datadome_fraud_sdk_ruby 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 562e73467299bca33309183c1e8f84e26571346082000ca19767295d4bcdb558
+  data.tar.gz: 9f60b87c715a36bc402d76018b9b96f7d30a901d8f1e07b6488f7537c2251f87
+SHA512:
+  metadata.gz: 7163115049e8696367c168e69a36a1fa36f80f6bb64e72baeaab93c9614136feefe89954ec9e415913d51db72eb152670f91e2dac7f5223c5ddc225286d43979
+  data.tar.gz: 6600c8180c52163a5039c47d4ae5895142e57b63a602ae13bef327e4a8137e393a64540bdc00e2bcf8a549b38640c9915e77beb3cc75495ab7ab7a514300eafc

data/README.md

@@ -0,0 +1,2 @@
+# fraud-sdk-ruby
+Fraud Protection for Ruby

data/lib/constants.rb

@@ -0,0 +1,2 @@
+SDK_VERSION = '0.1.0'
+SDK_NAME = 'datadome_fraud_sdk_ruby'

data/lib/datadome_fraud_sdk_ruby.rb

@@ -0,0 +1,123 @@
+# frozen_string_literal: true
+
+require "faraday"
+require "json"
+require_relative "model/events"
+require_relative "model/user"
+require_relative "model/session"
+require_relative "model/operation"
+require_relative "model/api/request"
+require_relative "model/api/response"
+
+class DataDome
+  attr_accessor :timeout, :endpoint, :logger
+
+  def initialize(timeout = 1500, endpoint = "account-api.datadome.co", logger = Logger.new(STDOUT))
+    @timeout = timeout
+    @endpoint = endpoint
+    @logger = logger
+  end
+
+  def validate(request, event)
+    if event.status == StatusType::UNDEFINED
+      event.status = StatusType::SUCCEEDED
+    end
+
+    payload = build_payload(request, event)
+
+    begin
+      api_response = sendRequest(OperationType::VALIDATE, event.action, payload)
+
+      begin
+        body = JSON.parse(api_response.body) unless api_response.body.nil?
+      rescue JSON::ParserError => e
+        @logger.error("DataDome: error parsing JSON from Fraud API #{e.message}")
+        return DataDomeResponseError.new(DataDomeResponseAction::ALLOW, DataDomeResponseStatus::FAILURE, "DataDome: error parsing JSON from Fraud API", e.message)
+      end
+
+      if api_response.success?
+        datadome_response = DataDomeResponseSuccess.new(DataDomeResponseAction::ALLOW, DataDomeResponseStatus::OK, body["reasons"], body["ip"], body["location"])
+        if body["action"] === DataDomeResponseAction::DENY
+          datadome_response.action = DataDomeResponseAction::DENY
+        end
+      else
+        @logger.error("DataDome: error on Fraud API response #{body["errors"]}")
+        return DataDomeResponseError.new(DataDomeResponseAction::ALLOW, DataDomeResponseStatus::FAILURE, body["message"], body["errors"])
+      end
+    rescue Faraday::TimeoutError => e
+      return DataDomeResponseError.new(DataDomeResponseAction::ALLOW, DataDomeResponseStatus::TIMEOUT, "DataDome Fraud API request timeout", e.message)
+    rescue Faraday::ConnectionFailed => e
+      return DataDomeResponseError.new(DataDomeResponseAction::ALLOW, DataDomeResponseStatus::FAILURE, "DataDome Fraud API request failed", e.message)
+    end
+
+    datadome_response
+  end
+
+  def collect(request, event)
+    if event.status == StatusType::UNDEFINED
+      event.status = StatusType::FAILED
+    end
+
+    payload = build_payload(request, event)
+
+    begin
+      api_response = sendRequest(OperationType::COLLECT, event.action, payload)
+
+      if api_response.success?
+        datadome_response = DataDomeResponseSuccess.new(nil, DataDomeResponseStatus::OK, nil, nil, nil)
+      else
+        begin
+          body = JSON.parse(api_response.body)
+          @logger.error("DataDome: error on Fraud API response #{body["errors"]}")
+          datadome_response = DataDomeResponseError.new(nil, DataDomeResponseStatus::FAILURE, body["message"], body["errors"])
+        rescue JSON::ParserError => e
+          @logger.error("DataDome: error parsing JSON from Fraud API #{e.message}")
+          return DataDomeResponseError.new(nil, DataDomeResponseStatus::FAILURE, "DataDome: error parsing JSON from Fraud API", e.message)
+        end
+      end
+    rescue Faraday::TimeoutError => e
+      datadome_response = DataDomeResponseError.new(nil, DataDomeResponseStatus::TIMEOUT, "DataDome Fraud API request timeout", e.message)
+    rescue Faraday::ConnectionFailed => e
+      datadome_response = DataDomeResponseError.new(nil, DataDomeResponseStatus::FAILURE, "DataDome Fraud API request failed", e.message)
+    end
+
+    datadome_response
+  end
+
+  private
+
+  def sendRequest(operation, event, payload)
+    api_response = client.post("/v1/" + operation + "/" + event) do |req|
+      req.body = payload.to_json
+    end
+    api_response
+  end
+
+  def build_payload(request, event)
+    metadata = event.merge_with(DataDomeRequest.new(request))
+    payload = {}
+    metadata.instance_variables.each do |var|
+      key = var.to_s.delete("@") # Remove '@' from variable name to get key
+      payload[key] = metadata.instance_variable_get(var)
+    end
+    payload
+  end
+
+  def client
+    Faraday.new(api_uri) do |req|
+      req.adapter Faraday.default_adapter
+      req.options[:timeout] = @timeout / 1000.0 #timeout in seconds
+      req.headers["accept"] = "application/json"
+      req.headers["content-type"] = "application/json"
+      req.headers["x-api-key"] = ENV["DATADOME_FRAUD_API_KEY"]
+      req.ssl.verify = true if api_uri.scheme == "https"
+    end
+  end
+
+  def api_uri
+    url = @endpoint
+    url = "https://#{url}" unless (url.downcase.start_with?("https://") || url.include?("://"))
+
+    URI(url)
+  end
+end

