locked-rb 0.0.1

data/lib/locked/commands/identify.rb

@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+module Locked
+  module Commands
+    class Identify
+      def initialize(context)
+        @context = context
+      end
+
+      def build(options = {})
+        Locked::Validators::NotSupported.call(options, %i[properties])
+        context = Locked::Context::Merger.call(@context, options[:context])
+        context = Locked::Context::Sanitizer.call(context)
+
+        Locked::Command.new(
+          'identify',
+          options.merge(context: context),
+          :post
+        )
+      end
+    end
+  end
+end

data/lib/locked/commands/review.rb

@@ -0,0 +1,14 @@
+# frozen_string_literal: true
+
+module Locked
+  module Commands
+    class Review
+      class << self
+        def build(review_id)
+          Locked::Validators::Present.call({ review_id: review_id }, %i[review_id])
+          Locked::Command.new("reviews/#{review_id}", nil, :get)
+        end
+      end
+    end
+  end
+end

data/lib/locked/configuration.rb

@@ -0,0 +1,75 @@
+# frozen_string_literal: true
+
+module Locked
+  # manages configuration variables
+  class Configuration
+    HOST = ENV['RAILS_ENV'] == 'development' ? 'localhost' : 'locked.jp'
+    PORT = ENV['RAILS_ENV'] == 'development' ? 3000 : 443
+    URL_PREFIX = 'api/v1/client'
+    FAILOVER_STRATEGY = :deny
+    REQUEST_TIMEOUT = 1000 # in milliseconds
+    FAILOVER_STRATEGIES = %i[allow deny throw].freeze
+    WHITELISTED = [
+      'User-Agent',
+      'Accept-Language',
+      'Accept-Encoding',
+      'Accept-Charset',
+      'Accept',
+      'Accept-Datetime',
+      'X-Forwarded-For',
+      'Forwarded',
+      'X-Forwarded',
+      'X-Real-IP',
+      'REMOTE_ADDR',
+      'X-Forwarded-For',
+      'CF_CONNECTING_IP'
+    ].freeze
+    BLACKLISTED = ['HTTP_COOKIE'].freeze
+
+    attr_accessor :host, :port, :request_timeout, :url_prefix
+    attr_reader :api_key, :whitelisted, :blacklisted, :failover_strategy
+
+    def initialize
+      @formatter = Locked::HeaderFormatter.new
+      @request_timeout = REQUEST_TIMEOUT
+      self.failover_strategy = FAILOVER_STRATEGY
+      self.host = HOST
+      self.port = PORT
+      self.url_prefix = URL_PREFIX
+      self.whitelisted = WHITELISTED
+      self.blacklisted = BLACKLISTED
+      self.api_key = ''
+    end
+
+    def api_key=(value)
+      @api_key = ENV.fetch('X_LOCKED_API_KEY', value).to_s
+    end
+
+    def whitelisted=(value)
+      @whitelisted = (value ? value.map { |header| @formatter.call(header) } : []).freeze
+    end
+
+    def blacklisted=(value)
+      @blacklisted = (value ? value.map { |header| @formatter.call(header) } : []).freeze
+    end
+
+    def valid?
+      !api_key.to_s.empty? && !host.to_s.empty? && !port.to_s.empty?
+    end
+
+    def failover_strategy=(value)
+      @failover_strategy = FAILOVER_STRATEGIES.detect { |strategy| strategy == value.to_sym }
+      raise Locked::ConfigurationError, 'unrecognized failover strategy' if @failover_strategy.nil?
+    end
+
+    private
+
+    def respond_to_missing?(method_name, _include_private)
+      /^(\w+)=$/ =~ method_name
+    end
+
+    def method_missing(setting, *_args)
+      raise Locked::ConfigurationError, "there is no such a config #{setting}"
+    end
+  end
+end

data/lib/locked/context/default.rb

@@ -0,0 +1,40 @@
+# frozen_string_literal: true
+
+module Locked
+  module Context
+    class Default
+      def initialize(request, cookies = nil)
+        @client_id = Extractors::ClientId.new(request, cookies || request.cookies).call
+        @headers = Extractors::Headers.new(request).call
+        @request_ip = Extractors::IP.new(request).call
+      end
+
+      def call
+        defaults.merge!(additional_defaults)
+      end
+
+      private
+
+      def defaults
+        {
+          client_id: @client_id,
+          active: true,
+          origin: 'web',
+          headers: @headers,
+          ip: @request_ip,
+          library: {
+            name: 'locked-rb',
+            version: Locked::VERSION
+          }
+        }
+      end
+
+      def additional_defaults
+        {}.tap do |result|
+          result[:locale] = @headers['Accept-Language'] if @headers['Accept-Language']
+          result[:user_agent] = @headers['User-Agent'] if @headers['User-Agent']
+        end
+      end
+    end
+  end
+end

data/lib/locked/context/merger.rb

@@ -0,0 +1,14 @@
+# frozen_string_literal: true
+
+module Locked
+  module Context
+    class Merger
+      class << self
+        def call(initial_context, request_context)
+          main_context = Locked::Utils::Cloner.call(initial_context)
+          Locked::Utils::Merger.call(main_context, request_context || {})
+        end
+      end
+    end
+  end
+end

data/lib/locked/context/sanitizer.rb

@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+module Locked
+  module Context
+    # removes not proper active flag values
+    class Sanitizer
+      class << self
+        def call(context)
+          sanitized_active_mode(context) || {}
+        end
+
+        private
+
+        def sanitized_active_mode(context)
+          return unless context
+          return context unless context.key?(:active)
+          return context if [true, false].include?(context[:active])
+          context.reject { |key| key == :active }
+        end
+      end
+    end
+  end
+end

