RubyGems - locked-rb - Versions diffs - 0.0.1 - Mend

locked-rb 0.0.1

Files changed (65) hide show

checksums.yaml +7 -0
data/README.md +127 -0
data/lib/locked-rb.rb +3 -0
data/lib/locked.rb +60 -0
data/lib/locked/api.rb +40 -0
data/lib/locked/api/request.rb +37 -0
data/lib/locked/api/request/build.rb +29 -0
data/lib/locked/api/response.rb +40 -0
data/lib/locked/client.rb +66 -0
data/lib/locked/command.rb +5 -0
data/lib/locked/commands/authenticate.rb +23 -0
data/lib/locked/commands/identify.rb +23 -0
data/lib/locked/commands/review.rb +14 -0
data/lib/locked/configuration.rb +75 -0
data/lib/locked/context/default.rb +40 -0
data/lib/locked/context/merger.rb +14 -0
data/lib/locked/context/sanitizer.rb +23 -0
data/lib/locked/errors.rb +41 -0
data/lib/locked/extractors/client_id.rb +17 -0
data/lib/locked/extractors/headers.rb +24 -0
data/lib/locked/extractors/ip.rb +18 -0
data/lib/locked/failover_auth_response.rb +23 -0
data/lib/locked/header_formatter.rb +9 -0
data/lib/locked/review.rb +11 -0
data/lib/locked/secure_mode.rb +11 -0
data/lib/locked/support/hanami.rb +19 -0
data/lib/locked/support/padrino.rb +19 -0
data/lib/locked/support/rails.rb +13 -0
data/lib/locked/support/sinatra.rb +19 -0
data/lib/locked/utils.rb +55 -0
data/lib/locked/utils/cloner.rb +11 -0
data/lib/locked/utils/merger.rb +23 -0
data/lib/locked/utils/timestamp.rb +12 -0
data/lib/locked/validators/not_supported.rb +16 -0
data/lib/locked/validators/present.rb +16 -0
data/lib/locked/version.rb +5 -0
data/spec/lib/Locked/api/request/build_spec.rb +42 -0
data/spec/lib/Locked/api/request_spec.rb +59 -0
data/spec/lib/Locked/api/response_spec.rb +58 -0
data/spec/lib/Locked/api_spec.rb +37 -0
data/spec/lib/Locked/client_spec.rb +226 -0
data/spec/lib/Locked/command_spec.rb +9 -0
data/spec/lib/Locked/commands/authenticate_spec.rb +95 -0
data/spec/lib/Locked/commands/identify_spec.rb +87 -0
data/spec/lib/Locked/commands/review_spec.rb +24 -0
data/spec/lib/Locked/configuration_spec.rb +146 -0
data/spec/lib/Locked/context/default_spec.rb +35 -0
data/spec/lib/Locked/context/merger_spec.rb +23 -0
data/spec/lib/Locked/context/sanitizer_spec.rb +27 -0
data/spec/lib/Locked/extractors/client_id_spec.rb +62 -0
data/spec/lib/Locked/extractors/headers_spec.rb +26 -0
data/spec/lib/Locked/extractors/ip_spec.rb +27 -0
data/spec/lib/Locked/header_formatter_spec.rb +25 -0
data/spec/lib/Locked/review_spec.rb +19 -0
data/spec/lib/Locked/secure_mode_spec.rb +9 -0
data/spec/lib/Locked/utils/cloner_spec.rb +18 -0
data/spec/lib/Locked/utils/merger_spec.rb +13 -0
data/spec/lib/Locked/utils/timestamp_spec.rb +17 -0
data/spec/lib/Locked/utils_spec.rb +156 -0
data/spec/lib/Locked/validators/not_supported_spec.rb +26 -0
data/spec/lib/Locked/validators/present_spec.rb +33 -0
data/spec/lib/Locked/version_spec.rb +5 -0
data/spec/lib/locked_spec.rb +66 -0
data/spec/spec_helper.rb +22 -0
metadata +133 -0

