rack-ai 0.1.0

data/lib/rack/ai/features/security.rb

@@ -0,0 +1,275 @@
+# frozen_string_literal: true
+
+module Rack
+  module AI
+    module Features
+      class Security
+        attr_reader :name, :provider, :config
+
+        def initialize(provider, config)
+          @name = :security
+          @provider = provider
+          @config = config
+        end
+
+        def enabled?
+          @config.feature_enabled?(:security)
+        end
+
+        def process_response?
+          false
+        end
+
+        def process_request(env)
+          request_data = @provider.build_request_data(env)
+          
+          # Detect various security threats
+          anomaly_result = @provider.detect_anomalies(request_data)
+          injection_result = detect_injection_attacks(env)
+          rate_limit_result = check_rate_limiting(env)
+          
+          # Combine all security checks
+          threat_level = determine_overall_threat_level([
+            anomaly_result[:threat_level],
+            injection_result[:threat_level],
+            rate_limit_result[:threat_level]
+          ])
+
+          result = {
+            threat_level: threat_level,
+            anomaly_detection: anomaly_result,
+            injection_detection: injection_result,
+            rate_limiting: rate_limit_result,
+            action: determine_security_action(threat_level),
+            feature: @name,
+            timestamp: Time.now.iso8601
+          }
+
+          # Add detailed security metadata
+          result[:security_headers] = analyze_security_headers(env)
+          result[:suspicious_patterns] = identify_suspicious_patterns(env)
+
+          result
+        end
+
+        private
+
+        def detect_injection_attacks(env)
+          threats = []
+          threat_level = :low
+
+          # SQL Injection detection
+          sql_patterns = [
+            /union\s+select/i,
+            /drop\s+table/i,
+            /insert\s+into/i,
+            /delete\s+from/i,
+            /'\s*or\s*'1'\s*=\s*'1/i,
+            /'\s*;\s*drop/i
+          ]
+
+          # XSS detection
+          xss_patterns = [
+            /<script[^>]*>/i,
+            /javascript:/i,
+            /on\w+\s*=/i,
+            /<iframe[^>]*>/i,
+            /eval\s*\(/i
+          ]
+
+          # Command injection detection
+          cmd_patterns = [
+            /;\s*cat\s+/i,
+            /;\s*ls\s+/i,
+            /;\s*rm\s+/i,
+            /\|\s*nc\s+/i,
+            /&&\s*curl/i
+          ]
+
+          # Check query string and body
+          content_to_check = []
+          content_to_check << env["QUERY_STRING"] if env["QUERY_STRING"]
+          
+          if %w[POST PUT PATCH].include?(env["REQUEST_METHOD"])
+            input = env["rack.input"]
+            if input && input.respond_to?(:read)
+              body_content = input.read
+              input.rewind if input.respond_to?(:rewind)
+              content_to_check << body_content
+            end
+          end
+
+          content_to_check.each do |content|
+            next if content.nil? || content.empty?
+
+            if sql_patterns.any? { |pattern| content.match?(pattern) }
+              threats << "sql_injection"
+              threat_level = :high
+            end
+
+            if xss_patterns.any? { |pattern| content.match?(pattern) }
+              threats << "xss_attempt"
+              threat_level = [:high, threat_level].max
+            end
+
+            if cmd_patterns.any? { |pattern| content.match?(pattern) }
+              threats << "command_injection"
+              threat_level = :high
+            end
+          end
+
+          # Check for prompt injection if this looks like an LLM endpoint
+          if llm_endpoint?(env) && content_to_check.any? { |c| prompt_injection?(c) }
+            threats << "prompt_injection"
+            threat_level = [:medium, threat_level].max
+          end
+
+          {
+            threats: threats,
+            threat_level: threat_level,
+            patterns_detected: threats.size
+          }
+        end
+
+        def check_rate_limiting(env)
+          client_ip = env["REMOTE_ADDR"]
+          user_agent = env["HTTP_USER_AGENT"]
+          
+          # Simple in-memory rate limiting (in production, use Redis)
+          @rate_limiter ||= {}
+          current_time = Time.now.to_i
+          window_size = 60 # 1 minute window
+
+          # Clean old entries
+          @rate_limiter.delete_if { |key, data| current_time - data[:window_start] > window_size }
+
+          # Check rate for IP
