keeper_secrets_manager 17.0.3

data/lib/keeper_secrets_manager/dto.rb

@@ -0,0 +1,221 @@
+require 'json'
+require 'ostruct'
+require_relative 'dto/payload'
+
+module KeeperSecretsManager
+  module Dto
+    # Base class for dynamic record handling
+    class KeeperRecord
+      attr_accessor :uid, :title, :type, :fields, :custom, :notes, :folder_uid, :data, :revision, :files
+
+      def initialize(attrs = {})
+        if attrs.is_a?(Hash)
+          # Support both raw API response and user-friendly creation
+          @uid = attrs['recordUid'] || attrs['uid'] || attrs[:uid]
+          @folder_uid = attrs['folderUid'] || attrs['folder_uid'] || attrs[:folder_uid]
+          @revision = attrs['revision'] || attrs[:revision] || 0
+          
+          # Handle encrypted data or direct attributes
+          if attrs['data']
+            data = attrs['data'].is_a?(String) ? JSON.parse(attrs['data']) : attrs['data']
+            @title = data['title'] || ''
+            @type = data['type'] || 'login'
+            @fields = data['fields'] || []
+            @custom = data['custom'] || []
+            @notes = data['notes'] || ''
+          else
+            @title = attrs['title'] || attrs[:title] || ''
+            @type = attrs['type'] || attrs[:type] || 'login'
+            @fields = attrs['fields'] || attrs[:fields] || []
+            @custom = attrs['custom'] || attrs[:custom] || []
+            @notes = attrs['notes'] || attrs[:notes] || ''
+          end
+          
+          @files = attrs['files'] || attrs[:files] || []
+          @data = attrs
+        end
+        
+        # Ensure fields are always arrays of hashes
+        normalize_fields!
+      end
+
+      # Convert to hash for API submission
+      def to_h
+        {
+          'uid' => uid,
+          'title' => title,
+          'type' => type,
+          'fields' => fields,
+          'custom' => custom,
+          'notes' => notes,
+          'folder_uid' => folder_uid
+        }.compact
+      end
+
+      # Find field by type or label
+      def get_field(type_or_label, custom_field = false)
+        field_array = custom_field ? custom : fields
+        field_array.find { |f| f['type'] == type_or_label || f['label'] == type_or_label }
+      end
+
+      # Get field value (always returns array)
+      def get_field_value(type_or_label, custom_field = false)
+        field = get_field(type_or_label, custom_field)
+        field ? field['value'] || [] : []
+      end
+
+      # Get single field value (first element)
+      def get_field_value_single(type_or_label, custom_field = false)
+        values = get_field_value(type_or_label, custom_field)
+        values.first
+      end
+
+      # Add or update field
+      def set_field(type, value, label = nil, custom_field = false)
+        field_array = custom_field ? @custom : @fields
+        
+        # Ensure value is an array
+        value = [value] unless value.is_a?(Array)
+        
+        # Find existing field
+        existing = field_array.find { |f| f['type'] == type || (label && f['label'] == label) }
+        
+        if existing
+          existing['value'] = value
+          existing['label'] = label if label
+        else
+          new_field = { 'type' => type, 'value' => value }
+          new_field['label'] = label if label
+          field_array << new_field
+        end
+      end
+
+      # Dynamic field access methods
+      def method_missing(method, *args, &block)
+        method_name = method.to_s
+        
+        # Handle setters
+        if method_name.end_with?('=')
+          field_name = method_name.chomp('=')
+          set_field(field_name, args.first)
+        # Handle getters
+        elsif common_field_types.include?(method_name)
+          get_field_value_single(method_name)
+        else
+          super
+        end
+      end
+
+      def respond_to_missing?(method, include_private = false)
+        method_name = method.to_s.chomp('=')
+        common_field_types.include?(method_name) || super
+      end
+
+      private
+
+      def normalize_fields!
