evervault 1.0.0 → 1.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 7382a19b6a9fa82b2d37caa8f3e440f7bfce74bc18a237f13bdbd598dbb0d855
-  data.tar.gz: 78d8c04663caeca5ec0ff9336f403ec496b69fa61b25f134c9fae66eff91ab78
+  metadata.gz: 55a549b875f2600cd9de284bdb68f304f4eb89648f133a8cbdbe1a939e074e47
+  data.tar.gz: b9513f5951c014666e2084002cdb980dfb6d3f9f53053b4423802c2d1454e513
 SHA512:
-  metadata.gz: f0154d3c18eaa8685e6f1d26069c286609eaeb0bf8cc56049f53870ea3d374d0c7f45aeb855e47094dfc30b8a55d54d1122fac2ffc008e8a252ca843e711081e
-  data.tar.gz: 3915f0582de2f85ca71e9769f1cb4bf2bdd3013f50903beb8ae1946a39d9dd87733e340159aaf5c5192872ab1685ab39d6decd43d45487bd56dc8a4ea1914b4c
+  metadata.gz: 9debf55ef13bc0960edd10b5560fec41ef31b81aa442e4639e78ea2e00c07af024a95b554e972f7cbc17fe00b5c22c5a1ed53fc7a769685f388eb945439fc36c
+  data.tar.gz: 3dc9c66c55e519156c7c5d046027f5b0a6273494c72d0a644242d518b7b9140b2c6fab16754d8eaec9612087669f9bd2db26436f3af432e75a91ce493833f95e

data/.gitignore

@@ -10,8 +10,11 @@
 # rspec failure tracking
 .rspec_status
 
+# rbenv
+.ruby_version
+
 # JetBrains
 .idea/
 
 # VSCode
-.vscode/
+.vscode/

data/README.md

@@ -4,17 +4,17 @@
 
 # Evervault Ruby SDK
 
-The [Evervault](https://evervault.com) Ruby SDK is a toolkit for encrypting data as it enters your server, working with Cages, and proxying your outbound API requests to specific domains through [Outbound Relay](https://docs.evervault.com/concepts/relay/outbound-interception) to allow them to be decrypted before reaching their target.
+The [Evervault](https://evervault.com) Ruby SDK is a toolkit for encrypting data as it enters your server, working with Functions, and proxying your outbound API requests to specific domains through [Outbound Relay](https://docs.evervault.com/concepts/outbound-relay/overview) to allow them to be decrypted before reaching their target.
 
 ## Getting Started
 
 Before starting with the Evervault Ruby SDK, you will need to [create an account](https://app.evervault.com/register) and a team.
 
-For full installation support, [book time here](https://calendly.com/evervault/cages-onboarding).
+For full installation support, [book time here](https://calendly.com/evervault/support).
 
 ## Documentation
 
-See the Evervault [Ruby SDK documentation](https://docs.evervault.com/ruby).
+See the Evervault [Ruby SDK documentation](https://docs.evervault.com/reference/ruby-sdk).
 
 ## Installation
 
@@ -51,20 +51,29 @@ require "evervault"
 # Initialize the client with your team's API key
 Evervault.api_key = <YOUR-API-KEY>
 
-# Encrypt your data and run a cage
+# Encrypt your data
 encrypted_data = Evervault.encrypt({ hello: 'World!' })
 