data/lib/model/address.rb

@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+
+class Address
+  attr_accessor :name, :line1, :line2, :city, :countryCode, :country, :regionCode, :zipCode
+
+  def initialize(name = nil, line1 = nil, line2 = nil, city = nil, countryCode = nil, country = nil, regionCode = nil, zipCode = nil)
+    @name = name
+    @line1 = line1
+    @line2 = line2
+    @city = city
+    @countryCode = countryCode
+    @country = country
+    @regionCode = regionCode
+    @zipCode = zipCode
+  end
+
+  def to_s
+    "Address: name=#{name}, line1=#{line1}, line2=#{line2}, city=#{city}, countryCode=#{countryCode}, country=#{country}, regionCode=#{regionCode}, zipCode=#{zipCode}"
+  end
+
+  def to_json(options = {})
+    {
+      name: name,
+      line1: line1,
+      line2: line2,
+      city: city,
+      countryCode: countryCode,
+      country: country,
+      regionCode: regionCode,
+      zipCode: zipCode,
+    }.to_json
+  end
+end

data/lib/model/api/request.rb

@@ -0,0 +1,82 @@
+# frozen_string_literal: true
+
+require_relative "../../constants"
+
+class DatadomeModule
+  attr_accessor :requestTimeMicros, :name, :version
+
+  def initialize
+    @requestTimeMicros = Time.now.strftime("%s%6N").to_i
+    @name = "Fraud SDK Ruby"
+    @version = SDK_VERSION
+  end
+
+  def to_json(options = {})
+    {
+      requestTimeMicros: @requestTimeMicros,
+      name: @name,
+      version: @version,
+    }.to_json
+  end
+end
+
+class DataDomeHeaders
+  attr_accessor :addr, :clientIp, :contentype, :host, :port, :xRealIP, :xForwardedForIp,
+                :acceptEncoding, :acceptLanguage, :accept, :method, :protocol, :serverHostname,
+                :referer, :userAgent, :from, :request, :origin, :acceptCharset, :connection,
+                :clientId, :secCHUA, :secCHUAMobile, :secCHUAPlatform, :secCHUAArch,
+                :secCHUAFullVersionList, :secCHUAModel, :secCHDeviceMemory
+
+  def initialize(request)
+    @addr = request.remote_ip
+    @clientIp = request.headers["HTTP_CLIENT_IP"]
+    @contentype = truncate(request.headers["Content-Type"], 64)
+    @host = truncate(request.headers["HTTP_HOST"], 512)
+    @port = request.port || 0
+    @xRealIP = truncate(request.headers["HTTP_X_REAL_IP"], 128)
+    @xForwardedForIp = truncate(request.headers["HTTP_X_FORWARDED_FOR"], -512)
+    @acceptEncoding = truncate(request.headers["HTTP_ACCEPT_ENCODING"], 128)
+    @acceptLanguage = truncate(request.headers["HTTP_ACCEPT_LANGUAGE"], 256)
+    @accept = truncate(request.headers["HTTP_ACCEPT"], 512)
+    @method = request.method
+    @protocol = request.protocol.gsub("://", "")
+    @serverHostname = truncate(request.headers["HTTP_HOST"], 256)
+    @referer = truncate(request.headers["HTTP_REFERER"], 1024)
+    @userAgent = truncate(request.headers["HTTP_USER_AGENT"], 768)
+    @from = truncate(request.headers["HTTP_FROM"], 128)
+    @request = [request.path, request.query_string].reject(&:blank?).join("?")[0, 2048]
