otto 2.0.0.pre9 → 2.0.0.pre10

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: a99ac23967768247096e9bb9664a9efcc0452ea485496389ff3909209fd12d6c
-  data.tar.gz: 209178d26d3b46ddade717d471c8b10755ea6e79a43b8522a5f1d10dfca3d935
+  metadata.gz: d5e7fb7a7177b6488a5a3cdacc8e3a929d58f92d44fb03bb506effca3f6c3550
+  data.tar.gz: 351a23a9c8e12aff50296cde108e73478dac7cf052d687deb5855f3ccb35cd79
 SHA512:
-  metadata.gz: 6d7a07ad3b7b22dbae59038b9edaf26f5db11f041ae808e3c9430a862956a6e874c47afeae3731f1eff7cb065cb38c125c688ea54900e745288d2e17c4462416
-  data.tar.gz: 42867d3c6a0d1eb17c440e9b854c826abf5bc0c48b72fa5e76053b00926972a9ba18586f5fbb71f85cb6e5e54426e2c25fff30d77c865fcc21a0e24ab88233de
+  metadata.gz: 651edcf79562877a2046132ccc876f747545d1bed8f4821352af4c16f8e795bec5d02e82afcf27320b368af9e25853df3c71d26c4fa6b6f81878704322d0f29d
+  data.tar.gz: e763f2d28e2ff4dd0d16a98ff8ab9eda6d495d32e7be10b31a1c21516a075fb1f49a44464eeaf66d92f701821ab3fce91ab72c25d18430efa70e65b2a435cb94

data/CHANGELOG.rst

@@ -7,6 +7,25 @@ The format is based on `Keep a Changelog <https://keepachangelog.com/en/1.1.0/>`
 
    <!--scriv-insert-here-->
 
+.. _changelog-2.0.0.pre10:
+
+2.0.0.pre10 — 2025-12-09
+========================
+
+Added
+-----
+
+- ``Otto::Request`` and ``Otto::Response`` classes extending Rack equivalents
+- ``register_request_helpers`` and ``register_response_helpers`` for application-specific helpers
+- Helper modules included at class level (not per-request extension)
+
+Changed
+-------
+
+- Moved ``lib/otto/helpers/request.rb`` → ``lib/otto/request.rb``
+- Moved ``lib/otto/helpers/response.rb`` → ``lib/otto/response.rb``
+- All internal code now uses ``Otto::Request``/``Otto::Response`` instead of ``Rack::Request``/``Rack::Response``
+
 .. _changelog-2.0.0.pre9:
 
 2.0.0.pre9 — 2025-12-06

data/CLAUDE.md

@@ -14,6 +14,40 @@ otto.register_error_handler(YourApp::RateLimited, status: 429, log_level: :warn)
 
 Must be registered before first request (before configuration freezing).
 
+## Request/Response Helper Registration
+
+Register application helpers that integrate with Otto features (authentication, privacy, locale):
+
+```ruby
+module YourApp::RequestHelpers
+  def current_customer
+    user = strategy_result&.user
+    user.is_a?(YourApp::Customer) ? user : YourApp::Customer.anonymous
+  end
+end
+
+otto = Otto.new('routes.txt')
+otto.register_request_helpers(YourApp::RequestHelpers)
+otto.register_response_helpers(YourApp::ResponseHelpers)
+```
+
+Must be registered before first request.
+
+> [!NOTE]
+> **Helper availability by context:** The base `Otto::Request` and `Otto::Response` classes (with Otto's built-in helpers like `masked_ip`, `geo_country`) are available everywhere, including Rack middleware. However, custom helpers registered via `register_request_helpers` and `register_response_helpers` are only available in route handlers, error handlers, and components that have access to the Otto instance's dynamic request/response classes.
+
+### Reserved Method Names
+
+Helper modules should avoid overriding these methods inherited from Rack::Request/Rack::Response:
+
+**Request reserved methods**: `env`, `params`, `cookies`, `session`, `path`, `path_info`, `query_string`, `request_method`, `content_type`, `content_length`, `media_type`, `get?`, `post?`, `put?`, `delete?`, `head?`, `options?`, `patch?`, `xhr?`, `referer`, `user_agent`, `base_url`, `url`, `fullpath`, `ip`, `host`, `port`, `ssl?`, `scheme`
+
+**Response reserved methods**: `status`, `headers`, `body`, `finish`, `write`, `close`, `set_cookie`, `delete_cookie`, `redirect`, `content_type`, `content_length`, `location`
+
+**Otto-specific methods**: `request` (on Response), `app_path`, `masked_ip`, `hashed_ip`, `client_ipaddress`, `secure?`, `local?`, `ajax?`
+
+No runtime validation is performed for performance reasons. Overriding these methods will cause undefined behavior.
+
 ## Authentication Architecture
 
