rack-ai 0.1.0

data/examples/sinatra_integration.rb

@@ -0,0 +1,458 @@
+# frozen_string_literal: true
+
+# Sinatra Integration Example for Rack::AI
+# 
+# This example shows how to integrate Rack::AI with a Sinatra application
+# for lightweight AI-powered request processing and security.
+
+require "sinatra/base"
+require "rack/ai"
+require "json"
+
+class AIEnhancedApp < Sinatra::Base
+  # Configure Rack::AI middleware
+  use Rack::AI::Middleware,
+    provider: :openai,
+    api_key: ENV["OPENAI_API_KEY"],
+    features: [:classification, :security, :moderation],
+    fail_safe: true,
+    async_processing: false  # Synchronous for simpler Sinatra apps
+
+  # Global configuration
+  configure do
+    Rack::AI.configure do |config|
+      config.provider = :openai
+      config.api_key = ENV["OPENAI_API_KEY"]
+      config.features = [:classification, :security, :moderation, :logging]
+      config.fail_safe = true
+      config.async_processing = false
+      
+      # Simplified configuration for Sinatra
+      config.classification.confidence_threshold = 0.7
+      config.moderation.toxicity_threshold = 0.8
+      config.sanitize_logs = true
+      config.log_level = :info
+    end
+
+    # Enable JSON parsing
+    set :parse_json_body, true
+  end
+
+  # Helper methods for AI results
+  helpers do
+    def ai_results
+      @ai_results ||= request.env["rack.ai"]&.dig(:results) || {}
+    end
+
+    def classified_as?(type)
+      ai_results[:classification]&.dig(:classification) == type.to_sym
+    end
+
+    def threat_level
+      ai_results[:security]&.dig(:threat_level) || :low
+    end
+
+    def content_flagged?
+      ai_results[:moderation]&.dig(:flagged) || false
+    end
+
+    def ai_confidence(feature)
+      ai_results[feature.to_sym]&.dig(:confidence) || 0.0
+    end
+
+    def block_if_threat!
+      case threat_level
+      when :high
+        halt 403, json({ error: "Security threat detected", code: "HIGH_THREAT" })
+      when :medium
+        headers["X-Security-Warning"] = "Medium threat detected"
+      end
+    end
+
+    def block_if_spam!
+      if classified_as?(:spam) && ai_confidence(:classification) > 0.8
+        halt 403, json({ error: "Request blocked as spam", code: "SPAM_DETECTED" })
+      end
+    end
+
+    def json(data)
+      content_type :json
+      data.to_json
+    end
+  end
+
+  # Before filter to check AI results
+  before do
+    # Block high-security threats immediately
+    block_if_threat!
+    
+    # Block obvious spam
+    block_if_spam!
+    
+    # Log suspicious activity
+    if classified_as?(:suspicious)
+      logger.warn "Suspicious request: #{request.ip} -> #{request.path}"
+    end
+    
+    # Add AI headers for debugging
+    if settings.development?
+      headers["X-AI-Classification"] = ai_results[:classification]&.dig(:classification).to_s
+      headers["X-AI-Threat-Level"] = threat_level.to_s
+    end
+  end
+
+  # Routes
+
+  # Home page with AI-enhanced content
+  get "/" do
+    erb :index, locals: { 
+      classification: ai_results[:classification],
+      is_bot: classified_as?(:bot)
+    }
+  end
+
+  # API endpoint with AI protection
+  get "/api/data" do
+    # Different responses based on classification
+    case ai_results[:classification]&.dig(:classification)
+    when :bot
+      # Simplified response for bots
+      json({
+        message: "Bot-optimized response",
+        data: { items: 10, cached: true },
+        timestamp: Time.now.iso8601
+      })
+    when :human
+      # Full response for humans
+      json({
+        message: "Welcome human user!",
+        data: generate_full_data,
+        metadata: {
+          classification: "human",
+          confidence: ai_confidence(:classification)
+        },
+        timestamp: Time.now.iso8601
+      })
+    else
+      # Default response
+      json({
+        message: "Standard API response",
+        data: generate_standard_data,
+        timestamp: Time.now.iso8601
+      })
+    end
+  end
+
+  # Content submission with AI moderation
+  post "/api/content" do
+    # Check for content moderation violations
+    if content_flagged?
+      moderation = ai_results[:moderation]
+      halt 400, json({
+        error: "Content moderation violation",
+        categories: moderation[:categories],
+        code: "CONTENT_FLAGGED"
+      })
+    end
+
+    # Process the content
+    content = params[:content] || request.body.read
+    
+    # Store with AI metadata
+    result = store_content(content, ai_results)
+    
+    json({
+      message: "Content stored successfully",
+      id: result[:id],
+      ai_analysis: {
+        classification: ai_results[:classification]&.dig(:classification),
+        moderation_passed: !content_flagged?
