castle-rb 5.0.0 → 6.0.0

data/spec/lib/castle/payload/prepare_spec.rb

@@ -0,0 +1,54 @@
+# frozen_string_literal: true
+
+describe Castle::Payload::Prepare do
+  let(:ip) { '1.2.3.4' }
+  let(:cookie_id) { 'abcd' }
+  let(:ua) { 'Chrome' }
+  let(:env) do
+    Rack::MockRequest.env_for(
+      '/',
+      'HTTP_USER_AGENT' => ua,
+      'HTTP_X_FORWARDED_FOR' => ip,
+      'HTTP_COOKIE' => "__cid=#{cookie_id};other=efgh"
+    )
+  end
+  let(:request) { Rack::Request.new(env) }
+
+  let(:headers) do
+    {
+      'Content-Length': '0', 'User-Agent': ua, 'X-Forwarded-For': ip.to_s, 'Cookie': true
+    }
+  end
+  let(:context) do
+    {
+      client_id: 'abcd',
+      active: true,
+      user_agent: ua,
+      headers: headers,
+      ip: ip,
+      library: { name: 'castle-rb', version: '2.2.0' }
+    }
+  end
+
+  let(:time_now) { Time.now }
+  let(:time_formatted) { time_now.utc.iso8601(3) }
+  let(:payload_options) { { user_id: '1234', user_traits: { name: 'Jo' } } }
+  let(:result) do
+    { user_id: '1234', user_traits: { name: 'Jo' }, timestamp: time_formatted, context: context }
+  end
+
+  before do
+    Timecop.freeze(time_now)
+    stub_const('Castle::VERSION', '2.2.0')
+  end
+
+  after { Timecop.return }
+
+  describe '#call' do
+    subject(:generated) { described_class.call(payload_options, request) }
+
+    context 'when active true' do
+      it { is_expected.to eql(result) }
+    end
+  end
+end

data/spec/lib/castle/{api/session_spec.rb → session_spec.rb}

@@ -1,13 +1,13 @@
 # frozen_string_literal: true
 
-describe Castle::API::Session do
+describe Castle::Session do
   describe '.call' do
     context 'when ssl false' do
       let(:localhost) { 'localhost' }
       let(:port) { 3002 }
 
       before do
-        Castle.config.url = 'http://localhost:3002'
+        Castle.config.base_url = 'http://localhost:3002'
         stub_request(:get, 'localhost:3002/test').to_return(status: 200, body: '{}', headers: {})
       end
 
@@ -53,8 +53,10 @@ describe Castle::API::Session do
       let(:port) { 443 }
 
       before do
-        Castle.config.url = 'https://localhost'
-        stub_request(:get, 'https://localhost/test').to_return(status: 200, body: '{}', headers: {})
+        Castle.config.base_url = 'https://localhost'
+        stub_request(:get, 'https://localhost/test').to_return(
+          status: 200, body: '{}', headers: {}
+        )
       end
 
       context 'with block' do

data/spec/lib/castle/singleton_configuration_spec.rb

@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+
+describe Castle::SingletonConfiguration do
+  subject(:config) do
+    described_class.instance
+  end
+
+  it_behaves_like 'configuration_host'
+  it_behaves_like 'configuration_request_timeout'
+  it_behaves_like 'configuration_allowlisted'
+  it_behaves_like 'configuration_denylisted'
+  it_behaves_like 'configuration_failover_strategy'
+  it_behaves_like 'configuration_api_secret'
+
+  it do
+    expect(config.api_secret).to be_eql('secret')
+  end
+end

data/spec/lib/castle/utils/clean_invalid_chars_spec.rb

@@ -0,0 +1,69 @@
+# frozen_string_literal: true
+
+describe Castle::Utils::CleanInvalidChars do
+  describe '::call' do
+    subject { described_class.call(input) }
+
+    context 'when input is a string' do
+      let(:input) { '1234' }
+
+      it { is_expected.to eq input }
+    end
+
+    context 'when input is an array' do
+      let(:input) { [1, 2, 3, '4'] }
+
+      it { is_expected.to eq input }
+    end
+
+    context 'when input is a hash' do
+      let(:input) { { user_id: 1 } }
+
+      it { is_expected.to eq input }
+    end
+
+    context 'when input is nil' do
+      let(:input) { nil }
+
+      it { is_expected.to eq input }
+    end
+
+    context 'when input is a nested hash' do
+      let(:input) { { user: { id: 1 } } }
+
+      it { is_expected.to eq input }
+    end
+
+    context 'with invalid UTF-8 characters' do
+      context 'when input is a hash' do
+        let(:input) { { user_id: "inv\xC4lid" } }
+
+        it { is_expected.to eq(user_id: 'inv�lid') }
+      end
+
+      context 'when input is a nested hash' do
+        let(:input) { { user: { id: "inv\xC4lid" } } }
+
+        it { is_expected.to eq(user: { id: 'inv�lid' }) }
+      end
+
+      context 'when input is an array of hashes' do
+        let(:input) { [{ user: "inv\xC4lid" }] * 2 }
+
+        it { is_expected.to eq([{ user: 'inv�lid' }, { user: 'inv�lid' }]) }
+      end
+
+      context 'when input is an array' do
+        let(:input) { ["inv\xC4lid"] * 2 }
+
+        it { is_expected.to eq(['inv�lid', 'inv�lid']) }
+      end
+
+      context 'when input is a hash with array in key' do
+        let(:input) { { items: ["inv\xC4lid"] * 2 } }
+
+        it { is_expected.to eq(items: ['inv�lid', 'inv�lid']) }
+      end
+    end
+  end
+end