 Authentication is handled by `RouteAuthWrapper` at the handler level, NOT by middleware.
@@ -115,6 +149,16 @@ bundle exec rubocop
 bundle exec rspec
 ```
 
+## Git Commands
+
+Always use `--no-pager` with git commands to avoid interactive pager issues:
+
+```bash
+git --no-pager diff
+git --no-pager log
+git --no-pager show
+```
+
 ## Key Architecture Principles
 
 - **Security by Default**: IP privacy, configuration freezing, backtrace sanitization

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    otto (2.0.0.pre9)
+    otto (2.0.0.pre10)
       concurrent-ruby (~> 1.3, < 2.0)
       facets (~> 3.1)
       ipaddr (~> 1, < 2.0)
@@ -113,7 +113,7 @@ GEM
       rack
     rack-test (2.2.0)
       rack (>= 1.3)
-    rackup (2.2.1)
+    rackup (2.3.1)
       rack (>= 3)
     rainbow (3.1.1)
     rbs (3.9.5)

data/lib/otto/core/error_handler.rb

@@ -38,7 +38,7 @@ class Otto
 
         # Parse request for content negotiation
         begin
-          Rack::Request.new(env)
+          Otto::Request.new(env)
         rescue StandardError
           nil
         end
@@ -75,6 +75,89 @@ class Otto
         @server_error || secure_error_response(error_id)
       end
 
+      # Register an error handler for expected business logic errors
+      #
+      # This allows you to handle known error conditions (like missing resources,
+      # expired data, rate limits) without logging them as unhandled 500 errors.
+      #
+      # @param error_class [Class, String] The exception class or class name to handle
+      # @param status [Integer] HTTP status code to return (default: 500)
+      # @param log_level [Symbol] Log level for expected errors (:info, :warn, :error)
+      # @param handler [Proc] Optional block to customize error response
+      #
+      # @example Basic usage with status code
+      #   otto.register_error_handler(Onetime::MissingSecret, status: 404, log_level: :info)
+      #   otto.register_error_handler(Onetime::SecretExpired, status: 410, log_level: :info)
+      #
+      # @example With custom response handler
+      #   otto.register_error_handler(Onetime::RateLimited, status: 429, log_level: :warn) do |error, req|
+      #     {
+      #       error: 'Rate limit exceeded',
+      #       retry_after: error.retry_after,
+      #       message: error.message
+      #     }
+      #   end
+      #
+      # @example Using string class names (for lazy loading)
+      #   otto.register_error_handler('Onetime::MissingSecret', status: 404, log_level: :info)
+      #
+      def register_error_handler(error_class, status: 500, log_level: :info, &handler)
+        ensure_not_frozen!
+
+        # Normalize error class to string for consistent lookup
+        error_class_name = error_class.is_a?(String) ? error_class : error_class.name
+
+        @error_handlers[error_class_name] = {
+          status: status,
+          log_level: log_level,
+          handler: handler
+        }
+      end
+
+      private
+
+      # Register all Otto framework error classes with appropriate status codes
+      #
+      # This method auto-registers base HTTP error classes and all framework-specific
+      # error classes (Security, MCP) so that raising them automatically returns the
+      # correct HTTP status code instead of 500.
+      #
+      # Users can override these registrations by calling register_error_handler
+      # after Otto.new with custom status codes or log levels.
+      #
+      # @return [void]
+      # @api private
+      def register_framework_errors
+        # Base HTTP errors (for direct use or subclassing by implementing projects)
+        register_error_from_class(Otto::NotFoundError)
+        register_error_from_class(Otto::BadRequestError)
+        register_error_from_class(Otto::UnauthorizedError)
+        register_error_from_class(Otto::ForbiddenError)
+        register_error_from_class(Otto::PayloadTooLargeError)
+
+        # Security module errors
+        register_error_from_class(Otto::Security::AuthorizationError)
+        register_error_from_class(Otto::Security::CSRFError)
+        register_error_from_class(Otto::Security::RequestTooLargeError)
+        register_error_from_class(Otto::Security::ValidationError)
+
+        # MCP module errors
+        register_error_from_class(Otto::MCP::ValidationError)
+      end
+
+      # Register an error handler using the error class as the single source of truth
+      #
