minfraud 1.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 992486331731cfd910c7ae3da4039bfa3b776277ff3eb3fb44ae62816299d2cb
+  data.tar.gz: db10a19261bdca8cb64df6f0992a2d102859c670fc47568cdc01e299c17318a6
+SHA512:
+  metadata.gz: bd6e8c22d6557f26233b1f5c306ab3d358adb9f661f1452d02471ce0b705cd0037ecafc235af86646894bc4ab953c595989011148aa4f658132f6ec7c7218a4f
+  data.tar.gz: f8e53c39ef6a07271297e8555808682b9cb662efe43057ea6da9ea9400418b7a59bd168051888e8c69ebda1d9ed6947729e48de5b3a61df25b26536f13589bef

data/.gitignore

@@ -0,0 +1,9 @@
+/coverage
+pkg
+.project
+Gemfile.lock
+.rvmrc
+*.rbc
+.yardoc
+*~
+.DS_Store

data/.rspec

@@ -0,0 +1,2 @@
+--format documentation
+--color

data/.travis.yml

@@ -0,0 +1,22 @@
+language: ruby
+
+rvm:
+  - 1.9
+  - 2.0
+  - 2.1
+  - 2.2
+  - 2.3
+  - 2.4
+  - 2.5
+  - 2.6
+  - 2.7
+
+notifications:
+  email:
+    on_failure: always
+    on_success: change
+    recipients:
+      - dev-ci@maxmind.com
+  slack:
+    rooms:
+      secure: "wuwMo+BWnaBtkt1uGAi4Zd0EARX3B2TXDmBGCtn8r4PLfehh61S6nLQDASNXSk200PmniFM8PyOUNVGVJqWpYQAEMn32WWdy4vTK2c8CsjwfsMhgnOI2YDCzw+jiP+8EfIGBsPO4xA7yrzweP8gkzBtplb3LbaCiW83WfFo9+402yr0/0F9gfWi8qvuIw29XAS1XWhTY4itqGfkSPdOHQz/45ElpLkGlgreuRrih3tAgn9YLb/Uh/6McHfHkL74YwQU3p0NiZcoleWYM0CLpPzyrN8EsbmIT+L75nIVwXnh62Gx2jJWayj7ZzvyKtVKHtLb/LKRs4Dg0UEg65xX1EcBAkC5fn4KG1jQHvi/tdOx1Sfh3hO6OK+68q1R6cQQYy+uG84q8RUjpO6dzFcWpE1yMdbQ5XMKfTh56ZdhXJ803LD2gGeIgcMwJp6HK9tnf0vaPPI9kbr8fqJBUUkciUoqpYzFd5m0ZCUbJsMD0oPY19FSRtfCNQvCbmhYrLy1sQ5FeMzbF0bi2oaUv+JD/A5RKokNMrrwv3nnTtG4vN1hJklQk2VW3sZWl6UjYgzhrbmKABtvPuB+xcYywIu4+JSworpfDwM/PZAKOfd6n+r8OdNV256l8WaNeF6osvXkUR7yxYpytywdQPA0d/z8mxTVoATE3wat7pnmTrqI5fqw=\n"

data/CHANGELOG.md

@@ -0,0 +1,42 @@
+# Minfraud Changelog
+
+## v1.1.0 (2020-06-19)
+
+* Adds support for the minFraud Report Transaction API. Reporting
+  transactions to MaxMind helps us detect about 10-50% more fraud and
+  reduce false positives for you.
+* Adds support for the new credit card output `/credit_card/is_business`.
+  This indicates whether the card is a business card. It may be accessed
+  via `response.credit_credit.is_business` on the minFraud Insights and
+  Factors response objects.
+* Adds support for the new email domain output `/email/domain/first_seen`.
+  This may be accessed via `response.email.domain.first_seen` on the
+  minFraud Insights and Factors response objects.
+* Rename `ErrorHandler#inspect` to `ErrorHandler#examine` in order not to
+  break LSP.
+* Adds classes for the Score, Insights, and Factors responses. This allows
+  us to provide API documentation for the various response attributes.
+* Removes `hashie` as a required dependency.
+* Adds new processor types to `Minfraud::Components::Payment`: `:affirm`,
+  `:afterpay`, `:cardpay`, `:ccavenue`, `:cetelem`, `:ct_payments`,
+  `:dalenys`, `:datacash`, `:dotpay`, `:ecommpay`, `:epx`, `:g2a_pay`,
+  `:gocardless`, `:interac`, `:klarna`, `:mercanet`, `:oney`, `:payeezy`,
+  `:paylike`, `:payment_express`, `:paysafecard`, `:posconnect`,
+  `:smartdebit`, `:synapsefi`, and others.
+* Adds support for passing custom inputs to minFraud. GitHub #6.
+* Adds `:email_change`, `:password_reset`, and `:payout_change` as types to
+  `Minfraud::Components::Event`.
+* Adds support for the `session_id` and `session_age` inputs.
+
+## v1.0.4 (2016-12-23)
+
+* Prevents boolean value conversion to string to avoid warnings
+* Adds `amount` attribute to the `Minfraud::Components::Order` instances
+
+## v1.0.3 (2016-11-24)
+* Adds `token` attribute to the `Minfraud::Components::CreditCard` instances
+according to the MinFraud Release Notes introduced on November 17, 2016
+
+## v1.0.2 (2016-10-11)
+
+* Adds support for Ruby >= 1.9

