RubyGems - locked-rb - Versions diffs - 0.0.1 - Mend

locked-rb 0.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (65) hide show

checksums.yaml +7 -0
data/README.md +127 -0
data/lib/locked-rb.rb +3 -0
data/lib/locked.rb +60 -0
data/lib/locked/api.rb +40 -0
data/lib/locked/api/request.rb +37 -0
data/lib/locked/api/request/build.rb +29 -0
data/lib/locked/api/response.rb +40 -0
data/lib/locked/client.rb +66 -0
data/lib/locked/command.rb +5 -0
data/lib/locked/commands/authenticate.rb +23 -0
data/lib/locked/commands/identify.rb +23 -0
data/lib/locked/commands/review.rb +14 -0
data/lib/locked/configuration.rb +75 -0
data/lib/locked/context/default.rb +40 -0
data/lib/locked/context/merger.rb +14 -0
data/lib/locked/context/sanitizer.rb +23 -0
data/lib/locked/errors.rb +41 -0
data/lib/locked/extractors/client_id.rb +17 -0
data/lib/locked/extractors/headers.rb +24 -0
data/lib/locked/extractors/ip.rb +18 -0
data/lib/locked/failover_auth_response.rb +23 -0
data/lib/locked/header_formatter.rb +9 -0
data/lib/locked/review.rb +11 -0
data/lib/locked/secure_mode.rb +11 -0
data/lib/locked/support/hanami.rb +19 -0
data/lib/locked/support/padrino.rb +19 -0
data/lib/locked/support/rails.rb +13 -0
data/lib/locked/support/sinatra.rb +19 -0
data/lib/locked/utils.rb +55 -0
data/lib/locked/utils/cloner.rb +11 -0
data/lib/locked/utils/merger.rb +23 -0
data/lib/locked/utils/timestamp.rb +12 -0
data/lib/locked/validators/not_supported.rb +16 -0
data/lib/locked/validators/present.rb +16 -0
data/lib/locked/version.rb +5 -0
data/spec/lib/Locked/api/request/build_spec.rb +42 -0
data/spec/lib/Locked/api/request_spec.rb +59 -0
data/spec/lib/Locked/api/response_spec.rb +58 -0
data/spec/lib/Locked/api_spec.rb +37 -0
data/spec/lib/Locked/client_spec.rb +226 -0
data/spec/lib/Locked/command_spec.rb +9 -0
data/spec/lib/Locked/commands/authenticate_spec.rb +95 -0
data/spec/lib/Locked/commands/identify_spec.rb +87 -0
data/spec/lib/Locked/commands/review_spec.rb +24 -0
data/spec/lib/Locked/configuration_spec.rb +146 -0
data/spec/lib/Locked/context/default_spec.rb +35 -0
data/spec/lib/Locked/context/merger_spec.rb +23 -0
data/spec/lib/Locked/context/sanitizer_spec.rb +27 -0
data/spec/lib/Locked/extractors/client_id_spec.rb +62 -0
data/spec/lib/Locked/extractors/headers_spec.rb +26 -0
data/spec/lib/Locked/extractors/ip_spec.rb +27 -0
data/spec/lib/Locked/header_formatter_spec.rb +25 -0
data/spec/lib/Locked/review_spec.rb +19 -0
data/spec/lib/Locked/secure_mode_spec.rb +9 -0
data/spec/lib/Locked/utils/cloner_spec.rb +18 -0
data/spec/lib/Locked/utils/merger_spec.rb +13 -0
data/spec/lib/Locked/utils/timestamp_spec.rb +17 -0
data/spec/lib/Locked/utils_spec.rb +156 -0
data/spec/lib/Locked/validators/not_supported_spec.rb +26 -0
data/spec/lib/Locked/validators/present_spec.rb +33 -0
data/spec/lib/Locked/version_spec.rb +5 -0
data/spec/lib/locked_spec.rb +66 -0
data/spec/spec_helper.rb +22 -0
metadata +133 -0