data/spec/lib/castle/utils/{cloner_spec.rb → clone_spec.rb}

@@ -1,13 +1,13 @@
 # frozen_string_literal: true
 
-describe Castle::Utils::Cloner do
-  subject(:cloner) { described_class }
+describe Castle::Utils::Clone do
+  subject(:clone) { described_class }
 
   describe 'call' do
     let(:nested) { { c: '3' } }
     let(:first) { { test: { test1: { c: '4' }, test2: nested, a: '1', b: '2' } } }
     let(:result) { { test: { test1: { c: '4' }, test2: { c: '3' }, a: '1', b: '2' } } }
-    let(:cloned) { cloner.call(first) }
+    let(:cloned) { clone.call(first) }
 
     before { cloned }
 

data/spec/lib/castle/utils/deep_symbolize_keys_spec.rb

@@ -0,0 +1,50 @@
+# frozen_string_literal: true
+
+describe Castle::Utils::DeepSymbolizeKeys do
+  let(:nested_strings) { { 'a' => { 'b' => { 'c' => 3 } } } }
+  let(:nested_symbols) { { a: { b: { c: 3 } } } }
+  let(:nested_mixed) { { 'a' => { b: { 'c' => 3 } } } }
+  let(:string_array_of_hashes) { { 'a' => [{ 'b' => 2 }, { 'c' => 3 }, 4] } }
+  let(:symbol_array_of_hashes) { { a: [{ b: 2 }, { c: 3 }, 4] } }
+  let(:mixed_array_of_hashes) { { a: [{ b: 2 }, { 'c' => 3 }, 4] } }
+
+  describe '::call' do
+    subject { described_class.call(hash) }
+
+    context 'when nested_symbols' do
+      let(:hash) { nested_symbols }
+
+      it { is_expected.to eq(nested_symbols) }
+    end
+
+    context 'when nested_strings' do
+      let(:hash) { nested_strings }
+
+      it { is_expected.to eq(nested_symbols) }
+    end
+
+    context 'when nested_mixed' do
+      let(:hash) { nested_mixed }
+
+      it { is_expected.to eq(nested_symbols) }
+    end
+
+    context 'when string_array_of_hashes' do
+      let(:hash) { string_array_of_hashes }
+
+      it { is_expected.to eq(symbol_array_of_hashes) }
+    end
+
+    context 'when symbol_array_of_hashes' do
+      let(:hash) { symbol_array_of_hashes }
+
+      it { is_expected.to eq(symbol_array_of_hashes) }
+    end
+
+    context 'when mixed_array_of_hashes' do
+      let(:hash) { mixed_array_of_hashes }
+
+      it { is_expected.to eq(symbol_array_of_hashes) }
+    end
+  end
+end

data/spec/lib/castle/utils/{timestamp_spec.rb → get_timestamp_spec.rb}

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-describe Castle::Utils::Timestamp do
+describe Castle::Utils::GetTimestamp do
   subject(:timestamp) { described_class.call }
 
   let(:time_string) { '2018-01-10T14:14:24.407Z' }

data/spec/lib/castle/utils/{merger_spec.rb → merge_spec.rb}

@@ -1,13 +1,13 @@
 # frozen_string_literal: true
 
-describe Castle::Utils::Merger do
-  subject(:merger) { described_class }
+describe Castle::Utils::Merge do
+  subject(:merge) { described_class }
 
   describe 'call' do
     let(:first) { { test: { test1: { c: '4' }, test2: { c: '3' }, a: '1', b: '2' } } }
     let(:second) { { test2: '2', test: { 'test1' => { d: '5' }, test2: '6', a: nil, b: '3' } } }
     let(:result) { { test2: '2', test: { test1: { c: '4', d: '5' }, test2: '6', b: '3' } } }
 
-    it { expect(merger.call(first, second)).to be_eql(result) }
+    it { expect(merge.call(first, second)).to be_eql(result) }
   end
 end

data/spec/lib/castle/verdict_spec.rb

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+describe Castle::Verdict do
+  subject(:verdict) { described_class }
+
+  it { expect(verdict::ALLOW).to be_eql('allow') }
+  it { expect(verdict::DENY).to be_eql('deny') }
+  it { expect(verdict::CHALLENGE).to be_eql('challenge') }
+end