+        @fields = normalize_field_array(@fields)
+        @custom = normalize_field_array(@custom)
+      end
+
+      def normalize_field_array(fields)
+        return [] unless fields.is_a?(Array)
+        
+        fields.map do |field|
+          next field if field.is_a?(Hash)
+          
+          # Convert to hash if needed
+          field.to_h
+        end
+      end
+
+      def common_field_types
+        %w[login password url fileRef oneTimeCode name phone email address 
+           paymentCard bankAccount birthDate secureNote sshKey host 
+           databaseType script passkey]
+      end
+    end
+
+    # Folder representation
+    class KeeperFolder
+      attr_accessor :uid, :name, :parent_uid, :folder_type, :folder_key, :records
+
+      def initialize(attrs = {})
+        @uid = attrs['folderUid'] || attrs['uid'] || attrs[:uid]
+        @name = attrs['name'] || attrs[:name]
+        @parent_uid = attrs['parentUid'] || attrs['parent_uid'] || attrs[:parent_uid] || attrs['parent']
+        @folder_type = attrs['folderType'] || attrs['folder_type'] || attrs[:folder_type] || 'user_folder'
+        @folder_key = attrs['folderKey'] || attrs['folder_key'] || attrs[:folder_key]
+        @records = attrs['records'] || attrs[:records] || []
+      end
+
+      def to_h
+        {
+          'folderUid' => uid,
+          'name' => name,
+          'parentUid' => parent_uid,
+          'folderType' => folder_type
+        }.compact
+      end
+    end
+
+    # File attachment representation
+    class KeeperFile
+      attr_accessor :uid, :name, :title, :mime_type, :size, :data, :url
+
+      def initialize(attrs = {})
+        @uid = attrs['fileUid'] || attrs['uid'] || attrs[:uid]
+        @name = attrs['name'] || attrs[:name]
+        @title = attrs['title'] || attrs[:title] || @name
+        @mime_type = attrs['mimeType'] || attrs['mime_type'] || attrs[:mime_type]
+        @size = attrs['size'] || attrs[:size]
+        @data = attrs['data'] || attrs[:data]
+        @url = attrs['url'] || attrs[:url]
+      end
+
+      def to_h
+        {
+          'fileUid' => uid,
+          'name' => name,
+          'title' => title,
+          'mimeType' => mime_type,
+          'size' => size
+        }.compact
+      end
+    end
+
+    # Response wrapper
+    class SecretsManagerResponse
+      attr_accessor :records, :folders, :app_data, :warnings, :errors, :just_bound
+
+      def initialize(attrs = {})
+        @records = attrs[:records] || []
+        @folders = attrs[:folders] || []
+        @app_data = attrs[:app_data] || {}
+        @warnings = attrs[:warnings] || []
+        @errors = attrs[:errors] || []
+        @just_bound = attrs[:just_bound] || false
+      end
+    end
+
+    # Query options
+    class QueryOptions
+      attr_accessor :records_filter, :folders_filter
+
+      def initialize(records: nil, folders: nil)
+        @records_filter = records
+        @folders_filter = folders
+      end
+    end
+
+    # Create options
+    class CreateOptions
+      attr_accessor :folder_uid, :subfolder_uid
+
+      def initialize(folder_uid: nil, subfolder_uid: nil)
+        @folder_uid = folder_uid
+        @subfolder_uid = subfolder_uid
+      end
+    end
+  end
+end

data/lib/keeper_secrets_manager/errors.rb

@@ -0,0 +1,79 @@
+module KeeperSecretsManager
+  # Base error class for all KSM errors
+  class Error < StandardError; end
+
+  # Configuration errors
+  class ConfigurationError < Error; end
+
+  # Authentication/authorization errors
+  class AuthenticationError < Error; end
+  class AccessDeniedError < AuthenticationError; end
+
+  # API/network errors
+  class NetworkError < Error
+    attr_reader :status_code, :response_body
+
+    def initialize(message, status_code: nil, response_body: nil)
+      super(message)
+      @status_code = status_code
+      @response_body = response_body
+    end
+  end
+
+  # Crypto errors
+  class CryptoError < Error; end
+  class DecryptionError < CryptoError; end
+  class EncryptionError < CryptoError; end
+
+  # Notation errors
+  class NotationError < Error; end