data/CODE_OF_CONDUCT.md

@@ -0,0 +1,49 @@
+# Contributor Code of Conduct
+
+As contributors and maintainers of this project, and in the interest of
+fostering an open and welcoming community, we pledge to respect all people who
+contribute through reporting issues, posting feature requests, updating
+documentation, submitting pull requests or patches, and other activities.
+
+We are committed to making participation in this project a harassment-free
+experience for everyone, regardless of level of experience, gender, gender
+identity and expression, sexual orientation, disability, personal appearance,
+body size, race, ethnicity, age, religion, or nationality.
+
+Examples of unacceptable behavior by participants include:
+
+* The use of sexualized language or imagery
+* Personal attacks
+* Trolling or insulting/derogatory comments
+* Public or private harassment
+* Publishing other's private information, such as physical or electronic
+  addresses, without explicit permission
+* Other unethical or unprofessional conduct
+
+Project maintainers have the right and responsibility to remove, edit, or
+reject comments, commits, code, wiki edits, issues, and other contributions
+that are not aligned to this Code of Conduct, or to ban temporarily or
+permanently any contributor for other behaviors that they deem inappropriate,
+threatening, offensive, or harmful.
+
+By adopting this Code of Conduct, project maintainers commit themselves to
+fairly and consistently applying these principles to every aspect of managing
+this project. Project maintainers who do not follow or enforce the Code of
+Conduct may be permanently removed from the project team.
+
+This code of conduct applies both within project spaces and in public spaces
+when an individual is representing the project or its community.
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be
+reported by contacting a project maintainer at support@maxmind.com. All
+complaints will be reviewed and investigated and will result in a response that
+is deemed necessary and appropriate to the circumstances. Maintainers are
+obligated to maintain confidentiality with regard to the reporter of an
+incident.
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage],
+version 1.3.0, available at
+[https://contributor-covenant.org/version/1/3/0/][version]
+
+[homepage]: https://contributor-covenant.org
+[version]: https://contributor-covenant.org/version/1/3/0/

data/Gemfile

@@ -0,0 +1,12 @@
+source 'https://rubygems.org'
+
+# coveralls fails on Ruby 1.9. My understanding is we don't need to run this on
+# more than one version anyway, so restrict to the current latest.
+version_pieces = RUBY_VERSION.split('.')
+major_version = version_pieces[0]
+minor_version = version_pieces[1]
+if major_version == '2' && minor_version == '7'
+  gem 'coveralls', require: false
+end
+
+gemspec

data/LICENSE.txt

@@ -0,0 +1,22 @@
+The MIT License (MIT)
+
+Copyright (c) 2016-2020 kushnir.yb
+Copyright (c) 2020 MaxMind, Inc.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.dev.md

@@ -0,0 +1,4 @@
+# How to release
+
+See
+[here](https://github.com/maxmind/MaxMind-DB-Reader-ruby/blob/master/README.dev.md).