+      }
+    })
+  end
+
+  # Admin endpoint with enhanced security
+  get "/admin/*" do
+    # Extra security for admin routes
+    if threat_level != :low
+      halt 403, json({ error: "Access denied due to security concerns" })
+    end
+
+    if classified_as?(:bot) && ai_confidence(:classification) > 0.9
+      halt 403, json({ error: "Bot access not allowed to admin area" })
+    end
+
+    # Admin functionality here
+    json({ message: "Admin access granted", path: params[:splat].first })
+  end
+
+  # AI insights endpoint
+  get "/ai/insights" do
+    content_type :json
+    
+    insights = {
+      current_request: {
+        classification: ai_results[:classification],
+        security: ai_results[:security],
+        moderation: ai_results[:moderation]
+      },
+      processing_time: Time.now - request.env["rack.ai"][:start_time],
+      features_enabled: Rack::AI.configuration.features
+    }
+    
+    insights.to_json
+  end
+
+  # Health check endpoint (bypasses AI processing)
+  get "/health" do
+    json({ status: "ok", timestamp: Time.now.iso8601 })
+  end
+
+  # Error handlers with AI context
+  error 403 do
+    ai_context = {
+      classification: ai_results[:classification]&.dig(:classification),
+      threat_level: threat_level,
+      request_id: request.env["rack.ai"]&.dig(:metadata, :request_id)
+    }
+
+    json({
+      error: "Forbidden",
+      message: "Access denied by AI security system",
+      ai_context: ai_context,
+      timestamp: Time.now.iso8601
+    })
+  end
+
+  error 500 do
+    logger.error "Server error with AI context: #{ai_results}"
+    
+    json({
+      error: "Internal Server Error",
+      message: "An error occurred while processing your request",
+      timestamp: Time.now.iso8601
+    })
+  end
+
+  # Private helper methods
+  private
+
+  def generate_full_data
+    {
+      users: [
+        { id: 1, name: "Alice", role: "admin" },
+        { id: 2, name: "Bob", role: "user" }
+      ],
+      posts: [
+        { id: 1, title: "Welcome Post", author_id: 1 },
+        { id: 2, title: "Getting Started", author_id: 2 }
+      ],
+      metadata: {
+        total_users: 2,
+        total_posts: 2,
+        generated_at: Time.now.iso8601
+      }
+    }
+  end
+
+  def generate_standard_data
+    {
+      summary: "Basic data summary",
+      count: 42,
+      status: "active"
+    }
+  end
+
+  def store_content(content, ai_metadata)
+    # Simulate content storage with AI metadata
+    {
+      id: SecureRandom.uuid,
+      content: content[0..100], # Store first 100 chars for demo
+      ai_metadata: {
+        classification: ai_metadata[:classification]&.dig(:classification),
+        confidence: ai_metadata[:classification]&.dig(:confidence),
+        moderation_passed: !ai_metadata[:moderation]&.dig(:flagged),
+        stored_at: Time.now.iso8601
+      }
+    }
+  end
+end
+
+# Example of a specialized AI-powered API
+class AISecurityAPI < Sinatra::Base
+  # More restrictive AI configuration for security API
+  use Rack::AI::Middleware,
+    provider: :openai,
+    api_key: ENV["OPENAI_API_KEY"],
+    features: [:security, :classification],
+    fail_safe: false,  # Strict mode - fail if AI is unavailable
+    async_processing: false
+
+  configure do
+    Rack::AI.configure do |config|
+      config.classification.confidence_threshold = 0.9  # Higher threshold
+      config.security.rate_limit = 100  # Lower rate limit
+    end
+  end
+
+  helpers do
+    def require_high_confidence!
+      classification = request.env["rack.ai"]&.dig(:results, :classification)
+      confidence = classification&.dig(:confidence) || 0.0
+      
+      if confidence < 0.9
+        halt 403, { error: "High confidence classification required" }.to_json
+      end
+    end
+
+    def security_analysis
+      request.env["rack.ai"]&.dig(:results, :security) || {}
+    end
+  end
+
+  before do
+    content_type :json
+    require_high_confidence!