+
+  # Record errors
+  class RecordError < Error; end
+  class RecordNotFoundError < RecordError; end
+  class RecordValidationError < RecordError; end
+
+  # Server errors
+  class ServerError < Error
+    attr_reader :result_code, :message
+
+    def initialize(result_code, message = nil)
+      @result_code = result_code
+      @message = message || "Server error: #{result_code}"
+      super(@message)
+    end
+  end
+
+  # Specific server error types
+  class InvalidClientVersionError < ServerError; end
+  class InvalidTokenError < ServerError; end
+  class BadRequestError < ServerError; end
+  class RecordUidNotFoundError < ServerError; end
+  class FolderUidNotFoundError < ServerError; end
+  class AccessViolationError < ServerError; end
+  class ThrottledError < ServerError; end
+  
+  # Error factory
+  class ErrorFactory
+    def self.from_server_response(result_code, message = nil)
+      case result_code
+      when 'invalid_client_version'
+        InvalidClientVersionError.new(result_code, message)
+      when 'invalid_client', 'invalid_token'
+        InvalidTokenError.new(result_code, message)
+      when 'bad_request'
+        BadRequestError.new(result_code, message)
+      when 'record_uid_not_found'
+        RecordUidNotFoundError.new(result_code, message)
+      when 'folder_uid_not_found'
+        FolderUidNotFoundError.new(result_code, message)
+      when 'access_violation'
+        AccessViolationError.new(result_code, message)
+      when 'throttled'
+        ThrottledError.new(result_code, message)
+      else
+        ServerError.new(result_code, message)
+      end
+    end
+  end
+end

data/lib/keeper_secrets_manager/field_types.rb

@@ -0,0 +1,152 @@
+module KeeperSecretsManager
+  module FieldTypes
+    # Base field helper
+    class Field
+      attr_accessor :type, :label, :value, :required, :privacy_screen
+
+      def initialize(type:, value:, label: nil, required: false, privacy_screen: false)
+        @type = type
+        @label = label
+        @required = required
+        @privacy_screen = privacy_screen
+        
+        # Ensure value is always an array
+        @value = value.is_a?(Array) ? value : [value]
+      end
+
+      def to_h
+        h = { 'type' => type, 'value' => value }
+        h['label'] = label if label
+        h['required'] = required if required
+        h['privacyScreen'] = privacy_screen if privacy_screen
+        h
+      end
+    end
+
+    # Helper methods for creating common fields
+    module Helpers
+      def self.login(value, label: nil)
+        Field.new(type: 'login', value: value, label: label)
+      end
+
+      def self.password(value, label: nil)
+        Field.new(type: 'password', value: value, label: label)
+      end
+
+      def self.url(value, label: nil)
+        Field.new(type: 'url', value: value, label: label)
+      end
+
+      def self.file_ref(value, label: nil)
+        Field.new(type: 'fileRef', value: value, label: label)
+      end
+
+      def self.one_time_code(value, label: nil)
+        Field.new(type: 'oneTimeCode', value: value, label: label)
+      end
+
+      def self.name(first:, last:, middle: nil, label: nil)
+        value = { 'first' => first, 'last' => last }
+        value['middle'] = middle if middle
+        Field.new(type: 'name', value: value, label: label)
+      end
+
+      def self.phone(number:, region: 'US', type: nil, ext: nil, label: nil)
+        value = { 'region' => region, 'number' => number }
+        value['type'] = type if type
+        value['ext'] = ext if ext
+        Field.new(type: 'phone', value: value, label: label)
+      end
+
+      def self.email(email, label: nil)
+        Field.new(type: 'email', value: email, label: label)
+      end
+
+      def self.address(street1:, city:, state:, zip:, country: 'US', street2: nil, label: nil)
+        value = {
+          'street1' => street1,
+          'city' => city,
+          'state' => state,
+          'zip' => zip,
+          'country' => country
+        }
+        value['street2'] = street2 if street2