data/lib/locked/errors.rb

@@ -0,0 +1,41 @@
+# frozen_string_literal: true
+
+module Locked
+  # general error
+  class Error < RuntimeError; end
+  # Raised when anything is wrong with the request (any unhappy path)
+  # This error indicates that either we would wait too long for a response or something
+  # else happened somewhere in the middle and we weren't able to get the results
+  class RequestError < Locked::Error
+    attr_reader :reason
+
+    # @param reason [Exception] the core exception that causes this error
+    def initialize(reason)
+      @reason = reason
+    end
+  end
+  # security error
+  class SecurityError < Locked::Error; end
+  # wrong configuration error
+  class ConfigurationError < Locked::Error; end
+  # error returned by api
+  class ApiError < Locked::Error; end
+
+  # api error bad request 400
+  class BadRequestError < Locked::ApiError; end
+  # api error forbidden 403
+  class ForbiddenError < Locked::ApiError; end
+  # api error not found 404
+  class NotFoundError < Locked::ApiError; end
+  # api error user unauthorized 419
+  class UserUnauthorizedError < Locked::ApiError; end
+  # api error invalid param 422
+  class InvalidParametersError < Locked::ApiError; end
+  # api error unauthorized 401
+  class UnauthorizedError < Locked::ApiError; end
+  # all internal server errors
+  class InternalServerError < Locked::ApiError; end
+
+  # impersonation command failed
+  class ImpersonationFailed < Locked::ApiError; end
+end

data/lib/locked/extractors/client_id.rb

@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+module Locked
+  module Extractors
+    # used for extraction of cookies and headers from the request
+    class ClientId
+      def initialize(request, cookies)
+        @request = request
+        @cookies = cookies || {}
+      end
+
+      def call
+        @request.env['HTTP_X_LOCKED_CLIENT_ID'] || @cookies['__cid'] || ''
+      end
+    end
+  end
+end

data/lib/locked/extractors/headers.rb

@@ -0,0 +1,24 @@
+# frozen_string_literal: true
+
+module Locked
+  module Extractors
+    # used for extraction of cookies and headers from the request
+    class Headers
+      def initialize(request)
+        @request = request
+        @request_env = @request.env
+        @formatter = HeaderFormatter.new
+      end
+
+      # Serialize HTTP headers
+      def call
+        @request_env.keys.each_with_object({}) do |header, acc|
+          name = @formatter.call(header)
+          next unless Locked.config.whitelisted.include?(name)
+          next if Locked.config.blacklisted.include?(name)
+          acc[name] = @request_env[header]
+        end
+      end
+    end
+  end
+end

data/lib/locked/extractors/ip.rb

@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+
+module Locked
+  module Extractors
+    # used for extraction of ip from the request
+    class IP
+      def initialize(request)
+        @request = request
+      end
+
+      def call
+        return @request.env['HTTP_CF_CONNECTING_IP'] if @request.env['HTTP_CF_CONNECTING_IP']
+        return @request.remote_ip if @request.respond_to?(:remote_ip)
+        @request.ip
+      end
+    end
+  end
+end

data/lib/locked/failover_auth_response.rb

@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+module Locked
+  # generate failover authentication response
+  class FailoverAuthResponse
+    def initialize(user_id, strategy: Locked.config.failover_strategy, reason:)
+      @strategy = strategy
+      @reason = reason
+      @user_id = user_id
+    end
+
+    def generate
+      {
+        data: {
+            action: @strategy.to_s,
+            user_id: @user_id,
+        },
+        failover: true,
+        failover_reason: @reason
+      }
+    end
+  end
+end

data/lib/locked/header_formatter.rb

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+module Locked
+  class HeaderFormatter
+    def call(header)
+      header.to_s.gsub(/^HTTP(?:_|-)/i, '').split(/_|-/).map(&:capitalize).join('-')
+    end
+  end
+end

data/lib/locked/review.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+module Locked
+  class Review
+    def self.retrieve(review_id)
+      Locked::API.request(
+        Locked::Commands::Review.build(review_id)
+      )
+    end
+  end
+end

data/lib/locked/secure_mode.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+require 'openssl'
+
+module Locked
+  module SecureMode
+    def self.signature(user_id)
+      OpenSSL::HMAC.hexdigest('sha256', Locked.config.api_key, user_id.to_s)
+    end
+  end
+end

data/lib/locked/support/hanami.rb

@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+
+module Locked
+  module Hanami
+    module Action
+      def locked
+        @locked ||= ::Locked::Client.from_request(request, cookies: (cookies if defined? cookies))
+      end
+    end
+
+    def self.included(base)
+      base.configure do
+        controller.prepare do
+          include Locked::Hanami::Action
+        end
+      end
+    end
+  end
+end

data/lib/locked/support/padrino.rb

@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+
+module Padrino
+  class Application
+    module Locked
+      module Helpers
+        def locked
+          @locked ||= ::Locked::Client.from_request(request)
+        end
+      end
+
+      def self.registered(app)
+        app.helpers Helpers
+      end
+    end
+
+    register locked
+  end
+end

data/lib/locked/support/rails.rb

@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+module Locked
+  module LockedClient
+    def locked
+      @locked ||= request.env['locked'] || Locked::Client.from_request(request)
+    end
+  end
+
+  ActiveSupport.on_load(:action_controller) do
+    include LockedClient
+  end
+end

data/lib/locked/support/sinatra.rb

@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+
+require 'sinatra/base'
+
+module Sinatra
+  module Locked
+    module Helpers
+      def locked
+        @locked ||= ::Locked::Client.from_request(request)
+      end
+    end
+
+    def self.registered(app)
+      app.helpers Locked::Helpers
+    end
+  end
+
+  register locked
+end