RubyGems - have_i_been_pwned_api - Versions diffs - 0.1.0 - Mend

have_i_been_pwned_api 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (44) hide show

checksums.yaml +7 -0
data/.rspec +3 -0
data/.rubocop.yml +20 -0
data/CHANGELOG.md +5 -0
data/LICENSE.txt +21 -0
data/README.md +406 -0
data/Rakefile +8 -0
data/lib/have_i_been_pwned_api/client.rb +71 -0
data/lib/have_i_been_pwned_api/configuration.rb +37 -0
data/lib/have_i_been_pwned_api/endpoints/breaches/breach.rb +25 -0
data/lib/have_i_been_pwned_api/endpoints/breaches/breached_account.rb +33 -0
data/lib/have_i_been_pwned_api/endpoints/breaches/breached_domain.rb +26 -0
data/lib/have_i_been_pwned_api/endpoints/breaches/breaches.rb +30 -0
data/lib/have_i_been_pwned_api/endpoints/breaches/data_classes.rb +23 -0
data/lib/have_i_been_pwned_api/endpoints/breaches/latest_breach.rb +24 -0
data/lib/have_i_been_pwned_api/endpoints/breaches/subscribed_domains.rb +22 -0
data/lib/have_i_been_pwned_api/endpoints/breaches.rb +18 -0
data/lib/have_i_been_pwned_api/endpoints/endpoint.rb +33 -0
data/lib/have_i_been_pwned_api/endpoints/pastes/paste_account.rb +25 -0
data/lib/have_i_been_pwned_api/endpoints/pastes.rb +12 -0
data/lib/have_i_been_pwned_api/endpoints/pwned_passwords/check_pwd.rb +41 -0
data/lib/have_i_been_pwned_api/endpoints/pwned_passwords.rb +12 -0
data/lib/have_i_been_pwned_api/endpoints/stealer_logs/by_email.rb +24 -0
data/lib/have_i_been_pwned_api/endpoints/stealer_logs/by_email_domain.rb +24 -0
data/lib/have_i_been_pwned_api/endpoints/stealer_logs/by_website_domain.rb +24 -0
data/lib/have_i_been_pwned_api/endpoints/stealer_logs.rb +14 -0
data/lib/have_i_been_pwned_api/endpoints/subscription/status.rb +22 -0
data/lib/have_i_been_pwned_api/endpoints/subscription.rb +12 -0
data/lib/have_i_been_pwned_api/error.rb +48 -0
data/lib/have_i_been_pwned_api/models/breaches/breach.rb +43 -0
data/lib/have_i_been_pwned_api/models/breaches/breach_collection.rb +21 -0
data/lib/have_i_been_pwned_api/models/breaches/breached_domain.rb +16 -0
data/lib/have_i_been_pwned_api/models/breaches/domain.rb +39 -0
data/lib/have_i_been_pwned_api/models/breaches/truncated_breach.rb +13 -0
data/lib/have_i_been_pwned_api/models/pastes/paste.rb +37 -0
data/lib/have_i_been_pwned_api/models/pastes/paste_collection.rb +17 -0
data/lib/have_i_been_pwned_api/models/subscription/subscription_status.rb +38 -0
data/lib/have_i_been_pwned_api/models.rb +14 -0
data/lib/have_i_been_pwned_api/version.rb +5 -0
data/lib/have_i_been_pwned_api.rb +24 -0
data/lib/utils/autoloader.rb +20 -0
data/lib/utils/strings.rb +13 -0
data/sig/have_i_been_pwned_api.rbs +4 -0
metadata +88 -0

data/lib/have_i_been_pwned_api/endpoints/breaches/breaches.rb ADDED Viewed

@@ -0,0 +1,30 @@
+# frozen_string_literal: true
+require_relative "../endpoint"
+module HaveIBeenPwnedApi
+  module Breaches
+    class Breaches < Endpoint
+      ALLOWED_PARAMS = %i[domain is_spam_list].freeze
+      class << self
+        def call(**kwargs)
+          params = parse_optional_params(kwargs, ALLOWED_PARAMS)
+          data = Client.get(uri(params))
+          Models::BreachCollection.new(data, truncated: false)
+        rescue NotFound
+          Models::BreachCollection.new({})
+        end
+        private
+        def uri(params)
+          uri = URI("#{endpoint_url}breaches")
+          uri.query = URI.encode_www_form(params) unless params.empty?
+          uri
+        end
+      end
+    end
+  end
+end