data/lib/locked/utils.rb ADDED Viewed

@@ -0,0 +1,55 @@
+# frozen_string_literal: true
+module Locked
+  module Utils
+    class << self
+      # Returns a new hash with all keys converted to symbols, as long as
+      # they respond to +to_sym+. This includes the keys from the root hash
+      # and from all nested hashes and arrays.
+      #
+      #   hash = { 'person' => { 'name' => 'Rob', 'age' => '28' } }
+      #
+      #   Locked::Hash.deep_symbolize_keys(hash)
+      #   # => {:person=>{:name=>"Rob", :age=>"28"}}
+      def deep_symbolize_keys(object, &block)
+        case object
+        when Hash
+          object.each_with_object({}) do |(key, value), result|
+            result[key.to_sym] = deep_symbolize_keys(value, &block)
+          end
+        when Array
+          object.map { |e| deep_symbolize_keys(e, &block) }
+        else
+          object
+        end
+      end
+      def deep_symbolize_keys!(object, &block)
+        case object
+        when Hash
+          object.keys.each do |key|
+            value = object.delete(key)
+            object[key.to_sym] = deep_symbolize_keys!(value, &block)
+          end
+          object
+        when Array
+          object.map! { |e| deep_symbolize_keys!(e, &block) }
+        else
+          object
+        end
+      end
+      def replace_invalid_characters(arg)
+        if arg.is_a?(::String)
+          arg.encode('UTF-8', invalid: :replace, undef: :replace)
+        elsif arg.is_a?(::Hash)
+          arg.each_with_object({}) { |(k, v), h| h[k] = replace_invalid_characters(v) }
+        elsif arg.is_a?(::Array)
+          arg.map(&method(:replace_invalid_characters))
+        else
+          arg
+        end
+      end
+    end
+  end
+end

data/lib/locked/utils/cloner.rb ADDED Viewed

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+module Locked
+  module Utils
+    class Cloner
+      def self.call(object)
+        Marshal.load(Marshal.dump(object))
+      end
+    end
+  end
+end

data/lib/locked/utils/merger.rb ADDED Viewed

@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+module Locked
+  module Utils
+    class Merger
+      def self.call(base, extra)
+        base_s = Locked::Utils.deep_symbolize_keys(base)
+        extra_s = Locked::Utils.deep_symbolize_keys(extra)
+        extra_s.each do |name, value|
+          if value.nil?
+            base_s.delete(name)
+          elsif value.is_a?(Hash) && base_s[name].is_a?(Hash)
+            base_s[name] = call(base_s[name], value)
+          else
+            base_s[name] = value
+          end
+        end
+        base_s
+      end
+    end
+  end
+end

data/lib/locked/utils/timestamp.rb ADDED Viewed

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+module Locked
+  module Utils
+    # generates proper timestamp
+    class Timestamp
+      def self.call
+        Time.now.utc.iso8601(3)
+      end
+    end
+  end
+end

data/lib/locked/validators/not_supported.rb ADDED Viewed

@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+module Locked
+  module Validators
+    class NotSupported
+      class << self
+        def call(options, keys)
+          keys.each do |key|
+            next unless options.key?(key)
+            raise Locked::InvalidParametersError, "#{key} is/are not supported"
+          end
+        end
+      end
+    end
+  end
+end

data/lib/locked/validators/present.rb ADDED Viewed

@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+module Locked
+  module Validators
+    class Present
+      class << self
+        def call(options, keys)
+          keys.each do |key|
+            next unless options[key].to_s.empty?
+            raise Locked::InvalidParametersError, "#{key} is missing or empty"
+          end
+        end
+      end
+    end
+  end
+end

data/lib/locked/version.rb ADDED Viewed

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+module Locked
+  VERSION = '0.0.1'
+end

