RubyGems - robust_server_socket - Versions diffs - 0.3.2 → 0.4.2 - Mend

robust_server_socket 0.3.2 → 0.4.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (15) hide show

checksums.yaml +4 -4
data/README.en.md +614 -0
data/README.md +326 -0
data/lib/robust_server_socket/cacher.rb +132 -0
data/lib/robust_server_socket/client_token.rb +20 -41
data/lib/robust_server_socket/configuration.rb +22 -3
data/lib/robust_server_socket/modules/client_auth_protection.rb +20 -0
data/lib/robust_server_socket/modules/dos_attack_protection.rb +21 -0
data/lib/robust_server_socket/modules/replay_attack_protection.rb +50 -0
data/lib/robust_server_socket/rate_limiter.rb +6 -15
data/lib/robust_server_socket/secure_token/decrypt.rb +0 -2
data/lib/robust_server_socket.rb +22 -6
data/lib/version.rb +1 -1
metadata +8 -3
data/lib/robust_server_socket/secure_token/cacher.rb +0 -138

data/lib/robust_server_socket/rate_limiter.rb CHANGED Viewed

@@ -1,5 +1,3 @@
-require_relative 'secure_token/cacher'
 module RobustServerSocket
   class RateLimiter
     RateLimitExceeded = Class.new(StandardError)
@@ -8,6 +6,7 @@ module RobustServerSocket
       def check!(client_name)
         unless (attempts = check(client_name))
           actual_attempts = current_attempts(client_name)
           raise RateLimitExceeded, "Rate limit exceeded for #{client_name}: #{actual_attempts}/#{max_requests} requests per #{window_seconds}s"
         end
@@ -15,8 +14,6 @@ module RobustServerSocket
       end
       def check(client_name)
-        return 0 unless rate_limit_enabled?
         key = rate_limit_key(client_name)
         attempts = increment_attempts(key)
@@ -26,18 +23,16 @@ module RobustServerSocket
       end
       def current_attempts(client_name)
-        return 0 unless rate_limit_enabled?
         key = rate_limit_key(client_name)
-        SecureToken::Cacher.get(key).to_i
+        Cacher.get(key).to_i
       end
       def reset!(client_name)
         key = rate_limit_key(client_name)
-        SecureToken::Cacher.with_redis do |conn|
+        Cacher.with_redis do |conn|
           conn.del(key)
         end
-      rescue SecureToken::Cacher::RedisConnectionError => e
+      rescue Cacher::RedisConnectionError => e
         handle_redis_error(e, 'reset')
         nil
       end
@@ -45,13 +40,13 @@ module RobustServerSocket
       private
       def increment_attempts(key)
-        SecureToken::Cacher.with_redis do |conn|
+        Cacher.with_redis do |conn|
           attempts = conn.incr(key)
           # Set expiration only on first attempt to ensure atomic window
           conn.expire(key, window_seconds) if attempts == 1
           attempts
         end
-      rescue SecureToken::Cacher::RedisConnectionError => e
+      rescue Cacher::RedisConnectionError => e
         handle_redis_error(e, 'increment_attempts')
         0 # Fail open: allow request if Redis is down
       end
@@ -60,10 +55,6 @@ module RobustServerSocket
         "rate_limit:#{client_name}"
       end
-      def rate_limit_enabled?
-        RobustServerSocket.configuration.rate_limit_enabled
-      end
       def max_requests
         RobustServerSocket.configuration.rate_limit_max_requests
       end

data/lib/robust_server_socket/secure_token/decrypt.rb CHANGED Viewed

@@ -1,5 +1,3 @@
-require 'openssl'
 module RobustServerSocket
   module SecureToken
     BASE64_REGEXP = /\A[A-Za-z0-9+\/]*={0,2}\z/.freeze

data/lib/robust_server_socket.rb CHANGED Viewed

@@ -1,6 +1,13 @@
 # frozen_string_literal: true
+require 'base64'
+require 'openssl'
+require 'redis'
+require 'connection_pool'
 require_relative 'robust_server_socket/configuration'
+require_relative 'robust_server_socket/secure_token/decrypt'
+require_relative 'robust_server_socket/client_token'
 module RobustServerSocket
   extend RobustServerSocket::Configuration
@@ -10,12 +17,21 @@ module RobustServerSocket
   def load!
     raise 'You must correctly configure RobustServerSocket first!' unless configured?
-    require 'openssl'
-    require 'base64'
-    require 'redis'
-    require 'connection_pool'
+    configuration.using_modules.each do |mod|
+      raise ArgumentError, 'Module must be a Symbol!' unless mod.is_a?(Symbol)
+      require_relative "robust_server_socket/modules/#{mod}"
+      ClientToken.include eval(mod.to_s.split('_').map(&:capitalize).unshift('Modules::').join)
+    end
+    ClientToken.class_eval(<<~METHOD)
+      def modules_checks
+        #{(RobustServerSocket.configuration._modules_check_rows.empty? ? ['true'] : RobustServerSocket.configuration._modules_check_rows.map(&:strip)).join(' && ')}
+      end
-    require_relative 'robust_server_socket/rate_limiter'
-    require_relative 'robust_server_socket/client_token'
+      def modules_checks!
+        #{(RobustServerSocket.configuration._bang_modules_check_rows.empty? ? ['true'] : RobustServerSocket.configuration._bang_modules_check_rows).join}
+      end
+    METHOD
   end
 end

