RubyGems - castle-rb - Versions diffs - 7.1.2 → 7.2.0 - Mend

castle-rb 7.1.2 → 7.2.0

Files changed (10) hide show

checksums.yaml +4 -4
data/README.md +14 -159
data/lib/castle/configuration.rb +0 -1
data/lib/castle/core/process_response.rb +25 -3
data/lib/castle/core/process_webhook.rb +4 -7
data/lib/castle/errors.rb +4 -0
data/lib/castle/version.rb +1 -1
data/spec/lib/castle/client_spec.rb +8 -3
data/spec/support/shared_examples/action_request.rb +30 -0
metadata +3 -3

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e2d022daae00e63158ee2f9d886faa5dbf3f70b89c16775c14f9328b0096f446
-  data.tar.gz: 1820e1afb9bd65683f5dd1a183369ed231b616c8466ee5c2b3d3cdd59d704319
+  metadata.gz: 5ada9f9e25a4da59d7577cb10848d45697a6709648846011fc803167a8b96203
+  data.tar.gz: 2b0927e4ae6f686a35c9c5ac39e510f46f8fc06506932441b421a845ba296f27
 SHA512:
-  metadata.gz: '009de5db675b53f46bb90f0f2cfe57cb081598c5af02d3770125d79d27739b03e82e6170013b86d5e74321e26a9f053023f6914ae68c1a7770b3ee2496c0482b'
-  data.tar.gz: 2dee44618c8c3318ba1dacc2f4484187fc8e28d2413db81531c9e46451da61dfcbea6aa5916a6df2d0eceaf6e5f97bed4c81f08bb3f9e1607f4ac798c90561ea
+  metadata.gz: 5ff2d32ab3ae269adbcd5380ba7488e06c0d9ae0ab463cd73856eb65b67bb4559daa1118344bc1a6896b097f00f9e5cc35c80ce68add430785769c2502e261b0
+  data.tar.gz: e48b7c5332de7d74ad8d13a89f52b2fd756d1c2b77600af86b86d74c78789916ac2972983781708be097d9d6f4067705b59ba26eaca2dc3e45720eee4ced6f08

