castle-rb 5.0.0 → 6.0.0

data/spec/lib/castle/context/{default_spec.rb → get_default_spec.rb}

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-describe Castle::Context::Default do
+describe Castle::Context::GetDefault do
   subject { described_class.new(request, nil) }
 
   let(:ip) { '1.2.3.4' }
@@ -31,7 +31,6 @@ describe Castle::Context::Default do
   end
 
   it { expect(default_context[:active]).to be_eql(true) }
-  it { expect(default_context[:origin]).to be_eql('web') }
   it { expect(default_context[:headers]).to be_eql(result_headers) }
   it { expect(default_context[:ip]).to be_eql(ip) }
   it { expect(default_context[:client_id]).to be_eql(client_id) }

data/spec/lib/castle/context/{merger_spec.rb → merge_spec.rb}

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-describe Castle::Context::Merger do
+describe Castle::Context::Merge do
   let(:first) { { test: { test1: { c: '4' } } } }
 
   describe '#call' do

data/spec/lib/castle/context/prepare_spec.rb

@@ -0,0 +1,44 @@
+# frozen_string_literal: true
+
+describe Castle::Context::Prepare do
+  let(:ip) { '1.2.3.4' }
+  let(:cookie_id) { 'abcd' }
+  let(:ua) { 'Chrome' }
+  let(:env) do
+    Rack::MockRequest.env_for(
+      '/',
+      'HTTP_USER_AGENT' => ua,
+      'HTTP_X_FORWARDED_FOR' => ip,
+      'HTTP_COOKIE' => "__cid=#{cookie_id};other=efgh"
+    )
+  end
+  let(:request) { Rack::Request.new(env) }
+  let(:context) do
+    {
+      client_id: 'abcd',
+      active: true,
+      user_agent: ua,
+      headers: headers,
+      ip: ip,
+      library: { name: 'castle-rb', version: '6.0.0' }
+    }
+  end
+
+  let(:headers) do
+    {
+      'Content-Length': '0', 'User-Agent': ua, 'X-Forwarded-For': ip.to_s, 'Cookie': true
+    }
+  end
+
+  before do
+    stub_const('Castle::VERSION', '6.0.0')
+  end
+
+  describe '#call' do
+    subject(:generated) { described_class.call(request) }
+
+    context 'when active true' do
+      it { is_expected.to eql(context) }
+    end
+  end
+end

data/spec/lib/castle/context/{sanitizer_spec.rb → sanitize_spec.rb}

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-describe Castle::Context::Sanitizer do
+describe Castle::Context::Sanitize do
   let(:paylod) { { test: 'test' } }
 
   describe '#call' do

data/spec/lib/castle/{api/connection_spec.rb → core/get_connection_spec.rb}

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-describe Castle::API::Connection do
+describe Castle::Core::GetConnection do
   describe '.call' do
     subject(:class_call) { described_class.call }
 
@@ -10,7 +10,7 @@ describe Castle::API::Connection do
       let(:api_url) { '/test' }
 
       before do
-        Castle.config.url = 'http://localhost:3002'
+        Castle.config.base_url = 'http://localhost:3002'
 
         allow(Net::HTTP)
           .to receive(:new)
@@ -36,7 +36,7 @@ describe Castle::API::Connection do
       let(:port) { 443 }
 
       before do
-        Castle.config.url = 'https://localhost'
+        Castle.config.base_url = 'https://localhost'
       end
 
       context 'with block' do

data/spec/lib/castle/{api/response_spec.rb → core/process_response_spec.rb}

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-describe Castle::API::Response do
+describe Castle::Core::ProcessResponse do
   describe '#call' do
     subject(:call) { described_class.call(response) }
 
@@ -10,6 +10,61 @@ describe Castle::API::Response do
       it { expect(call).to eql(user: 1) }
     end
 
