minfraud 1.1.0 → 1.5.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 992486331731cfd910c7ae3da4039bfa3b776277ff3eb3fb44ae62816299d2cb
-  data.tar.gz: db10a19261bdca8cb64df6f0992a2d102859c670fc47568cdc01e299c17318a6
+  metadata.gz: af8e0a313e978adbd8ccfdf6fccad4652ad0b5c4df5f7812da097f2be4d5390e
+  data.tar.gz: 8d766ee43c166bc26a8c8643cded1d7a43a27cf6cc531e9fddaf66028ab0ebde
 SHA512:
-  metadata.gz: bd6e8c22d6557f26233b1f5c306ab3d358adb9f661f1452d02471ce0b705cd0037ecafc235af86646894bc4ab953c595989011148aa4f658132f6ec7c7218a4f
-  data.tar.gz: f8e53c39ef6a07271297e8555808682b9cb662efe43057ea6da9ea9400418b7a59bd168051888e8c69ebda1d9ed6947729e48de5b3a61df25b26536f13589bef
+  metadata.gz: 497a1c19029b36879b1b2f1b42f7037cfa205b24b199d71c84564a1cf26136de41f6b7fc8fdb9c9ffa163d3f82b8283d159f017d887aaa9709dfd059f1333625
+  data.tar.gz: 72f3fd755450dd1f68b3f675fc181e3a326574bcde905ee7e1b3e64951c2c009788124b2e063e99ed6d080430d7f3d093bf64b8f8dfb78c452436de3937e5cbd

data/.github/workflows/rubocop.yml

@@ -0,0 +1,12 @@
+name: Run rubocop
+on: [push, pull_request]
+jobs:
+  rubocop:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: '3.0'
+      - run: bundle install
+      - run: bundle exec rake -t rubocop

data/.github/workflows/test.yml

@@ -0,0 +1,33 @@
+name: Run tests
+on: [push, pull_request]
+jobs:
+  test:
+    runs-on: ${{ matrix.os }}
+    strategy:
+      fail-fast: false
+      matrix:
+        os: [ubuntu-latest, windows-latest, macos-latest]
+        version:
+          [
+            2.1,
+            2.2,
+            2.3,
+            2.4,
+            2.5,
+            2.6,
+            2.7,
+            '3.0',
+            jruby,
+          ]
+        exclude:
+          - os: windows-latest
+            version: jruby
+    steps:
+      - uses: actions/checkout@v2
+        with:
+          submodules: true
+      - uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: ${{ matrix.version }}
+      - run: bundle install
+      - run: bundle exec rake -t spec

data/.rubocop.yml

@@ -0,0 +1,108 @@
+Gemspec/RequiredRubyVersion:
+  Enabled: false # We support 2.1+, but rubocop supports 2.4+.
+
+# Metrics.
+
+Metrics/BlockLength:
+  Enabled: false # Default is true, but mostly hit in tests.
+
+Metrics/AbcSize:
+  Enabled: false # To allow for pre-existing code.
+
+Metrics/ClassLength:
+  Enabled: false # To allow for pre-existing code.
+
+Metrics/CyclomaticComplexity:
+  Enabled: false # To allow for pre-existing code.
+
+Metrics/MethodLength:
+  Enabled: false # To allow for pre-existing code.
+
+Metrics/PerceivedComplexity:
+  Enabled: false # To allow for pre-existing code.
+
+# Layout.
+
+Layout/LineLength:
+  Max: 150 # Default is 120.
+
+Layout/HashAlignment:
+  EnforcedHashRocketStyle: table # Default is key.
+  EnforcedColonStyle:      table # Default is key.
+
+Layout/ExtraSpacing:
+  ForceEqualSignAlignment: true # Default is false.
+
+Layout/IndentationStyle:
+  IndentationWidth: 2 # Default is <none>.
+
+# Style.
+
+Style/HashSyntax:
+  EnforcedStyle: ruby19_no_mixed_keys # Default is ruby19.
+
+Style/CollectionMethods:
+  Enabled: true # Default is false.
+
+Style/NumericLiterals:
+  MinDigits: 4 # Default is 5.
+
+Style/NegatedIf: # I disagree with this.
+  Enabled: false
+
+Style/IfUnlessModifier: # This doesn't always make sense.
+  Enabled: false
+
+Style/SymbolArray:
+  EnforcedStyle: brackets # Default is percent, but 1.9 doesn't support that.
+
+# Trailing commas are often good.
+Style/TrailingCommaInArguments:
+  Enabled: false
+Style/TrailingCommaInArrayLiteral:
+  Enabled: false
+Style/TrailingCommaInHashLiteral:
+  Enabled: false
+
+Style/SafeNavigation:
+  Enabled: false # Default is true, but this 1.9 doesn't support it.
+
+# Default is both which is probably fine, but it changes code and I don't want
+# to investigate any possible behavior change right now.
+Style/EmptyElse:
+  EnforcedStyle: empty
+
+Style/ConditionalAssignment:
+  Enabled: false # This produces kind of strange results.
+
+Style/Dir:
+  Enabled: false # This is good, but not supported on 1.9.
+
+Style/ExpandPathArguments:
+  Enabled: false # This causes us to use __dir__ which 1.9 doesn't support.
+
+Style/GuardClause:
+  Enabled: false # Doesn't always make sense.
+
+Style/Documentation:
+  Enabled: false # We should enable this, but allow for pre-existing code.
+
+Style/FormatStringToken:
+  Enabled: false # Seems unnecessary.
+
+# Asks to use x.negative? instead of x < 0. But this isn't available until 2.3.
+Style/NumericPredicate:
+  Enabled: false
+
+# Seems unnecessary. Asks us to call super in a bunch of places when there's no
+# need.
+Lint/MissingSuper:
+  Enabled: false
+
+# Naming.
+
+Naming/VariableNumber:
+  Enabled: false # Doesn't always make sense.
+
+AllCops:
+  NewCops: enable

