minfraud 1.2.0 → 1.3.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 5523cb6babed5c559ba622141b2db65a2396cbb016c6215ec641ba765fc01d10
-  data.tar.gz: 54dbf8b2cc34be45a428da2017f09b7cb2d7445c94ff7f37dda0a26c28a3fbfe
+  metadata.gz: e5fce80d6ea146e9d31c969019ccefb4a79789645ecbb1db17e1221e90d46e7e
+  data.tar.gz: c1c4082e3a4b4305a530ed84f7a126c2f08872930ecc0df50e3fa20a9ece19cd
 SHA512:
-  metadata.gz: 80142ac976fb6df365a3192a96dbf62c8ea7935f4ca9fea89333d0e2f2e64f5e4af402dc03814f58f268e354ed7adcb5c61134fb2d526c0a06b48581cad3fc54
-  data.tar.gz: a9b6caf26aaee87f5ebc479391cda46d3489cf591315772c481d722b343399edfc5ad40fca8eac0d740d826c0021bcf33d3aade2419247d26d1787328763599b
+  metadata.gz: c3996a9546ab76d48a2cd1721612a6d1833c37715f9f4da957dbe584be5a5c8523c552989c766af1f1c72f83b8b20eede3721543f0db86e381a2e8c333d4526b
+  data.tar.gz: 960d79206d07a0ec8b00cb48948dc6699c23693fcf64910a5469d728f6c2028a530f50d3f0079aa59acbd603544c29a88df659686bc8a4f3998bf4804af42a16

data/.rubocop.yml

@@ -90,38 +90,19 @@ Style/Documentation:
 Style/FormatStringToken:
   Enabled: false # Seems unnecessary.
 
+# Asks to use x.negative? instead of x < 0. But this isn't available until 2.3.
+Style/NumericPredicate:
+  Enabled: false
+
+# Seems unnecessary. Asks us to call super in a bunch of places when there's no
+# need.
+Lint/MissingSuper:
+  Enabled: false
+
 # Naming.
 
 Naming/VariableNumber:
   Enabled: false # Doesn't always make sense.
 
-# These are new and rubocop warns if you don't configure them.
-
-Layout/EmptyLinesAroundAttributeAccessor:
-  Enabled: true
-Layout/SpaceAroundMethodCallOperator:
-  Enabled: true
-Lint/DeprecatedOpenSSLConstant:
-  Enabled: true
-Lint/MixedRegexpCaptureTypes:
-  Enabled: true
-Lint/RaiseException:
-  Enabled: true
-Lint/StructNewOverride:
-  Enabled: true
-Style/ExponentialNotation:
-  Enabled: true
-Style/HashEachMethods:
-  Enabled: true
-Style/HashTransformKeys:
-  Enabled: true
-Style/HashTransformValues:
-  Enabled: true
-Style/RedundantFetchBlock:
-  Enabled: true
-Style/RedundantRegexpCharacterClass:
-  Enabled: true
-Style/RedundantRegexpEscape:
-  Enabled: true
-Style/SlicingWithRange:
-  Enabled: true
+AllCops:
+  NewCops: enable

data/.travis.yml

@@ -1,7 +1,6 @@
 language: ruby
 
 rvm:
-  - 1.9
   - 2.0
   - 2.1
   - 2.2

data/CHANGELOG.md

@@ -1,5 +1,18 @@
 # Minfraud Changelog
 
+## v1.3.0 (2020-09-25)
+
+* Adds support for persistent HTTP connections. Connections persist
+  automatically.
+* IMPORTANT: Ruby 1.9 is no longer supported. If you're using Ruby 1.9,
+  please use version 1.2.0 or older.
+* Adds support for client side validation of inputs. An `InvalidInputError`
+  exception will be raised if an input is invalid. This can be enabled by
+  setting `enable_validation` to `true` when configuring `Minfraud`. It is
+  disabled by default.
+* Adds the `residential_proxy?` method to `MaxMind::GeoIP2::Record::Traits`
+  for use with minFraud Insights and Factors.
+
 ## v1.2.0 (2020-07-15)
 
 * Adds new processor types to `Minfraud::Components::Payment`: `:cashfree`,

data/README.md

@@ -10,10 +10,6 @@ API](https://dev.maxmind.com/minfraud/report-transaction/).
 The legacy minFraud Standard and Premium services are not supported by this
 API.
 