data/spec/lib/Locked/api/request/build_spec.rb ADDED Viewed

@@ -0,0 +1,42 @@
+# frozen_string_literal: true
+describe Locked::API::Request::Build do
+  subject(:call) { described_class.call(command, headers, api_key) }
+  let(:headers) { { 'SAMPLE-HEADER' => '1' } }
+  let(:api_key) { 'key' }
+  describe 'call' do
+    # context 'when get' do
+    #   let(:command) { Locked::Commands::Review.build(review_id) }
+    #   let(:review_id) { SecureRandom.uuid }
+    #
+    #   it { expect(call.body).to be_nil }
+    #   it { expect(call.method).to eql('GET') }
+    #   it { expect(call.path).to eql("/api/v1/client#{command.path}") }
+    #   it { expect(call.to_hash).to have_key('authorization') }
+    #   it { expect(call.to_hash).to have_key('sample-header') }
+    #   it { expect(call.to_hash['sample-header']).to eql(['1']) }
+    # end
+    context 'when post' do
+      let(:time) { Time.now.utc.iso8601(3) }
+      let(:command) { Locked::Commands::Authenticate.new({}).build(event: '$login.success', name: "test") }
+      let(:expected_body) do
+        {
+          event: '$login.success',
+          name: "test",
+          # context: {},
+        }
+      end
+      before { allow(Locked::Utils::Timestamp).to receive(:call).and_return(time) }
+      it { expect(call.body).to be_eql(expected_body.to_json) }
+      it { expect(call.method).to eql('POST') }
+      it { expect(call.path).to eql("/api/v1/client/#{command.path}") }
+      it { expect(call.to_hash).to have_key('sample-header') }
+      it { expect(call.to_hash['sample-header']).to eql(['1']) }
+    end
+  end
+end

data/spec/lib/Locked/api/request_spec.rb ADDED Viewed

@@ -0,0 +1,59 @@
+# frozen_string_literal: true
+describe Locked::API::Request do
+  describe '#call' do
+    subject(:call) { described_class.call(command, api_key, headers) }
+    let(:http) { instance_double('Net::HTTP') }
+    let(:request_build) { instance_double('Locked::API::Request::Build') }
+    let(:command) { Locked::Commands::Authenticate.new({}).build(event: '$login.success') }
+    let(:headers) { {} }
+    let(:api_key) { 'key' }
+    let(:expected_headers) { { 'Content-Type' => 'application/json' } }
+    before do
+      allow(described_class).to receive(:http).and_return(http)
+      allow(http).to receive(:request).with(request_build)
+      allow(Locked::API::Request::Build).to receive(:call)
+        .with(command, expected_headers, api_key)
+        .and_return(request_build)
+      call
+    end
+    it do
+      expect(Locked::API::Request::Build).to have_received(:call)
+        .with(command, expected_headers, api_key)
+    end
+    it { expect(http).to have_received(:request).with(request_build) }
+  end
+  describe '#http' do
+    subject(:http) { described_class.http }
+    context 'when ssl false' do
+      before do
+        Locked.config.host = 'localhost'
+        Locked.config.port = 3002
+      end
+      after do
+        Locked.config.host = Locked::Configuration::HOST
+        Locked.config.port = Locked::Configuration::PORT
+      end
+      it { expect(http).to be_instance_of(Net::HTTP) }
+      it { expect(http.address).to eq(Locked.config.host) }
+      it { expect(http.port).to eq(Locked.config.port) }
+      it { expect(http.use_ssl?).to be false }
+      it { expect(http.verify_mode).to be_nil }
+    end
+    context 'when ssl true' do
+      it { expect(http).to be_instance_of(Net::HTTP) }
+      it { expect(http.address).to eq(Locked.config.host) }
+      it { expect(http.port).to eq(Locked.config.port) }
+      it { expect(http.use_ssl?).to be true }
+      it { expect(http.verify_mode).to eq(OpenSSL::SSL::VERIFY_PEER) }
+    end
+  end
+end