data/CHANGELOG.md

@@ -1,5 +1,62 @@
 # Minfraud Changelog
 
+## v1.5.0 (2021-02-02)
+
+* Add the `hash_address` attribute to `Minfraud::Components::Email`. If
+  this is `true`, the MD5 hash of the `address` will be sent instead of the
+  plain text `address`. Use this if you prefer to send the hash of the
+  `address` rather than the plain text. Note that this normalizes the
+  `address`, so we recommend using it as opposed to hashing the `address`
+  manually.
+* The email `domain` input is now automatically set if the email `address`
+  input is set but the `domain` is not.
+* Adds new payment processors `:apple_pay` and `:aps_payments` to
+  `Minfraud::Components::Payment`.
+* Added support for the IP address risk reasons in the minFraud Insights
+  and Factors responses. This is available at `.ip_address.risk_reasons`.
+  It is an array of `IPRiskReason` objects.
+
+## v1.4.1 (2020-12-01)
+
+* Do not throw an exception if the response does not include IP address
+  information. Previously we would incorrectly try to retrieve fields from
+  `nil`, leading to a `NoMethodError`.
+
+## v1.4.0 (2020-10-13)
+
+* IMPORTANT: Ruby 2.0 is no longer supported. If you're using Ruby 2.0,
+  please use version 1.3.0.
+* Add handling for the `REQUEST_INVALID` error code.
+* The IP address is no longer a required input.
+* Adds new payment processor `:tsys` to `Minfraud::Components::Payment`.
+
+## v1.3.0 (2020-09-25)
+
+* Adds support for persistent HTTP connections. Connections persist
+  automatically.
+* IMPORTANT: Ruby 1.9 is no longer supported. If you're using Ruby 1.9,
+  please use version 1.2.0 or older.
+* Adds support for client side validation of inputs. An `InvalidInputError`
+  exception will be raised if an input is invalid. This can be enabled by
+  setting `enable_validation` to `true` when configuring `Minfraud`. It is
+  disabled by default.
+* Adds the `residential_proxy?` method to `MaxMind::GeoIP2::Record::Traits`
+  for use with minFraud Insights and Factors.
+
+## v1.2.0 (2020-07-15)
+
+* Adds new processor types to `Minfraud::Components::Payment`: `:cashfree`,
+  `:first_atlantic_commerce`, `:komoju`, `:paytm`, `:razorpay`, and
+  `:systempay`.
+* Adds support for three new Factors outputs: `/subscores/device` (the risk
+  associated with the device), `/subscores/email_local_part` (the risk
+  associated with the part of the email address before the @ symbol) and
+  `/subscores/shipping_address` (the risk associated with the shipping
+  address).
+* Adds support for providing your MaxMind account ID using the `account_id`
+  attribute instead of the `user_id` attribute. In a future release,
+  support for the `user_id` attribute will be removed.
+
 ## v1.1.0 (2020-06-19)
 
 * Adds support for the minFraud Report Transaction API. Reporting

data/Gemfile

@@ -1,10 +1,12 @@
+# frozen_string_literal: true
+
 source 'https://rubygems.org'
 
 # coveralls fails on Ruby 1.9. My understanding is we don't need to run this on
 # more than one version anyway, so restrict to the current latest.
 version_pieces = RUBY_VERSION.split('.')
-major_version = version_pieces[0]
-minor_version = version_pieces[1]
+major_version  = version_pieces[0]
+minor_version  = version_pieces[1]
 if major_version == '2' && minor_version == '7'
   gem 'coveralls', require: false
 end

data/README.dev.md

@@ -1,4 +1,4 @@
 # How to release
 
 See
-[here](https://github.com/maxmind/MaxMind-DB-Reader-ruby/blob/master/README.dev.md).
+[here](https://github.com/maxmind/MaxMind-DB-Reader-ruby/blob/main/README.dev.md).

data/README.md

@@ -10,10 +10,6 @@ API](https://dev.maxmind.com/minfraud/report-transaction/).
 The legacy minFraud Standard and Premium services are not supported by this
 API.
 