data/lib/have_i_been_pwned_api/endpoints/breaches/data_classes.rb ADDED Viewed

@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+require_relative "../endpoint"
+module HaveIBeenPwnedApi
+  module Breaches
+    class DataClasses < Endpoint
+      class << self
+        def call
+          Client.get(uri)
+        rescue NotFound
+          []
+        end
+        private
+        def uri
+          URI("#{endpoint_url}dataclasses")
+        end
+      end
+    end
+  end
+end

data/lib/have_i_been_pwned_api/endpoints/breaches/latest_breach.rb ADDED Viewed

@@ -0,0 +1,24 @@
+# frozen_string_literal: true
+require_relative "../endpoint"
+module HaveIBeenPwnedApi
+  module Breaches
+    class LatestBreach < Endpoint
+      class << self
+        def call
+          data = Client.get(uri)
+          Models::Breach.new(data)
+        rescue NotFound
+          Models::Breach.new({})
+        end
+        private
+        def uri
+          URI("#{endpoint_url}latestbreach")
+        end
+      end
+    end
+  end
+end

data/lib/have_i_been_pwned_api/endpoints/breaches/subscribed_domains.rb ADDED Viewed

@@ -0,0 +1,22 @@
+# frozen_string_literal: true
+require_relative "../endpoint"
+module HaveIBeenPwnedApi
+  module Breaches
+    class SubscribedDomains < Endpoint
+      class << self
+        def call
+          data = Client.get(uri)
+          Array(data).map { |d| Models::Domain.new(d) }
+        end
+        private
+        def uri
+          URI("#{endpoint_url}subscribeddomains")
+        end
+      end
+    end
+  end
+end

data/lib/have_i_been_pwned_api/endpoints/breaches.rb ADDED Viewed

@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+require_relative "breaches/latest_breach"
+require_relative "breaches/breached_account"
+require_relative "breaches/breach"
+require_relative "breaches/breached_domain"
+require_relative "breaches/breaches"
+require_relative "breaches/data_classes"
+require_relative "breaches/subscribed_domains"
+require_relative "../../utils/strings"
+require_relative "../../utils/autoloader"
+module HaveIBeenPwnedApi
+  module Breaches
+    Utils::Autoloader.define_endpoint_methods(self)
+  end
+end

data/lib/have_i_been_pwned_api/endpoints/endpoint.rb ADDED Viewed

@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+module HaveIBeenPwnedApi
+  class Endpoint
+    class << self
+      def type
+        :premium
+      end
+      def endpoint_url
+        config.base_url_for_endpoint_type(type)
+      end
+      def config
+        HaveIBeenPwnedApi.config
+      end
+      private
+      def parse_optional_params(kwargs, allowed_params)
+        params = {}
+        kwargs.map do |key, value|
+          raise Error, "Invalid argument #{key}" unless allowed_params.include?(key)
+          key = key.to_s.gsub("_", "")
+          params[key] = value unless value.nil?
+        end
+        params
+      end
+    end
+  end
+end

data/lib/have_i_been_pwned_api/endpoints/pastes/paste_account.rb ADDED Viewed

@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+require_relative "../endpoint"
+module HaveIBeenPwnedApi
+  module Pastes
+    class PasteAccount < Endpoint
+      class << self
+        def call(account:)
+          data = Client.get(uri(account))
+          Models::PasteCollection.new(data)
+        rescue NotFound
+          Models::PasteCollection.new({})
+        end
+        private
+        def uri(account)
+          encoded_account = URI.encode_www_form_component(account)
+          URI("#{endpoint_url}pasteaccount/#{encoded_account}")
+        end
+      end
+    end
+  end
+end

data/lib/have_i_been_pwned_api/endpoints/pastes.rb ADDED Viewed

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+require_relative "pastes/paste_account"
+require_relative "../../utils/strings"
+require_relative "../../utils/autoloader"
+module HaveIBeenPwnedApi
+  module Pastes
+    Utils::Autoloader.define_endpoint_methods(self)
+  end
+end

data/lib/have_i_been_pwned_api/endpoints/pwned_passwords/check_pwd.rb ADDED Viewed