+        Field.new(type: 'address', value: value, label: label)
+      end
+
+      def self.payment_card(number:, expiration_date:, security_code:, cardholder_name: nil, label: nil)
+        value = {
+          'cardNumber' => number,
+          'cardExpirationDate' => expiration_date,
+          'cardSecurityCode' => security_code
+        }
+        value['cardholderName'] = cardholder_name if cardholder_name
+        Field.new(type: 'paymentCard', value: value, label: label)
+      end
+
+      def self.bank_account(account_type:, routing_number:, account_number:, label: nil)
+        value = {
+          'accountType' => account_type,
+          'routingNumber' => routing_number,
+          'accountNumber' => account_number
+        }
+        Field.new(type: 'bankAccount', value: value, label: label)
+      end
+
+      def self.birth_date(date, label: nil)
+        # Date should be in unix timestamp (milliseconds)
+        timestamp = case date
+                    when Date, Time, DateTime
+                      (date.to_time.to_f * 1000).to_i
+                    when Integer
+                      date
+                    when String
+                      (Date.parse(date).to_time.to_f * 1000).to_i
+                    else
+                      raise ArgumentError, "Invalid date format"
+                    end
+        Field.new(type: 'birthDate', value: timestamp, label: label)
+      end
+
+      def self.secure_note(note, label: nil)
+        Field.new(type: 'secureNote', value: note, label: label)
+      end
+
+      def self.ssh_key(private_key:, public_key: nil, label: nil)
+        value = { 'privateKey' => private_key }
+        value['publicKey'] = public_key if public_key
+        Field.new(type: 'sshKey', value: value, label: label)
+      end
+
+      def self.host(hostname:, port: nil, label: nil)
+        value = { 'hostName' => hostname }
+        value['port'] = port.to_s if port
+        Field.new(type: 'host', value: value, label: label)
+      end
+
+      def self.database_type(type, label: nil)
+        Field.new(type: 'databaseType', value: type, label: label)
+      end
+
+      def self.script(script, label: nil)
+        Field.new(type: 'script', value: script, label: label)
+      end
+
+      def self.passkey(private_key:, credential_id:, rp_id:, user_id:, username:, label: nil)
+        value = {
+          'privateKey' => private_key,
+          'credentialId' => credential_id,
+          'relyingParty' => rp_id,
+          'userId' => user_id,
+          'username' => username
+        }
+        Field.new(type: 'passkey', value: value, label: label)
+      end
+
+      # Generic field for any type
+      def self.custom(type:, value:, label: nil, required: false)
+        Field.new(type: type, value: value, label: label, required: required)
+      end
+    end
+  end
+end

data/lib/keeper_secrets_manager/folder_manager.rb

@@ -0,0 +1,114 @@
+module KeeperSecretsManager
+  class FolderManager
+    def initialize(folders)
+      @folders = folders
+    end
+    
+    # Build a hierarchical tree structure from flat folder list
+    def build_folder_tree
+      # Create a hash for quick lookup
+      folder_map = {}
+      @folders.each { |f| folder_map[f.uid] = f }
+      
+      # Find root folders (no parent) and build tree
+      root_folders = []
+      @folders.each do |folder|
+        if folder.parent_uid.nil? || folder.parent_uid.empty?
+          root_folders << build_node(folder, folder_map)
+        end
+      end
+      
+      root_folders
+    end
+    
+    # Get folder path from root to given folder
+    def get_folder_path(folder_uid)
+      folder = @folders.find { |f| f.uid == folder_uid }
+      return nil unless folder
+      
+      path = []
+      current = folder
+      
+      # Walk up the tree
+      while current
+        path.unshift(current.name)
+        current = @folders.find { |f| f.uid == current.parent_uid }
+      end
+      
+      path.join('/')
+    end
+    
+    # Get all ancestors of a folder (parent, grandparent, etc.)
