minfraud 1.0.4 → 1.4.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 360e5c67027b7cac3bacd6715aa3afee61de8a75
-  data.tar.gz: cb6dd240c3436fe0c0c23e7aa6d5ad5c4bcfcae8
+SHA256:
+  metadata.gz: aa255a8f579aa729b4ceeb84db99f283bafdc2276fc6eba3d52e6133a8e2d4ea
+  data.tar.gz: 1d9717004f0f07eadf3d986f4f697f4d2c41ef7c08c21b9b1f3b7e6291c36286
 SHA512:
-  metadata.gz: c3cb59ad5bde816f3b2f8be3cc1f0699ce18c1728a8267d7e827b28e8fecd0a20c638211f453a0f8dee2ea7c252096193293633ca5ecf4e3a640f632e5201dfb
-  data.tar.gz: 2b430855a1157e215891a09a1cf0aab79bad1a027e272359a536caf81db8958835e06f591393a9782b22c90655017b91475eff775208f964a4ae0ca44bb1dd43
+  metadata.gz: a57eac0733d6c1d64319c80f458f00585897030433414ab0b4888606fedafac833e5fd1298fe608f8a343b87536ad2974bc794bba9317a5043980aa689c2e0cd
+  data.tar.gz: 0ef9a279e2ed6d9a08b3f972338f7ade34ecf1f2c409e6777333c9a6afcf1dbab3c03927b8e6a350c54ed4dd2c86bdd64672a36f51caa2087bfb8e53ab824b2a

data/.github/workflows/rubocop.yml

@@ -0,0 +1,12 @@
+name: Run rubocop
+on: [push, pull_request]
+jobs:
+  rubocop:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: 2.7
+      - run: bundle install
+      - run: bundle exec rake -t rubocop

data/.github/workflows/test.yml

@@ -0,0 +1,32 @@
+name: Run tests
+on: [push, pull_request]
+jobs:
+  test:
+    runs-on: ${{ matrix.os }}
+    strategy:
+      fail-fast: false
+      matrix:
+        os: [ubuntu-latest, windows-latest, macos-latest]
+        version:
+          [
+            2.1,
+            2.2,
+            2.3,
+            2.4,
+            2.5,
+            2.6,
+            2.7,
+            jruby,
+          ]
+        exclude:
+          - os: windows-latest
+            version: jruby
+    steps:
+      - uses: actions/checkout@v2
+        with:
+          submodules: true
+      - uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: ${{ matrix.version }}
+      - run: bundle install
+      - run: bundle exec rake -t spec

data/.gitignore

@@ -1,7 +1,9 @@
+/coverage
 pkg
 .project
 Gemfile.lock
 .rvmrc
 *.rbc
+.yardoc
 *~
 .DS_Store