@@ -0,0 +1,41 @@
+# frozen_string_literal: true
+require_relative "../endpoint"
+require "digest"
+module HaveIBeenPwnedApi
+  module PwnedPasswords
+    class CheckPwd < Endpoint
+      class << self
+        def type
+          :free
+        end
+        def call(password:, add_padding: false)
+          digest = hash_password(password)
+          data = Client.get(uri(digest[..4]),
+                            headers: { add_padding: add_padding })
+          count_password_appereances(digest, data)
+        end
+        private
+        def count_password_appereances(digest, data)
+          partial_hash = Regexp.escape(digest[5..])
+          count = data.match(/#{partial_hash}:(\d+)/) { $1.to_i }
+          count.nil? ? 0 : count
+        end
+        def hash_password(password)
+          Digest::SHA1.hexdigest(password).upcase
+        end
+        def uri(digest_chars)
+          URI("#{endpoint_url}range/#{digest_chars}")
+        end
+      end
+    end
+  end
+end

data/lib/have_i_been_pwned_api/endpoints/pwned_passwords.rb ADDED Viewed

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+require_relative "pwned_passwords/check_pwd"
+require_relative "../../utils/strings"
+require_relative "../../utils/autoloader"
+module HaveIBeenPwnedApi
+  module PwnedPasswords
+    Utils::Autoloader.define_endpoint_methods(self)
+  end
+end

data/lib/have_i_been_pwned_api/endpoints/stealer_logs/by_email.rb ADDED Viewed

@@ -0,0 +1,24 @@
+# frozen_string_literal: true
+require_relative "../endpoint"
+module HaveIBeenPwnedApi
+  module StealerLogs
+    class ByEmail < Endpoint
+      class << self
+        def call(email:)
+          Client.get(uri(email))
+        rescue NotFound
+          []
+        end
+        private
+        def uri(email)
+          encoded_email = URI.encode_www_form_component(email)
+          URI("#{endpoint_url}stealerlogsbyemail/#{encoded_email}")
+        end
+      end
+    end
+  end
+end

data/lib/have_i_been_pwned_api/endpoints/stealer_logs/by_email_domain.rb ADDED Viewed

@@ -0,0 +1,24 @@
+# frozen_string_literal: true
+require_relative "../endpoint"
+module HaveIBeenPwnedApi
+  module StealerLogs
+    class ByEmailDomain < Endpoint
+      class << self
+        def call(domain:)
+          Client.get(uri(domain))
+        rescue NotFound
+          {}
+        end
+        private
+        def uri(domain)
+          encoded_domain = URI.encode_www_form_component(domain)
+          URI("#{endpoint_url}stealerlogsbyemaildomain/#{encoded_domain}")
+        end
+      end
+    end
+  end
+end

data/lib/have_i_been_pwned_api/endpoints/stealer_logs/by_website_domain.rb ADDED Viewed

@@ -0,0 +1,24 @@
+# frozen_string_literal: true
+require_relative "../endpoint"
+module HaveIBeenPwnedApi
+  module StealerLogs
+    class ByWebsiteDomain < Endpoint
+      class << self
+        def call(domain:)
+          Client.get(uri(domain))
+        rescue NotFound
+          []
+        end
+        private
+        def uri(domain)
+          encoded_domain = URI.encode_www_form_component(domain)
+          URI("#{endpoint_url}stealerlogsbywebsitedomain/#{encoded_domain}")
+        end
+      end
+    end
+  end
+end

data/lib/have_i_been_pwned_api/endpoints/stealer_logs.rb ADDED Viewed

@@ -0,0 +1,14 @@
+# frozen_string_literal: true
+require_relative "stealer_logs/by_email"
+require_relative "stealer_logs/by_email_domain"
+require_relative "stealer_logs/by_website_domain"
+require_relative "../../utils/strings"
+require_relative "../../utils/autoloader"
+module HaveIBeenPwnedApi
+  module StealerLogs
+    Utils::Autoloader.define_endpoint_methods(self)
+  end
+end

data/lib/have_i_been_pwned_api/endpoints/subscription/status.rb ADDED Viewed

@@ -0,0 +1,22 @@
+# frozen_string_literal: true
+require_relative "../endpoint"
+module HaveIBeenPwnedApi
+  module Subscription
+    class Status < Endpoint
+      class << self
+        def call
+          data = Client.get(uri)
+          Models::SubscriptionStatus.new(data)
+        end
+        private
+        def uri
+          URI("#{endpoint_url}subscription/status")
+        end
+      end
+    end
+  end
+end

data/lib/have_i_been_pwned_api/endpoints/subscription.rb ADDED Viewed

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+require_relative "subscription/status"
+require_relative "../../utils/strings"
+require_relative "../../utils/autoloader"
+module HaveIBeenPwnedApi
+  module Subscription
+    Utils::Autoloader.define_endpoint_methods(self)
+  end
+end