+      # @param error_class [Class] Error class that responds to default_status and default_log_level
+      # @return [void]
+      # @api private
+      def register_error_from_class(error_class)
+        register_error_handler(
+          error_class,
+          status: error_class.default_status,
+          log_level: error_class.default_log_level
+        )
+      end
+
       private
 
       # Handle expected business logic errors with custom status codes and logging
@@ -108,7 +191,7 @@ class Otto
         response_body = if handler_config[:handler]
                           # Use custom handler block if provided
                           begin
-                            req = Rack::Request.new(env)
+                            req = @request_class.new(env)
                             result = handler_config[:handler].call(error, req)
 
                             # Validate that custom handler returned a Hash

data/lib/otto/core/helper_registry.rb

@@ -0,0 +1,135 @@
+# lib/otto/core/helper_registry.rb
+#
+# frozen_string_literal: true
+
+class Otto
+  module Core
+    # Helper registration module for extending Otto's Request and Response classes.
+    # Provides the public API for registering custom helper modules.
+    module HelperRegistry
+      # Register request helper modules
+      #
+      # Registered modules are included in Otto::Request at the class level,
+      # making custom helpers available alongside Otto's built-in helpers.
+      # Must be called before first request (before configuration freezing).
+      #
+      # This is the official integration point for application-specific helpers
+      # that work with Otto internals (strategy_result, privacy features, etc.).
+      #
+      # @param modules [Module, Array<Module>] Module(s) containing helper methods
+      # @example
+      #   module Onetime::RequestHelpers
+      #     def current_customer
+      #       user.is_a?(Onetime::Customer) ? user : Onetime::Customer.anonymous
+      #     end
+      #
+      #     def organization
+      #       @organization ||= strategy_result&.metadata.dig(:organization_context, :organization)
+      #     end
+      #   end
+      #
+      #   otto.register_request_helpers(Onetime::RequestHelpers)
+      #
+      # @raise [ArgumentError] if module is not a Module
+      # @raise [FrozenError] if called after configuration is frozen
+      def register_request_helpers(*modules)
+        begin
+          ensure_not_frozen!
+        rescue FrozenError
+          raise FrozenError, 'Cannot register request helpers after first request'
+        end
+
+        modules.each do |mod|
+          unless mod.is_a?(Module)
+            raise ArgumentError, "Expected Module, got #{mod.class}"
+          end
+          @request_helper_modules << mod unless @request_helper_modules.include?(mod)
+        end
+
+        # Re-finalize to include newly registered helpers
+        finalize_request_response_classes
+      end
+
+      # Register response helper modules
+      #
+      # Registered modules are included in Otto::Response at the class level,
+      # making custom helpers available alongside Otto's built-in helpers.
+      # Must be called before first request (before configuration freezing).
+      #
+      # @param modules [Module, Array<Module>] Module(s) containing helper methods
+      # @example
+      #   module Onetime::ResponseHelpers
+      #     def json_success(data, status: 200)
+      #       headers['content-type'] = 'application/json'
+      #       self.status = status
+      #       write JSON.generate({ success: true, data: data })
+      #     end
+      #   end
+      #
+      #   otto.register_response_helpers(Onetime::ResponseHelpers)
+      #
+      # @raise [ArgumentError] if module is not a Module
+      # @raise [FrozenError] if called after configuration is frozen
+      def register_response_helpers(*modules)
+        begin
+          ensure_not_frozen!
+        rescue FrozenError
+          raise FrozenError, 'Cannot register response helpers after first request'
+        end
+
+        modules.each do |mod|
+          unless mod.is_a?(Module)
+            raise ArgumentError, "Expected Module, got #{mod.class}"
+          end
+          @response_helper_modules << mod unless @response_helper_modules.include?(mod)
+        end
+
+        # Re-finalize to include newly registered helpers
+        finalize_request_response_classes
+      end
+