-## Requirements
-
-This gem works with Ruby 1.9 and above.
-
 ## Installation
 
 Add this line to your application's Gemfile:
@@ -24,71 +20,171 @@ gem 'minfraud'
 
 And then execute:
 
-```ruby
+```
 $ bundle
 ```
 
 Or install it yourself as:
+
 ```
 $ gem install minfraud
 ```
 
+## API Documentation
+
+See the [API documentation](https://www.rubydoc.info/gems/minfraud) for
+more details.
+
 ## Usage
 
 ### Configuration
 
 An account ID and license key are required to work with the web services.
+Configure these before making a request:
 
 ```ruby
 Minfraud.configure do |c|
+  c.account_id  = 12345
   c.license_key = 'your_license_key'
-  c.user_id     = 'your_user_id'
+  c.enable_validation = true
 end
 ````
 
 ### Making a minFraud Score, Insights, or Factors Request
 
+To use the minFraud API, create a `Minfraud::Assessments` object. The
+constructor takes a hash of symbols corresponding to each component of the
+minFraud request. You can also set components by their attribute after
+creating the object.
+
+After populating the object, call the method for the minFraud endpoint you
+want to use: `#score`, `#insights`, or `#factors`. The returned value is a
+`MinFraud::Response` object. You can access the response model through its
+`#body` attribute.
+
+An exception will be thrown for critical errors. You should check for
+`warnings` related to your inputs after a request.
+
 ```ruby
-# You can either provide a hash of parameters to the initializer
+# Prepare the request.
 assessment = Minfraud::Assessments.new(
   device: {
-    ip_address: '1.2.3.4.5'
-  }
+    ip_address:      '152.216.7.110',
+    accept_language: 'en-US,en;q=0.8',
+    session_age:     3600.5,
+    session_id:      'foo',
+    user_agent:      'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.89 Safari/537.36',
+  },
+  event: {
+    transaction_id: 'txn3134133',
+    shop_id:        's2123',
+    time:           '2012-04-12T23:20:50+00:00',
+    type:           :purchase,
+  },
+  account: {
+    user_id:      '3132',
+    username_md5: '4f9726678c438914fa04bdb8c1a24088',
+  },
+  email: {
+    address: 'test@maxmind.com',
+    domain:  'maxmind.com',
+  },
+  billing: {
+    first_name:         'First',
+    last_name:          'Last',
+    company:            'Company',
+    address:            '101 Address Rd.',
+    address_2:          'Unit 5',
+    city:               'New Haven',
+    region:             'CT',
+    country:            'US',
+    postal:             '06510',
+    phone_number:       '123-456-7890',
+    phone_country_code: '1',
+  },
+  shipping: {
+    first_name:         'ShipFirst',
+    last_name:          'ShipLast',
+    company:            'ShipCo',
+    address:            '322 Ship Addr. Ln.',
+    address_2:          'St. 43',
+    city:               'Nowhere',
+    region:             'OK',
+    country:            'US',
+    postal:             '73003',
+    phone_number:       '123-456-0000',
+    phone_country_code: '1',
+    delivery_speed:     :same_day,
+  },
+  payment: {
+    processor:      :stripe,
+    was_authorized: false,
+    decline_code:   'invalid number',
+  },
+  credit_card: {
+    issuer_id_number:        '411111',
+    last_4_digits:           '7643',
+    bank_name:               'Bank of No Hope',
+    bank_phone_country_code: '1',
+    bank_phone_number:       '123-456-1234',
+    token:                   'abcd',
+    avs_result:              'Y',
+    cvv_result:              'N',
+  },
+  order: {
+    amount:           323.21,
+    currency:         'USD',
+    discount_code:    'FIRST',
+    is_gift:          true,
+    has_gift_message: false,
+    affiliate_id:     'af12',
+    subaffiliate_id:  'saf42',
+    referrer_uri:     'http://www.amazon.com/',
+  },
+  shopping_cart: [
+    {
+      category: 'pets',
+      item_id:  'leash-0231',
+      quantity: 2,
+      price:    20.43,
+    },
+    {
+      category: 'beauty',
+      item_id:  'msc-1232',
+      quantity: 1,
+      price:    100.00,
+    },
+  ],
+  custom_inputs: {
+    section:            'news',
+    previous_purchases: 19,
+    discount:           3.2,
+    previous_user:      true,
+  },
 )
-# or create a component and assign them to the assessments object directly
-device = Minfraud::Components::Device.new(ip_address: '1.2.3.4.5')
-assessment = Minfraud::Assessments.new(device: device)
-# or
-assessment = Minfraud::Assessments.new
-assessment.device = device
-
-# There are multiple components that reflect the minFraud request top level
-# keys.
-
-# Some components will raise an error if provided with the wrong values for
-# attributes, e.g
-event = Minfraud::Components::Event.new(type: 'foobar') # => Minfraud::NotEnumValueError
-
-# You can check the list of permitted values for the attribute by calling a
-# class method
-Minfraud::Components::Event.type_values # => ["account_creation", "account_login", ....]
-
-# You can now call 3 different minFraud endpoints: score, insights and factors
-assessment.score
-assessment.insights
-assessment.factors
-
-result = assessment.score # => Minfraud::Response instance
-
-result.status  # => Response status code
-result.code    # => minFraud-specific response code
-result.body    # => Response body
-result.headers # => Response headers
-
-# You can change data between requests
-first_request = assessment.insights
-assessment.device.ip_address = '22.22.22.33'
-second_request = assessment.insights
+
+# To get the Factors response model, use #factors.
+factors_model = assessment.factors.body
+
+factors_model.warnings.each { |w| puts w.warning }
+
+p factors_model.subscores.email_address
+p factors_model.risk_score
+
+# To get the Insights response model, use #insights.
+insights_model = assessment.insights.body
+
+insights_model.warnings.each { |w| puts w.warning }
+
+p insights_model.credit_card.issuer.name
+p insights_model.risk_score
+
+# To get the Score response model, use #score.
+score_model = assessment.score.body
+
+score_model.warnings.each { |w| puts w.warning }
+
+p score_model.risk_score
 ```
 
 See the [API documentation](https://www.rubydoc.info/gems/minfraud) for
@@ -97,23 +193,21 @@ more details.
 ### Reporting a Transaction to MaxMind
 
 MaxMind encourages the use of this API, as data received through this
-channel is continually used to improve the accuracy of their fraud
-detection algorithms.
+channel is used to improve the accuracy of their fraud detection
+algorithms.
 
-To use the Report Transactions API, create a new
+To use the Report Transaction API, create a
 `Minfraud::Components::Report::Transaction` object. An IP address and a
-valid tag are required arguments for this API. Additional params may also
-be set, as documented below.
+valid tag are required arguments for this API. Additional parameters may be
+set, as shown below.
 
 If the report is successful, nothing is returned. If the report fails, an
-exception with be thrown.
-
-See the API documentation for more details.
+exception will be thrown.
 