data/spec/lib/Locked/api/response_spec.rb ADDED Viewed

@@ -0,0 +1,58 @@
+# frozen_string_literal: true
+describe Locked::API::Response do
+  describe '#call' do
+    subject(:call) { described_class.call(response) }
+    context 'when success' do
+      let(:response) { OpenStruct.new(body: '{"user":1}', code: 200) }
+      it { expect(call).to eql(user: 1) }
+    end
+    context 'when response empty' do
+      let(:response) { OpenStruct.new(body: '', code: 200) }
+      it { expect(call).to eql({}) }
+    end
+    context 'when response nil' do
+      let(:response) { OpenStruct.new(code: 200) }
+      it { expect(call).to eql({}) }
+    end
+    context 'when json is malformed' do
+      let(:response) { OpenStruct.new(body: '{a', code: 200) }
+      it { expect { call }.to raise_error(Locked::ApiError) }
+    end
+  end
+  describe '#verify!' do
+    subject(:verify!) { described_class.verify!(response) }
+    context 'without error when response is 2xx' do
+      let(:response) { OpenStruct.new(code: 200) }
+      it { expect { verify! }.not_to raise_error }
+    end
+    shared_examples 'response_failed' do |code, error|
+      let(:response) { OpenStruct.new(code: code) }
+      it "fail when response is #{code}" do
+        expect { verify! }.to raise_error(error)
+      end
+    end
+    it_behaves_like 'response_failed', '400', Locked::BadRequestError
+    it_behaves_like 'response_failed', '401', Locked::UnauthorizedError
+    it_behaves_like 'response_failed', '403', Locked::ForbiddenError
+    it_behaves_like 'response_failed', '404', Locked::NotFoundError
+    it_behaves_like 'response_failed', '419', Locked::UserUnauthorizedError
+    it_behaves_like 'response_failed', '422', Locked::InvalidParametersError
+    it_behaves_like 'response_failed', '499', Locked::ApiError
+    it_behaves_like 'response_failed', '500', Locked::InternalServerError
+  end
+end

data/spec/lib/Locked/api_spec.rb ADDED Viewed

@@ -0,0 +1,37 @@
+# frozen_string_literal: true
+describe Locked::API do
+  subject(:request) { described_class.request(command) }
+  let(:command) { Locked::Commands::Authenticate.new({}).build(event: '$login.success') }
+  context 'when request timeouts' do
+    before { stub_request(:any, /locked.jp/).to_timeout }
+    it do
+      expect do
+        request
+      end.to raise_error(Locked::RequestError)
+    end
+  end
+  context 'when non-OK response code' do
+    before { stub_request(:any, /locked.jp/).to_return(status: 400) }
+    it do
+      expect do
+        request
+      end.to raise_error(Locked::BadRequestError)
+    end
+  end
+  context 'when no api_key' do
+    before { allow(Locked.config).to receive(:api_key).and_return('') }
+    it do
+      expect do
+        request
+      end.to raise_error(Locked::ConfigurationError)
+    end
+  end
+end