+    def get_ancestors(folder_uid)
+      ancestors = []
+      folder = @folders.find { |f| f.uid == folder_uid }
+      return ancestors unless folder
+      
+      current_parent_uid = folder.parent_uid
+      while current_parent_uid && !current_parent_uid.empty?
+        parent = @folders.find { |f| f.uid == current_parent_uid }
+        break unless parent
+        
+        ancestors << parent
+        current_parent_uid = parent.parent_uid
+      end
+      
+      ancestors
+    end
+    
+    # Get all descendants of a folder (children, grandchildren, etc.)
+    def get_descendants(folder_uid)
+      descendants = []
+      children = @folders.select { |f| f.parent_uid == folder_uid }
+      
+      children.each do |child|
+        descendants << child
+        descendants.concat(get_descendants(child.uid))
+      end
+      
+      descendants
+    end
+    
+    # Find folder by name (optionally within a parent)
+    def find_folder_by_name(name, parent_uid: nil)
+      if parent_uid
+        @folders.find { |f| f.name == name && f.parent_uid == parent_uid }
+      else
+        @folders.find { |f| f.name == name }
+      end
+    end
+    
+    # Print folder tree to console
+    def print_tree(folders = nil, indent = 0)
+      folders ||= build_folder_tree
+      
+      folders.each do |node|
+        puts "#{' ' * indent}├── #{node[:folder].name} (#{node[:folder].uid})"
+        if node[:folder].records && !node[:folder].records.empty?
+          node[:folder].records.each do |record|
+            puts "#{' ' * (indent + 4)}└─ #{record.title} (#{record.uid})"
+          end
+        end
+        print_tree(node[:children], indent + 4) if node[:children]
+      end
+    end
+    
+    private
+    
+    def build_node(folder, folder_map)
+      node = { 
+        folder: folder,
+        children: []
+      }
+      
+      # Find children
+      @folders.each do |f|
+        if f.parent_uid == folder.uid
+          node[:children] << build_node(f, folder_map)
+        end
+      end
+      
+      node
+    end
+  end
+end

data/lib/keeper_secrets_manager/keeper_globals.rb

@@ -0,0 +1,59 @@
+require_relative 'version'
+
+module KeeperSecretsManager
+  module KeeperGlobals
+    # Client version prefix
+    # **NOTE: 'mb' client version is NOT YET REGISTERED with Keeper servers!**
+    # **TODO: Register 'mb' (Ruby) client with Keeper before production use**
+    # **Currently using 'mr' which is already registered (likely Rust SDK)**
+    CLIENT_VERSION_PREFIX = 'mr'.freeze  # Should be 'mb' for Ruby, but using 'mr' temporarily
+    
+    # Get client version
+    def self.client_version