-# Process the encrypted data in a Cage
-result = Evervault.run(<CAGE-NAME>, encrypted_data)
+# Process the encrypted data using a Function
+result = Evervault.run(<FUNCTION-NAME>, encrypted_data)
+
+# Send the decrypted data to a third-party API
+Evervault.enable_outbound_relay
+uri = URI('https://example.com')
+req = Net::HTTP::Post.new(uri.path, 'Content-Type' => 'application/json')
+req.body = encrypted_data.to_json
+http = Net::HTTP.new(uri.host, uri.port)
+http.use_ssl = true
+res = http.request(req)
 ```
 
 ## Reference
 
-The Evervault Ruby SDK exposes eight methods.
+The Evervault Ruby SDK exposes four methods.
 
 ### Evervault.encrypt
 
-`Evervault.encrypt` encrypts data for use in your [Evervault Cages](https://docs.evervault.com/tutorial). To encrypt data on your server, simply pass a supported value into the `Evervault.encrypt` method and then you can store the encrypted data in your database as normal.
+`Evervault.encrypt` encrypts data for use in your [Evervault Functions](https://docs.evervault.com/concepts/functions/overview). To encrypt data on your server, simply pass a supported value into the `Evervault.encrypt` method and then you can store the encrypted data in your database as normal.
 
 ```ruby
 Evervault.encrypt(data = String | Number | Boolean | Hash | Array)
@@ -74,176 +83,51 @@ Evervault.encrypt(data = String | Number | Boolean | Hash | Array)
 | --------- | ---- | ----------- |
 | data | `String`, `Number`, `Boolean`, `Hash`, `Array` | Data to be encrypted |
 
-### Evervault.relay
+### Evervault.enable_outbound_relay
 
-`Evervault.relay` specifies which domains should be proxied through outbound relay. See [Outbound Relay](https://docs.evervault.com/concepts/relay/outbound-interception) to learn more.  
+`Evervault.enable_outbound_relay` configures your application to proxy HTTP requests using Outbound Relay based on the configuration created in the Evervault UI. See [Outbound Relay](https://docs.evervault.com/concepts/outbound-relay/overview) to learn more.  
 
 ```ruby
-Evervault.relay(decryption_domains = Array)
+Evervault.enable_outbound_relay([decryption_domains = Array])
 ```
 
 | Parameter | Type | Description |
 | --------- | ---- | ----------- |
-| decryption_domains | `Array` | Requests sent to any of the domains listed will be proxied through outbound relay |
+| decryption_domains | `Array` | Optional -- Requests sent to any of the domains listed will be proxied through Outbound Relay. This will override the configuration created using the Evervault UI. |
 
 ### Evervault.run
 
-`Evervault.run` invokes a Cage with a given payload.
+`Evervault.run` invokes a Function with a given payload.
 
 ```ruby
-Evervault.run(cage_name = String, data = Hash[, options = Hash])
+Evervault.run(function_name = String, data = Hash[, options = Hash])
 ```
 
 | Parameter | Type | Description |
 | --------- | ---- | ----------- |
-| cageName | String | Name of the Cage to be run |
-| data | Hash | Payload for the Cage |
-| options | Hash | [Options for the Cage run](#Cage-Run-Options) |
+| function_name | String | Name of the Function to be run |
+| data | Hash | Payload for the Function |
+| options | Hash | [Options for the Function run](#Function-Run-Options) |
 
-#### Cage Run Options
+#### Function Run Options
 
 | Option | Type | Default | Description |
 | ------ | ---- | ------- | ----------- |
-| `async` | `Boolean` | `false` | Run your Cage in async mode. Async Cage runs will be queued for processing. |
-| `version` | `Integer` | `nil` | Specify the version of your Cage to run. By default, the latest version will be run. |
+| `async` | `Boolean` | `false` | Run your Function in async mode. Async Function runs will be queued for processing. |
+| `version` | `Integer` | `nil` | Specify the version of your Function to run. By default, the latest version will be run. |
 
-### Evervault.encrypt_and_run
+### Evervault.create_run_token
 
-Encrypt your data and use it as the payload to invoke the Cage.
+`Evervault.create_run_token` creates a single use, time bound token for invoking a Function.
 
 ```ruby
-Evervault.encrypt_and_run(cage_name = String, data = Hash)
+Evervault.create_run_token(function_name = String, data = Hash)
 ```
 