data/README.md

@@ -0,0 +1,178 @@
+# Ruby API for MaxMind minFraud Services
+
+## Description
+
+This package provides an API for the [MaxMind minFraud web
+services](https://dev.maxmind.com/minfraud/). This includes minFraud Score,
+Insights, and Factors. It also includes our [minFraud Report Transaction
+API](https://dev.maxmind.com/minfraud/report-transaction/).
+
+The legacy minFraud Standard and Premium services are not supported by this
+API.
+
+## Requirements
+
+This gem works with Ruby 1.9 and above.
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'minfraud'
+```
+
+And then execute:
+
+```ruby
+$ bundle
+```
+
+Or install it yourself as:
+```
+$ gem install minfraud
+```
+
+## Usage
+
+### Configuration
+
+An account ID and license key are required to work with the web services.
+
+```ruby
+Minfraud.configure do |c|
+  c.license_key = 'your_license_key'
+  c.user_id     = 'your_user_id'
+end
+````
+
+### Making a minFraud Score, Insights, or Factors Request
+
+```ruby
+# You can either provide a hash of parameters to the initializer
+assessment = Minfraud::Assessments.new(
+  device: {
+    ip_address: '1.2.3.4.5'
+  }
+)
+# or create a component and assign them to the assessments object directly
+device = Minfraud::Components::Device.new(ip_address: '1.2.3.4.5')
+assessment = Minfraud::Assessments.new(device: device)
+# or
+assessment = Minfraud::Assessments.new
+assessment.device = device
+
+# There are multiple components that reflect the minFraud request top level
+# keys.
+
+# Some components will raise an error if provided with the wrong values for
+# attributes, e.g
+event = Minfraud::Components::Event.new(type: 'foobar') # => Minfraud::NotEnumValueError
+
+# You can check the list of permitted values for the attribute by calling a
+# class method
+Minfraud::Components::Event.type_values # => ["account_creation", "account_login", ....]
+
+# You can now call 3 different minFraud endpoints: score, insights and factors
+assessment.score
+assessment.insights
+assessment.factors
+
+result = assessment.score # => Minfraud::Response instance
+
+result.status  # => Response status code
+result.code    # => minFraud-specific response code
+result.body    # => Response body
+result.headers # => Response headers
+
+# You can change data between requests
+first_request = assessment.insights
+assessment.device.ip_address = '22.22.22.33'
+second_request = assessment.insights
+```
+
+See the [API documentation](https://www.rubydoc.info/gems/minfraud) for
+more details.
+
+### Reporting a Transaction to MaxMind
+
+MaxMind encourages the use of this API, as data received through this
+channel is continually used to improve the accuracy of their fraud
+detection algorithms.
+
+To use the Report Transactions API, create a new
+`Minfraud::Components::Report::Transaction` object. An IP address and a
+valid tag are required arguments for this API. Additional params may also
+be set, as documented below.
+
+If the report is successful, nothing is returned. If the report fails, an
+exception with be thrown.
+
+See the API documentation for more details.
+
+```ruby
+# The report_transaction method only makes use of a transaction component:
+txn = Minfraud::Components::Report::Transaction.new(
+  ip_address:     '1.2.3.4',
+  tag:            :suspected_fraud,
+  maxmind_id:     '12345678',
+  minfraud_id:    '58fa38d8-4b87-458b-a22b-f00eda1aa20d',
+  notes:          'notes go here',
+  transaction_id: '1FA254yZ'
+)
+reporter = Minfraud::Report.new(transaction: txn)
+reporter.report_transaction
+```
+
+See the [API documentation](https://www.rubydoc.info/gems/minfraud) for
+more details.
+
+### Exceptions
+
+The gem supplies several distinct exception-types:
+
+* `RequestFormatError` - Raised if unpermitted key is provided to the
+  `Minfraud::Assessments` initializer
+* `ClientError` - Raised if the IP address is absent, reserved or the JSON
+  body cannot be decoded
+* `AuthorizationError` - Raised if there are problems with the account ID
+  and/or license key
+* `ServerError` - Raised if minFraud returns an error or if there is an
+  HTTP error
+* `NotEnumValueError` - Raised if an attribute value doesn't belong to the
+  predefined set of values
+
+## Support
+
+Please report all issues with this code using the
+[GitHub issue tracker](https://github.com/maxmind/minfraud-api-ruby/issues).
+
+If you are having an issue with the minFraud service that is not specific
+to the client API, please see
+[our support page](https://www.maxmind.com/en/support).
+
+## Contributing
+
+Bug reports and pull requests are welcome on
+[GitHub](https://github.com/maxmind/minfraud-api-ruby). This project is
+intended to be a safe, welcoming space for collaboration, and contributors
+are expected to adhere to the [Contributor
+Covenant](https://contributor-covenant.org) code of conduct.
+
+## Versioning
+
+This API uses [Semantic Versioning](https://semver.org/).
+
+## Copyright and License
+
+Copyright (c) 2016-2020 kushnir.yb.
+
+Copyright (c) 2020 MaxMind, Inc.
+
+The gem is available as open source under the terms of the [MIT
+License](https://opensource.org/licenses/MIT).
+
+## Thank You
+
+This gem is the work of the creator and original maintainer kushnir.yb
+(@kushniryb).