 ```ruby
 # The report_transaction method only makes use of a transaction component:
 txn = Minfraud::Components::Report::Transaction.new(
-  ip_address:     '1.2.3.4',
+  ip_address:     '152.216.7.110',
   tag:            :suspected_fraud,
   maxmind_id:     '12345678',
   minfraud_id:    '58fa38d8-4b87-458b-a22b-f00eda1aa20d',
@@ -127,13 +221,20 @@ reporter.report_transaction
 See the [API documentation](https://www.rubydoc.info/gems/minfraud) for
 more details.
 
+### Persistent HTTP Connections
+
+This gem supports persistent HTTP connections, allowing you to avoid the
+overhead of creating a new HTTP connection for each minFraud request if you
+plan to perform more than one. You do not need to do anything to enable
+this functionality.
+
 ### Exceptions
 
 The gem supplies several distinct exception-types:
 
-* `RequestFormatError` - Raised if unpermitted key is provided to the
-  `Minfraud::Assessments` initializer
-* `ClientError` - Raised if the IP address is absent, reserved or the JSON
+* `RequestFormatError` - Raised if an unknown key is provided to the
+  `Minfraud::Assessments` constructor
+* `ClientError` - Raised if the IP address is absent, reserved, or the JSON
   body cannot be decoded
 * `AuthorizationError` - Raised if there are problems with the account ID
   and/or license key
@@ -142,6 +243,16 @@ The gem supplies several distinct exception-types:
 * `NotEnumValueError` - Raised if an attribute value doesn't belong to the
   predefined set of values
 
+### Thread Safety
+
+This gem is safe for use from multiple threads.
+
+`Minfraud::Assessments` and `Minfraud::Report` objects must not be shared
+across threads.
+
+Please note that you must run `Minfraud.configure` before calling any
+functionality using multiple threads.
+
 ## Support
 
 Please report all issues with this code using the
@@ -151,6 +262,10 @@ If you are having an issue with the minFraud service that is not specific
 to the client API, please see
 [our support page](https://www.maxmind.com/en/support).
 
+## Requirements
+
+This gem works with Ruby 2.1 and above.
+
 ## Contributing
 
 Bug reports and pull requests are welcome on