data/lib/have_i_been_pwned_api/error.rb ADDED Viewed

@@ -0,0 +1,48 @@
+# frozen_string_literal: true
+module HaveIBeenPwnedApi
+  class Error < StandardError
+    attr_reader :detail
+    DEFAULT_MESSAGE = "An unexpected error occurred"
+    # @param message [String] custom error message
+    # @param detail  [String, nil] raw response body or other debug info
+    def initialize(message = nil, detail: nil)
+      super(message || self.class::DEFAULT_MESSAGE)
+      @detail = detail
+    end
+    def to_s
+      if detail && !detail.empty?
+        "#{super} - Error detail: #{detail}"
+      else
+        super
+      end
+    end
+  end
+  class BadRequest < Error
+    DEFAULT_MESSAGE = "Bad request — invalid resource format"
+  end
+  class Unauthorized < Error
+    DEFAULT_MESSAGE = "Missing or invalid API key"
+  end
+  class Forbidden < Error
+    DEFAULT_MESSAGE = "Forbidden — Check error details"
+  end
+  class NotFound < Error
+    DEFAULT_MESSAGE = "Resource Not found"
+  end
+  class RateLimitExceeded < Error
+    DEFAULT_MESSAGE = "Rate limit exceeded"
+  end
+  class ServiceUnavailable < Error
+    DEFAULT_MESSAGE = "Service unavailable"
+  end
+end

data/lib/have_i_been_pwned_api/models/breaches/breach.rb ADDED Viewed

@@ -0,0 +1,43 @@
+# frozen_string_literal: true
+require "date"
+module HaveIBeenPwnedApi
+  module Models
+    class Breach
+      ATTRS = %w[ Name Title Domain BreachDate AddedDate ModifiedDate
+                  PwnCount Description DataClasses IsVerified
+                  IsFabricated IsSensitive IsRetired IsSpamList
+                  IsMalware IsSubscriptionFree IsStealerLog LogoPath].freeze
+      DATE_FIELDS     = %w[BreachDate].freeze
+      DATETIME_FIELDS = %w[AddedDate ModifiedDate].freeze
+      ATTRS.each do |k|
+        attr_reader Utils::Strings.underscore(k).to_sym
+      end
+      def initialize(attrs)
+        ATTRS.each do |k|
+          key = Utils::Strings.underscore(k)
+          raw = attrs[k]
+          value = parse_date_field(k, raw)
+          instance_variable_set("@#{key}", value)
+        end
+      end
+      private
+      def parse_date_field(field, raw)
+        case field
+        when *DATE_FIELDS
+          raw && Date.iso8601(raw)
+        when *DATETIME_FIELDS
+          raw && DateTime.parse(raw)
+        else
+          raw
+        end
+      end
+    end
+  end
+end

data/lib/have_i_been_pwned_api/models/breaches/breach_collection.rb ADDED Viewed

@@ -0,0 +1,21 @@
+# frozen_string_literal: true
+module HaveIBeenPwnedApi
+  module Models
+    class BreachCollection
+      include Enumerable
+      attr_reader :breaches
+      def initialize(data, truncated: true)
+        @breaches = data.map do |h|
+          if truncated
+            TruncatedBreach.new(h["Name"])
+          else
+            Breach.new(h)
+          end
+        end
+      end
+    end
+  end
+end

data/lib/have_i_been_pwned_api/models/breaches/breached_domain.rb ADDED Viewed

@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+module HaveIBeenPwnedApi
+  module Models
+    class BreachedDomain
+      attr_reader :entries
+      def initialize(attrs)
+        @entries = {}
+        attrs.each do |account_alias, breaches|
+          @entries[account_alias] = breaches
+        end
+      end
+    end
+  end
+end

data/lib/have_i_been_pwned_api/models/breaches/domain.rb ADDED Viewed

@@ -0,0 +1,39 @@
+# frozen_string_literal: true
+require "date"
+module HaveIBeenPwnedApi
+  module Models
+    class Domain
+      ATTRS = %w[ DomainName PwnCount PwnCountExcludingSpamLists
+                  PwnCountExcludingSpamListsAtLastSubscriptionRenewal
+                  NextSubscriptionRenewal ].freeze
+      DATETIME_FIELDS = %w[NextSubscriptionRenewal].freeze
+      ATTRS.each do |k|
+        attr_reader Utils::Strings.underscore(k).to_sym
+      end
+      def initialize(attrs)
+        ATTRS.each do |k|
+          key = Utils::Strings.underscore(k)
+          raw = attrs[k]
+          value = parse_date_field(k, raw)
+          instance_variable_set("@#{key}", value)
+        end
+      end
+      private
+      def parse_date_field(field, raw)
+        case field
+        when *DATETIME_FIELDS
+          raw && DateTime.parse(raw)
+        else
+          raw
+        end
+      end
+    end
+  end
+end