data/lib/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module RobustServerSocket
-  VERSION = '0.3.2'
+  VERSION = '0.4.2'
 end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: robust_server_socket
 version: !ruby/object:Gem::Version
-  version: 0.3.2
+  version: 0.4.2
 platform: ruby
 authors:
 - tee_zed
@@ -75,12 +75,17 @@ files:
 - ".rspec"
 - CODE_OF_CONDUCT.md
 - LICENSE.txt
+- README.en.md
+- README.md
 - Rakefile
 - lib/robust_server_socket.rb
+- lib/robust_server_socket/cacher.rb
 - lib/robust_server_socket/client_token.rb
 - lib/robust_server_socket/configuration.rb
+- lib/robust_server_socket/modules/client_auth_protection.rb
+- lib/robust_server_socket/modules/dos_attack_protection.rb
+- lib/robust_server_socket/modules/replay_attack_protection.rb
 - lib/robust_server_socket/rate_limiter.rb
-- lib/robust_server_socket/secure_token/cacher.rb
 - lib/robust_server_socket/secure_token/decrypt.rb
 - lib/version.rb
 - robust_server_socket.gemspec
@@ -101,7 +106,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.6.9
+rubygems_version: 4.0.6
 specification_version: 4
 summary: Robust Server Socket gem for RobustPro
 test_files: []

data/lib/robust_server_socket/secure_token/cacher.rb DELETED Viewed

@@ -1,138 +0,0 @@
-require 'redis'
-require 'connection_pool'
-module RobustServerSocket
-  module SecureToken
-    module Cacher
-      class RedisConnectionError < StandardError; end
-      class << self
-        # Atomically validate token: check expiration and usage, then mark as used
-        # Returns: 'ok', 'stale', or 'used'
-        def atomic_validate_and_log(key, ttl, timestamp, expiration_time)
-          current_time = Time.now.utc.to_i
-          redis.with do |conn|
-            conn.eval(
-              lua_atomic_validate,
-              keys: [key],
-              argv: [ttl, timestamp, expiration_time, current_time]
-            )
-          end
-        rescue ::Redis::BaseConnectionError => e
-          handle_redis_error(e, 'atomic_validate_and_log')
-          raise RedisConnectionError, "Failed to validate token: #{e.message}"
-        end
-        def incr(key, ttl = nil)
-          ttl_value = ttl || ttl_seconds
-          redis.with do |conn|
-            conn.pipelined do |pipeline|
-              pipeline.incrby(key, 1)
-              pipeline.expire(key, ttl_value)
-            end
-          end
-        rescue ::Redis::BaseConnectionError => e
-          handle_redis_error(e, 'incr')
-          raise RedisConnectionError, "Failed to increment key: #{e.message}"
-        end
-        def get(key)
-          redis.with do |conn|
-            conn.get(key)
-          end
-        rescue ::Redis::BaseConnectionError => e
-          handle_redis_error(e, 'get')
-          nil # Fallback for reads
-        end
-        def health_check
-          redis.with do |conn|
-            conn.ping == 'PONG'
-          end
-        rescue ::Redis::BaseConnectionError
-          false
-        end
-        def with_redis(&block)
-          redis.with(&block)
-        rescue ::Redis::BaseConnectionError => e
-          handle_redis_error(e, 'with_redis')
-          raise ::RedisConnectionError, "Redis operation failed: #{e.message}"
-        end
-        # Clear cached Redis connection pool (useful for hot reloading in development)
-        def clear_redis_pool_cache!
-          @pool = nil
-        end
-        private
-        def lua_atomic_validate
-          <<~LUA
-            local key = KEYS[1]
-            local ttl = tonumber(ARGV[1])
-            local timestamp = tonumber(ARGV[2])
-            local expiration_time = tonumber(ARGV[3])
-            local current_time = tonumber(ARGV[4])
-            -- Check if token is expired
-            if expiration_time <= (current_time - timestamp) then
-              return 'stale'
-            end
-            -- Check if token was already used
-            local current = redis.call('GET', key)
-            if current and tonumber(current) > 0 then
-              return 'used'
-            end
-            -- Mark token as used
-            redis.call('INCRBY', key, 1)
-            redis.call('EXPIRE', key, ttl)
-            return 'ok'
-          LUA
-        end
-        def ttl_seconds
-          ::RobustServerSocket.configuration.token_expiration_time + 60
-        end
-        # Cache Redis connection pool at module level for the lifetime of the Rails process
-        # This avoids recreating the connection pool on every Redis operation
-        def redis
-          @pool ||= ::ConnectionPool::Wrapper.new(**pool_config) do
-            ::Redis.new(redis_config)
-          end
-        end
-        def pool_config
-          {
-            size: ENV.fetch('REDIS_POOL_SIZE', 25).to_i,
-            timeout: ENV.fetch('REDIS_POOL_TIMEOUT', 1).to_f
-          }
-        end
-        def redis_config
-          config = {
-            url: ::RobustServerSocket.configuration.redis_url,
-            reconnect_attempts: 3,
-            timeout: 1.0,
-            connect_timeout: 2.0
-          }
-          password = ::RobustServerSocket.configuration.redis_pass
-          config[:password] = password if password && !password.empty?
-          config
-        end
-        def handle_redis_error(error, operation)
-          warn "Redis operation '#{operation}' failed: #{error.class} - #{error.message}"
-        end
-      end
-    end
-  end
-end