-| Parameter | Type | Description |
-| --------- | ---- | ----------- |
-| cageName | String | Name of the Cage to be run |
-| data | dict | Data to be encrypted |
-
-### Evervault.cages
-
-Return a hash of your team's Cage objects in hash format, with cage-name as keys
-
-```ruby
-Evervault.cages
-=> {"hello-cage-chilly-plum"=>
-  #<Evervault::Models::Cage:0x00007f8b900b4438
-   @name="hello-cage-chilly-plum",
-   @request=#<Evervault::Http::Request:0x00007f8b900b7d40 @api_key="API-KEY", @base_url="https://api.evervault.com/", @cage_run_url="https://cage.run/", @timeout=30>,
-   @uuid="c8a7ed58-4858-4510-a542-43125ccd1183">,
- "hello-cage-filthy-fuchsia"=>
-  #<Evervault::Models::Cage:0x00007f8b900b43e8
-   @name="hello-cage-filthy-fuchsia",
-   @request=#<Evervault::Http::Request:0x00007f8b900b7d40 @api_key="API-KEY", @base_url="https://api.evervault.com/", @cage_run_url="https://cage.run/", @timeout=30>,
-   @uuid="9af32d2b-53fa-406a-9abf-6a240648b45b">,
- "hello-cage-extra-amaranth"=>
-  #<Evervault::Models::Cage:0x00007f8b900b4398
-   @name="hello-cage-extra-amaranth",
-   @request=#<Evervault::Http::Request:0x00007f8b900b7d40 @api_key="API-KEY", @base_url="https://api.evervault.com/", @cage_run_url="https://cage.run/", @timeout=30>,
-   @uuid="5b99011e-a64d-4af7-bf81-619c8cb8c67f">,
- "twilio-cage-explicit-salmon"=>
-  #<Evervault::Models::Cage:0x00007f8b900b4348
-   @name="twilio-cage-explicit-salmon",
-   @request=#<Evervault::Http::Request:0x00007f8b900b7d40 @api_key="API-KEY", @base_url="https://api.evervault.com/", @cage_run_url="https://cage.run/", @timeout=30>,
-   @uuid="55986772-4db7-4695-ba44-1b807290ddea">}
-```
-
-### Evervault.cage_list
-
-Return a `CageList` object, containing a list of your team's Cages
-
-```ruby
-Evervault.cage_list
-=> #<Evervault::Models::CageList:0x00007f8b900b44b0
- @cages=
-  [#<Evervault::Models::Cage:0x00007f8b900b4438
-    @name="hello-cage-chilly-plum",
-    @request=#<Evervault::Http::Request:0x00007f8b900b7d40 @api_key="API-KEY", @base_url="https://api.evervault.com/", @cage_run_url="https://cage.run/", @timeout=30>,
-    @uuid="c8a7ed58-4858-4510-a542-43125ccd1183">,
-   #<Evervault::Models::Cage:0x00007f8b900b43e8
-    @name="hello-cage-filthy-fuchsia",
-    @request=#<Evervault::Http::Request:0x00007f8b900b7d40 @api_key="API-KEY", @base_url="https://api.evervault.com/", @cage_run_url="https://cage.run/", @timeout=30>,
-    @uuid="9af32d2b-53fa-406a-9abf-6a240648b45b">,
-   #<Evervault::Models::Cage:0x00007f8b900b4398
-    @name="hello-cage-extra-amaranth",
-    @request=#<Evervault::Http::Request:0x00007f8b900b7d40 @api_key="API-KEY", @base_url="https://api.evervault.com/", @cage_run_url="https://cage.run/", @timeout=30>,
-    @uuid="5b99011e-a64d-4af7-bf81-619c8cb8c67f">,
-   #<Evervault::Models::Cage:0x00007f8b900b4348
-    @name="twilio-cage-explicit-salmon",
-    @request=#<Evervault::Http::Request:0x00007f8b900b7d40 @api_key="API-KEY", @base_url="https://api.evervault.com/", @cage_run_url="https://cage.run/", @timeout=30>,
-    @uuid="55986772-4db7-4695-ba44-1b807290ddea">,
-   #<Evervault::Models::Cage:0x00007f8b900b42f8
-    @name="hello-cage-collective-aquamarine",
-    @request=#<Evervault::Http::Request:0x00007f8b900b7d40 @api_key="API-KEY", @base_url="https://api.evervault.com/", @cage_run_url="https://cage.run/", @timeout=30>,
-    @uuid="01691e76-691b-473e-aad5-44bf813ef146">,
-   #<Evervault::Models::Cage:0x00007f8b900b42a8
-    @name="twilio-cage-bored-scarlet",
-    @request=#<Evervault::Http::Request:0x00007f8b900b7d40 @api_key="API-KEY", @base_url="https://api.evervault.com/", @cage_run_url="https://cage.run/", @timeout=30>,
-    @uuid="dc056e8b-faf3-445b-9c95-0885b983c302">,
-   #<Evervault::Models::Cage:0x00007f8b900b4258