+      # Get registered request helper modules (for debugging)
+      #
+      # @return [Array<Module>] Array of registered request helper modules
+      # @api private
+      def registered_request_helpers
+        @request_helper_modules.dup
+      end
+
+      # Get registered response helper modules (for debugging)
+      #
+      # @return [Array<Module>] Array of registered response helper modules
+      # @api private
+      def registered_response_helpers
+        @response_helper_modules.dup
+      end
+
+      private
+
+      # Finalize request and response classes with framework and custom helpers
+      #
+      # This method creates Otto's request and response classes by:
+      # 1. Subclassing Otto::Request/Response (which have framework helpers built-in)
+      # 2. Including any registered custom helper modules
+      #
+      # Called during initialization and can be called again if helpers are registered
+      # after initialization (before first request).
+      #
+      # @return [void]
+      # @api private
+      def finalize_request_response_classes
+        # Create request class with framework helpers
+        # Otto::Request has all framework helpers as instance methods
+        @request_class = Class.new(Otto::Request)
+
+        # Create response class with framework helpers
+        # Otto::Response has all framework helpers as instance methods
+        @response_class = Class.new(Otto::Response)
+
+        # Apply registered custom helpers (framework helpers always come first)
+        @request_helper_modules&.each { |mod| @request_class.include(mod) }
+        @response_helper_modules&.each { |mod| @response_class.include(mod) }
+      end
+    end
+  end
+end

data/lib/otto/core/lifecycle_hooks.rb

@@ -0,0 +1,63 @@
+# lib/otto/core/lifecycle_hooks.rb
+#
+# frozen_string_literal: true
+
+class Otto
+  module Core
+    # Lifecycle hooks module for registering callbacks at various points in request processing.
+    # Provides the public API for request completion callbacks.
+    module LifecycleHooks
+      # Register a callback to be executed after each request completes
+      #
+      # Instance-level request completion callbacks allow each Otto instance
+      # to have its own isolated set of callbacks, preventing duplicate
+      # invocations in multi-app architectures (e.g., Rack::URLMap).
+      #
+      # The callback receives three arguments:
+      # - request: Rack::Request object
+      # - response: Rack::Response object (wrapping the response tuple)
+      # - duration: Request processing duration in microseconds
+      #
+      # @example Basic usage
+      #   otto = Otto.new(routes_file)
+      #   otto.on_request_complete do |req, res, duration|
+      #     logger.info "Request completed", path: req.path, duration: duration
+      #   end
+      #
+      # @example Multi-app architecture
+      #   # App 1: Core Web Application
+      #   core_router = Otto.new
+      #   core_router.on_request_complete do |req, res, duration|
+      #     logger.info "Core app request", path: req.path
+      #   end
+      #
+      #   # App 2: API Application
+      #   api_router = Otto.new
+      #   api_router.on_request_complete do |req, res, duration|
+      #     logger.info "API request", path: req.path
+      #   end
+      #
+      #   # Each callback only fires for its respective Otto instance
+      #
+      # @yield [request, response, duration] Block to execute after each request
+      # @yieldparam request [Rack::Request] The request object
+      # @yieldparam response [Rack::Response] The response object
+      # @yieldparam duration [Integer] Duration in microseconds
+      # @return [self] Returns self for method chaining
+      # @raise [FrozenError] if called after configuration is frozen
+      def on_request_complete(&block)
+        ensure_not_frozen!
+        @request_complete_callbacks << block if block_given?
+        self
+      end
+
+      # Get registered request completion callbacks (for internal use)
+      #
+      # @api private
+      # @return [Array<Proc>] Array of registered callback blocks
+      def request_complete_callbacks
+        @request_complete_callbacks
+      end
+    end
+  end
+end

data/lib/otto/core/middleware_management.rb

@@ -0,0 +1,70 @@
+# lib/otto/core/middleware_management.rb
+#
+# frozen_string_literal: true
+
+class Otto
+  module Core
+    # Middleware management module for building and configuring the Rack middleware stack.