data/README.md CHANGED Viewed

@@ -4,7 +4,7 @@
 [![Coverage Status](https://coveralls.io/repos/github/castle/castle-ruby/badge.svg?branch=coveralls)](https://coveralls.io/github/castle/castle-ruby?branch=coveralls)
 [![Gem Version](https://badge.fury.io/rb/castle-rb.svg)](https://badge.fury.io/rb/castle-rb)
-**[Castle](https://castle.io) analyzes device, location, and interaction patterns in your web and mobile apps and lets you stop account takeover attacks in real-time..**
+**[Castle](https://castle.io) analyzes user behavior in web and mobile apps to stop fraud before it happens.**
 ## Installation
@@ -26,11 +26,11 @@ Castle.api_secret = 'YOUR_API_SECRET'
 A Castle client instance will be made available as `castle` in your
-* Rails controllers when you add `require 'castle/support/rails'`
+- Rails controllers when you add `require 'castle/support/rails'`
-* Padrino controllers when you add `require 'castle/support/padrino'`
+- Padrino controllers when you add `require 'castle/support/padrino'`
-* Sinatra app when you add `require 'castle/support/sinatra'` (and additionally explicitly add `register Sinatra::Castle` to your `Sinatra::Base` class if you have a modular application)
+- Sinatra app when you add `require 'castle/support/sinatra'` (and additionally explicitly add `register Sinatra::Castle` to your `Sinatra::Base` class if you have a modular application)
 ```ruby
 require 'castle/support/sinatra'
@@ -40,7 +40,7 @@ class ApplicationController < Sinatra::Base
 end
 ```
-* Hanami when you add `require 'castle/support/hanami'` and include `Castle::Hanami` to your Hanami application
+- Hanami when you add `require 'castle/support/hanami'` and include `Castle::Hanami` to your Hanami application
 ```ruby
 require 'castle/support/hanami'
@@ -119,8 +119,10 @@ Castle.configure do |config|
   # you can achieve this by listing all the proxies ip defined by string or regular expressions
   # in the trusted_proxies setting
   config.trusted_proxies = []
   # or by providing number of trusted proxies used in the chain
   config.trusted_proxy_depth = 0
   # note that you must pick one approach over the other.
   # If there is no possibility to define options above and there is no other header that holds the client IP,
@@ -138,10 +140,11 @@ It is also possible to define multiple configs within one application.
 ```ruby
 # Initialize new instance of Castle::Configuration
-config = Castle::Configuration.new.tap do |c|
-  # and set any attribute
-  c.api_secret = 'YOUR_API_SECRET'
-end
+config =
+  Castle::Configuration.new.tap do |c|
+    # and set any attribute
+    c.api_secret = 'YOUR_API_SECRET'
+  end
 ```
 After a successful setup, you can pass the config to any API command as follows:
@@ -150,159 +153,11 @@ After a successful setup, you can pass the config to any API command as follows:
 ::Castle::API::GetDevice.call(device_token: device_token, config: config)
 ```
-## Event Context
-The client will automatically configure the context for each request.
-### Overriding Default Context Properties
-If you need to modify the event context properties or if you desire to add additional properties such as user traits to the context, you can pass the properties along with the other data. For example:
-```ruby
-{
-  event: '$login.succeeded',
-  user_id: user.id,
-  properties: {
-    key: 'value'
-  },
-  user_traits: {
-    key: 'value'
-  },
-  context: {
-    section: 'mobile'
-  }
-}
-```
-## Tracking
-Here is a simple example of a track event.
-```ruby
-begin
-  castle.track(
-    event: '$login.succeeded',
-    user_id: user.id
-  )
-rescue Castle::Error => e
-  puts e.message
-end
-```
-## Signature
+## Usage
-`Castle::SecureMode.signature(user_id)` will create a signed user_id.
-## Async tracking
-By default Castle sends requests synchronously. To eg. use Sidekiq to send requests in a background worker you can pass data to the worker:
-#### castle_tracking_worker.rb
-```ruby
-class CastleTrackingWorker
-  include Sidekiq::Worker
-  def perform(payload = {})
-    ::Castle::API::Track.call(payload)
-  end
-end
-```
-#### tracking_controller.rb
-```ruby
-payload = ::Castle::Payload::Prepare.call(
-  {
-    event: '$login.succeeded',
-    user_id: user.id,
-    properties: {
-      key: 'value'
-    },
-    user_traits: {
-      key: 'value'
-    }
-  },
-  request
-)
-CastleTrackingWorker.perform_async(payload)
-```
-## Connection reuse
-If you want to reuse the connection to send multiple events:
-```ruby
-Castle::Session.call do |http|
-  castle.track(
-    event: '$logout.succeeded',
-    user_id: user2.id
-    http: http
-  )
-  castle.track(
-    event: '$login.succeeded',
-    user_id: user1.id
-    http: http
-  )
-end
-```
-## Events
-List of Recognized Events can be found in the [docs](https://docs.castle.io/v1/reference/events/)
-## Device management
-This SDK allows issuing requests to [Castle's Device Management Endpoints](https://docs.castle.io/v1/reference/api-reference/#devices). Use these endpoints for admin-level management of end-user devices (i.e., for an internal dashboard).
-Fetching device data, approving a device, reporting a device requires a valid `device_token`.
-```ruby
-# Get device data
-::Castle::API::GetDevice.call(device_token: device_token)
-# Approve a device
-::Castle::API::ApproveDevice.call(device_token: device_token)
-# Report a device
-::Castle::API::ReportDevice.call(device_token: device_token)
-```
-#### castle_device_reporting_worker.rb
-```ruby
-class CastleDeviceReportingWorker
-  include Sidekiq::Worker
-  def perform(device_token)
-    ::Castle::API::ReportDevice.call(device_token: device_token)
-  end
-end
-```
-Fetching available devices that belong to a given user requires a valid `user_id`.
-```ruby
-# Get user's devices data
-::Castle::API::GetDevicesForUser.call(user_id: user.id)
-```
-## Impersonation mode
-https://castle.io/docs/impersonation_mode
+See [documentation](https://docs.castle.io/docs/) for how to use this SDK with the Castle APIs
 ## Exceptions
 `Castle::Error` will be thrown if the Castle API returns a 400 or a 500 level HTTP response.
 You can also choose to catch a more [finegrained error](https://github.com/castle/castle-ruby/blob/master/lib/castle/errors.rb).
-## Webhooks
-Castle uses webhooks to notify about `$incident.confirmed` or `$review.opened` events. Each webhook has `X-Castle-Signature` header that allows verifying webhook's source.
-```ruby
-# Verify the webhook, passed as a Request object
-::Castle::Webhooks::Verify.call(webhook_request)
-# Castle::WebhookVerificationError is raised when the signature is not matching
-```
-## Documentation
-[Official Castle docs](https://docs.castle.io/)

data/lib/castle/configuration.rb CHANGED Viewed

@@ -45,7 +45,6 @@ module Castle
       Te
       Upgrade-Insecure-Requests
       User-Agent
-      X-Castle-Client-Id
       X-Requested-With
     ].freeze