-    @name="hello-cage-front-emerald",
-    @request=#<Evervault::Http::Request:0x00007f8b900b7d40 @api_key="API-KEY", @base_url="https://api.evervault.com/", @cage_run_url="https://cage.run/", @timeout=30>,
-    @uuid="a30295e6-91fc-4d1d-837c-ac4c9b87d02d">]>
-```
-
-#### CageList.to_hash
-
-Converts a list of Cages to a hash with keys of CageName => Cage Model
-
-```ruby
-Evervault.cage_list.to_hash
-=> {"hello-cage-chilly-plum"=>
-  #<Evervault::Models::Cage:0x00007f8b900b4438
-   @name="hello-cage-chilly-plum",
-   @request=#<Evervault::Http::Request:0x00007f8b900b7d40 @api_key="API-KEY", @base_url="https://api.evervault.com/", @cage_run_url="https://cage.run/", @timeout=30>,
-   @uuid="c8a7ed58-4858-4510-a542-43125ccd1183">,
- "hello-cage-filthy-fuchsia"=>
-  #<Evervault::Models::Cage:0x00007f8b900b43e8
-   @name="hello-cage-filthy-fuchsia",
-   @request=#<Evervault::Http::Request:0x00007f8b900b7d40 @api_key="API-KEY", @base_url="https://api.evervault.com/", @cage_run_url="https://cage.run/", @timeout=30>,
-   @uuid="9af32d2b-53fa-406a-9abf-6a240648b45b">,
- "hello-cage-extra-amaranth"=>
-  #<Evervault::Models::Cage:0x00007f8b900b4398
-   @name="hello-cage-extra-amaranth",
-   @request=#<Evervault::Http::Request:0x00007f8b900b7d40 @api_key="API-KEY", @base_url="https://api.evervault.com/", @cage_run_url="https://cage.run/", @timeout=30>,
-   @uuid="5b99011e-a64d-4af7-bf81-619c8cb8c67f">,
- "twilio-cage-explicit-salmon"=>
-  #<Evervault::Models::Cage:0x00007f8b900b4348
-   @name="twilio-cage-explicit-salmon",
-   @request=#<Evervault::Http::Request:0x00007f8b900b7d40 @api_key="API-KEY", @base_url="https://api.evervault.com/", @cage_run_url="https://cage.run/", @timeout=30>,
-   @uuid="55986772-4db7-4695-ba44-1b807290ddea">,
- "hello-cage-collective-aquamarine"=>
-  #<Evervault::Models::Cage:0x00007f8b900b42f8
-   @name="hello-cage-collective-aquamarine",
-   @request=#<Evervault::Http::Request:0x00007f8b900b7d40 @api_key="API-KEY", @base_url="https://api.evervault.com/", @cage_run_url="https://cage.run/", @timeout=30>,
-   @uuid="01691e76-691b-473e-aad5-44bf813ef146">,
- "twilio-cage-bored-scarlet"=>
-  #<Evervault::Models::Cage:0x00007f8b900b42a8
-   @name="twilio-cage-bored-scarlet",
-   @request=#<Evervault::Http::Request:0x00007f8b900b7d40 @api_key="API-KEY", @base_url="https://api.evervault.com/", @cage_run_url="https://cage.run/", @timeout=30>,
-   @uuid="dc056e8b-faf3-445b-9c95-0885b983c302">,
- "hello-cage-front-emerald"=>
-  #<Evervault::Models::Cage:0x00007f8b900b4258
-   @name="hello-cage-front-emerald",
-   @request=#<Evervault::Http::Request:0x00007f8b900b7d40 @api_key="API-KEY", @base_url="https://api.evervault.com/", @cage_run_url="https://cage.run/", @timeout=30>,
-   @uuid="a30295e6-91fc-4d1d-837c-ac4c9b87d02d">}
-```
-
-### Evervault::Models::Cage.run
-
-Each Cage model exposes a `run` method, which allows you to run that particular Cage.
-
-*Note*: this does not encrypt data before running the Cage.
-```ruby
-cage = Evervault.cage_list.cages[0]
-cage.run({'name': 'testing'})
-=> {"result"=>{"message"=>"Hello, world!", "details"=>"Please send an encrypted `name` parameter to show cage decryption in action"}, "runId"=>"5428800061ff"}
-```
-
-| Parameter | Type | Description |
-| --------- | ---- | ----------- |
-| data | Hash | Payload for the Cage |
-| options | Hash | [Options for the Cage run](#Cage-Run-Options) |
+| Parameter | Type   | Description                                          |
+| --------- | ------ | ---------------------------------------------------- |
+| function_name | String | Name of the Function the run token should be created for |
+| data      | Hash   | Payload that the token can be used with              |
 