data/.rubocop.yml

@@ -0,0 +1,108 @@
+Gemspec/RequiredRubyVersion:
+  Enabled: false # We support 2.1+, but rubocop supports 2.4+.
+
+# Metrics.
+
+Metrics/BlockLength:
+  Enabled: false # Default is true, but mostly hit in tests.
+
+Metrics/AbcSize:
+  Enabled: false # To allow for pre-existing code.
+
+Metrics/ClassLength:
+  Enabled: false # To allow for pre-existing code.
+
+Metrics/CyclomaticComplexity:
+  Enabled: false # To allow for pre-existing code.
+
+Metrics/MethodLength:
+  Enabled: false # To allow for pre-existing code.
+
+Metrics/PerceivedComplexity:
+  Enabled: false # To allow for pre-existing code.
+
+# Layout.
+
+Layout/LineLength:
+  Max: 150 # Default is 120.
+
+Layout/HashAlignment:
+  EnforcedHashRocketStyle: table # Default is key.
+  EnforcedColonStyle:      table # Default is key.
+
+Layout/ExtraSpacing:
+  ForceEqualSignAlignment: true # Default is false.
+
+Layout/IndentationStyle:
+  IndentationWidth: 2 # Default is <none>.
+
+# Style.
+
+Style/HashSyntax:
+  EnforcedStyle: ruby19_no_mixed_keys # Default is ruby19.
+
+Style/CollectionMethods:
+  Enabled: true # Default is false.
+
+Style/NumericLiterals:
+  MinDigits: 4 # Default is 5.
+
+Style/NegatedIf: # I disagree with this.
+  Enabled: false
+
+Style/IfUnlessModifier: # This doesn't always make sense.
+  Enabled: false
+
+Style/SymbolArray:
+  EnforcedStyle: brackets # Default is percent, but 1.9 doesn't support that.
+
+# Trailing commas are often good.
+Style/TrailingCommaInArguments:
+  Enabled: false
+Style/TrailingCommaInArrayLiteral:
+  Enabled: false
+Style/TrailingCommaInHashLiteral:
+  Enabled: false
+
+Style/SafeNavigation:
+  Enabled: false # Default is true, but this 1.9 doesn't support it.
+
+# Default is both which is probably fine, but it changes code and I don't want
+# to investigate any possible behavior change right now.
+Style/EmptyElse:
+  EnforcedStyle: empty
+
+Style/ConditionalAssignment:
+  Enabled: false # This produces kind of strange results.
+
+Style/Dir:
+  Enabled: false # This is good, but not supported on 1.9.
+
+Style/ExpandPathArguments:
+  Enabled: false # This causes us to use __dir__ which 1.9 doesn't support.
+
+Style/GuardClause:
+  Enabled: false # Doesn't always make sense.
+
+Style/Documentation:
+  Enabled: false # We should enable this, but allow for pre-existing code.
+
+Style/FormatStringToken:
+  Enabled: false # Seems unnecessary.
+
+# Asks to use x.negative? instead of x < 0. But this isn't available until 2.3.
+Style/NumericPredicate:
+  Enabled: false
+
+# Seems unnecessary. Asks us to call super in a bunch of places when there's no
+# need.
+Lint/MissingSuper:
+  Enabled: false
+
+# Naming.
+
+Naming/VariableNumber:
+  Enabled: false # Doesn't always make sense.
+
+AllCops:
+  NewCops: enable

