:
+  # If you decide to use a allowlist, the SDK will:
   # - always send the User-Agent header
-  # - send scrubbed values of non-whitelisted headers
-  # - send proper values of whitelisted headers.
+  # - send scrubbed values of non-allowlisted headers
+  # - send proper values of allowlisted headers.
   # @example
-  #   config.whitelisted = ['X_HEADER']
+  #   config.allowlisted = ['X_HEADER']
   #   # will send { 'User-Agent' => 'Chrome', 'X_HEADER' => 'proper value', 'Any-Other-Header' => true }
   #
-  # We highly suggest using blacklist instead of whitelist, so that Castle can use as many data points
-  # as possible to secure your users. If you want to use the whitelist, this is the minimal
+  # We highly suggest using denylist instead of allowlist, so that Castle can use as many data points
+  # as possible to secure your users. If you want to use the allowlist, this is the minimal
   # amount of headers we recommend:
-  config.whitelisted = Castle::Configuration::DEFAULT_WHITELIST
+  config.allowlisted = Castle::Configuration::DEFAULT_ALLOWLIST
 
-  # Blacklisted headers take precedence over whitelisted elements
-  # We always blacklist Cookie and Authentication headers. If you use any other headers that
-  # might contain sensitive information, you should blacklist them.
-  config.blacklisted = ['HTTP-X-header']
+  # Denylisted headers take precedence over allowlisted elements
+  # We always denylist Cookie and Authentication headers. If you use any other headers that
+  # might contain sensitive information, you should denylist them.
+  config.denylisted = ['HTTP-X-header']
 
   # Castle needs the original IP of the client, not the IP of your proxy or load balancer.
   # The SDK will only trust the proxy chain as defined in the configuration.
   # We try to fetch the client IP based on X-Forwarded-For or Remote-Addr headers in that order,
   # but sometimes the client IP may be stored in a different header or order.
   # The SDK can be configured to look for the client IP address in headers that you specify.
+
+  # Sometimes, Cloud providers do not use consistent IP addresses to proxy requests.
+  # In this case, the client IP is usually preserved in a custom header. Example:
+  # Cloudflare preserves the client request in the 'Cf-Connecting-Ip' header.
+  # It would be used like so: configuration.ip_headers=['Cf-Connecting-Ip']
+  configuration.ip_headers = []
+
   # If the specified header or X-Forwarded-For default contains a proxy chain with public IP addresses,
   # then one of the following must be set
   # 1. The trusted_proxies value must match the known proxy IP's
   # 2. The trusted_proxy_depth value must be set to the number of known trusted proxies in the chain (see below)
-  configuration.ip_headers = []
 
   # Additionally to make X-Forwarded-For and other headers work better discovering client ip address,
   # and not the address of a reverse proxy server, you can define trusted proxies
@@ -191,6 +197,25 @@ track_options = ::Castle::Client.to_options({
 CastleTrackingWorker.perform_async(request_context, track_options)
 ```
 
+## Connection reuse
+
+If you want to reuse the connection to send multiple events:
+
+```ruby
+Castle::API::Session.call do |http|
+  castle.track(
+    event: ::Castle::Events::LOGOUT_SUCCEEDED,
+    user_id: user2.id
+    http: http
+  )
+  castle.track(
+    event: ::Castle::Events::LOGIN_SUCCEEDED,
+    user_id: user1.id
+    http: http
+  )
+end
+```
+
 ## Events
 
 List of Recognized Events can be found [here](https://github.com/castle/castle-ruby/tree/master/lib/castle/events.rb) or in the [docs](https://docs.castle.io/api_reference/#list-of-recognized-events)

data/lib/castle.rb

@@ -35,6 +35,7 @@
   castle/extractors/client_id
   castle/extractors/headers
   castle/extractors/ip
+  castle/api/connection
   castle/api/response
   castle/api/request
   castle/api/session

data/lib/castle/api.rb

@@ -19,14 +19,16 @@ module Castle
     class << self
       # @param command [String]
       # @param headers [Hash]
-      def request(command, headers = {})
+      # @param http [Net::HTTP]
+      def request(command, headers = {}, http = nil)
         raise Castle::ConfigurationError, 'configuration is not valid' unless Castle.config.valid?