data/spec/lib/Locked/client_spec.rb ADDED Viewed

@@ -0,0 +1,226 @@
+# frozen_string_literal: true
+describe Locked::Client do
+  let(:ip) { '1.2.3.4' }
+  let(:cookie_id) { 'abcd' }
+  let(:ua) { 'Chrome' }
+  let(:env) do
+    Rack::MockRequest.env_for(
+      '/',
+      'HTTP_USER_AGENT' => ua,
+      'HTTP_X_FORWARDED_FOR' => ip,
+      'HTTP_COOKIE' => "__cid=#{cookie_id};other=efgh",
+      'X-LOCKED-API-KEY' => 'key'
+    )
+  end
+  let(:request) { Rack::Request.new(env) }
+  let(:client) { described_class.from_request(request) }
+  let(:request_to_context) { described_class.to_context(request) }
+  let(:client_with_user_timestamp) do
+    described_class.new(request_to_context, timestamp: time_user)
+  end
+  let(:client_with_no_timestamp) { described_class.new(request_to_context) }
+  let(:headers) { { 'X-Forwarded-For' => ip.to_s, 'User-Agent' => ua } }
+  let(:context) do
+    {
+      client_id: 'abcd',
+      active: true,
+      origin: 'web',
+      user_agent: ua,
+      headers: { 'X-Forwarded-For': ip.to_s, 'User-Agent': ua },
+      ip: ip,
+      library: { name: 'locked-rb', version: '0.0.1' }
+    }
+  end
+  let(:time_now) { Time.now }
+  let(:time_auto) { time_now.utc.iso8601(3) }
+  let(:time_user) { (Time.now - 10_000).utc.iso8601(3) }
+  let(:response_body) { {}.to_json }
+  before do
+    Timecop.freeze(time_now)
+    stub_const('Locked::VERSION', '0.0.1')
+    stub_request(:any, /locked.jp/).to_return(status: 200, body: response_body, headers: {})
+  end
+  after { Timecop.return }
+  describe 'parses the request' do
+    before do
+      allow(Locked::API).to receive(:request).and_call_original
+    end
+    it do
+      client.authenticate(event: '$login.success', user_id: '1234')
+      expect(Locked::API).to have_received(:request)
+    end
+  end
+  describe 'to_context' do
+    it do
+      expect(described_class.to_context(request)).to eql(context)
+    end
+  end
+  describe 'to_options' do
+    let(:options) { { user_id: '1234', user_traits: { name: 'Jo' } } }
+    let(:result) { { user_id: '1234', user_traits: { name: 'Jo' }, timestamp: time_auto } }
+    it do
+      expect(described_class.to_options(options)).to eql(result)
+    end
+  end
+  # describe 'identify' do
+  #   let(:request_body) do
+  #     { user_id: '1234', timestamp: time_auto,
+  #       sent_at: time_auto, context: context, user_traits: { name: 'Jo' } }
+  #   end
+  #
+  #   before { client.identify(options) }
+  #
+  #   context 'when used with symbol keys' do
+  #     let(:options) { { user_id: '1234', user_traits: { name: 'Jo' } } }
+  #
+  #     it do
+  #       assert_requested :post, 'https://locked.jp/api/v1/client/identify', times: 1 do |req|
+  #         JSON.parse(req.body) == JSON.parse(request_body.to_json)
+  #       end
+  #     end
+  #
+  #     context 'when passed timestamp in options and no defined timestamp' do
+  #       let(:client) { client_with_no_timestamp }
+  #       let(:options) { { user_id: '1234', user_traits: { name: 'Jo' }, timestamp: time_user } }
+  #       let(:request_body) do
+  #         { user_id: '1234', user_traits: { name: 'Jo' }, context: context,
+  #           timestamp: time_user, sent_at: time_auto }
+  #       end
+  #
+  #       it do
+  #         assert_requested :post, 'https://locked.jp/api/v1/client/identify', times: 1 do |req|
+  #           JSON.parse(req.body) == JSON.parse(request_body.to_json)
+  #         end
+  #       end
+  #     end
+  #
+  #     context 'with client initialized with timestamp' do
+  #       let(:client) { client_with_user_timestamp }
+  #       let(:request_body) do
+  #         { user_id: '1234', timestamp: time_user, sent_at: time_auto,
+  #           context: context, user_traits: { name: 'Jo' } }
+  #       end
+  #
+  #       it do
+  #         assert_requested :post, 'https://locked.jp/api/v1/client/identify', times: 1 do |req|
+  #           JSON.parse(req.body) == JSON.parse(request_body.to_json)
+  #         end
+  #       end
+  #     end
+  #   end
+  #
+  #   context 'when used with string keys' do