+    @origin = truncate(request.headers["HTTP_ORIGIN"], 512)
+    @acceptCharset = truncate(request.headers["HTTP_ACCEPT_CHARSET"], 128)
+    @connection = truncate(request.headers["HTTP_CONNECTION"], 128)
+    @clientId = request.cookies["datadome"]
+    @secCHUA = truncate(request.headers["HTTP_SEC_CH_UA"], 128)
+    @secCHUAMobile = truncate(request.headers["HTTP_SEC_CH_UA_MOBILE"], 8)
+    @secCHUAPlatform = truncate(request.headers["HTTP_SEC_CH_UA_PLATFORM"], 32)
+    @secCHUAArch = truncate(request.headers["HTTP_SEC_CH_UA_ARCH"], 16)
+    @secCHUAFullVersionList = truncate(request.headers["HTTP_SEC_CH_UA_FULL_VERSION_LIST"], 256)
+    @secCHUAModel = truncate(request.headers["HTTP_SEC_CH_UA_MODEL"], 128)
+    @secCHDeviceMemory = truncate(request.headers["HTTP_SEC_CH_DEVICE_MEMORY"], 8)
+  end
+
+  def truncate(value, max_length = nil)
+    return value if value.nil? || max_length.nil?
+
+    max_length < 0 ? value[max_length] : value[0, max_length]
+  end
+end
+
+class DataDomeRequest
+  attr_accessor :module, :header
+
+  def initialize(request)
+    @module = DatadomeModule.new
+    @header = DataDomeHeaders.new(request)
+  end
+
+  def to_json(options = {})
+    {
+      module: @module.to_json,
+      header: @header.to_json,
+    }.to_json
+  end
+end

data/lib/model/api/response.rb

@@ -0,0 +1,84 @@
+# frozen_string_literal: true
+
+module DataDomeResponseAction
+  ALLOW = "allow"
+  DENY = "deny"
+end
+
+module DataDomeResponseStatus
+  OK = "ok"
+  FAILURE = "failure"
+  TIMEOUT = "timeout"
+end
+
+class Error
+  attr_accessor :field, :error
+end
+
+class DataDomeResponse
+  attr_accessor :action, :status
+
+  def initialize(action, status)
+    @action = action
+    @status = status
+  end
+
+  def to_s
+    "DataDomeResponse: action=#{action}, status=#{status}"
+  end
+
+  def to_json(options = {})
+    {
+      action: @action,
+      status: @status,
+    }.to_json
+  end
+end
+
+class DataDomeResponseSuccess < DataDomeResponse
+  attr_accessor :ip, :reasons, :location
+
+  def initialize(action, status, reasons, ip, location)
+    super(action, status)
+    @reasons = reasons
+    @ip = ip
+    @location = location
+  end
+
+  def to_s
+    "DataDomeResponseSuccess: action=#{action}, status=#{status}, reasons=#{reasons}, ip=#{ip}, location=#{location}"
+  end
+
+  def to_json(options = {})
+    {
+      action: @action,
+      status: @status,
+      reasons: @reasons,
+      ip: @ip,
+      location: @location,
+    }.to_json
+  end
+end
+
+class DataDomeResponseError < DataDomeResponse
+  attr_accessor :message, :errors
+
+  def initialize(action, status, message, errors)
+    super(action, status)
+    @message = message
+    @errors = errors
+  end
+
+  def to_s
+    "DataDomeResponseError: action=#{action}, status=#{status}, message=#{message}, errors=#{errors}"
+  end
+
+  def to_json(options = {})
+    {
+      action: @action,
+      status: @status,
+      message: @message,
+      errors: @errors,
+    }.to_json
+  end
+end