 
         begin
           Castle::API::Request.call(
             command,
             Castle.config.api_secret,
-            headers
+            headers,
+            http
           )
         rescue *HANDLED_ERRORS => e
           # @note We need to initialize the error, as the original error is a cause for this
@@ -38,8 +40,9 @@ module Castle
 
       # @param command [String]
       # @param headers [Hash]
-      def call(command, headers = {})
-        Castle::API::Response.call(request(command, headers))
+      # @param http [Net::HTTP]
+      def call(command, headers = {}, http = nil)
+        Castle::API::Response.call(request(command, headers, http))
       end
     end
   end

data/lib/castle/api/connection.rb

@@ -0,0 +1,24 @@
+# frozen_string_literal: true
+
+module Castle
+  module API
+    # this module returns a new configured Net::HTTP object
+    module Connection
+      HTTPS_SCHEME = 'https'
+
+      class << self
+        def call
+          http = Net::HTTP.new(Castle.config.url.host, Castle.config.url.port)
+          http.read_timeout = Castle.config.request_timeout / 1000.0
+
+          if Castle.config.url.scheme == HTTPS_SCHEME
+            http.use_ssl = true
+            http.verify_mode = OpenSSL::SSL::VERIFY_PEER
+          end
+
+          http
+        end
+      end
+    end
+  end
+end

data/lib/castle/api/request.rb

@@ -12,8 +12,8 @@ module Castle
       private_constant :DEFAULT_HEADERS
 
       class << self
-        def call(command, api_secret, headers)
-          Castle::API::Session.get.request(
+        def call(command, api_secret, headers, http = nil)
+          (http || Castle::API::Connection.call).request(
             build(
               command,
               headers.merge(DEFAULT_HEADERS),
@@ -25,7 +25,7 @@ module Castle
         def build(command, headers, api_secret)
           request_obj = Net::HTTP.const_get(
             command.method.to_s.capitalize
-          ).new("#{Castle.config.url_prefix}/#{command.path}", headers)
+          ).new("#{Castle.config.url.path}/#{command.path}", headers)
 
           unless command.method == :get
             request_obj.body = ::Castle::Utils.replace_invalid_characters(

data/lib/castle/api/session.rb

@@ -1,37 +1,18 @@
 # frozen_string_literal: true
 
-require 'singleton'
-
 module Castle
   module API
-    # this class keeps http config object
-    # and provides start/finish methods for persistent connection usage
+    # this module uses the Connection object
+    # and provides start method for persistent connection usage
     # when there is a need of sending multiple requests at once
-    class Session
-      include Singleton
-
-      attr_accessor :http
-
-      def initialize
-        reset
-      end
-
-      def reset
-        @http = Net::HTTP.new(Castle.config.host, Castle.config.port)
-        @http.read_timeout = Castle.config.request_timeout / 1000.0
-
-        if Castle.config.port == 443
-          @http.use_ssl = true
-          @http.verify_mode = OpenSSL::SSL::VERIFY_PEER
-        end
-
-        @http
-      end
+    module Session
+      HTTPS_SCHEME = 'https'
 
       class << self
-        # @return [Net::HTTP]
-        def get
-          instance.http
+        def call(&block)
+          return unless block_given?
+
+          Connection.call.start(&block)
         end
       end
     end

data/lib/castle/client.rb

@@ -42,9 +42,11 @@ module Castle
       return generate_do_not_track_response(options[:user_id]) unless tracked?