+          ip_key = "ip:#{client_ip}"
+          ip_data = @rate_limiter[ip_key] ||= { count: 0, window_start: current_time }
+          
+          if current_time - ip_data[:window_start] > window_size
+            ip_data[:count] = 0
+            ip_data[:window_start] = current_time
+          end
+          
+          ip_data[:count] += 1
+
+          # Determine threat level based on request rate
+          rate_limit = @config.rate_limit
+          threat_level = if ip_data[:count] > rate_limit * 2
+                          :high
+                        elsif ip_data[:count] > rate_limit
+                          :medium
+                        else
+                          :low
+                        end
+
+          {
+            client_ip: client_ip,
+            request_count: ip_data[:count],
+            window_start: ip_data[:window_start],
+            threat_level: threat_level,
+            rate_exceeded: ip_data[:count] > rate_limit
+          }
+        end
+
+        def determine_overall_threat_level(threat_levels)
+          return :high if threat_levels.include?(:high)
+          return :medium if threat_levels.include?(:medium)
+          :low
+        end
+
+        def determine_security_action(threat_level)
+          case threat_level
+          when :high
+            :block
+          when :medium
+            :flag
+          else
+            :allow
+          end
+        end
+
+        def analyze_security_headers(env)
+          headers = {}
+          
+          # Check for security-related headers
+          security_headers = %w[
+            HTTP_X_FORWARDED_FOR
+            HTTP_X_REAL_IP
+            HTTP_X_FORWARDED_PROTO
+            HTTP_AUTHORIZATION
+            HTTP_X_API_KEY
+          ]
+
+          security_headers.each do |header|
+            headers[header.downcase] = env[header] if env[header]
+          end
+
+          {
+            present_headers: headers.keys,
+            forwarded_for: env["HTTP_X_FORWARDED_FOR"],
+            real_ip: env["HTTP_X_REAL_IP"],
+            has_auth: !!(env["HTTP_AUTHORIZATION"] || env["HTTP_X_API_KEY"])
+          }
+        end
+
+        def identify_suspicious_patterns(env)
+          patterns = []
+
+          # Check for suspicious user agents
+          user_agent = env["HTTP_USER_AGENT"] || ""
+          if user_agent.empty?
+            patterns << "missing_user_agent"
+          elsif user_agent.match?(/curl|wget|python|bot|crawler/i)
+            patterns << "automated_client"
+          end
+
+          # Check for suspicious paths
+          path = env["PATH_INFO"] || ""
+          if path.match?(/\.\.|\/etc\/|\/proc\/|\/var\//)
+            patterns << "path_traversal_attempt"
+          end
+
+          if path.match?(/admin|config|backup|\.env|\.git/)
+            patterns << "sensitive_path_access"
+          end
+
+          # Check for unusual request methods
+          method = env["REQUEST_METHOD"]
+          if %w[TRACE CONNECT].include?(method)
+            patterns << "unusual_http_method"
+          end
+
+          # Check for missing referer on POST requests
+          if method == "POST" && !env["HTTP_REFERER"]
+            patterns << "missing_referer_on_post"
+          end
+
+          patterns
+        end
+
+        def llm_endpoint?(env)
+          path = env["PATH_INFO"] || ""
+          path.match?(/\/api\/.*(?:chat|completion|generate|prompt)/i)
+        end
+
+        def prompt_injection?(content)
+          # Common prompt injection patterns
+          injection_patterns = [
+            /ignore\s+previous\s+instructions/i,
+            /forget\s+everything/i,
+            /you\s+are\s+now/i,
+            /system\s*:\s*you/i,
+            /\[INST\]/i,
+            /\<\|system\|\>/i,
+            /act\s+as\s+if/i,
+            /pretend\s+to\s+be/i
+          ]
+
+          injection_patterns.any? { |pattern| content.match?(pattern) }
+        end
+      end
+    end
+  end
+end

data/lib/rack/ai/middleware.rb

@@ -0,0 +1,268 @@
+# frozen_string_literal: true
+
+require "concurrent"
+
+module Rack
+  module AI
+    class Middleware
+      attr_reader :app, :config, :provider, :features
+
+      def initialize(app, **options)
+        @app = app
+        @config = build_config(options)
+        @provider = build_provider
+        @features = build_features
+        @thread_pool = Concurrent::ThreadPoolExecutor.new(
+          min_threads: 2,
+          max_threads: 10,
+          max_queue: 100
+        )
+        
+        validate_configuration!