+    # Provides the public API for adding middleware and building the application.
+    module MiddlewareManagement
+      # Builds the middleware application chain
+      # Called once at initialization and whenever middleware stack changes
+      #
+      # IMPORTANT: If you have routes with auth requirements, you MUST add session
+      # middleware to your middleware stack BEFORE Otto processes requests.
+      #
+      # Session middleware is required for RouteAuthWrapper to correctly persist
+      # session changes during authentication. Common options include:
+      # - Rack::Session::Cookie (requires rack-session gem)
+      # - Rack::Session::Pool
+      # - Rack::Session::Memcache
+      # - Any Rack-compatible session middleware
+      #
+      # Example:
+      #   use Rack::Session::Cookie, secret: ENV['SESSION_SECRET']
+      #   otto = Otto.new('routes.txt')
+      #
+      def build_app!
+        base_app = method(:handle_request)
+        @app = @middleware.wrap(base_app, @security_config)
+      end
+
+      # Add middleware to the stack
+      #
+      # @param middleware [Class] Middleware class to add
+      # @param args Additional arguments passed to middleware constructor
+      def use(middleware, ...)
+        ensure_not_frozen!
+        @middleware.add(middleware, ...)
+
+        # NOTE: If build_app! is triggered during a request (via use() or
+        # middleware_stack=), the @app instance variable could be swapped
+        # mid-request in a multi-threaded environment.
+
+        build_app! if @app # Rebuild app if already initialized
+      end
+
+      # Compatibility method for existing tests
+      # @return [Array] List of middleware classes
+      def middleware_stack
+        @middleware.middleware_list
+      end
+
+      # Compatibility method for existing tests
+      # @param stack [Array] Array of middleware classes
+      def middleware_stack=(stack)
+        @middleware.clear!
+        Array(stack).each { |middleware| @middleware.add(middleware) }
+        build_app! if @app # Rebuild app if already initialized
+      end
+
+      # Check if a specific middleware is enabled
+      #
+      # @param middleware_class [Class] Middleware class to check
+      # @return [Boolean] true if middleware is in the stack
+      def middleware_enabled?(middleware_class)
+        @middleware.includes?(middleware_class)
+      end
+    end
+  end
+end

data/lib/otto/core.rb

@@ -8,3 +8,6 @@ require_relative 'core/configuration'
 require_relative 'core/error_handler'
 require_relative 'core/uri_generator'
 require_relative 'core/middleware_stack'
+require_relative 'core/helper_registry'
+require_relative 'core/middleware_management'
+require_relative 'core/lifecycle_hooks'

data/lib/otto/helpers.rb

@@ -2,5 +2,5 @@
 #
 # frozen_string_literal: true
 
-require_relative 'helpers/request'
-require_relative 'helpers/response'
+# Request and response helpers are now defined directly in Otto::Request and Otto::Response
+# This file is kept for backward compatibility with require statements

data/lib/otto/locale/middleware.rb

@@ -68,7 +68,7 @@ class Otto
       # @return [String] Resolved locale code
       def detect_locale(env)
         # 1. Check URL parameter
-        req = Rack::Request.new(env)
+        req = Otto::Request.new(env)
         locale = req.params['locale']
         return locale if valid_locale?(locale)
 

data/lib/otto/mcp/core.rb

@@ -0,0 +1,33 @@
+# lib/otto/mcp/core.rb
+#
+# frozen_string_literal: true
+
+class Otto
+  module MCP
+    # Core MCP (Model Context Protocol) methods included in the Otto class.
+    # Provides the public API for enabling and querying MCP server support.
+    module Core
+      # Enable MCP (Model Context Protocol) server support
+      #
+      # @param options [Hash] MCP configuration options
+      # @option options [Boolean] :http Enable HTTP endpoint (default: true)
+      # @option options [Boolean] :stdio Enable STDIO communication (default: false)
+      # @option options [String] :endpoint HTTP endpoint path (default: '/_mcp')
+      # @example
+      #   otto.enable_mcp!(http: true, endpoint: '/api/mcp')
+      def enable_mcp!(options = {})
+        ensure_not_frozen!
+        @mcp_server ||= Otto::MCP::Server.new(self)
+
+        @mcp_server.enable!(options)
+        Otto.logger.info '[MCP] Enabled MCP server' if Otto.debug
+      end
+