+  #     let(:options) { { 'user_id' => '1234', 'user_traits' => { 'name' => 'Jo' } } }
+  #
+  #     it do
+  #       assert_requested :post, 'https://locked.jp/api/v1/client/identify', times: 1 do |req|
+  #         JSON.parse(req.body) == JSON.parse(request_body.to_json)
+  #       end
+  #     end
+  #   end
+  # end
+  describe 'authenticate' do
+    let(:options) { { event: '$login.success', user_id: '1234' } }
+    let(:request_response) { client.authenticate(options) }
+    let(:request_body) do
+      { event: '$login.success', user_id: '1234', timestamp: time_auto }
+    end
+    context 'when used with symbol keys' do
+      before { request_response }
+      it do
+        assert_requested :post, 'https://locked.jp/api/v1/client/authenticate', times: 1 do |req|
+          JSON.parse(req.body) == JSON.parse(request_body.to_json)
+        end
+      end
+      context 'when passed timestamp in options and no defined timestamp' do
+        let(:client) { client_with_no_timestamp }
+        let(:options) { { event: '$login.success', user_id: '1234', timestamp: time_user } }
+        let(:request_body) do
+          { event: '$login.success', user_id: '1234', timestamp: time_user }
+        end
+        it do
+          assert_requested :post, 'https://locked.jp/api/v1/client/authenticate', times: 1 do |req|
+            JSON.parse(req.body) == JSON.parse(request_body.to_json)
+          end
+        end
+      end
+      context 'with client initialized with timestamp' do
+        let(:client) { client_with_user_timestamp }
+        let(:request_body) do
+          { event: '$login.success', user_id: '1234', timestamp: time_user }
+        end
+        it do
+          assert_requested :post, 'https://locked.jp/api/v1/client/authenticate', times: 1 do |req|
+            JSON.parse(req.body) == JSON.parse(request_body.to_json)
+          end
+        end
+      end
+    end
+    context 'when used with string keys' do
+      let(:options) { { 'event' => '$login.success', 'user_id' => '1234' } }
+      before { request_response }
+      it do
+        assert_requested :post, 'https://locked.jp/api/v1/client/authenticate', times: 1 do |req|
+          JSON.parse(req.body) == JSON.parse(request_body.to_json)
+        end
+      end
+    end
+    context 'when request with fail' do
+      before { allow(Locked::API).to receive(:request).and_raise(Locked::RequestError.new(Timeout::Error)) }
+      context 'with request error and throw strategy' do
+        before { allow(Locked.config).to receive(:failover_strategy).and_return(:throw) }
+        it { expect { request_response }.to raise_error(Locked::RequestError) }
+      end
+      context 'with request error and not throw on eg deny strategy' do
+        it { assert_not_requested :post, 'https://locked.jp/api/v1/client/authenticate' }
+        it { expect(request_response[:data][:action]).to be_eql('deny') }
+        it { expect(request_response[:data][:user_id]).to be_eql('1234') }
+        it { expect(request_response[:failover]).to be true }
+        it { expect(request_response[:failover_reason]).to be_eql('Locked::RequestError') }
+      end
+    end
+    context 'when request is internal server error' do
+      before { allow(Locked::API).to receive(:request).and_raise(Locked::InternalServerError) }
+      describe 'throw strategy' do
+        before { allow(Locked.config).to receive(:failover_strategy).and_return(:throw) }
+        it { expect { request_response }.to raise_error(Locked::InternalServerError) }
+      end
+      context 'not throw on eg deny strategy' do
+        it { assert_not_requested :post, 'https://locked.jp/api/v1/client/authenticate' }
+        it { expect(request_response[:data][:action]).to be_eql('deny') }
+        it { expect(request_response[:data][:user_id]).to be_eql('1234') }
+        it { expect(request_response[:failover]).to be true }
+        it { expect(request_response[:failover_reason]).to be_eql('Locked::InternalServerError') }
+      end
+    end
+  end
+end