data/lib/castle/core/process_response.rb CHANGED Viewed

@@ -9,10 +9,11 @@ module Castle
         401 => Castle::UnauthorizedError,
         403 => Castle::ForbiddenError,
         404 => Castle::NotFoundError,
-        419 => Castle::UserUnauthorizedError,
-        422 => Castle::InvalidParametersError
+        419 => Castle::UserUnauthorizedError
       }.freeze
+      INVALID_REQUEST_TOKEN = 'invalid_request_token'
       class << self
         # @param response [Response]
         # @param config [Castle::Configuration, Castle::SingletonConfiguration, nil]
@@ -36,8 +37,29 @@ module Castle
           raise Castle::InternalServerError if response.code.to_i.between?(500, 599)
+          raise_error422(response) if response.code.to_i == 422
           error = RESPONSE_ERRORS.fetch(response.code.to_i, Castle::ApiError)
-          raise error, response[:message]
+          raise error
+        end
+        def raise_error422(response)
+          if response.body
+            begin
+              parsed_body = JSON.parse(response.body, symbolize_names: true)
+              if parsed_body.is_a?(Hash) && parsed_body.key?(:type)
+                if parsed_body[:type] == INVALID_REQUEST_TOKEN
+                  raise Castle::InvalidRequestTokenError, parsed_body[:message]
+                else
+                  raise Castle::InvalidParametersError, parsed_body[:message]
+                end
+              end
+            rescue JSON::ParserError
+            end
+          end
+          raise Castle::InvalidParametersError
         end
       end
     end

data/lib/castle/core/process_webhook.rb CHANGED Viewed

@@ -10,14 +10,11 @@ module Castle
         # @param config [Castle::Configuration, Castle::SingletonConfiguration, nil]
         # @return [String]
         def call(webhook, config = nil)
-          webhook
-            .body
-            .read
-            .tap do |result|
-              raise Castle::ApiError, 'Invalid webhook from Castle API' if result.blank?
+          webhook.body.read.tap do |result|
+            raise Castle::ApiError, 'Invalid webhook from Castle API' if result.blank?
-              Castle::Logger.call('webhook:', result.to_s, config)
-            end
+            Castle::Logger.call('webhook:', result.to_s, config)
+          end
         end
       end
     end

data/lib/castle/errors.rb CHANGED Viewed

@@ -53,6 +53,10 @@ module Castle
   class InvalidParametersError < Castle::ApiError
   end
+  # api error invalid param 422 (invalid token)
+  class InvalidRequestTokenError < Castle::ApiError
+  end
   # api error unauthorized 401
   class UnauthorizedError < Castle::ApiError
   end

data/lib/castle/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module Castle
-  VERSION = '7.1.2'
+  VERSION = '7.2.0'
 end

data/spec/lib/castle/client_spec.rb CHANGED Viewed

@@ -41,13 +41,18 @@ describe Castle::Client do
   let(:time_auto) { time_now.utc.iso8601(3) }
   let(:time_user) { (Time.now - 10_000).utc.iso8601(3) }
   let(:response_body) { {}.to_json }
+  let(:response_code) { 200 }
+  let(:stub_response) do
+    stub_request(:any, /api.castle.io/)
+      .with(basic_auth: ['', 'secret'])
+      .to_return(status: response_code, body: response_body, headers: {})
+  end
   before do
     Timecop.freeze(time_now)
     stub_const('Castle::VERSION', '2.2.0')
-    stub_request(:any, /api.castle.io/)
-      .with(basic_auth: ['', 'secret'])
-      .to_return(status: 200, body: response_body, headers: {})
+    stub_response
   end
   after { Timecop.return }

data/spec/support/shared_examples/action_request.rb CHANGED Viewed

@@ -152,4 +152,34 @@ RSpec.shared_examples_for 'action request' do |action|
       it { expect(request_response[:failover_reason]).to be_eql('Castle::InternalServerError') }
     end
   end
+  context 'when request is 422' do
+    describe 'throw InvalidParametersError' do
+      let(:response_body) { { type: 'bad_request', message: 'wrong params' }.to_json }
+      let(:response_code) { 422 }
+      it do
+        expect { request_response }.to raise_error(Castle::InvalidParametersError, 'wrong params')
+      end
+    end
+    describe 'throw InvalidParametersError for legacy endpoints' do
+      let(:response_body) { {}.to_json }
+      let(:response_code) { 422 }
+      it { expect { request_response }.to raise_error(Castle::InvalidParametersError) }
+    end
+    describe 'throw InvalidRequestTokenError' do
+      let(:response_body) { { type: 'invalid_request_token', message: 'invalid token' }.to_json }
+      let(:response_code) { 422 }
+      it do
+        expect { request_response }.to raise_error(
+          Castle::InvalidRequestTokenError,
+          'invalid token'
+        )
+      end
+    end
+  end
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: castle-rb
 version: !ruby/object:Gem::Version
-  version: 7.1.2
+  version: 7.2.0
 platform: ruby
 authors:
 - Johan Brissmyr
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-09-02 00:00:00.000000000 Z
+date: 2022-03-14 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: appraisal
@@ -177,7 +177,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.2.23
+rubygems_version: 3.2.27
 signing_key:
 specification_version: 4
 summary: Castle