 ## Development
 
@@ -251,6 +135,8 @@ After checking out the repo, run `bin/setup` to install dependencies. Then, run
 
 To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
 
+[Rbenv](https://github.com/rbenv/rbenv) can also be used to install specific versions of Ruby.
+
 ## Contributing
 
 Bug reports and pull requests are welcome on GitHub at https://github.com/evervault/evervault-ruby.

data/lib/evervault/client.rb

@@ -1,8 +1,9 @@
 require_relative "http/request"
 require_relative "http/request_handler"
 require_relative "http/request_intercept"
+require_relative "http/relay_outbound_config"
+require_relative "threading/repeated_timer"
 require_relative "crypto/client"
-require_relative "models/cage_list"
 
 module Evervault
   class Client
@@ -19,7 +20,7 @@ module Evervault
     )
       @request = Evervault::Http::Request.new(timeout: request_timeout, api_key: api_key)
       @intercept = Evervault::Http::RequestIntercept.new(
-        request: @request, ca_host: ca_host, api_key: api_key, relay_url: relay_url
+        request: @request, ca_host: ca_host, api_key: api_key, base_url: base_url, relay_url: relay_url
       )
       @request_handler =
         Evervault::Http::RequestHandler.new(
@@ -33,26 +34,20 @@ module Evervault
       @crypto_client.encrypt(data)
     end
 
-    def run(cage_name, encrypted_data, options = {})
-      @request_handler.post(cage_name, encrypted_data, options: options, cage_run: true)
+    def run(function_name, encrypted_data, options = {})
+      @request_handler.post(function_name, encrypted_data, options: options, cage_run: true)
     end
 
-    def encrypt_and_run(cage_name, data, options = {})
-      encrypted_data = encrypt(data)
-      run(cage_name, encrypted_data, options)
+    def enable_outbound_relay(decryption_domains = nil)
+      if decryption_domains.nil?
+        @intercept.setup_outbound_relay_config
+      else
+        @intercept.setup_decryption_domains(decryption_domains)
+      end
     end
 