+    describe 'authenticate' do
+      context 'when allow without any additional props' do
+        let(:response) { OpenStruct.new(body: '{"action":"allow","user_id":"12345"}', code: 200) }
+
+        it { expect(call).to eql({ action: 'allow', user_id: '12345' }) }
+      end
+
+      context 'when allow with additional props' do
+        let(:response) do
+          OpenStruct.new(body: '{"action":"allow","user_id":"12345","internal":{}}', code: 200)
+        end
+
+        it { expect(call).to eql({ action: 'allow', user_id: '12345', internal: {} }) }
+      end
+
+      context 'when deny without risk policy' do
+        let(:response) do
+          OpenStruct.new(body: '{"action":"deny","user_id":"1","device_token":"abc"}', code: 200)
+        end
+
+        it { expect(call).to eql({ action: 'deny', user_id: '1', device_token: 'abc' }) }
+      end
+
+      context 'when deny with risk policy' do
+        let(:body) do
+          '{"action":"deny","user_id":"1","device_token":"abc",
+          "risk_policy":{"id":"123","revision_id":"abc","name":"def","type":"bot"}}'
+        end
+        let(:response) do
+          OpenStruct.new(
+            {
+              body: body,
+              code: 200
+            }
+          )
+        end
+
+        let(:result) do
+          {
+            action: 'deny',
+            user_id: '1',
+            device_token: 'abc',
+            risk_policy: {
+              id: '123',
+              revision_id: 'abc',
+              name: 'def',
+              type: 'bot'
+            }
+          }
+        end
+
+        it { expect(call).to eql(result) }
+      end
+    end
+
     context 'when response empty' do
       let(:response) { OpenStruct.new(body: '', code: 200) }
 

data/spec/lib/castle/core/process_webhook_spec.rb

@@ -0,0 +1,46 @@
+# frozen_string_literal: true
+
+describe Castle::Core::ProcessWebhook do
+  describe '#call' do
+    subject(:call) { described_class.call(webhook) }
+
+    let(:webhook_body) do
+      {
+        api_version: 'v1',
+        app_id: '12345',
+        type: '$incident.confirmed',
+        created_at: '2020-12-18T12:55:21.779Z',
+        data: {
+          id: 'test',
+          device_token: 'token',
+          user_id: '',
+          trigger: '$login.succeeded',
+          context: {},
+          location: {},
+          user_agent: {}
+        },
+        user_traits: {},
+        properties: {},
+        policy: {}
+      }.to_json
+    end
+
+    let(:webhook) { OpenStruct.new(body: StringIO.new(webhook_body)) }
+
+    context 'when success' do
+      it { expect(call).to eql(webhook_body) }
+    end
+
+    context 'when webhook empty' do
+      let(:webhook) { OpenStruct.new(body: StringIO.new('')) }
+
+      it { expect { call }.to raise_error(Castle::ApiError, 'Invalid webhook from Castle API') }
+    end
+
+    context 'when webhook nil' do
+      let(:webhook) { OpenStruct.new(body: StringIO.new) }
+
+      it { expect { call }.to raise_error(Castle::ApiError, 'Invalid webhook from Castle API') }
+    end
+  end
+end

data/spec/lib/castle/{api/request_spec.rb → core/send_request_spec.rb}

@@ -1,52 +1,56 @@
 # frozen_string_literal: true
 
-describe Castle::API::Request do
+describe Castle::Core::SendRequest do
+  let(:config) { Castle.config }
+
   describe '#call' do
-    let(:command) { Castle::Commands::Track.new({}).build(event: '$login.succeeded') }
+    let(:command) { Castle::Commands::Track.build(event: '$login.succeeded') }
     let(:headers) { {} }
-    let(:api_secret) { 'secret' }
     let(:request_build) { {} }
     let(:expected_headers) { { 'Content-Type' => 'application/json' } }
     let(:http) { instance_double('Net::HTTP') }
 
     context 'without http arg provided' do
-      subject(:call) { described_class.call(command, api_secret, headers) }
+      subject(:call) { described_class.call(command, headers, nil, config) }
 