-## Requirements
-
-This gem works with Ruby 1.9 and above.
-
 ## Installation
 
 Add this line to your application's Gemfile:
@@ -24,71 +20,171 @@ gem 'minfraud'
 
 And then execute:
 
-```ruby
+```
 $ bundle
 ```
 
 Or install it yourself as:
+
 ```
 $ gem install minfraud
 ```
 
+## API Documentation
+
+See the [API documentation](https://www.rubydoc.info/gems/minfraud) for
+more details.
+
 ## Usage
 
 ### Configuration
 
 An account ID and license key are required to work with the web services.
+Configure these before making a request:
 
 ```ruby
 Minfraud.configure do |c|
   c.account_id  = 12345
   c.license_key = 'your_license_key'
+  c.enable_validation = true
 end
 ````
 
 ### Making a minFraud Score, Insights, or Factors Request
 
+To use the minFraud API, create a `Minfraud::Assessments` object. The
+constructor takes a hash of symbols corresponding to each component of the
+minFraud request. You can also set components by their attribute after
+creating the object.
+
+After populating the object, call the method for the minFraud endpoint you
+want to use: `#score`, `#insights`, or `#factors`. The returned value is a
+`MinFraud::Response` object. You can access the response model through its
+`#body` attribute.
+
+An exception will be thrown for critical errors. You should check for
+`warnings` related to your inputs after a request.
+
 ```ruby
-# You can either provide a hash of parameters to the initializer
+# Prepare the request.
 assessment = Minfraud::Assessments.new(
   device: {
-    ip_address: '1.2.3.4.5'
-  }
+    ip_address:      '152.216.7.110',
+    accept_language: 'en-US,en;q=0.8',
+    session_age:     3600.5,
+    session_id:      'foo',
+    user_agent:      'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.89 Safari/537.36',
+  },
+  event: {
+    transaction_id: 'txn3134133',
+    shop_id:        's2123',
+    time:           '2012-04-12T23:20:50+00:00',
+    type:           :purchase,
+  },
+  account: {
+    user_id:      '3132',
+    username_md5: '4f9726678c438914fa04bdb8c1a24088',
+  },
+  email: {
+    address: 'test@maxmind.com',
+    domain:  'maxmind.com',
+  },
+  billing: {
+    first_name:         'First',
+    last_name:          'Last',
+    company:            'Company',
+    address:            '101 Address Rd.',
+    address_2:          'Unit 5',
+    city:               'New Haven',
+    region:             'CT',
+    country:            'US',
+    postal:             '06510',
+    phone_number:       '123-456-7890',
+    phone_country_code: '1',
+  },
+  shipping: {
+    first_name:         'ShipFirst',
+    last_name:          'ShipLast',
+    company:            'ShipCo',
+    address:            '322 Ship Addr. Ln.',
+    address_2:          'St. 43',
+    city:               'Nowhere',
+    region:             'OK',
+    country:            'US',
+    postal:             '73003',
+    phone_number:       '123-456-0000',
+    phone_country_code: '1',
+    delivery_speed:     :same_day,
+  },
+  payment: {
+    processor:      :stripe,
+    was_authorized: false,
+    decline_code:   'invalid number',
+  },
+  credit_card: {
+    issuer_id_number:        '411111',
+    last_4_digits:           '7643',
+    bank_name:               'Bank of No Hope',
+    bank_phone_country_code: '1',
+    bank_phone_number:       '123-456-1234',
+    token:                   'abcd',
+    avs_result:              'Y',
+    cvv_result:              'N',
+  },
+  order: {
+    amount:           323.21,
+    currency:         'USD',
+    discount_code:    'FIRST',
+    is_gift:          true,
+    has_gift_message: false,
+    affiliate_id:     'af12',
+    subaffiliate_id:  'saf42',
+    referrer_uri:     'http://www.amazon.com/',