 
       add_timestamp_if_necessary(options)
-      command = Castle::Commands::Authenticate.new(@context).build(options)
+
       begin
-        Castle::API.call(command).merge(failover: false, failover_reason: nil)
+        Castle::API
+          .call(authenticate_command(options), {}, options[:http])
+          .merge(failover: false, failover_reason: nil)
       rescue Castle::RequestError, Castle::InternalServerError => e
         self.class.failover_response_or_raise(
           FailoverAuthResponse.new(options[:user_id], reason: e.to_s), e
@@ -59,8 +61,7 @@ module Castle
 
       add_timestamp_if_necessary(options)
 
-      command = Castle::Commands::Identify.new(@context).build(options)
-      Castle::API.call(command)
+      Castle::API.call(identify_command(options), {}, options[:http])
     end
 
     def track(options = {})
@@ -70,15 +71,15 @@ module Castle
 
       add_timestamp_if_necessary(options)
 
-      command = Castle::Commands::Track.new(@context).build(options)
-      Castle::API.call(command)
+      Castle::API.call(track_command(options), {}, options[:http])
     end
 
     def impersonate(options = {})
       options = Castle::Utils.deep_symbolize_keys(options || {})
+
       add_timestamp_if_necessary(options)
-      command = Castle::Commands::Impersonate.new(@context).build(options)
-      Castle::API.call(command).tap do |response|
+
+      Castle::API.call(impersonate_command(options), {}, options[:http]).tap do |response|
         raise Castle::ImpersonationFailed unless response[:success]
       end
     end
@@ -104,6 +105,26 @@ module Castle
       ).generate
     end
 
+    # @param options [Hash]
+    def authenticate_command(options)
+      Castle::Commands::Authenticate.new(@context).build(options)
+    end
+
+    # @param options [Hash]
+    def identify_command(options)
+      Castle::Commands::Identify.new(@context).build(options)
+    end
+
+    # @param options [Hash]
+    def impersonate_command(options)
+      Castle::Commands::Impersonate.new(@context).build(options)
+    end
+
+    # @param options [Hash]
+    def track_command(options)
+      Castle::Commands::Track.new(@context).build(options)
+    end
+
     def add_timestamp_if_necessary(options)
       options[:timestamp] ||= @timestamp if @timestamp
     end

data/lib/castle/configuration.rb

@@ -1,15 +1,15 @@
 # frozen_string_literal: true
 
 require 'singleton'
+require 'uri'
 
 module Castle
   # manages configuration variables
   class Configuration
     include Singleton
 
-    HOST = 'api.castle.io'
-    PORT = 443
-    URL_PREFIX = '/v1'
+    # API endpoint
+    URL = 'https://api.castle.io/v1'
     FAILOVER_STRATEGY = :allow
     REQUEST_TIMEOUT = 500 # in milliseconds
     FAILOVER_STRATEGIES = %i[allow deny challenge throw].freeze
@@ -23,9 +23,9 @@ module Castle
       \Aunix:
     /ix].freeze
 
-    # @note this value is not assigned as we don't recommend using a whitelist. If you need to use
+    # @note this value is not assigned as we don't recommend using a allowlist. If you need to use
     #   one, this constant is provided as a good default.
-    DEFAULT_WHITELIST = %w[
+    DEFAULT_ALLOWLIST = %w[
       Accept
       Accept-Charset
       Accept-Datetime
@@ -35,18 +35,25 @@ module Castle
       Connection
       Content-Length
       Content-Type
+      Dnt
       Host
       Origin
       Pragma
       Referer
-      TE
+      Sec-Fetch-Dest
+      Sec-Fetch-Mode
+      Sec-Fetch-Site
+      Sec-Fetch-User
+      Te
       Upgrade-Insecure-Requests
+      User-Agent
       X-Castle-Client-Id
+      X-Requested-With
     ].freeze
 
-    attr_accessor :host, :port, :request_timeout, :url_prefix, :trust_proxy_chain
-    attr_reader :api_secret, :whitelisted, :blacklisted, :failover_strategy, :ip_headers,
-                :trusted_proxies, :trusted_proxy_depth
+    attr_accessor :request_timeout, :trust_proxy_chain
+    attr_reader :api_secret, :allowlisted, :denylisted, :failover_strategy, :ip_headers,
+                :trusted_proxies, :trusted_proxy_depth, :url
 
     def initialize
       @formatter = Castle::HeadersFormatter
@@ -56,11 +63,9 @@ module Castle
 
     def reset
       self.failover_strategy = FAILOVER_STRATEGY
-      self.host = HOST
-      self.port = PORT
-      self.url_prefix = URL_PREFIX
-      self.whitelisted = [].freeze
-      self.blacklisted = [].freeze
+      self.url = URL
+      self.allowlisted = [].freeze
+      self.denylisted = [].freeze
       self.api_secret = ENV.fetch('CASTLE_API_SECRET', '')
       self.ip_headers = [].freeze
       self.trusted_proxies = [].freeze
@@ -68,16 +73,20 @@ module Castle
       self.trusted_proxy_depth = nil
     end
 
+    def url=(value)
+      @url = URI(value)
+    end
+
     def api_secret=(value)
       @api_secret = value.to_s
     end
 
-    def whitelisted=(value)
-      @whitelisted = (value ? value.map { |header| @formatter.call(header) } : []).freeze
+    def allowlisted=(value)
+      @allowlisted = (value ? value.map { |header| @formatter.call(header) } : []).freeze
     end
 
-    def blacklisted=(value)
-      @blacklisted = (value ? value.map { |header| @formatter.call(header) } : []).freeze
+    def denylisted=(value)
+      @denylisted = (value ? value.map { |header| @formatter.call(header) } : []).freeze
     end
 
     # sets ip headers
@@ -102,7 +111,7 @@ module Castle
     end
 
     def valid?