       let(:http) { instance_double('Net::HTTP') }
-      let(:command) { Castle::Commands::Track.new({}).build(event: '$login.succeeded') }
+      let(:command) { Castle::Commands::Track.build(event: '$login.succeeded') }
       let(:headers) { {} }
-      let(:api_secret) { 'secret' }
       let(:request_build) { {} }
       let(:expected_headers) { { 'Content-Type' => 'application/json' } }
 
       before do
-        allow(Castle::API::Connection).to receive(:call).and_return(http)
+        allow(Castle::Core::GetConnection).to receive(:call).and_return(http)
         allow(http).to receive(:request)
         allow(described_class).to receive(:build).and_return(request_build)
         call
       end
 
       it do
-        expect(described_class).to have_received(:build).with(command, expected_headers, api_secret)
+        expect(described_class).to have_received(:build).with(
+          command, expected_headers, config
+        )
       end
 
       it { expect(http).to have_received(:request).with(request_build) }
     end
 
     context 'with http arg provided' do
-      subject(:call) { described_class.call(command, api_secret, headers, http) }
+      subject(:call) { described_class.call(command, headers, http, config) }
 
       before do
-        allow(Castle::API::Connection).to receive(:call)
+        allow(Castle::Core::GetConnection).to receive(:call)
         allow(http).to receive(:request)
         allow(described_class).to receive(:build).and_return(request_build)
         call
       end
 
-      it { expect(Castle::API::Connection).not_to have_received(:call) }
+      it { expect(Castle::Core::GetConnection).not_to have_received(:call) }
 
       it do
-        expect(described_class).to have_received(:build).with(command, expected_headers, api_secret)
+        expect(described_class).to have_received(:build).with(
+          command, expected_headers, config
+        )
       end
 
       it { expect(http).to have_received(:request).with(request_build) }
@@ -54,13 +58,13 @@ describe Castle::API::Request do
   end
 
   describe '#build' do
-    subject(:build) { described_class.build(command, headers, api_secret) }
+    subject(:build) { described_class.build(command, headers, config) }
 
     let(:headers) { { 'SAMPLE-HEADER' => '1' } }
     let(:api_secret) { 'secret' }
 
     context 'when get' do
-      let(:command) { Castle::Commands::Review.build(review_id) }
+      let(:command) { Castle::Commands::Review.build({ review_id: review_id }) }
       let(:review_id) { SecureRandom.uuid }
 
       it { expect(build.body).to be_nil }
@@ -74,7 +78,7 @@ describe Castle::API::Request do
     context 'when post' do
       let(:time) { Time.now.utc.iso8601(3) }
       let(:command) do
-        Castle::Commands::Track.new({}).build(event: '$login.succeeded', name: "\xC4")
+        Castle::Commands::Track.build(event: '$login.succeeded', name: "\xC4")
       end
       let(:expected_body) do
         {
@@ -85,7 +89,7 @@ describe Castle::API::Request do
         }
       end
 
-      before { allow(Castle::Utils::Timestamp).to receive(:call).and_return(time) }
+      before { allow(Castle::Utils::GetTimestamp).to receive(:call).and_return(time) }
 
       it { expect(build.body).to be_eql(expected_body.to_json) }
       it { expect(build.method).to eql('POST') }

data/spec/lib/castle/failover/strategy_spec.rb

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+describe Castle::Failover::Strategy do
+  subject(:strategy) { described_class }
+
+  it { expect(strategy::ALLOW).to be_eql(:allow) }
+  it { expect(strategy::DENY).to be_eql(:deny) }
+  it { expect(strategy::CHALLENGE).to be_eql(:challenge) }
+  it { expect(strategy::THROW).to be_eql(:throw) }
+
+  it { expect(Castle::Failover::STRATEGIES).to be_eql(%i[allow deny challenge throw]) }
+end

data/spec/lib/castle/{extractors/headers_spec.rb → headers/extract_spec.rb}

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
-describe Castle::Extractors::Headers do
-  subject(:headers) { described_class.new(formatted_headers).call }
+describe Castle::Headers::Extract do
+  subject(:extract_call) { described_class.new(formatted_headers).call }
 
   let(:formatted_headers) do
     {
@@ -33,7 +33,7 @@ describe Castle::Extractors::Headers do
       }
     end
 