+      # Use standard version format matching other SDKs
+      # Java: mj17.0.0, Python: mp16.x.x, JavaScript: ms16.x.x, Go: mg16.x.x
+      # Ruby should be: mb17.0.0 (but not registered yet)
+      "#{CLIENT_VERSION_PREFIX}17.0.0"
+    end
+    
+    # Keeper public keys by ID
+    KEEPER_PUBLIC_KEYS = {
+      '1' => 'BK9w6TZFxE6nFNbMfIpULCup2a8xc6w2tUTABjxny7yFmxW0dAEojwC6j6zb5nTlmb1dAx8nwo3qF7RPYGmloRM',
+      '2' => 'BK9w6TZFxE6nFNbMfIpULCup2a8xc6w2tUTABjxny7yFmxW0dAEojwC6j6zb5nTlmb1dAx8nwo3qF7RPYGmloRM',
+      '3' => 'BK9w6TZFxE6nFNbMfIpULCup2a8xc6w2tUTABjxny7yFmxW0dAEojwC6j6zb5nTlmb1dAx8nwo3qF7RPYGmloRM',
+      '4' => 'BK9w6TZFxE6nFNbMfIpULCup2a8xc6w2tUTABjxny7yFmxW0dAEojwC6j6zb5nTlmb1dAx8nwo3qF7RPYGmloRM',
+      '5' => 'BK9w6TZFxE6nFNbMfIpULCup2a8xc6w2tUTABjxny7yFmxW0dAEojwC6j6zb5nTlmb1dAx8nwo3qF7RPYGmloRM',
+      '6' => 'BK9w6TZFxE6nFNbMfIpULCup2a8xc6w2tUTABjxny7yFmxW0dAEojwC6j6zb5nTlmb1dAx8nwo3qF7RPYGmloRM',
+      '7' => 'BK9w6TZFxE6nFNbMfIpULCup2a8xc6w2tUTABjxny7yFmxW0dAEojwC6j6zb5nTlmb1dAx8nwo3qF7RPYGmloRM',
+      '8' => 'BKnhy0obglZJK-igwthNLdknoSXRrGB-mvFRzyb_L-DKKefWjYdFD2888qN1ROczz4n3keYSfKz9Koj90Z6w_tQ',
+      '9' => 'BAsPQdCpLIGXdWNLdAwx-3J5lNqUtKbaOMV56hUj8VzxE2USLHuHHuKDeno0ymJt-acxWV1xPlBfNUShhRTR77g',
+      '10' => 'BNYIh_Sv03nRZUUJveE8d2mxKLIDXv654UbshaItHrCJhd6cT7pdZ_XwbdyxAOCWMkBb9AZ4t1XRCsM8-wkEBRg',
+      '11' => 'BA6uNfeYSvqagwu4TOY6wFK4JyU5C200vJna0lH4PJ-SzGVXej8l9dElyQ58_ljfPs5Rq6zVVXpdDe8A7Y3WRhk',
+      '12' => 'BMjTIlXfohI8TDymsHxo0DqYysCy7yZGJ80WhgOBR4QUd6LBDA6-_318a-jCGW96zxXKMm8clDTKpE8w75KG-FY',
+      '13' => 'BJBDU1P1H21IwIdT2brKkPqbQR0Zl0TIHf7Bz_OO9jaNgIwydMkxt4GpBmkYoprZ_DHUGOrno2faB7pmTR7HhuI',
+      '14' => 'BJFF8j-dH7pDEw_U347w2CBM6xYM8Dk5fPPAktjib-opOqzvvbsER-WDHM4ONCSBf9O_obAHzCyygxmtpktDuiE',
+      '15' => 'BDKyWBvLbyZ-jMueORl3JwJnnEpCiZdN7yUvT0vOyjwpPBCDf6zfL4RWzvSkhAAFnwOni_1tQSl8dfXHbXqXsQ8',
+      '16' => 'BDXyZZnrl0tc2jdC5I61JjwkjK2kr7uet9tZjt8StTiJTAQQmnVOYBgbtP08PWDbecxnHghx3kJ8QXq1XE68y8c',
+      '17' => 'BFX68cb97m9_sweGdOVavFM3j5ot6gveg6xT4BtGahfGhKib-zdZyO9pwvv1cBda9ahkSzo1BQ4NVXp9qRyqVGU'
+    }.freeze
+
+    # Keeper servers by region
+    KEEPER_SERVERS = {
+      'US' => 'keepersecurity.com',
+      'EU' => 'keepersecurity.eu',
+      'AU' => 'keepersecurity.com.au',
+      'GOV' => 'govcloud.keepersecurity.us',
+      'JP' => 'keepersecurity.jp',
+      'CA' => 'keepersecurity.ca'
+    }.freeze
+
+    # Default server (US)
+    DEFAULT_SERVER = KEEPER_SERVERS['US'].freeze
+    
+    # Default public key ID
+    DEFAULT_KEY_ID = '7'.freeze
+    
+    # Logger name
+    LOGGER_NAME = 'keeper_secrets_manager'.freeze
+  end
+end