+      end
+
+      def call(env)
+        # Initialize AI context in env
+        env["rack.ai"] = {
+          results: {},
+          metadata: {},
+          start_time: Time.now
+        }
+
+        # Process request through AI features
+        blocked_response = process_request(env) if should_process_request?(env)
+        
+        # Return blocked response if request should be blocked
+        return blocked_response if blocked_response
+
+        # Call the next middleware/app
+        status, headers, body = @app.call(env)
+
+        # Process response through AI features
+        process_response(env, status, headers, body) if should_process_response?(env)
+
+        # Add AI headers if configured
+        add_ai_headers(headers, env) if @config.explain_decisions
+
+        [status, headers, body]
+      rescue => e
+        handle_error(e, env)
+        # Fail-safe: continue with original request if AI processing fails
+        @config.fail_safe ? @app.call(env) : raise
+      ensure
+        # Record metrics
+        record_metrics(env) if @config.metrics_enabled
+      end
+
+      private
+
+      def build_config(options)
+        config = Configuration.new
+        options.each { |key, value| config.public_send("#{key}=", value) if config.respond_to?("#{key}=") }
+        config
+      end
+
+      def build_provider
+        case @config.provider
+        when :openai
+          Providers::OpenAI.new(@config.provider_config)
+        when :huggingface
+          Providers::HuggingFace.new(@config.provider_config)
+        when :local
+          Providers::Local.new(@config.provider_config)
+        else
+          raise ConfigurationError, "Unknown provider: #{@config.provider}"
+        end
+      end
+
+      def build_features
+        feature_map = {
+          classification: Features::Classification,
+          moderation: Features::Moderation,
+          caching: Features::Caching,
+          routing: Features::Routing,
+          logging: Features::Logging,
+          enhancement: Features::Enhancement,
+          security: Features::Security
+        }
+
+        features = @config.features.map do |feature_name|
+          feature_class = feature_map[feature_name.to_sym]
+          raise ConfigurationError, "Unknown feature: #{feature_name}" unless feature_class
+          
+          feature_class.new(@provider, @config)
+        end
+        
+        Utils::Logger.debug("Built features: #{features.map(&:name)}")
+        features
+      end
+
+      def validate_configuration!
+        @config.validate!
+        @provider.validate! if @provider.respond_to?(:validate!)
+      end
+
+      def should_process_request?(env)
+        # Skip processing for certain paths or conditions
+        return false if env["PATH_INFO"] == "/health"
+        return false if env["REQUEST_METHOD"] == "OPTIONS"
+        true
+      end
+
+      def should_process_response?(env)
+        # Only process responses if features require it
+        @features.any? { |feature| feature.process_response? }
+      end
+
+      def process_request(env)
+        if @config.async_processing
+          process_request_async(env)
+        else
+          process_request_sync(env)
+        end
+      end
+
+      def process_request_sync(env)
+        blocked_response = nil
+        
+        @features.each do |feature|
+          next unless feature.enabled?
+          
+          begin
+            result = feature.process_request(env)
+            env["rack.ai"][:results][feature.name] = result
+            
+            # Handle blocking decisions (e.g., block malicious requests)
+            if result[:action] == :block
+              blocked_response = build_blocked_response(result)
+              break
+            end
+          rescue => e
+            handle_feature_error(feature, e, env)
+          end
+        end
+        
+        blocked_response
+      end
+
+      def process_request_async(env)
+        blocked_response = nil
+        futures = @features.map do |feature|
+          next unless feature.enabled?
+          
+          Concurrent::Future.execute(executor: @thread_pool) do
+            begin
+              feature.process_request(env)
+            rescue => e
+              { error: e.message, feature: feature.name }
+            end
+          end
+        end.compact
+
+        # Wait for critical features (security, moderation)
+        critical_features = [:security, :moderation]
+        futures.each_with_index do |future, index|
+          feature = @features[index]
+          next unless critical_features.include?(feature.name)
+          
+          result = future.value(@config.timeout)
+          env["rack.ai"][:results][feature.name] = result
+          
+          if result[:action] == :block
+            blocked_response = build_blocked_response(result)
+            break
+          end
+        end
+
+        # Collect remaining results asynchronously
+        Concurrent::Future.execute(executor: @thread_pool) do
+          futures.each_with_index do |future, index|
+            feature = @features[index]
+            next if critical_features.include?(feature.name)
+            
+            result = future.value
+            env["rack.ai"][:results][feature.name] = result
+          end
+        end
+        
+        blocked_response
+      end
+
+      def process_response(env, status, headers, body)
+        @features.each do |feature|
+          next unless feature.enabled? && feature.process_response?