-    it { expect(headers).to eq(result) }
+    it { expect(extract_call).to eq(result) }
   end
 
   context 'when allowlist is set in the configuration' do
@@ -51,7 +51,7 @@ describe Castle::Extractors::Headers do
       }
     end
 
-    it { expect(headers).to eq(result) }
+    it { expect(extract_call).to eq(result) }
   end
 
   context 'when denylist is set in the configuration' do
@@ -70,7 +70,7 @@ describe Castle::Extractors::Headers do
 
       before { Castle.config.denylisted = %w[User-Agent] }
 
-      it { expect(headers).to eq(result) }
+      it { expect(extract_call).to eq(result) }
     end
 
     context 'with a different header' do
@@ -88,7 +88,7 @@ describe Castle::Extractors::Headers do
 
       before { Castle.config.denylisted = %w[Accept] }
 
-      it { expect(headers).to eq(result) }
+      it { expect(extract_call).to eq(result) }
     end
   end
 
@@ -99,7 +99,7 @@ describe Castle::Extractors::Headers do
     end
 
     it do
-      expect(headers['Accept']).to eq(true)
+      expect(extract_call['Accept']).to eq(true)
     end
   end
 end

data/spec/lib/castle/{headers_filter_spec.rb → headers/filter_spec.rb}

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
-describe Castle::HeadersFilter do
-  subject(:headers) { described_class.new(request).call }
+describe Castle::Headers::Filter do
+  subject(:filter_call) { described_class.new(request).call }
 
   let(:env) do
     result = Rack::MockRequest.env_for(
@@ -33,6 +33,6 @@ describe Castle::HeadersFilter do
   let(:request) { Rack::Request.new(env) }
 
   context 'with list of header' do
-    it { expect(headers).to eq(filtered) }
+    it { expect(filter_call).to eq(filtered) }
   end
 end

data/spec/lib/castle/headers/format_spec.rb

@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+
+describe Castle::Headers::Format do
+  subject(:format) { described_class }
+
+  it 'removes HTTP_' do
+    expect(format.call('HTTP_X_TEST')).to be_eql('X-Test')
+  end
+
+  it 'capitalizes header' do
+    expect(format.call('X_TEST')).to be_eql('X-Test')
+  end
+
+  it 'ignores letter case and -_ divider' do
+    expect(format.call('http-X_teST')).to be_eql('X-Test')
+  end
+
+  it 'does not remove http if there is no _- char' do
+    expect(format.call('httpX_teST')).to be_eql('Httpx-Test')
+  end
+
+  it 'capitalizes' do
+    expect(format.call(:clearance)).to be_eql('Clearance')
+  end
+end

data/spec/lib/castle/{extractors/ip_spec.rb → ip/extract_spec.rb}

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-describe Castle::Extractors::IP do
+describe Castle::IP::Extract do
   subject(:extractor) { described_class.new(headers) }
 
   describe 'ip' do

data/spec/lib/castle/logger_spec.rb

@@ -0,0 +1,42 @@
+# frozen_string_literal: true
+
+# tmp logger for testing
+class TmpLogger
+  # @param _message [String]
+  def info(_message); end
+end
+
+describe Castle::Logger do
+  subject(:log) do
+    described_class.call(message, data)
+  end
+
+  let(:message) { 'https://localhost/test:' }
+  let(:integration_logger) { TmpLogger.new }
+  let(:data) { { a: 1 }.to_json }
+  let(:logger_message) { "[CASTLE] #{message} #{data}" }
+
+  before do
+    allow(integration_logger).to receive(:info).and_call_original
+  end
+
+  describe '.call' do
+    context 'without logger' do
+      before do
+        Castle.config.logger = nil
+        log
+      end
+
+      it { expect(integration_logger).not_to have_received(:info) }
+    end
+
+    context 'with logger' do
+      before do
+        Castle.config.logger = integration_logger
+        log
+      end
+
+      it { expect(integration_logger).to have_received(:info).with(logger_message) }
+    end
+  end
+end