data/lib/locked/utils.rb ADDED Viewed

@@ -0,0 +1,55 @@
+# frozen_string_literal: true
+module Locked
+  module Utils
+    class << self
+      # Returns a new hash with all keys converted to symbols, as long as
+      # they respond to +to_sym+. This includes the keys from the root hash
+      # and from all nested hashes and arrays.
+      #
+      #   hash = { 'person' => { 'name' => 'Rob', 'age' => '28' } }
+      #
+      #   Locked::Hash.deep_symbolize_keys(hash)
+      #   # => {:person=>{:name=>"Rob", :age=>"28"}}
+      def deep_symbolize_keys(object, &block)
+        case object
+        when Hash
+          object.each_with_object({}) do |(key, value), result|
+            result[key.to_sym] = deep_symbolize_keys(value, &block)
+          end
+        when Array
+          object.map { |e| deep_symbolize_keys(e, &block) }
+        else
+          object
+        end
+      end
+      def deep_symbolize_keys!(object, &block)
+        case object
+        when Hash
+          object.keys.each do |key|
+            value = object.delete(key)
+            object[key.to_sym] = deep_symbolize_keys!(value, &block)
+          end
+          object
+        when Array
+          object.map! { |e| deep_symbolize_keys!(e, &block) }
+        else
+          object
+        end
+      end
+      def replace_invalid_characters(arg)
+        if arg.is_a?(::String)
+          arg.encode('UTF-8', invalid: :replace, undef: :replace)
+        elsif arg.is_a?(::Hash)
+          arg.each_with_object({}) { |(k, v), h| h[k] = replace_invalid_characters(v) }
+        elsif arg.is_a?(::Array)
+          arg.map(&method(:replace_invalid_characters))
+        else
+          arg
+        end
+      end
+    end
+  end
+end

data/lib/locked/utils/cloner.rb ADDED Viewed

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+module Locked
+  module Utils
+    class Cloner
+      def self.call(object)
+        Marshal.load(Marshal.dump(object))
+      end
+    end
+  end
+end

data/lib/locked/utils/merger.rb ADDED Viewed

@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+module Locked
+  module Utils
+    class Merger
+      def self.call(base, extra)
+        base_s = Locked::Utils.deep_symbolize_keys(base)
+        extra_s = Locked::Utils.deep_symbolize_keys(extra)
+        extra_s.each do |name, value|
+          if value.nil?
+            base_s.delete(name)
+          elsif value.is_a?(Hash) && base_s[name].is_a?(Hash)
+            base_s[name] = call(base_s[name], value)
+          else
+            base_s[name] = value
+          end
+        end
+        base_s
+      end
+    end
+  end
+end

data/lib/locked/utils/timestamp.rb ADDED Viewed

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+module Locked
+  module Utils
+    # generates proper timestamp
+    class Timestamp
+      def self.call
+        Time.now.utc.iso8601(3)
+      end
+    end
+  end
+end

data/lib/locked/validators/not_supported.rb ADDED Viewed

@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+module Locked
+  module Validators
+    class NotSupported
+      class << self
+        def call(options, keys)
+          keys.each do |key|
+            next unless options.key?(key)
+            raise Locked::InvalidParametersError, "#{key} is/are not supported"
+          end
+        end
+      end
+    end
+  end
+end

data/lib/locked/validators/present.rb ADDED Viewed

@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+module Locked
+  module Validators
+    class Present
+      class << self
+        def call(options, keys)
+          keys.each do |key|
+            next unless options[key].to_s.empty?
+            raise Locked::InvalidParametersError, "#{key} is missing or empty"
+          end
+        end
+      end
+    end
+  end
+end

data/lib/locked/version.rb ADDED Viewed

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+module Locked
+  VERSION = '0.0.1'
+end