+  },
+  shopping_cart: [
+    {
+      category: 'pets',
+      item_id:  'leash-0231',
+      quantity: 2,
+      price:    20.43,
+    },
+    {
+      category: 'beauty',
+      item_id:  'msc-1232',
+      quantity: 1,
+      price:    100.00,
+    },
+  ],
+  custom_inputs: {
+    section:            'news',
+    previous_purchases: 19,
+    discount:           3.2,
+    previous_user:      true,
+  },
 )
-# or create a component and assign them to the assessments object directly
-device = Minfraud::Components::Device.new(ip_address: '1.2.3.4.5')
-assessment = Minfraud::Assessments.new(device: device)
-# or
-assessment = Minfraud::Assessments.new
-assessment.device = device
-
-# There are multiple components that reflect the minFraud request top level
-# keys.
-
-# Some components will raise an error if provided with the wrong values for
-# attributes, e.g
-event = Minfraud::Components::Event.new(type: 'foobar') # => Minfraud::NotEnumValueError
-
-# You can check the list of permitted values for the attribute by calling a
-# class method
-Minfraud::Components::Event.type_values # => ["account_creation", "account_login", ....]
-
-# You can now call 3 different minFraud endpoints: score, insights and factors
-assessment.score
-assessment.insights
-assessment.factors
-
-result = assessment.score # => Minfraud::Response instance
-
-result.status  # => Response status code
-result.code    # => minFraud-specific response code
-result.body    # => Response body
-result.headers # => Response headers
-
-# You can change data between requests
-first_request = assessment.insights
-assessment.device.ip_address = '22.22.22.33'
-second_request = assessment.insights
+
+# To get the Factors response model, use #factors.
+factors_model = assessment.factors.body
+
+factors_model.warnings.each { |w| puts w.warning }
+
+p factors_model.subscores.email_address
+p factors_model.risk_score
+
+# To get the Insights response model, use #insights.
+insights_model = assessment.insights.body
+
+insights_model.warnings.each { |w| puts w.warning }
+
+p insights_model.credit_card.issuer.name
+p insights_model.risk_score
+
+# To get the Score response model, use #score.
+score_model = assessment.score.body
+
+score_model.warnings.each { |w| puts w.warning }
+
+p score_model.risk_score
 ```
 
 See the [API documentation](https://www.rubydoc.info/gems/minfraud) for
@@ -97,23 +193,21 @@ more details.
 ### Reporting a Transaction to MaxMind
 
 MaxMind encourages the use of this API, as data received through this
-channel is continually used to improve the accuracy of their fraud
-detection algorithms.
+channel is used to improve the accuracy of their fraud detection
+algorithms.
 
-To use the Report Transactions API, create a new
+To use the Report Transaction API, create a
 `Minfraud::Components::Report::Transaction` object. An IP address and a
-valid tag are required arguments for this API. Additional params may also
-be set, as documented below.
+valid tag are required arguments for this API. Additional parameters may be
+set, as shown below.
 
 If the report is successful, nothing is returned. If the report fails, an
-exception with be thrown.
-
-See the API documentation for more details.
+exception will be thrown.
 
 ```ruby
 # The report_transaction method only makes use of a transaction component:
 txn = Minfraud::Components::Report::Transaction.new(
-  ip_address:     '1.2.3.4',
+  ip_address:     '152.216.7.110',
   tag:            :suspected_fraud,
   maxmind_id:     '12345678',
   minfraud_id:    '58fa38d8-4b87-458b-a22b-f00eda1aa20d',
@@ -127,13 +221,20 @@ reporter.report_transaction
 See the [API documentation](https://www.rubydoc.info/gems/minfraud) for
 more details.
 