+  end
+
+  get "/security/analyze" do
+    {
+      security_analysis: security_analysis,
+      threat_assessment: {
+        level: security_analysis[:threat_level],
+        confidence: security_analysis[:confidence],
+        recommendations: generate_security_recommendations
+      },
+      timestamp: Time.now.iso8601
+    }.to_json
+  end
+
+  post "/security/report" do
+    incident_data = JSON.parse(request.body.read)
+    
+    # Enhanced incident analysis with AI
+    analysis = {
+      incident: incident_data,
+      ai_analysis: security_analysis,
+      severity: calculate_severity(incident_data, security_analysis),
+      response_required: security_analysis[:threat_level] == :high
+    }
+    
+    # Store incident report
+    incident_id = store_security_incident(analysis)
+    
+    {
+      incident_id: incident_id,
+      analysis: analysis,
+      timestamp: Time.now.iso8601
+    }.to_json
+  end
+
+  private
+
+  def generate_security_recommendations
+    case security_analysis[:threat_level]
+    when :high
+      ["Block IP immediately", "Review access logs", "Alert security team"]
+    when :medium
+      ["Monitor closely", "Require additional authentication"]
+    else
+      ["Continue normal monitoring"]
+    end
+  end
+
+  def calculate_severity(incident_data, ai_analysis)
+    base_severity = incident_data["severity"] || "low"
+    ai_threat = ai_analysis[:threat_level] || :low
+    
+    return "critical" if ai_threat == :high
+    return "high" if ai_threat == :medium && base_severity != "low"
+    
+    base_severity
+  end
+
+  def store_security_incident(analysis)
+    # Simulate storing security incident
+    SecureRandom.uuid
+  end
+end
+
+# Example Rack application with custom AI middleware
+class CustomAIApp
+  def initialize
+    @app = Rack::Builder.new do
+      # Custom AI configuration
+      use Rack::AI::Middleware,
+        provider: :huggingface,  # Using HuggingFace instead of OpenAI
+        api_key: ENV["HUGGINGFACE_API_KEY"],
+        features: [:classification, :moderation],
+        fail_safe: true
+
+      # Custom middleware that uses AI results
+      use CustomAIProcessor
+      
+      # Main application
+      run lambda { |env|
+        ai_results = env["rack.ai"]&.dig(:results) || {}
+        
+        response_body = {
+          message: "Hello from Custom AI App!",
+          ai_results: ai_results,
+          timestamp: Time.now.iso8601
+        }.to_json
+
+        [200, { "Content-Type" => "application/json" }, [response_body]]
+      }
+    end
+  end
+
+  def call(env)
+    @app.call(env)
+  end
+end
+
+# Custom middleware that processes AI results
+class CustomAIProcessor
+  def initialize(app)
+    @app = app
+  end
+
+  def call(env)
+    status, headers, body = @app.call(env)
+    
+    # Add custom AI processing
+    ai_results = env["rack.ai"]&.dig(:results) || {}
+    
+    # Custom header based on AI classification
+    if ai_results[:classification]
+      classification = ai_results[:classification][:classification]
+      headers["X-Custom-AI-Class"] = classification.to_s.upcase
+      
+      # Custom rate limiting based on classification
+      if classification == :bot
+        headers["X-RateLimit-Remaining"] = "100"
+      elsif classification == :human
+        headers["X-RateLimit-Remaining"] = "1000"
+      end
+    end
+
+    [status, headers, body]
+  end
+end
+
+# Run the application
+if __FILE__ == $0
+  # Choose which app to run based on environment variable
+  app_type = ENV["APP_TYPE"] || "main"
+  
+  app = case app_type
+        when "security"
+          AISecurityAPI
+        when "custom"
+          CustomAIApp.new
+        else
+          AIEnhancedApp
+        end
+  
+  Rack::Handler::WEBrick.run app, Port: 4567
+end

data/lib/rack/ai/configuration.rb

@@ -0,0 +1,208 @@
+# frozen_string_literal: true
+
+require "dry-configurable"
+require "dry-validation"
+require "ostruct"
+
+module Rack
+  module AI
+    class Configuration
+      extend Dry::Configurable
+
+      # AI Provider settings
+      setting :provider, default: :openai
+      setting :api_key, default: nil
+      setting :api_url, default: nil
+      setting :timeout, default: 30
+      setting :retries, default: 3
+
+      # Feature toggles
+      setting :features, default: [:classification, :moderation]
+      setting :fail_safe, default: true
+      setting :async_processing, default: true
+
+      # Security settings
+      setting :sanitize_logs, default: true
+      setting :allowed_data_types, default: [:headers, :query_params]
+      setting :blocked_data_types, default: [:body, :cookies]
+
+      # Performance settings
+      setting :cache_enabled, default: true
+      setting :cache_ttl, default: 3600
+      setting :rate_limit, default: 1000
+      setting :batch_size, default: 10
+
+      # Logging and monitoring
+      setting :log_level, default: :info
+      setting :metrics_enabled, default: true
+      setting :explain_decisions, default: false