data/spec/lib/Locked/api/request/build_spec.rb ADDED Viewed

@@ -0,0 +1,42 @@
+# frozen_string_literal: true
+describe Locked::API::Request::Build do
+  subject(:call) { described_class.call(command, headers, api_key) }
+  let(:headers) { { 'SAMPLE-HEADER' => '1' } }
+  let(:api_key) { 'key' }
+  describe 'call' do
+    # context 'when get' do
+    #   let(:command) { Locked::Commands::Review.build(review_id) }
+    #   let(:review_id) { SecureRandom.uuid }
+    #
+    #   it { expect(call.body).to be_nil }
+    #   it { expect(call.method).to eql('GET') }
+    #   it { expect(call.path).to eql("/api/v1/client#{command.path}") }
+    #   it { expect(call.to_hash).to have_key('authorization') }
+    #   it { expect(call.to_hash).to have_key('sample-header') }
+    #   it { expect(call.to_hash['sample-header']).to eql(['1']) }
+    # end
+    context 'when post' do
+      let(:time) { Time.now.utc.iso8601(3) }
+      let(:command) { Locked::Commands::Authenticate.new({}).build(event: '$login.success', name: "test") }
+      let(:expected_body) do
+        {
+          event: '$login.success',
+          name: "test",
+          # context: {},
+        }
+      end
+      before { allow(Locked::Utils::Timestamp).to receive(:call).and_return(time) }
+      it { expect(call.body).to be_eql(expected_body.to_json) }
+      it { expect(call.method).to eql('POST') }
+      it { expect(call.path).to eql("/api/v1/client/#{command.path}") }
+      it { expect(call.to_hash).to have_key('sample-header') }
+      it { expect(call.to_hash['sample-header']).to eql(['1']) }
+    end
+  end
+end

data/spec/lib/Locked/api/request_spec.rb ADDED Viewed

@@ -0,0 +1,59 @@
+# frozen_string_literal: true
+describe Locked::API::Request do
+  describe '#call' do
+    subject(:call) { described_class.call(command, api_key, headers) }
+    let(:http) { instance_double('Net::HTTP') }
+    let(:request_build) { instance_double('Locked::API::Request::Build') }
+    let(:command) { Locked::Commands::Authenticate.new({}).build(event: '$login.success') }
+    let(:headers) { {} }
+    let(:api_key) { 'key' }
+    let(:expected_headers) { { 'Content-Type' => 'application/json' } }
+    before do
+      allow(described_class).to receive(:http).and_return(http)
+      allow(http).to receive(:request).with(request_build)
+      allow(Locked::API::Request::Build).to receive(:call)
+        .with(command, expected_headers, api_key)
+        .and_return(request_build)
+      call
+    end
+    it do
+      expect(Locked::API::Request::Build).to have_received(:call)
+        .with(command, expected_headers, api_key)
+    end
+    it { expect(http).to have_received(:request).with(request_build) }
+  end
+  describe '#http' do
+    subject(:http) { described_class.http }
+    context 'when ssl false' do
+      before do
+        Locked.config.host = 'localhost'
+        Locked.config.port = 3002
+      end
+      after do
+        Locked.config.host = Locked::Configuration::HOST
+        Locked.config.port = Locked::Configuration::PORT
+      end
+      it { expect(http).to be_instance_of(Net::HTTP) }
+      it { expect(http.address).to eq(Locked.config.host) }
+      it { expect(http.port).to eq(Locked.config.port) }
+      it { expect(http.use_ssl?).to be false }
+      it { expect(http.verify_mode).to be_nil }
+    end
+    context 'when ssl true' do
+      it { expect(http).to be_instance_of(Net::HTTP) }
+      it { expect(http.address).to eq(Locked.config.host) }
+      it { expect(http.port).to eq(Locked.config.port) }
+      it { expect(http.use_ssl?).to be true }
+      it { expect(http.verify_mode).to eq(OpenSSL::SSL::VERIFY_PEER) }
+    end
+  end
+end