data/lib/model/events.rb

@@ -0,0 +1,52 @@
+# frozen_string_literal: true
+
+module ActionType
+  LOGIN = "login"
+  REGISTER = "registration"
+  PAYMENT = "payment"
+end
+
+module StatusType
+  SUCCEEDED = "succeeded"
+  FAILED = "failed"
+  UNDEFINED = "undefined"
+end
+
+class DataDomeEvent
+  attr_accessor :action, :status, :account
+
+  def initialize(action, account, status = StatusType::UNDEFINED)
+    @action = action
+    @account = account
+    @status = status
+  end
+
+  def merge_with(request_data)
+    request_data.instance_variable_set(:@account, @account)
+    request_data.instance_variable_set(:@status, @status)
+    request_data
+  end
+end
+
+class LoginEvent < DataDomeEvent
+  def initialize(account, status = StatusType::UNDEFINED)
+    super(ActionType::LOGIN, account, status)
+  end
+end
+
+class RegistrationEvent < DataDomeEvent
+  attr_accessor :user, :session
+
+  def initialize(account, user, session = nil, status = StatusType::UNDEFINED)
+    super(ActionType::REGISTER, account, status)
+    @session = session
+    @user = user
+  end
+
+  def merge_with(request_data)
+    super(request_data)
+    request_data.instance_variable_set(:@session, @session)
+    request_data.instance_variable_set(:@user, @user)
+    request_data
+  end
+end

data/lib/model/operation.rb

@@ -0,0 +1,6 @@
+# frozen_string_literal: true
+
+module OperationType
+  VALIDATE = "validate"
+  COLLECT = "collect"
+end

data/lib/model/session.rb

@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+
+class DataDomeSession
+  def initialize(id, createdAt = Time.now.strftime("%s%6N").to_i)
+    @id = id
+    @createdAt = createdAt
+  end
+
+  def to_s
+    "DataDomeSession: id=#{id}, createdAt =#{createdAt}"
+  end
+
+  def to_json(options = {})
+    {
+      id: id,
+      createdAt: createdAt,
+    }.to_json
+  end
+end

data/lib/model/user.rb

@@ -0,0 +1,40 @@
+# frozen_string_literal: true
+
+require "time"
+require_relative "./address"
+
+module Title
+  EMPTY = nil
+  MR = "mr"
+  MRS = "mrs"
+  MX = "mx"
+end
+
+class DataDomeUser
+  def initialize(id, title = nil, firstName = nil, lastName = nil, createdAt = Time.now.iso8601, phone = nil, email = nil, address = nil)
+    @id = id
+    @title = title
+    @firstName = firstName
+    @lastName = lastName
+    @createdAt = createdAt
+    @phone = phone
+    @email = email
+    @address = address
+  end
+
+  def to_s
+    "DataDomeUser: id=#{id}, title =#{title}, firstname =#{firstName}, lastname =#{lastName} createdAt =#{createdAt}, phone =#{phone}, address= #{address}"
+  end
+
+  def to_json(options = {})
+    {
+      id: @id,
+      firstName: @firstName,
+      lastName: @lastName,
+      createdAt: @createdAt,
+      phone: @phone,
+      email: @email,
+      address: @address,
+    }.to_json
+  end
+end

metadata

@@ -0,0 +1,67 @@
+--- !ruby/object:Gem::Specification
+name: datadome_fraud_sdk_ruby
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- DataDome
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2024-04-17 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: faraday
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.8'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.8'
+description: DataDome Fraud Protection - Ruby SDK
+email: support@datadome.co
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- README.md
+- lib/constants.rb
+- lib/datadome_fraud_sdk_ruby.rb
+- lib/model/address.rb
+- lib/model/api/request.rb
+- lib/model/api/response.rb
+- lib/model/events.rb
+- lib/model/operation.rb
+- lib/model/session.rb
+- lib/model/user.rb
+homepage: https://datadome.co/
+licenses:
+- Apache-2.0
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.4.19
+signing_key: 
+specification_version: 4
+summary: DataDome Account Protect detects account takeover threats and protects you
+  against them.
+test_files: []