+          
+          begin
+            result = feature.process_response(env, status, headers, body)
+            env["rack.ai"][:results]["#{feature.name}_response"] = result
+          rescue => e
+            handle_feature_error(feature, e, env)
+          end
+        end
+      end
+
+      def build_blocked_response(result)
+        status = result[:status] || 403
+        headers = { "Content-Type" => "application/json" }
+        body = [{
+          error: "Request blocked by AI security",
+          reason: result[:reason],
+          request_id: result[:request_id]
+        }.to_json]
+        
+        [status, headers, body]
+      end
+
+      def add_ai_headers(headers, env)
+        ai_results = env["rack.ai"][:results]
+        headers["X-AI-Processed"] = "true"
+        headers["X-AI-Features"] = @config.features.join(",")
+        headers["X-AI-Processing-Time"] = "#{((Time.now - env["rack.ai"][:start_time]) * 1000).round(2)}ms"
+        
+        if @config.explain_decisions
+          explanations = ai_results.map { |feature, result| "#{feature}:#{result[:confidence] || 'N/A'}" }
+          headers["X-AI-Decisions"] = explanations.join(";")
+        end
+      end
+
+      def handle_error(error, env)
+        Utils::Logger.error("Rack::AI middleware error", {
+          error: error.message,
+          backtrace: error.backtrace&.first(5),
+          request_path: env["PATH_INFO"],
+          request_method: env["REQUEST_METHOD"]
+        })
+      end
+
+      def handle_feature_error(feature, error, env)
+        Utils::Logger.warn("Feature #{feature.name} error", {
+          error: error.message,
+          feature: feature.name,
+          request_path: env["PATH_INFO"]
+        })
+        
+        env["rack.ai"][:results][feature.name] = {
+          error: error.message,
+          processed: false
+        }
+        
+        # Re-raise error if fail_safe is disabled
+        raise error unless @config.fail_safe
+      end
+
+      def record_metrics(env)
+        processing_time = Time.now - env["rack.ai"][:start_time]
+        Utils::Metrics.record("rack_ai.processing_time", processing_time)
+        Utils::Metrics.increment("rack_ai.requests_processed")
+        
+        @features.each do |feature|
+          result = env["rack.ai"][:results][feature.name]
+          next unless result && !result[:error]
+          
+          Utils::Metrics.increment("rack_ai.feature.#{feature.name}.processed")
+          Utils::Metrics.record("rack_ai.feature.#{feature.name}.confidence", result[:confidence]) if result[:confidence]
+        end
+      end
+    end
+  end
+end

data/lib/rack/ai/providers/base.rb

@@ -0,0 +1,107 @@
+# frozen_string_literal: true
+
+module Rack
+  module AI
+    module Providers
+      class Base
+        attr_reader :config
+
+        def initialize(config)
+          @config = config
+        end
+
+        # Abstract methods that must be implemented by subclasses
+        def classify_request(request_data)
+          raise NotImplementedError, "#{self.class} must implement #classify_request"
+        end
+
+        def moderate_content(content, options = {})
+          raise NotImplementedError, "#{self.class} must implement #moderate_content"
+        end
+
+        def analyze_patterns(data)
+          raise NotImplementedError, "#{self.class} must implement #analyze_patterns"
+        end
+
+        def detect_anomalies(request_data)
+          raise NotImplementedError, "#{self.class} must implement #detect_anomalies"
+        end
+
+        def enhance_content(content, enhancement_type)
+          raise NotImplementedError, "#{self.class} must implement #enhance_content"
+        end
+
+        # Common validation method
+        def validate!
+          raise ConfigurationError, "API key is required" if requires_api_key? && !@config[:api_key]
+          raise ConfigurationError, "API URL is required" if requires_api_url? && !@config[:api_url]
+        end
+
+        # Health check
+        def healthy?
+          ping
+        rescue
+          false
+        end
+
+        def ping
+          raise NotImplementedError, "#{self.class} must implement #ping"
+        end
+
+        def build_request_data(env)
+          {
+            method: env["REQUEST_METHOD"],
+            path: env["PATH_INFO"],
+            query_string: env["QUERY_STRING"],
+            user_agent: env["HTTP_USER_AGENT"],
+            remote_ip: env["REMOTE_ADDR"],
+            headers: extract_safe_headers(env),
+            timestamp: Time.now.iso8601
+          }
+        end
+
+        protected
+
+        def requires_api_key?
+          true
+        end
+
+        def requires_api_url?
+          false
+        end
+
+        def extract_safe_headers(env)
+          safe_headers = {}
+          env.each do |key, value|
+            next unless key.start_with?("HTTP_")
+            
+            header_name = key.sub("HTTP_", "").downcase
+            next if sensitive_header?(header_name)
+            
+            safe_headers[header_name] = value
+          end
+          safe_headers
+        end
+
+        def sensitive_header?(header_name)
+          %w[authorization cookie session_id x_api_key].include?(header_name)
+        end
+
+        def handle_api_error(response)
+          case response.status
+          when 401
+            raise ProviderError, "Authentication failed - check API key"
+          when 403
+            raise ProviderError, "Access forbidden - insufficient permissions"
+          when 429
+            raise ProviderError, "Rate limit exceeded - please retry later"
+          when 500..599
+            raise ProviderError, "Provider service error - #{response.status}"
+          else
+            raise ProviderError, "Unexpected response - #{response.status}: #{response.body}"
+          end
+        end
+      end
+    end
+  end
+end