data/spec/lib/Locked/api/response_spec.rb ADDED Viewed

@@ -0,0 +1,58 @@
+# frozen_string_literal: true
+describe Locked::API::Response do
+  describe '#call' do
+    subject(:call) { described_class.call(response) }
+    context 'when success' do
+      let(:response) { OpenStruct.new(body: '{"user":1}', code: 200) }
+      it { expect(call).to eql(user: 1) }
+    end
+    context 'when response empty' do
+      let(:response) { OpenStruct.new(body: '', code: 200) }
+      it { expect(call).to eql({}) }
+    end
+    context 'when response nil' do
+      let(:response) { OpenStruct.new(code: 200) }
+      it { expect(call).to eql({}) }
+    end
+    context 'when json is malformed' do
+      let(:response) { OpenStruct.new(body: '{a', code: 200) }
+      it { expect { call }.to raise_error(Locked::ApiError) }
+    end
+  end
+  describe '#verify!' do
+    subject(:verify!) { described_class.verify!(response) }
+    context 'without error when response is 2xx' do
+      let(:response) { OpenStruct.new(code: 200) }
+      it { expect { verify! }.not_to raise_error }
+    end
+    shared_examples 'response_failed' do |code, error|
+      let(:response) { OpenStruct.new(code: code) }
+      it "fail when response is #{code}" do
+        expect { verify! }.to raise_error(error)
+      end
+    end
+    it_behaves_like 'response_failed', '400', Locked::BadRequestError
+    it_behaves_like 'response_failed', '401', Locked::UnauthorizedError
+    it_behaves_like 'response_failed', '403', Locked::ForbiddenError
+    it_behaves_like 'response_failed', '404', Locked::NotFoundError
+    it_behaves_like 'response_failed', '419', Locked::UserUnauthorizedError
+    it_behaves_like 'response_failed', '422', Locked::InvalidParametersError
+    it_behaves_like 'response_failed', '499', Locked::ApiError
+    it_behaves_like 'response_failed', '500', Locked::InternalServerError
+  end
+end

data/spec/lib/Locked/api_spec.rb ADDED Viewed

@@ -0,0 +1,37 @@
+# frozen_string_literal: true
+describe Locked::API do
+  subject(:request) { described_class.request(command) }
+  let(:command) { Locked::Commands::Authenticate.new({}).build(event: '$login.success') }
+  context 'when request timeouts' do
+    before { stub_request(:any, /locked.jp/).to_timeout }
+    it do
+      expect do
+        request
+      end.to raise_error(Locked::RequestError)
+    end
+  end
+  context 'when non-OK response code' do
+    before { stub_request(:any, /locked.jp/).to_return(status: 400) }
+    it do
+      expect do
+        request
+      end.to raise_error(Locked::BadRequestError)
+    end
+  end
+  context 'when no api_key' do
+    before { allow(Locked.config).to receive(:api_key).and_return('') }
+    it do
+      expect do
+        request
+      end.to raise_error(Locked::ConfigurationError)
+    end
+  end
+end