data/Rakefile

@@ -0,0 +1,6 @@
+require "bundler/gem_tasks"
+require "rspec/core/rake_task"
+
+RSpec::Core::RakeTask.new(:spec)
+
+task :default => :spec

data/bin/console

@@ -0,0 +1,14 @@
+#!/usr/bin/env ruby
+
+require "bundler/setup"
+require "minfraud"
+
+# You can add fixtures and/or initialization code here to make experimenting
+# with your gem easier. You can also use a different console, if you like.
+
+# (If you use this, don't forget to add pry to your Gemfile!)
+# require "pry"
+# Pry.start
+
+require "irb"
+IRB.start

data/bin/setup

@@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+set -euo pipefail
+IFS=$'\n\t'
+set -vx
+
+bundle install
+
+# Do any other automated setup that you need to do here

data/lib/maxmind/geoip2/model/city.rb

@@ -0,0 +1,99 @@
+# Copyright (c) 2020 by MaxMind, Inc.
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+# SOFTWARE.
+
+# frozen_string_literal: true
+
+require 'maxmind/geoip2/model/country'
+require 'maxmind/geoip2/record/city'
+require 'maxmind/geoip2/record/location'
+require 'maxmind/geoip2/record/postal'
+require 'maxmind/geoip2/record/subdivision'
+
+module MaxMind
+  module GeoIP2
+    module Model
+      # Model class for the data returned by the GeoIP2 City web service and
+      # database. It is also used for GeoLite2 City lookups.
+      #
+      # The only difference between the City and Insights model classes is which
+      # fields in each record may be populated. See
+      # https://dev.maxmind.com/geoip/geoip2/web-services for more details.
+      #
+      # See {MaxMind::GeoIP2::Model::Country} for inherited methods.
+      class City < Country
+        # City data for the IP address.
+        #
+        # @return [MaxMind::GeoIP2::Record::City]
+        attr_reader :city
+
+        # Location data for the IP address.
+        #
+        # @return [MaxMind::GeoIP2::Record::Location]
+        attr_reader :location
+
+        # Postal data for the IP address.
+        #
+        # @return [MaxMind::GeoIP2::Record::Postal]
+        attr_reader :postal
+
+        # The country subdivisions for the IP address.
+        #
+        # The number and type of subdivisions varies by country, but a subdivision
+        # is typically a state, province, country, etc. Subdivisions are ordered
+        # from most general (largest) to most specific (smallest).
+        #
+        # If the response did not contain any subdivisions, this attribute will be
+        # an empty array.
+        #
+        # @return [Array<MaxMind::GeoIP2::Record::Subdivision>]
+        attr_reader :subdivisions
+
+        # @!visibility private
+        def initialize(record, locales)
+          super(record, locales)
+          @city = MaxMind::GeoIP2::Record::City.new(record['city'], locales)
+          @location = MaxMind::GeoIP2::Record::Location.new(record['location'])
+          @postal = MaxMind::GeoIP2::Record::Postal.new(record['postal'])
+          @subdivisions = create_subdivisions(record['subdivisions'], locales)
+        end
+
+        # The most specific subdivision returned.
+        #
+        # If the response did not contain any subdivisions, this method returns
+        # nil.
+        #
+        # @return [MaxMind::GeoIP2::Record::Subdivision, nil]
+        def most_specific_subdivision
+          @subdivisions.last
+        end
+
+        private
+
+        def create_subdivisions(subdivisions, locales)
+          return [] if subdivisions.nil?
+
+          subdivisions.map do |s|
+            MaxMind::GeoIP2::Record::Subdivision.new(s, locales)
+          end
+        end
+      end
+    end
+  end
+end