-    def cages
-      cage_list.to_hash
-    end
-
-    def cage_list
-      cages = @request_handler.get("cages")
-      @cage_list ||= Evervault::Models::CageList.new(cages: cages["cages"], request: @request)
-    end
-
-    def relay(decryption_domains=[])
-      @intercept.setup_domains(decryption_domains)
+    def create_run_token(function_name, data)
+      @request_handler.post("v2/functions/#{function_name}/run-token", data)
     end
   end
 end

data/lib/evervault/crypto/client.rb

@@ -77,8 +77,7 @@ module Evervault
       end
 
       private def generate_shared_key()
-        ec = OpenSSL::PKey::EC.new(@curve)
-        ec.generate_key
+        ec = OpenSSL::PKey::EC.generate(@curve)
         @ephemeral_public_key = ec.public_key
 
         decoded_team_key = OpenSSL::BN.new(Base64.strict_decode64(@team_key), 2)

data/lib/evervault/http/relay_outbound_config.rb

@@ -0,0 +1,55 @@
+module Evervault
+  module Http
+    class RelayOutboundConfig
+      DEFAULT_POLL_INTERVAL = 5
+      RELAY_OUTBOUND_CONFIG_API_ENDPOINT = "v2/relay-outbound"
+
+      @@destination_domains_cache = nil
+      @@poll_interval = DEFAULT_POLL_INTERVAL
+      @@timer = nil
+
+      def initialize(base_url:, request:)
+        @base_url = base_url
+        @request = request
+        if @@destination_domains_cache.nil?
+          get_relay_outbound_config
+        end
+        if @@timer.nil?
+          @@timer = Evervault::Threading::RepeatedTimer.new(@@poll_interval, -> { get_relay_outbound_config })
+        end
+      end
+
+      def get_destination_domains
+        @@destination_domains_cache
+      end
+
+      def self.disable_polling
+        unless @@timer.nil?
+          @@timer.stop
+          @@timer = nil
+        end
+      end
+
+      def self.clear_cache
+        @@destination_domains_cache = nil
+      end
+
+      private def get_relay_outbound_config
+        resp = @request.execute(:get, "#{@base_url}#{RELAY_OUTBOUND_CONFIG_API_ENDPOINT}", nil)
+        poll_interval = resp.headers["x-poll-interval"]
+        unless poll_interval.nil?
+          update_poll_interval(poll_interval.to_f)
+        end
+        resp_body = JSON.parse(resp.body)
+        @@destination_domains_cache = resp_body["outboundDestinations"].values.map{ |outbound_destination| outbound_destination["destinationDomain"] }
+      end
+
+      private def update_poll_interval(poll_interval)
+        @@poll_interval = poll_interval
+        unless @@timer.nil?
+          @@timer.update_interval(poll_interval)
+        end
+      end
+    end
+  end
+end

data/lib/evervault/http/request.rb

@@ -11,17 +11,14 @@ module Evervault
         @api_key = api_key
       end
 
-      def execute(method, url, params, optional_headers = {}, is_ca = false)
+      def execute(method, url, params, optional_headers = {})
         resp = Faraday.send(method, url) do |req|
             req.body = params.nil? || params.empty? ? nil : params.to_json
             req.headers = build_headers(optional_headers)
             req.options.timeout = @timeout
         end
         if resp.status >= 200 && resp.status <= 300
-          if is_ca
-            return resp.body
-          end
-          return JSON.parse(resp.body)
+          return resp
         end
         Evervault::Errors::ErrorMap.raise_errors_on_failure(resp.status, resp.body, resp.headers)
       end

data/lib/evervault/http/request_handler.rb

@@ -17,28 +17,36 @@ module Evervault
         if @cert.is_certificate_expired()
           @cert.setup()
         end
-        @request.execute(:get, build_url(path), params)
+        resp = @request.execute(:get, build_url(path), params)
+        parse_json_body(resp.body)
       end
 
       def put(path, params)
         if @cert.is_certificate_expired()
           @cert.setup()
         end
-        @request.execute(:put, build_url(path), params)
+        resp = @request.execute(:put, build_url(path), params)
+        parse_json_body(resp.body)
       end
 