data/spec/lib/Locked/client_spec.rb ADDED Viewed

@@ -0,0 +1,226 @@
+# frozen_string_literal: true
+describe Locked::Client do
+  let(:ip) { '1.2.3.4' }
+  let(:cookie_id) { 'abcd' }
+  let(:ua) { 'Chrome' }
+  let(:env) do
+    Rack::MockRequest.env_for(
+      '/',
+      'HTTP_USER_AGENT' => ua,
+      'HTTP_X_FORWARDED_FOR' => ip,
+      'HTTP_COOKIE' => "__cid=#{cookie_id};other=efgh",
+      'X-LOCKED-API-KEY' => 'key'
+    )
+  end
+  let(:request) { Rack::Request.new(env) }
+  let(:client) { described_class.from_request(request) }
+  let(:request_to_context) { described_class.to_context(request) }
+  let(:client_with_user_timestamp) do
+    described_class.new(request_to_context, timestamp: time_user)
+  end
+  let(:client_with_no_timestamp) { described_class.new(request_to_context) }
+  let(:headers) { { 'X-Forwarded-For' => ip.to_s, 'User-Agent' => ua } }
+  let(:context) do
+    {
+      client_id: 'abcd',
+      active: true,
+      origin: 'web',
+      user_agent: ua,
+      headers: { 'X-Forwarded-For': ip.to_s, 'User-Agent': ua },
+      ip: ip,
+      library: { name: 'locked-rb', version: '0.0.1' }
+    }
+  end
+  let(:time_now) { Time.now }
+  let(:time_auto) { time_now.utc.iso8601(3) }
+  let(:time_user) { (Time.now - 10_000).utc.iso8601(3) }
+  let(:response_body) { {}.to_json }
+  before do
+    Timecop.freeze(time_now)
+    stub_const('Locked::VERSION', '0.0.1')
+    stub_request(:any, /locked.jp/).to_return(status: 200, body: response_body, headers: {})
+  end
+  after { Timecop.return }
+  describe 'parses the request' do
+    before do
+      allow(Locked::API).to receive(:request).and_call_original
+    end
+    it do
+      client.authenticate(event: '$login.success', user_id: '1234')
+      expect(Locked::API).to have_received(:request)
+    end
+  end
+  describe 'to_context' do
+    it do
+      expect(described_class.to_context(request)).to eql(context)
+    end
+  end
+  describe 'to_options' do
+    let(:options) { { user_id: '1234', user_traits: { name: 'Jo' } } }
+    let(:result) { { user_id: '1234', user_traits: { name: 'Jo' }, timestamp: time_auto } }
+    it do
+      expect(described_class.to_options(options)).to eql(result)
+    end
+  end
+  # describe 'identify' do
+  #   let(:request_body) do
+  #     { user_id: '1234', timestamp: time_auto,
+  #       sent_at: time_auto, context: context, user_traits: { name: 'Jo' } }
+  #   end
+  #
+  #   before { client.identify(options) }
+  #
+  #   context 'when used with symbol keys' do
+  #     let(:options) { { user_id: '1234', user_traits: { name: 'Jo' } } }
+  #
+  #     it do
+  #       assert_requested :post, 'https://locked.jp/api/v1/client/identify', times: 1 do |req|
+  #         JSON.parse(req.body) == JSON.parse(request_body.to_json)
+  #       end
+  #     end
+  #
+  #     context 'when passed timestamp in options and no defined timestamp' do
+  #       let(:client) { client_with_no_timestamp }
+  #       let(:options) { { user_id: '1234', user_traits: { name: 'Jo' }, timestamp: time_user } }
+  #       let(:request_body) do
+  #         { user_id: '1234', user_traits: { name: 'Jo' }, context: context,
+  #           timestamp: time_user, sent_at: time_auto }
+  #       end
+  #
+  #       it do
+  #         assert_requested :post, 'https://locked.jp/api/v1/client/identify', times: 1 do |req|
+  #           JSON.parse(req.body) == JSON.parse(request_body.to_json)
+  #         end
+  #       end
+  #     end
+  #
+  #     context 'with client initialized with timestamp' do
+  #       let(:client) { client_with_user_timestamp }
+  #       let(:request_body) do
+  #         { user_id: '1234', timestamp: time_user, sent_at: time_auto,
+  #           context: context, user_traits: { name: 'Jo' } }
+  #       end
+  #
+  #       it do
+  #         assert_requested :post, 'https://locked.jp/api/v1/client/identify', times: 1 do |req|
+  #           JSON.parse(req.body) == JSON.parse(request_body.to_json)
+  #         end
+  #       end
+  #     end
+  #   end
+  #
+  #   context 'when used with string keys' do