+### Persistent HTTP Connections
+
+This gem supports persistent HTTP connections, allowing you to avoid the
+overhead of creating a new HTTP connection for each minFraud request if you
+plan to perform more than one. You do not need to do anything to enable
+this functionality.
+
 ### Exceptions
 
 The gem supplies several distinct exception-types:
 
-* `RequestFormatError` - Raised if unpermitted key is provided to the
-  `Minfraud::Assessments` initializer
-* `ClientError` - Raised if the IP address is absent, reserved or the JSON
+* `RequestFormatError` - Raised if an unknown key is provided to the
+  `Minfraud::Assessments` constructor
+* `ClientError` - Raised if the IP address is absent, reserved, or the JSON
   body cannot be decoded
 * `AuthorizationError` - Raised if there are problems with the account ID
   and/or license key
@@ -142,6 +243,16 @@ The gem supplies several distinct exception-types:
 * `NotEnumValueError` - Raised if an attribute value doesn't belong to the
   predefined set of values
 
+### Thread Safety
+
+This gem is safe for use from multiple threads.
+
+`Minfraud::Assessments` and `Minfraud::Report` objects must not be shared
+across threads.
+
+Please note that you must run `Minfraud.configure` before calling any
+functionality using multiple threads.
+
 ## Support
 
 Please report all issues with this code using the
@@ -151,6 +262,10 @@ If you are having an issue with the minFraud service that is not specific
 to the client API, please see
 [our support page](https://www.maxmind.com/en/support).
 
+## Requirements
+
+This gem works with Ruby 2.0 and above.
+
 ## Contributing
 
 Bug reports and pull requests are welcome on

data/lib/maxmind/geoip2/record/traits.rb

@@ -139,6 +139,15 @@ module MaxMind
           get('is_public_proxy')
         end
 
+        # This is true if the IP address is on a suspected anonymizing network
+        # and belongs to a residential ISP. This property is only available
+        # from GeoIP2 Precision Insights.
+        #
+        # @return [Boolean]
+        def residential_proxy?
+          get('is_residential_proxy')
+        end
+
         # This is true if the IP address is a Tor exit node. This property is only
         # available from GeoIP2 Precision Insights.
         #

data/lib/minfraud.rb

@@ -1,7 +1,9 @@
 # frozen_string_literal: true
 
+require 'faraday'
 require 'minfraud'
 require 'minfraud/enum'
+require 'minfraud/validates'
 require 'minfraud/components/base'
 require 'minfraud/components/account'
 require 'minfraud/components/addressable'
@@ -27,6 +29,8 @@ require 'minfraud/error_handler'
 require 'minfraud/assessments'
 require 'minfraud/report'
 
+# This class holds global configuration parameters and provides a namespace
+# for the gem's classes.
 module Minfraud
   class << self
     # The MaxMind account ID that is used for authorization.
@@ -34,6 +38,11 @@ module Minfraud
     # @return [Integer, nil]
     attr_accessor :account_id
 
+    # Enable client side validation. This is disabled by default.
+    #
+    # @return [Boolean, nil]
+    attr_accessor :enable_validation
+
     # The host to use when connecting to the web service.
     #
     # @return [String, nil]
@@ -52,11 +61,17 @@ module Minfraud
     # @return [String, nil]
     attr_accessor :license_key
 
+    # @!visibility private
+    attr_reader :connection
+
     # Yield self to accept configuration settings.
     #
     # @yield [self]
     def configure
       yield self
+
+      config      = Minfraud::HTTPService.configuration
+      @connection = Faraday.new(config[:server], {}, &config[:middleware])
     end
 
     # The current Minfraud configuration.