       def delete(path, params)
         if @cert.is_certificate_expired()
           @cert.setup()
         end
-        @request.execute(:delete, build_url(path), params)
+        resp = @request.execute(:delete, build_url(path), params)
+        parse_json_body(resp.body)
       end
 
       def post(path, params, options: {}, cage_run: false)
         if @cert.is_certificate_expired()
           @cert.setup()
         end
-        @request.execute(:post, build_url(path, cage_run), params, build_cage_run_headers(options, cage_run))
+        resp = @request.execute(:post, build_url(path, cage_run), params, build_cage_run_headers(options, cage_run))
+        parse_json_body(resp.body)
+      end
+
+      private def parse_json_body(body)
+        JSON.parse(body)
       end
 
       private def build_url(path, cage_run = false)

data/lib/evervault/http/request_intercept.rb

@@ -11,8 +11,7 @@ module NetHTTPOverride
   @@relay_url = nil
   @@relay_port = nil
   @@cert = nil
-  @@decrypt_if_exact = []
-  @@decrypt_if_ends_with = []
+  @@get_decryption_domains_func = nil
 
   def self.set_api_key(value)
     @@api_key = value
@@ -28,20 +27,27 @@ module NetHTTPOverride
     @@cert = value
   end
 
-  def self.add_to_decrypt_if_exact(value)
-    @@decrypt_if_exact.append(value)
+  def self.add_get_decryption_domains_func(get_decryption_domains_func)
+    @@get_decryption_domains_func = get_decryption_domains_func
   end
 
-  def self.add_to_decrypt_if_ends_with(value)
-    @@decrypt_if_ends_with.append(value)
-  end
-
-  def should_decrypt(domain)
-    return (@@decrypt_if_exact.include? domain) || (@@decrypt_if_ends_with.any? { |suffix| domain.end_with? suffix })
+  def self.should_decrypt(domain)
+    if @@get_decryption_domains_func.nil?
+      false
+    else
+      decryption_domains = @@get_decryption_domains_func.call()
+      decryption_domains.any? { |decryption_domain| 
+        if decryption_domain.start_with?("*")
+          domain.end_with?(decryption_domain[1..-1])
+        else
+          domain == decryption_domain
+        end
+      }
+    end
   end
 
   def connect
-    if should_decrypt(conn_address)
+    if NetHTTPOverride.should_decrypt(conn_address)
       @cert_store = OpenSSL::X509::Store.new
       @cert_store.add_cert(@@cert)
       @proxy_from_env = false
@@ -52,7 +58,7 @@ module NetHTTPOverride
   end
 
   def request(req, body = nil, &block)
-    should_decrypt = should_decrypt(@address)
+    should_decrypt = NetHTTPOverride.should_decrypt(@address)
     if should_decrypt
       req["Proxy-Authorization"] = @@api_key
     end
@@ -65,11 +71,12 @@ Net::HTTP.send :prepend, NetHTTPOverride
 module Evervault
   module Http
     class RequestIntercept
-      def initialize(request:, ca_host:, api_key:, relay_url:)
+      def initialize(request:, ca_host:, api_key:, base_url:, relay_url:)
         NetHTTPOverride.set_api_key(api_key)
         NetHTTPOverride.set_relay_url(relay_url)
         
         @request = request
+        @base_url = base_url
         @ca_host = ca_host
         @expire_date = nil
         @initial_date = nil
@@ -85,15 +92,17 @@ module Evervault
         return false
       end
 