+  #     let(:options) { { 'user_id' => '1234', 'user_traits' => { 'name' => 'Jo' } } }
+  #
+  #     it do
+  #       assert_requested :post, 'https://locked.jp/api/v1/client/identify', times: 1 do |req|
+  #         JSON.parse(req.body) == JSON.parse(request_body.to_json)
+  #       end
+  #     end
+  #   end
+  # end
+  describe 'authenticate' do
+    let(:options) { { event: '$login.success', user_id: '1234' } }
+    let(:request_response) { client.authenticate(options) }
+    let(:request_body) do
+      { event: '$login.success', user_id: '1234', timestamp: time_auto }
+    end
+    context 'when used with symbol keys' do
+      before { request_response }
+      it do
+        assert_requested :post, 'https://locked.jp/api/v1/client/authenticate', times: 1 do |req|
+          JSON.parse(req.body) == JSON.parse(request_body.to_json)
+        end
+      end
+      context 'when passed timestamp in options and no defined timestamp' do
+        let(:client) { client_with_no_timestamp }
+        let(:options) { { event: '$login.success', user_id: '1234', timestamp: time_user } }
+        let(:request_body) do
+          { event: '$login.success', user_id: '1234', timestamp: time_user }
+        end
+        it do
+          assert_requested :post, 'https://locked.jp/api/v1/client/authenticate', times: 1 do |req|
+            JSON.parse(req.body) == JSON.parse(request_body.to_json)
+          end
+        end
+      end
+      context 'with client initialized with timestamp' do
+        let(:client) { client_with_user_timestamp }
+        let(:request_body) do
+          { event: '$login.success', user_id: '1234', timestamp: time_user }
+        end
+        it do
+          assert_requested :post, 'https://locked.jp/api/v1/client/authenticate', times: 1 do |req|
+            JSON.parse(req.body) == JSON.parse(request_body.to_json)
+          end
+        end
+      end
+    end
+    context 'when used with string keys' do
+      let(:options) { { 'event' => '$login.success', 'user_id' => '1234' } }
+      before { request_response }
+      it do
+        assert_requested :post, 'https://locked.jp/api/v1/client/authenticate', times: 1 do |req|
+          JSON.parse(req.body) == JSON.parse(request_body.to_json)
+        end
+      end
+    end
+    context 'when request with fail' do
+      before { allow(Locked::API).to receive(:request).and_raise(Locked::RequestError.new(Timeout::Error)) }
+      context 'with request error and throw strategy' do
+        before { allow(Locked.config).to receive(:failover_strategy).and_return(:throw) }
+        it { expect { request_response }.to raise_error(Locked::RequestError) }
+      end
+      context 'with request error and not throw on eg deny strategy' do
+        it { assert_not_requested :post, 'https://locked.jp/api/v1/client/authenticate' }
+        it { expect(request_response[:data][:action]).to be_eql('deny') }
+        it { expect(request_response[:data][:user_id]).to be_eql('1234') }
+        it { expect(request_response[:failover]).to be true }
+        it { expect(request_response[:failover_reason]).to be_eql('Locked::RequestError') }
+      end
+    end
+    context 'when request is internal server error' do
+      before { allow(Locked::API).to receive(:request).and_raise(Locked::InternalServerError) }
+      describe 'throw strategy' do
+        before { allow(Locked.config).to receive(:failover_strategy).and_return(:throw) }
+        it { expect { request_response }.to raise_error(Locked::InternalServerError) }
+      end
+      context 'not throw on eg deny strategy' do
+        it { assert_not_requested :post, 'https://locked.jp/api/v1/client/authenticate' }
+        it { expect(request_response[:data][:action]).to be_eql('deny') }
+        it { expect(request_response[:data][:user_id]).to be_eql('1234') }
+        it { expect(request_response[:failover]).to be true }
+        it { expect(request_response[:failover_reason]).to be_eql('Locked::InternalServerError') }
+      end
+    end
+  end
+end