data/spec/lib/castle/webhooks/verify_spec.rb

@@ -0,0 +1,69 @@
+# frozen_string_literal: true
+
+describe Castle::Webhooks::Verify do
+  describe '#call' do
+    subject(:call) { described_class.call(webhook) }
+
+    let(:env) do
+      Rack::MockRequest.env_for(
+        '/',
+        'HTTP_X_CASTLE_SIGNATURE' => signature
+      )
+    end
+
+    let(:webhook) { Rack::Request.new(env) }
+    let(:user_id) { '12345' }
+    let(:webhook_body) do
+      {
+        api_version: 'v1',
+        app_id: '12345',
+        type: '$incident.confirmed',
+        created_at: '2020-12-18T12:55:21.779Z',
+        data: {
+          id: 'test',
+          device_token: 'token',
+          user_id: user_id,
+          trigger: '$login.succeeded',
+          context: {},
+          location: {},
+          user_agent: {}
+        },
+        user_traits: {},
+        properties: {},
+        policy: {}
+      }.to_json
+    end
+
+    context 'when success' do
+      let(:signature) { '3ptx3rUOBnGEqPjMrbcJn2UUfzwTKP54dFyP5uyPY+Y=' }
+
+      before do
+        allow(Castle::Core::ProcessWebhook)
+          .to receive(:call)
+          .and_return(webhook_body)
+      end
+
+      it do
+        expect { call }.not_to raise_error
+      end
+    end
+
+    context 'when signature is malformed' do
+      let(:signature) { '123' }
+
+      before do
+        allow(Castle::Core::ProcessWebhook)
+          .to receive(:call)
+          .and_return(webhook_body)
+      end
+
+      it do
+        expect { call }
+          .to raise_error(
+            Castle::WebhookVerificationError,
+            'Signature not matching the expected signature'
+          )
+      end
+    end
+  end
+end

data/spec/spec_helper.rb

@@ -14,6 +14,8 @@ require 'castle'
 
 WebMock.disable_net_connect!(allow_localhost: true)
 
+Dir['./spec/support/**/*.rb'].sort.each { |f| require f }
+
 RSpec.configure do |config|
   config.before do
     Castle.config.reset

data/spec/support/shared_examples/configuration.rb

@@ -0,0 +1,129 @@
+# frozen_string_literal: true
+
+shared_examples 'configuration_host' do
+  describe 'host' do
+    context 'with default' do
+      it { expect(config.base_url.host).to be_eql('api.castle.io') }
+    end
+
+    context 'with setter' do
+      before { config.base_url = 'http://api.castle.dev/v2' }
+
+      it { expect(config.base_url.host).to be_eql('api.castle.dev') }
+    end
+  end
+end
+
+shared_examples 'configuration_request_timeout' do
+  describe 'request_timeout' do
+    it do
+      expect(config.request_timeout).to be_eql(1000)
+    end
+
+    context 'with setter' do
+      let(:value) { 50.0 }
+
+      before do
+        config.request_timeout = value
+      end
+
+      it do
+        expect(config.request_timeout).to be_eql(value)
+      end
+    end
+  end
+end
+
+shared_examples 'configuration_allowlisted' do
+  describe 'allowlisted' do
+    it do
+      expect(config.allowlisted.size).to be_eql(0)
+    end
+
+    context 'with setter' do
+      before do
+        config.allowlisted = ['header']
+      end
+
+      it do
+        expect(config.allowlisted).to be_eql(['Header'])
+      end
+    end
+  end
+end
+
+shared_examples 'configuration_denylisted' do
+  describe 'denylisted' do
+    it do
+      expect(config.denylisted.size).to be_eql(0)
+    end
+
+    context 'with setter' do
+      before do
+        config.denylisted = ['header']
+      end
+
+      it do
+        expect(config.denylisted).to be_eql(['Header'])
+      end
+    end
+  end
+end
+
+shared_examples 'configuration_failover_strategy' do
+  describe 'failover_strategy' do
+    it do
+      expect(config.failover_strategy).to be_eql(Castle::Failover::Strategy::ALLOW)
+    end
+
+    context 'with setter' do
+      before do
+        config.failover_strategy = Castle::Failover::Strategy::DENY
+      end
+
+      it do
+        expect(config.failover_strategy).to be_eql(Castle::Failover::Strategy::DENY)
+      end
+    end
+
+    context 'when broken' do
+      it do
+        expect do
+          config.failover_strategy = :unicorn
+        end.to raise_error(Castle::ConfigurationError)
+      end
+    end
+  end
+end
+
+shared_examples 'configuration_api_secret' do
+  describe 'api_secret' do
+    context 'with env' do
+      let(:secret_key_env) { 'secret_key_env' }
+      let(:secret_key) { 'secret_key' }
+
+      before do
+        allow(ENV).to receive(:fetch).with(
+          'CASTLE_API_SECRET', ''
+        ).and_return(secret_key_env)
+        config.reset
+      end
+
+      it { expect(config.api_secret).to be_eql(secret_key_env) }
+
+      context 'when key is overwritten' do
+        before { config.api_secret = secret_key }
+
+        it { expect(config.api_secret).to be_eql(secret_key) }
+      end
+    end
+
+    context 'with setter' do
+      let(:value) { 'new_secret' }
+
+      before { config.api_secret = value }
+
+      it { expect(config.api_secret).to be_eql(value) }
+    end
+  end
+end