-      def setup_domains(decrypt_domains=[])
-        for domain in decrypt_domains
-          if domain.start_with?("www.")
-            domain = domain[4..-1]
-          end
-          NetHTTPOverride.add_to_decrypt_if_exact(domain)
-          NetHTTPOverride.add_to_decrypt_if_ends_with("." + domain)
-          NetHTTPOverride.add_to_decrypt_if_ends_with("@" + domain)
-        end
+      def setup_decryption_domains(decryption_domains)
+        NetHTTPOverride.add_get_decryption_domains_func(-> {
+          decryption_domains
+        })
+      end
+
+      def setup_outbound_relay_config
+        @relay_outbound_config = Evervault::Http::RelayOutboundConfig.new(base_url: @base_url, request: @request)
+        NetHTTPOverride.add_get_decryption_domains_func(-> {
+          @relay_outbound_config.get_destination_domains
+        })
       end
 
       def setup
@@ -107,7 +116,7 @@ module Evervault
         while !ca_content && i < 1
           i += 1
           begin
-            ca_content = @request.execute("get", @ca_host, nil, {}, is_ca: true)
+            ca_content = @request.execute("get", @ca_host, nil, {}).body
           rescue;
           end
         end

data/lib/evervault/threading/repeated_timer.rb

@@ -0,0 +1,40 @@
+module Evervault
+  module Threading
+    class RepeatedTimer
+      def initialize(interval, func)
+        @thread = nil
+        @interval = interval
+        @func = func
+        start
+      end
+
+      def start
+        if !running?
+          @thread = Thread.new do
+            loop do
+              sleep @interval
+              begin 
+                @func.call
+              rescue => e
+                # Silently ignore exceptions
+              end
+            end
+          end
+        end
+      end
+
+      def running?
+        !@thread.nil?
+      end
+
+      def stop
+        @thread.exit
+        @thread = nil
+      end
+
+      def update_interval(new_interval)
+        @interval = new_interval
+      end
+    end
+  end
+end

data/lib/evervault/version.rb

@@ -1,4 +1,4 @@
 module Evervault
-  VERSION = "1.0.0"
+  VERSION = "1.2.0"
   EV_VERSION = {"prime256v1" => "NOC", "secp256k1" => "DUB"}
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: evervault
 version: !ruby/object:Gem::Version
-  version: 1.0.0
+  version: 1.2.0
 platform: ruby
 authors:
 - Jonny O'Mahony
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2022-07-08 00:00:00.000000000 Z
+date: 2022-12-08 00:00:00.000000000 Z
 dependencies: []
 description: 
 email:
@@ -37,11 +37,11 @@ files:
 - lib/evervault/crypto/curves/p256.rb
 - lib/evervault/errors/error_map.rb
 - lib/evervault/errors/errors.rb
+- lib/evervault/http/relay_outbound_config.rb
 - lib/evervault/http/request.rb
 - lib/evervault/http/request_handler.rb
 - lib/evervault/http/request_intercept.rb
-- lib/evervault/models/cage.rb
-- lib/evervault/models/cage_list.rb
+- lib/evervault/threading/repeated_timer.rb
 - lib/evervault/version.rb
 - res/logo.svg
 - res/logo512.png

data/lib/evervault/models/cage.rb

@@ -1,18 +0,0 @@
-module Evervault
-  module Models
-    class Cage
-
-      attr_reader :name, :uuid
-      def initialize(name:, uuid:, request:)
-        @name = name
-        @uuid = uuid
-        @request = request
-      end
-
-      def run(params, options = {})
-        @request.post(self.name, params, options: options, cage_run: true)
-      end
-
-    end
-  end
-end

data/lib/evervault/models/cage_list.rb

@@ -1,22 +0,0 @@
-require_relative "cage"
-
-module Evervault
-  module Models
-    class CageList
-      attr_reader :cages
-      def initialize(cages:, request:)
-        @cages = build_cage_list(cages, request)
-      end
-
-      def to_hash
-        cage_hash = {}
-        cages.each { |cage| cage_hash[cage.name] = cage }
-        cage_hash
-      end
-
-      private def build_cage_list(cages, request)
-        cages.map { |cage| Cage.new(name: cage["name"], uuid: cage["uuid"], request: request) }
-      end
-    end
-  end
-end