data/CHANGELOG.md

@@ -1,14 +1,83 @@
 # Minfraud Changelog
 
-## v1.0.4
+## v1.4.1 (2020-12-01)
+
+* Do not throw an exception if the response does not include IP address
+  information. Previously we would incorrectly try to retrieve fields from
+  `nil`, leading to a `NoMethodError`.
+
+## v1.4.0 (2020-10-13)
+
+* IMPORTANT: Ruby 2.0 is no longer supported. If you're using Ruby 2.0,
+  please use version 1.3.0.
+* Add handling for the `REQUEST_INVALID` error code.
+* The IP address is no longer a required input.
+* Adds new payment processor `:tsys` to `Minfraud::Components::Payment`.
+
+## v1.3.0 (2020-09-25)
+
+* Adds support for persistent HTTP connections. Connections persist
+  automatically.
+* IMPORTANT: Ruby 1.9 is no longer supported. If you're using Ruby 1.9,
+  please use version 1.2.0 or older.
+* Adds support for client side validation of inputs. An `InvalidInputError`
+  exception will be raised if an input is invalid. This can be enabled by
+  setting `enable_validation` to `true` when configuring `Minfraud`. It is
+  disabled by default.
+* Adds the `residential_proxy?` method to `MaxMind::GeoIP2::Record::Traits`
+  for use with minFraud Insights and Factors.
+
+## v1.2.0 (2020-07-15)
+
+* Adds new processor types to `Minfraud::Components::Payment`: `:cashfree`,
+  `:first_atlantic_commerce`, `:komoju`, `:paytm`, `:razorpay`, and
+  `:systempay`.
+* Adds support for three new Factors outputs: `/subscores/device` (the risk
+  associated with the device), `/subscores/email_local_part` (the risk
+  associated with the part of the email address before the @ symbol) and
+  `/subscores/shipping_address` (the risk associated with the shipping
+  address).
+* Adds support for providing your MaxMind account ID using the `account_id`
+  attribute instead of the `user_id` attribute. In a future release,
+  support for the `user_id` attribute will be removed.
+
+## v1.1.0 (2020-06-19)
+
+* Adds support for the minFraud Report Transaction API. Reporting
+  transactions to MaxMind helps us detect about 10-50% more fraud and
+  reduce false positives for you.
+* Adds support for the new credit card output `/credit_card/is_business`.
+  This indicates whether the card is a business card. It may be accessed
+  via `response.credit_credit.is_business` on the minFraud Insights and
+  Factors response objects.
+* Adds support for the new email domain output `/email/domain/first_seen`.
+  This may be accessed via `response.email.domain.first_seen` on the
+  minFraud Insights and Factors response objects.
+* Rename `ErrorHandler#inspect` to `ErrorHandler#examine` in order not to
+  break LSP.
+* Adds classes for the Score, Insights, and Factors responses. This allows
+  us to provide API documentation for the various response attributes.
+* Removes `hashie` as a required dependency.
+* Adds new processor types to `Minfraud::Components::Payment`: `:affirm`,
+  `:afterpay`, `:cardpay`, `:ccavenue`, `:cetelem`, `:ct_payments`,
+  `:dalenys`, `:datacash`, `:dotpay`, `:ecommpay`, `:epx`, `:g2a_pay`,
+  `:gocardless`, `:interac`, `:klarna`, `:mercanet`, `:oney`, `:payeezy`,
+  `:paylike`, `:payment_express`, `:paysafecard`, `:posconnect`,
+  `:smartdebit`, `:synapsefi`, and others.
+* Adds support for passing custom inputs to minFraud. GitHub #6.
+* Adds `:email_change`, `:password_reset`, and `:payout_change` as types to
+  `Minfraud::Components::Event`.
+* Adds support for the `session_id` and `session_age` inputs.
+
+## v1.0.4 (2016-12-23)
 
 * Prevents boolean value conversion to string to avoid warnings
 * Adds `amount` attribute to the `Minfraud::Components::Order` instances
 
-## v1.0.3
+## v1.0.3 (2016-11-24)
 * Adds `token` attribute to the `Minfraud::Components::CreditCard` instances
 according to the MinFraud Release Notes introduced on November 17, 2016
 
-## v1.0.2
+## v1.0.2 (2016-10-11)
 
 * Adds support for Ruby >= 1.9

data/CODE_OF_CONDUCT.md

@@ -35,7 +35,7 @@ This code of conduct applies both within project spaces and in public spaces
 when an individual is representing the project or its community.
 
 Instances of abusive, harassing, or otherwise unacceptable behavior may be
-reported by contacting a project maintainer at kushnir.yb@gmail.com. All
+reported by contacting a project maintainer at support@maxmind.com. All
 complaints will be reviewed and investigated and will result in a response that
 is deemed necessary and appropriate to the circumstances. Maintainers are
 obligated to maintain confidentiality with regard to the reporter of an
@@ -43,7 +43,7 @@ incident.
 
 This Code of Conduct is adapted from the [Contributor Covenant][homepage],
 version 1.3.0, available at
-[http://contributor-covenant.org/version/1/3/0/][version]
+[https://contributor-covenant.org/version/1/3/0/][version]
 
-[homepage]: http://contributor-covenant.org
-[version]: http://contributor-covenant.org/version/1/3/0/
+[homepage]: https://contributor-covenant.org
+[version]: https://contributor-covenant.org/version/1/3/0/

data/Gemfile

@@ -1,5 +1,14 @@
+# frozen_string_literal: true
+
 source 'https://rubygems.org'
 
-# Specify your gem's dependencies in minfraud.gemspec
-gem 'coveralls', require: false
+# coveralls fails on Ruby 1.9. My understanding is we don't need to run this on
+# more than one version anyway, so restrict to the current latest.
+version_pieces = RUBY_VERSION.split('.')
+major_version  = version_pieces[0]
+minor_version  = version_pieces[1]
+if major_version == '2' && minor_version == '7'
+  gem 'coveralls', require: false
+end
+
 gemspec

data/LICENSE.txt

@@ -1,6 +1,7 @@
 The MIT License (MIT)
 