-      !api_secret.to_s.empty? && !host.to_s.empty? && !port.to_s.empty?
+      !api_secret.to_s.empty? && !url.host.to_s.empty? && !url.port.to_s.empty?
     end
 
     def failover_strategy=(value)

data/lib/castle/extractors/headers.rb

@@ -4,18 +4,18 @@ module Castle
   module Extractors
     # used for extraction of cookies and headers from the request
     class Headers
-      # Headers that we will never scrub, even if they land on the configuration blacklist.
-      ALWAYS_WHITELISTED = %w[User-Agent].freeze
+      # Headers that we will never scrub, even if they land on the configuration denylist.
+      ALWAYS_ALLOWLISTED = %w[User-Agent].freeze
 
-      # Headers that will always be scrubbed, even if whitelisted.
-      ALWAYS_BLACKLISTED = %w[Cookie Authorization].freeze
+      # Headers that will always be scrubbed, even if allowlisted.
+      ALWAYS_DENYLISTED = %w[Cookie Authorization].freeze
 
-      private_constant :ALWAYS_WHITELISTED, :ALWAYS_BLACKLISTED
+      private_constant :ALWAYS_ALLOWLISTED, :ALWAYS_DENYLISTED
 
       # @param headers [Hash]
       def initialize(headers)
         @headers = headers
-        @no_whitelist = Castle.config.whitelisted.empty?
+        @no_allowlist = Castle.config.allowlisted.empty?
       end
 
       # Serialize HTTP headers
@@ -33,10 +33,10 @@ module Castle
       # @param value [String]
       # @return [TrueClass | FalseClass | String]
       def header_value(name, value)
-        return true if ALWAYS_BLACKLISTED.include?(name)
-        return value if ALWAYS_WHITELISTED.include?(name)
-        return true if Castle.config.blacklisted.include?(name)
-        return value if @no_whitelist || Castle.config.whitelisted.include?(name)
+        return true if ALWAYS_DENYLISTED.include?(name)
+        return value if ALWAYS_ALLOWLISTED.include?(name)
+        return true if Castle.config.denylisted.include?(name)
+        return value if @no_allowlist || Castle.config.allowlisted.include?(name)
 
         true
       end

data/lib/castle/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Castle
-  VERSION = '4.3.0'
+  VERSION = '5.0.0'
 end

data/spec/lib/castle/api/connection_spec.rb

@@ -0,0 +1,59 @@
+# frozen_string_literal: true
+
+describe Castle::API::Connection do
+  describe '.call' do
+    subject(:class_call) { described_class.call }
+
+    context 'when ssl false' do
+      let(:localhost) { 'localhost' }
+      let(:port) { 3002 }
+      let(:api_url) { '/test' }
+
+      before do
+        Castle.config.url = 'http://localhost:3002'
+
+        allow(Net::HTTP)
+          .to receive(:new)
+          .with(localhost, port)
+          .and_call_original
+      end
+
+      it do
+        class_call
+
+        expect(Net::HTTP)
+          .to have_received(:new)
+          .with(localhost, port)
+      end
+
+      it do
+        expect(class_call).to be_an_instance_of(Net::HTTP)
+      end
+    end
+
+    context 'when ssl true' do
+      let(:localhost) { 'localhost' }
+      let(:port) { 443 }
+
+      before do
+        Castle.config.url = 'https://localhost'
+      end
+
+      context 'with block' do
+        let(:api_url) { '/test' }
+        let(:request) { Net::HTTP::Get.new(api_url) }
+
+        before do
+          allow(Net::HTTP)
+            .to receive(:new)
+            .with(localhost, port)
+            .and_call_original
+        end
+
+        it do
+          expect(class_call).to be_an_instance_of(Net::HTTP)
+        end
+      end
+    end
+  end
+end

data/spec/lib/castle/api/request_spec.rb

@@ -2,29 +2,55 @@
 
 describe Castle::API::Request do
   describe '#call' do
-    subject(:call) { described_class.call(command, api_secret, headers) }
-
-    let(:session) { instance_double('Castle::API::Session') }
-    let(:http) { instance_double('Net::HTTP') }
     let(:command) { Castle::Commands::Track.new({}).build(event: '$login.succeeded') }
     let(:headers) { {} }
     let(:api_secret) { 'secret' }
     let(:request_build) { {} }
     let(:expected_headers) { { 'Content-Type' => 'application/json' } }