+      # Check if MCP is enabled
+      # @return [Boolean]
+      def mcp_enabled?
+        @mcp_server&.enabled?
+      end
+    end
+  end
+end

data/lib/otto/mcp/protocol.rb

@@ -17,7 +17,7 @@ class Otto
       end
 
       def handle_request(env)
-        request = Rack::Request.new(env)
+        request = @otto.request_class.new(env)
 
         unless request.post? && request.content_type&.include?('application/json')
           return error_response(nil, -32_600, 'Invalid Request', 'Only JSON-RPC POST requests supported')

data/lib/otto/mcp/schema_validation.rb

@@ -78,7 +78,7 @@ class Otto
         # Only validate MCP endpoints
         return @app.call(env) unless mcp_endpoint?(env)
 
-        request = Rack::Request.new(env)
+        request = Otto::Request.new(env)
 
         if request.post? && request.content_type&.include?('application/json')
           begin

data/lib/otto/mcp.rb

@@ -2,4 +2,5 @@
 #
 # frozen_string_literal: true
 
+require_relative 'mcp/core'
 require_relative 'mcp/server'

data/lib/otto/privacy/core.rb

@@ -0,0 +1,82 @@
+# lib/otto/privacy/core.rb
+#
+# frozen_string_literal: true
+
+class Otto
+  module Privacy
+    # Core privacy configuration methods included in the Otto class.
+    # Provides the public API for configuring IP privacy features.
+    module Core
+      # Disable IP privacy to access original IP addresses
+      #
+      # IMPORTANT: By default, Otto masks public IP addresses for privacy.
+      # Private/localhost IPs (127.0.0.0/8, 10.0.0.0/8, etc.) are never masked.
+      # Only disable this if you need access to original public IPs.
+      #
+      # When disabled:
+      # - env['REMOTE_ADDR'] contains the real IP address
+      # - env['otto.original_ip'] also contains the real IP
+      # - No PrivateFingerprint is created
+      #
+      # @example
+      #   otto.disable_ip_privacy!
+      def disable_ip_privacy!
+        ensure_not_frozen!
+        @security_config.ip_privacy_config.disable!
+      end
+
+      # Enable full IP privacy (mask ALL IPs including private/localhost)
+      #
+      # By default, Otto exempts private and localhost IPs from masking for
+      # better development experience. Call this method to mask ALL IPs
+      # regardless of type.
+      #
+      # @example Enable full privacy (mask all IPs)
+      #   otto = Otto.new(routes_file)
+      #   otto.enable_full_ip_privacy!
+      #   # Now 127.0.0.1 → 127.0.0.0, 192.168.1.100 → 192.168.1.0
+      #
+      # @return [void]
+      # @raise [FrozenError] if called after configuration is frozen
+      def enable_full_ip_privacy!
+        ensure_not_frozen!
+        @security_config.ip_privacy_config.mask_private_ips = true
+      end
+
+      # Configure IP privacy settings
+      #
+      # Privacy is enabled by default. Use this method to customize privacy
+      # behavior without disabling it entirely.
+      #
+      # @param octet_precision [Integer] Number of octets to mask (1 or 2, default: 1)
+      # @param hash_rotation [Integer] Seconds between key rotation (default: 86400)
+      # @param geo [Boolean] Enable geo-location resolution (default: true)
+      # @param redis [Redis] Redis connection for multi-server atomic key generation
+      #
+      # @example Mask 2 octets instead of 1
+      #   otto.configure_ip_privacy(octet_precision: 2)
+      #
+      # @example Disable geo-location
+      #   otto.configure_ip_privacy(geo: false)
+      #
+      # @example Custom hash rotation
+      #   otto.configure_ip_privacy(hash_rotation: 24.hours)
+      #
+      # @example Multi-server with Redis
+      #   redis = Redis.new(url: ENV['REDIS_URL'])
+      #   otto.configure_ip_privacy(redis: redis)
+      def configure_ip_privacy(octet_precision: nil, hash_rotation: nil, geo: nil, redis: nil)
+        ensure_not_frozen!
+        config = @security_config.ip_privacy_config
+
+        config.octet_precision = octet_precision if octet_precision
+        config.hash_rotation_period = hash_rotation if hash_rotation
+        config.geo_enabled = geo unless geo.nil?
+        config.instance_variable_set(:@redis, redis) if redis
+
+        # Validate configuration
+        config.validate!
+      end
+    end
+  end
+end

data/lib/otto/privacy.rb

@@ -2,6 +2,7 @@
 #
 # frozen_string_literal: true
 
+require_relative 'privacy/core'
 require_relative 'privacy/config'
 require_relative 'privacy/ip_privacy'
 require_relative 'privacy/geo_resolver'