-Copyright (c) 2016 kushnir.yb
+Copyright (c) 2016-2020 kushnir.yb
+Copyright (c) 2020 MaxMind, Inc.
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

data/README.dev.md

@@ -0,0 +1,4 @@
+# How to release
+
+See
+[here](https://github.com/maxmind/MaxMind-DB-Reader-ruby/blob/master/README.dev.md).

data/README.md

@@ -1,12 +1,14 @@
-# Simple Ruby Wrapper to the MaxMind minFraud API
+# Ruby API for MaxMind minFraud Services
 
-[![Code Climate](https://codeclimate.com/github/kushniryb/minfraud-api-v2/badges/gpa.svg)](https://codeclimate.com/github/kushniryb/minfraud-api-v2)
-[![Coverage Status](https://coveralls.io/repos/github/kushniryb/minfraud-api-v2/badge.svg?branch=master)](https://coveralls.io/github/kushniryb/minfraud-api-v2?branch=master)
-[![Build Status](https://travis-ci.org/kushniryb/minfraud-api-v2.svg?branch=master)](https://travis-ci.org/kushniryb/minfraud-api-v2)
+## Description
 
-Compatible with version minFraud API v2.0
+This package provides an API for the [MaxMind minFraud web
+services](https://dev.maxmind.com/minfraud/). This includes minFraud Score,
+Insights, and Factors. It also includes our [minFraud Report Transaction
+API](https://dev.maxmind.com/minfraud/report-transaction/).
 
-[minFraud API documentation](http://dev.maxmind.com/minfraud/)
+The legacy minFraud Standard and Premium services are not supported by this
+API.
 
 ## Installation
 
@@ -18,90 +20,274 @@ gem 'minfraud'
 
 And then execute:
 
-```ruby
+```
 $ bundle
 ```
 
 Or install it yourself as:
+
 ```
 $ gem install minfraud
 ```
 
-## Configuration
+## API Documentation
+
+See the [API documentation](https://www.rubydoc.info/gems/minfraud) for
+more details.
+
+## Usage
 
-User Id and License Key are required to work with minFraud API
+### Configuration
+
+An account ID and license key are required to work with the web services.
+Configure these before making a request:
 
 ```ruby
 Minfraud.configure do |c|
+  c.account_id  = 12345
   c.license_key = 'your_license_key'
-  c.user_id     = 'your_user_id'
+  c.enable_validation = true
 end
-```
+````
+
+### Making a minFraud Score, Insights, or Factors Request
+
+To use the minFraud API, create a `Minfraud::Assessments` object. The
+constructor takes a hash of symbols corresponding to each component of the
+minFraud request. You can also set components by their attribute after
+creating the object.
+
+After populating the object, call the method for the minFraud endpoint you
+want to use: `#score`, `#insights`, or `#factors`. The returned value is a
+`MinFraud::Response` object. You can access the response model through its
+`#body` attribute.
+
+An exception will be thrown for critical errors. You should check for
+`warnings` related to your inputs after a request.
 