+    let(:http) { instance_double('Net::HTTP') }
 
-    before do
-      allow(Castle::API::Session).to receive(:instance).and_return(session)
-      allow(session).to receive(:http).and_return(http)
-      allow(http).to receive(:request)
-      allow(described_class).to receive(:build).and_return(request_build)
-      call
-    end
+    context 'without http arg provided' do
+      subject(:call) { described_class.call(command, api_secret, headers) }
+
+      let(:http) { instance_double('Net::HTTP') }
+      let(:command) { Castle::Commands::Track.new({}).build(event: '$login.succeeded') }
+      let(:headers) { {} }
+      let(:api_secret) { 'secret' }
+      let(:request_build) { {} }
+      let(:expected_headers) { { 'Content-Type' => 'application/json' } }
+
+      before do
+        allow(Castle::API::Connection).to receive(:call).and_return(http)
+        allow(http).to receive(:request)
+        allow(described_class).to receive(:build).and_return(request_build)
+        call
+      end
+
+      it do
+        expect(described_class).to have_received(:build).with(command, expected_headers, api_secret)
+      end
 
-    it do
-      expect(described_class).to have_received(:build).with(command, expected_headers, api_secret)
+      it { expect(http).to have_received(:request).with(request_build) }
     end
 
-    it { expect(http).to have_received(:request).with(request_build) }
+    context 'with http arg provided' do
+      subject(:call) { described_class.call(command, api_secret, headers, http) }
+
+      before do
+        allow(Castle::API::Connection).to receive(:call)
+        allow(http).to receive(:request)
+        allow(described_class).to receive(:build).and_return(request_build)
+        call
+      end
+
+      it { expect(Castle::API::Connection).not_to have_received(:call) }
+
+      it do
+        expect(described_class).to have_received(:build).with(command, expected_headers, api_secret)
+      end
+
+      it { expect(http).to have_received(:request).with(request_build) }
+    end
   end
 
   describe '#build' do

data/spec/lib/castle/api/session_spec.rb

@@ -1,47 +1,86 @@
 # frozen_string_literal: true
 
 describe Castle::API::Session do
-  describe '#get' do
-    it { expect(described_class.get).to eql(described_class.get) }
-    it { expect(described_class.get).to eql(described_class.instance.http) }
-  end
-
-  describe '#initialize' do
-    subject(:session) { described_class.get }
-
-    after do
-      described_class.instance.reset
-    end
-
+  describe '.call' do
     context 'when ssl false' do
+      let(:localhost) { 'localhost' }
+      let(:port) { 3002 }
+
       before do
-        Castle.config.host = 'localhost'
-        Castle.config.port = 3002
-        described_class.instance.reset
+        Castle.config.url = 'http://localhost:3002'
+        stub_request(:get, 'localhost:3002/test').to_return(status: 200, body: '{}', headers: {})
       end
 
-      after do
-        Castle.config.host = Castle::Configuration::HOST
-        Castle.config.port = Castle::Configuration::PORT
+      context 'with block' do
+        let(:api_url) { '/test' }
+        let(:request) { Net::HTTP::Get.new(api_url) }
+
+        before do
+          allow(Net::HTTP)
+            .to receive(:new)
+            .with(localhost, port)
+            .and_call_original
+
+          described_class.call do |http|
+            http.request(request)
+          end
+        end
+
+        it do
+          expect(Net::HTTP)
+            .to have_received(:new)
+            .with(localhost, port)
+        end
+
+        it do
+          expect(a_request(:get, 'localhost:3002/test'))
+            .to have_been_made.once
+        end
       end
 
-      it { expect(session).to be_instance_of(Net::HTTP) }
-      it { expect(session.address).to eq('localhost') }
-      it { expect(session.port).to eq(3002) }
-      it { expect(session.use_ssl?).to be false }
-      it { expect(session.verify_mode).to be_nil }
+      context 'without block' do
+        before { described_class.call }
+
+        it do