+
+      # Custom configurations per feature
+      setting :classification do
+        setting :confidence_threshold, default: 0.8
+        setting :categories, default: [:spam, :bot, :human, :suspicious]
+      end
+
+      setting :moderation do
+        setting :toxicity_threshold, default: 0.7
+        setting :check_response, default: false
+        setting :block_on_violation, default: true
+      end
+
+      setting :caching do
+        setting :predictive_enabled, default: true
+        setting :prefetch_threshold, default: 0.9
+        setting :redis_url, default: "redis://localhost:6379"
+      end
+
+      setting :routing do
+        setting :smart_routing_enabled, default: true
+        setting :suspicious_route, default: "/captcha"
+        setting :bot_route, default: "/api/bot"
+      end
+
+      # Instance methods for configuration access
+      attr_accessor :provider, :api_key, :api_url, :timeout, :retries, :features,
+                    :fail_safe, :async_processing, :sanitize_logs, :allowed_data_types,
+                    :blocked_data_types, :cache_enabled, :cache_ttl, :rate_limit,
+                    :batch_size, :log_level, :metrics_enabled, :explain_decisions
+
+      def initialize
+        # Set default values
+        @provider = :openai
+        @api_key = nil
+        @api_url = nil
+        @timeout = 30
+        @retries = 3
+        @features = [:classification, :moderation]
+        @fail_safe = true
+        @async_processing = true
+        @sanitize_logs = true
+        @allowed_data_types = [:headers, :query_params]
+        @blocked_data_types = [:body, :cookies]
+        @cache_enabled = true
+        @cache_ttl = 3600
+        @rate_limit = 1000
+        @batch_size = 10
+        @log_level = :info
+        @metrics_enabled = true
+        @explain_decisions = false
+        
+        # Initialize nested configurations
+        @classification = OpenStruct.new(
+          confidence_threshold: 0.8,
+          categories: [:spam, :bot, :human, :suspicious]
+        )
+        
+        @moderation = OpenStruct.new(
+          toxicity_threshold: 0.7,
+          check_response: false,
+          block_on_violation: true
+        )
+        
+        @caching = OpenStruct.new(
+          predictive_enabled: true,
+          prefetch_threshold: 0.9,
+          redis_url: "redis://localhost:6379"
+        )
+        
+        @routing = OpenStruct.new(
+          smart_routing_enabled: true,
+          suspicious_route: "/captcha",
+          bot_route: "/api/bot"
+        )
+      end
+
+      def classification
+        @classification
+      end
+
+      def moderation
+        @moderation
+      end
+
+      def caching
+        @caching
+      end
+
+      def routing
+        @routing
+      end
+
+      # For compatibility with middleware
+      def config
+        self
+      end
+
+      # Validation schema
+      ConfigSchema = Dry::Validation.Contract do
+        params do
+          required(:provider).filled(:symbol)
+          optional(:api_key).maybe(:string)
+          optional(:api_url).maybe(:string)
+          required(:timeout).filled(:integer)
+          required(:retries).filled(:integer)
+          required(:features).filled(:array)
+          required(:fail_safe).filled(:bool)
+        end
+
+        rule(:provider) do
+          key.failure("must be one of: openai, huggingface, local") unless [:openai, :huggingface, :local].include?(value)
+        end
+
+        rule(:timeout) do
+          key.failure("must be positive") if value <= 0
+        end
+
+        rule(:retries) do
+          key.failure("must be non-negative") if value < 0
+        end
+      end
+
+      def validate!
+        result = ConfigSchema.call(to_h)
+        return true if result.success?
+
+        errors = result.errors.to_h
+        raise ConfigurationError, "Invalid configuration: #{errors}"
+      end
+
+      def to_h
+        {
+          provider: @provider,
+          api_key: @api_key,
+          api_url: @api_url,
+          timeout: @timeout,
+          retries: @retries,
+          features: @features,
+          fail_safe: @fail_safe,
+          async_processing: @async_processing,
+          sanitize_logs: @sanitize_logs,
+          allowed_data_types: @allowed_data_types,
+          blocked_data_types: @blocked_data_types,
+          cache_enabled: @cache_enabled,
+          cache_ttl: @cache_ttl,
+          rate_limit: @rate_limit,
+          batch_size: @batch_size,
+          log_level: @log_level,
+          metrics_enabled: @metrics_enabled,
+          explain_decisions: @explain_decisions
+        }
+      end
+
+      def feature_enabled?(feature)
+        @features.include?(feature.to_sym)
+      end
+
+      def provider_config
+        {
+          provider: @provider,
+          api_key: @api_key,
+          api_url: @api_url,
+          timeout: @timeout,
+          retries: @retries
+        }
+      end
+    end
+  end
+end