-## Usage
 ```ruby
-# You can either provide a hash of params to initializer
+# Prepare the request.
 assessment = Minfraud::Assessments.new(
   device: {
-    ip_address: '1.2.3.4.5'
-  }
+    ip_address:      '152.216.7.110',
+    accept_language: 'en-US,en;q=0.8',
+    session_age:     3600.5,
+    session_id:      'foo',
+    user_agent:      'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.89 Safari/537.36',
+  },
+  event: {
+    transaction_id: 'txn3134133',
+    shop_id:        's2123',
+    time:           '2012-04-12T23:20:50+00:00',
+    type:           :purchase,
+  },
+  account: {
+    user_id:      '3132',
+    username_md5: '4f9726678c438914fa04bdb8c1a24088',
+  },
+  email: {
+    address: 'test@maxmind.com',
+    domain:  'maxmind.com',
+  },
+  billing: {
+    first_name:         'First',
+    last_name:          'Last',
+    company:            'Company',
+    address:            '101 Address Rd.',
+    address_2:          'Unit 5',
+    city:               'New Haven',
+    region:             'CT',
+    country:            'US',
+    postal:             '06510',
+    phone_number:       '123-456-7890',
+    phone_country_code: '1',
+  },
+  shipping: {
+    first_name:         'ShipFirst',
+    last_name:          'ShipLast',
+    company:            'ShipCo',
+    address:            '322 Ship Addr. Ln.',
+    address_2:          'St. 43',
+    city:               'Nowhere',
+    region:             'OK',
+    country:            'US',
+    postal:             '73003',
+    phone_number:       '123-456-0000',
+    phone_country_code: '1',
+    delivery_speed:     :same_day,
+  },
+  payment: {
+    processor:      :stripe,
+    was_authorized: false,
+    decline_code:   'invalid number',
+  },
+  credit_card: {
+    issuer_id_number:        '411111',
+    last_4_digits:           '7643',
+    bank_name:               'Bank of No Hope',
+    bank_phone_country_code: '1',
+    bank_phone_number:       '123-456-1234',
+    token:                   'abcd',
+    avs_result:              'Y',
+    cvv_result:              'N',
+  },
+  order: {
+    amount:           323.21,
+    currency:         'USD',
+    discount_code:    'FIRST',
+    is_gift:          true,
+    has_gift_message: false,
+    affiliate_id:     'af12',
+    subaffiliate_id:  'saf42',
+    referrer_uri:     'http://www.amazon.com/',
+  },
+  shopping_cart: [
+    {
+      category: 'pets',
+      item_id:  'leash-0231',
+      quantity: 2,
+      price:    20.43,
+    },
+    {
+      category: 'beauty',
+      item_id:  'msc-1232',
+      quantity: 1,
+      price:    100.00,
+    },
+  ],
+  custom_inputs: {
+    section:            'news',
+    previous_purchases: 19,
+    discount:           3.2,
+    previous_user:      true,
+  },
 )
-# or create a component and assign them to assessments object directly, e.g
-device = Minfraud::Components::Device.new(ip_address: '1.2.3.4.5')
-assessment = Minfraud::Assessments.new(device: device)
-# or
-assessment = Minfraud::Assessments.new
-assessment.device = device
-# There are multiple components that reflect minFraud request top level keys
-
-# Some components will raise an error if provided with the wrong values for attributes, e.g
-event = Minfraud::Components::Event.new(type: 'foobar') # => Minfraud::NotEnumValueError
-# You can check the list of permitted values for the attribute by calling a class method
-Minfraud::Components::Event.type_values # => ["account_creation", "account_login", ....]
-
-# You can now call 3 different minFraud endpoints: score, insights, factors
-assessment.insights
-assessment.factors
-
-result = assessment.score # => Minfraud::Response instance
-
-result.status  # => Response status code
-result.code    # => minFraud specific response code
-result.body    # => Mashified body
-result.headers # => Response headers
-
-# You can also change data inbetween requests
-first_request = assessment.insights
-assessment.device.ip_address = '22.22.22.33'
-second_request = assessment.insights
+
+# To get the Factors response model, use #factors.
+factors_model = assessment.factors.body
+
+factors_model.warnings.each { |w| puts w.warning }
+
+p factors_model.subscores.email_address
+p factors_model.risk_score
+
+# To get the Insights response model, use #insights.
+insights_model = assessment.insights.body
+
+insights_model.warnings.each { |w| puts w.warning }
+
+p insights_model.credit_card.issuer.name
+p insights_model.risk_score
+
+# To get the Score response model, use #score.
+score_model = assessment.score.body
+
+score_model.warnings.each { |w| puts w.warning }
+
+p score_model.risk_score
 ```
 
-### Exception handling
+See the [API documentation](https://www.rubydoc.info/gems/minfraud) for
+more details.
 