+          expect(a_request(:get, 'localhost:3002/test'))
+            .not_to have_been_made
+        end
+      end
     end
 
     context 'when ssl true' do
+      let(:localhost) { 'localhost' }
+      let(:port) { 443 }
+
       before do
-        described_class.instance.reset
+        Castle.config.url = 'https://localhost'
+        stub_request(:get, 'https://localhost/test').to_return(status: 200, body: '{}', headers: {})
       end
 
-      it { expect(session).to be_instance_of(Net::HTTP) }
-      it { expect(session.address).to eq(Castle.config.host) }
-      it { expect(session.port).to eq(Castle.config.port) }
-      it { expect(session.use_ssl?).to be true }
-      it { expect(session.verify_mode).to eq(OpenSSL::SSL::VERIFY_PEER) }
+      context 'with block' do
+        let(:api_url) { '/test' }
+        let(:request) { Net::HTTP::Get.new(api_url) }
+
+        before do
+          allow(Net::HTTP)
+            .to receive(:new)
+            .with(localhost, port)
+            .and_call_original
+
+          allow(Net::HTTP)
+            .to receive(:start)
+
+          described_class.call do |http|
+            http.request(request)
+          end
+        end
+
+        it do
+          expect(Net::HTTP)
+            .to have_received(:new)
+            .with(localhost, port)
+        end
+      end
     end
   end
 end

data/spec/lib/castle/client_spec.rb

@@ -82,10 +82,10 @@ describe Castle::Client do
     let(:impersonator) { 'test@castle.io' }
     let(:request_body) do
       { user_id: '1234', timestamp: time_auto, sent_at: time_auto,
-        impersonator: impersonator, context: context }
+        properties: { impersonator: impersonator }, context: context }
     end
     let(:response_body) { { success: true }.to_json }
-    let(:options) { { user_id: '1234', impersonator: impersonator } }
+    let(:options) { { user_id: '1234', properties: { impersonator: impersonator } } }
 
     context 'when used with symbol keys' do
       before { client.impersonate(options) }

data/spec/lib/castle/commands/impersonate_spec.rb

@@ -36,9 +36,9 @@ describe Castle::Commands::Impersonate do
     end
 
     context 'with impersonator' do
-      let(:payload) { default_payload.merge(impersonator: impersonator) }
+      let(:payload) { default_payload.merge(properties: { impersonator: impersonator }) }
       let(:command_data) do
-        default_payload.merge(impersonator: impersonator, context: context)
+        default_payload.merge(properties: { impersonator: impersonator }, context: context)
       end
 
       it { expect(command.method).to be_eql(:post) }

data/spec/lib/castle/configuration_spec.rb

@@ -7,25 +7,25 @@ describe Castle::Configuration do
 
   describe 'host' do
     context 'with default' do
-      it { expect(config.host).to be_eql('api.castle.io') }
+      it { expect(config.url.host).to be_eql('api.castle.io') }
     end
 
     context 'with setter' do
-      before { config.host = 'api.castle.dev' }
+      before { config.url = 'http://api.castle.dev/v2' }
 
-      it { expect(config.host).to be_eql('api.castle.dev') }
+      it { expect(config.url.host).to be_eql('api.castle.dev') }
     end
   end
 
   describe 'post' do
     context 'with default' do
-      it { expect(config.port).to be_eql(443) }
+      it { expect(config.url.port).to be_eql(443) }
     end
 
     context 'with setter' do
-      before { config.port = 3001 }
+      before { config.url = 'http://api.castle.dev:3001/v2' }
 
-      it { expect(config.port).to be_eql(3001) }
+      it { expect(config.url.port).to be_eql(3001) }
     end
   end
 
@@ -89,34 +89,34 @@ describe Castle::Configuration do
     end
   end
 
-  describe 'whitelisted' do
+  describe 'allowlisted' do
     it do
-      expect(config.whitelisted.size).to be_eql(0)
+      expect(config.allowlisted.size).to be_eql(0)
     end
 
     context 'with setter' do
       before do
-        config.whitelisted = ['header']
+        config.allowlisted = ['header']
       end
 
       it do
-        expect(config.whitelisted).to be_eql(['Header'])
+        expect(config.allowlisted).to be_eql(['Header'])