data/lib/have_i_been_pwned_api/models/breaches/truncated_breach.rb ADDED Viewed

@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+module HaveIBeenPwnedApi
+  module Models
+    class TruncatedBreach
+      attr_reader :name
+      def initialize(name)
+        @name = name
+      end
+    end
+  end
+end

data/lib/have_i_been_pwned_api/models/pastes/paste.rb ADDED Viewed

@@ -0,0 +1,37 @@
+# frozen_string_literal: true
+require "date"
+module HaveIBeenPwnedApi
+  module Models
+    class Paste
+      ATTRS = %w[Source Id Title Domain Date EmailCount].freeze
+      DATETIME_FIELDS = %w[Date].freeze
+      ATTRS.each do |k|
+        attr_reader Utils::Strings.underscore(k).to_sym
+      end
+      def initialize(attrs)
+        ATTRS.each do |k|
+          key = Utils::Strings.underscore(k)
+          raw = attrs[k]
+          value = parse_date_field(k, raw)
+          instance_variable_set("@#{key}", value)
+        end
+      end
+      private
+      def parse_date_field(field, raw)
+        case field
+        when *DATETIME_FIELDS
+          raw && DateTime.parse(raw)
+        else
+          raw
+        end
+      end
+    end
+  end
+end

data/lib/have_i_been_pwned_api/models/pastes/paste_collection.rb ADDED Viewed

@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+module HaveIBeenPwnedApi
+  module Models
+    class PasteCollection
+      include Enumerable
+      attr_reader :pastes
+      def initialize(data)
+        @pastes = data.map do |h|
+          Paste.new(h)
+        end
+      end
+    end
+  end
+end

data/lib/have_i_been_pwned_api/models/subscription/subscription_status.rb ADDED Viewed

@@ -0,0 +1,38 @@
+# frozen_string_literal: true
+require "date"
+module HaveIBeenPwnedApi
+  module Models
+    class SubscriptionStatus
+      ATTRS = %w[SubscriptionName Description SubscribedUntil
+                 Rpm DomainSearchMaxBreachedAccounts].freeze
+      DATETIME_FIELDS = %w[SubscribedUntil].freeze
+      ATTRS.each do |k|
+        attr_reader Utils::Strings.underscore(k).to_sym
+      end
+      def initialize(attrs)
+        ATTRS.each do |k|
+          key = Utils::Strings.underscore(k)
+          raw = attrs[k]
+          value = parse_date_field(k, raw)
+          instance_variable_set("@#{key}", value)
+        end
+      end
+      private
+      def parse_date_field(field, raw)
+        case field
+        when *DATETIME_FIELDS
+          raw && DateTime.parse(raw)
+        else
+          raw
+        end
+      end
+    end
+  end
+end

data/lib/have_i_been_pwned_api/models.rb ADDED Viewed

@@ -0,0 +1,14 @@
+# frozen_string_literal: true
+module HaveIBeenPwnedApi
+  module Models
+    autoload :Breach, "have_i_been_pwned_api/models/breaches/breach"
+    autoload :TruncatedBreach, "have_i_been_pwned_api/models/breaches/truncated_breach"
+    autoload :BreachedDomain, "have_i_been_pwned_api/models/breaches/breached_domain"
+    autoload :BreachCollection, "have_i_been_pwned_api/models/breaches/breach_collection"
+    autoload :Domain, "have_i_been_pwned_api/models/breaches/domain"
+    autoload :Paste, "have_i_been_pwned_api/models/pastes/paste"
+    autoload :PasteCollection, "have_i_been_pwned_api/models/pastes/paste_collection"
+    autoload :SubscriptionStatus, "have_i_been_pwned_api/models/subscription/subscription_status"
+  end
+end

data/lib/have_i_been_pwned_api/version.rb ADDED Viewed

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+module HaveIBeenPwnedApi
+  VERSION = "0.1.0"
+end