-Gem is supplied with four different types of exceptions:
-```ruby
-# Raised if unpermitted key is provided to Minfraud::Assessments initializer
-class RequestFormatError < BaseError; end
+### Reporting a Transaction to MaxMind
 
-# Raised if IP address is absent / it is reserved / JSON body can not be decoded
-class ClientError < BaseError; end
+MaxMind encourages the use of this API, as data received through this
+channel is used to improve the accuracy of their fraud detection
+algorithms.
 
-# Raised if there are some problems with the user id and / or license key
-class AuthorizationError < BaseError; end
+To use the Report Transaction API, create a
+`Minfraud::Components::Report::Transaction` object. An IP address and a
+valid tag are required arguments for this API. Additional parameters may be
+set, as shown below.
 
-# Raised if minFraud returns an error, or if there is an HTTP error
-class ServerError < BaseError; end
+If the report is successful, nothing is returned. If the report fails, an
+exception will be thrown.
 
-# Raised if an attribute value doesn't belong to the predefined set of values
-class NotEnumValueError < BaseError; end
+```ruby
+# The report_transaction method only makes use of a transaction component:
+txn = Minfraud::Components::Report::Transaction.new(
+  ip_address:     '152.216.7.110',
+  tag:            :suspected_fraud,
+  maxmind_id:     '12345678',
+  minfraud_id:    '58fa38d8-4b87-458b-a22b-f00eda1aa20d',
+  notes:          'notes go here',
+  transaction_id: '1FA254yZ'
+)
+reporter = Minfraud::Report.new(transaction: txn)
+reporter.report_transaction
 ```
 
+See the [API documentation](https://www.rubydoc.info/gems/minfraud) for
+more details.
+
+### Persistent HTTP Connections
+
+This gem supports persistent HTTP connections, allowing you to avoid the
+overhead of creating a new HTTP connection for each minFraud request if you
+plan to perform more than one. You do not need to do anything to enable
+this functionality.
+
+### Exceptions
+
+The gem supplies several distinct exception-types:
+
+* `RequestFormatError` - Raised if an unknown key is provided to the
+  `Minfraud::Assessments` constructor
+* `ClientError` - Raised if the IP address is absent, reserved, or the JSON
+  body cannot be decoded
+* `AuthorizationError` - Raised if there are problems with the account ID
+  and/or license key
+* `ServerError` - Raised if minFraud returns an error or if there is an
+  HTTP error
+* `NotEnumValueError` - Raised if an attribute value doesn't belong to the
+  predefined set of values
+
+### Thread Safety
+
+This gem is safe for use from multiple threads.
+
+`Minfraud::Assessments` and `Minfraud::Report` objects must not be shared
+across threads.
+
+Please note that you must run `Minfraud.configure` before calling any
+functionality using multiple threads.
+
+## Support
+
+Please report all issues with this code using the
+[GitHub issue tracker](https://github.com/maxmind/minfraud-api-ruby/issues).
+
+If you are having an issue with the minFraud service that is not specific
+to the client API, please see
+[our support page](https://www.maxmind.com/en/support).
+
+## Requirements
+
+This gem works with Ruby 2.1 and above.
+
 ## Contributing
 
-Bug reports and pull requests are welcome on GitHub [here](https://github.com/kushniryb/minfraud-api-v2). This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [Contributor Covenant](http://contributor-covenant.org) code of conduct.
+Bug reports and pull requests are welcome on
+[GitHub](https://github.com/maxmind/minfraud-api-ruby). This project is
+intended to be a safe, welcoming space for collaboration, and contributors
+are expected to adhere to the [Contributor
+Covenant](https://contributor-covenant.org) code of conduct.
+
+## Versioning
+
+This API uses [Semantic Versioning](https://semver.org/).
+
+## Copyright and License
+
+Copyright (c) 2016-2020 kushnir.yb.
 
+Copyright (c) 2020 MaxMind, Inc.
 
-## License
+The gem is available as open source under the terms of the [MIT
+License](https://opensource.org/licenses/MIT).
 
-The gem is available as open source under the terms of the [MIT License](http://opensource.org/licenses/MIT).
+## Thank You
 
+This gem is the work of the creator and original maintainer kushnir.yb
+(@kushniryb).