       end
     end
   end
 
-  describe 'blacklisted' do
+  describe 'denylisted' do
     it do
-      expect(config.blacklisted.size).to be_eql(0)
+      expect(config.denylisted.size).to be_eql(0)
     end
 
     context 'with setter' do
       before do
-        config.blacklisted = ['header']
+        config.denylisted = ['header']
       end
 
       it do
-        expect(config.blacklisted).to be_eql(['Header'])
+        expect(config.denylisted).to be_eql(['Header'])
       end
     end
   end

data/spec/lib/castle/extractors/headers_spec.rb

@@ -16,11 +16,11 @@ describe Castle::Extractors::Headers do
   end
 
   after do
-    Castle.config.whitelisted = %w[]
-    Castle.config.blacklisted = %w[]
+    Castle.config.allowlisted = %w[]
+    Castle.config.denylisted = %w[]
   end
 
-  context 'when whitelist is not set in the configuration' do
+  context 'when allowlist is not set in the configuration' do
     let(:result) do
       {
         'Accept' => 'application/json',
@@ -36,8 +36,8 @@ describe Castle::Extractors::Headers do
     it { expect(headers).to eq(result) }
   end
 
-  context 'when whitelist is set in the configuration' do
-    before { Castle.config.whitelisted = %w[Accept OK] }
+  context 'when allowlist is set in the configuration' do
+    before { Castle.config.allowlisted = %w[Accept OK] }
 
     let(:result) do
       {
@@ -54,7 +54,7 @@ describe Castle::Extractors::Headers do
     it { expect(headers).to eq(result) }
   end
 
-  context 'when blacklist is set in the configuration' do
+  context 'when denylist is set in the configuration' do
     context 'with a User-Agent' do
       let(:result) do
         {
@@ -68,7 +68,7 @@ describe Castle::Extractors::Headers do
         }
       end
 
-      before { Castle.config.blacklisted = %w[User-Agent] }
+      before { Castle.config.denylisted = %w[User-Agent] }
 
       it { expect(headers).to eq(result) }
     end
@@ -86,16 +86,16 @@ describe Castle::Extractors::Headers do
         }
       end
 
-      before { Castle.config.blacklisted = %w[Accept] }
+      before { Castle.config.denylisted = %w[Accept] }
 
       it { expect(headers).to eq(result) }
     end
   end
 
-  context 'when a header is both whitelisted and blacklisted' do
+  context 'when a header is both allowlisted and denylisted' do
     before do
-      Castle.config.whitelisted = %w[Accept]
-      Castle.config.blacklisted = %w[Accept]
+      Castle.config.allowlisted = %w[Accept]
+      Castle.config.denylisted = %w[Accept]
     end
 
     it do

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: castle-rb
 version: !ruby/object:Gem::Version
-  version: 4.3.0
+  version: 5.0.0
 platform: ruby
 authors:
 - Johan Brissmyr
-autorequire: 
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-05-26 00:00:00.000000000 Z
+date: 2020-09-29 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: appraisal
@@ -34,6 +34,7 @@ files:
 - lib/castle-rb.rb
 - lib/castle.rb
 - lib/castle/api.rb
+- lib/castle/api/connection.rb
 - lib/castle/api/request.rb
 - lib/castle/api/response.rb
 - lib/castle/api/session.rb
@@ -73,6 +74,7 @@ files:
 - spec/integration/rails/support/all.rb
 - spec/integration/rails/support/application.rb
 - spec/integration/rails/support/home_controller.rb
+- spec/lib/castle/api/connection_spec.rb
 - spec/lib/castle/api/request_spec.rb
 - spec/lib/castle/api/response_spec.rb
 - spec/lib/castle/api/session_spec.rb
@@ -109,7 +111,7 @@ homepage: https://castle.io
 licenses:
 - MIT
 metadata: {}
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -125,7 +127,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubygems_version: 3.1.3
-signing_key: 
+signing_key:
 specification_version: 4
 summary: Castle
 test_files:
@@ -151,6 +153,7 @@ test_files:
 - spec/lib/castle/headers_formatter_spec.rb
 - spec/lib/castle/api/session_spec.rb
 - spec/lib/castle/api/request_spec.rb
+- spec/lib/castle/api/connection_spec.rb
 - spec/lib/castle/api/response_spec.rb
 - spec/lib/castle/commands/review_spec.rb
 - spec/lib/castle/commands/authenticate_spec.rb