ronin_security 0.0.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (3) hide show
  1. checksums.yaml +7 -0
  2. data/lib/ronin_security.rb +47 -0
  3. metadata +57 -0
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA256:
3
+ metadata.gz: c5d7295c5345491201b4248b136e2f69b31b6043801fdf547293b1bf2d82cd7b
4
+ data.tar.gz: 6dd13fa58d67276e80c150e2b3786b8144815903212bbcf910aee69e01ff7b25
5
+ SHA512:
6
+ metadata.gz: feb81a4cd32ccd3eb0d2f666c75e7cea99b59d2a72c177a8ab7e94c41d9a41283bee27a9e0b1bbbda331116adfae170b4f5aa90657e902cbcf5a8653021c71e9
7
+ data.tar.gz: 470b209e6fb0a0b8574b658a1de1e46ddccfa5602455bcbb671d38e789054b28de52871811fbc5c0e3eeb1797888551f741d794b1eebde1c1f307d54467495e2
data/lib/ronin_security.rb ADDED
@@ -0,0 +1,47 @@
1
+ require 'httparty'
2
+ require 'json'
3
+ class RoninSecurity
4
+ def self.enforce(url, request)
5
+ puts request
6
+ response = HTTParty.get(url)
7
+ authorizationResponse = JSON.parse(response.body)
8
+ puts authorizationResponse["authorized"]
9
+ otp = request.headers["HTTP_OTP"]
10
+ humantoken = request.headers["HTTP_HUMANTOKEN"]
11
+ devicetoken = request.headers["HTTP_DEVICE_TOKEN"]
12
+ ip = request.remote_ip
13
+ if ip == "::1" || ip == "127.0.0.1"
14
+ realIpData = HTTParty.get("https://api.ipify.org?format=json")
15
+ puts realIpData
16
+ parsedIpData = JSON.parse(realIpData.body)
17
+ ip = parsedIpData["ip"]
18
+ end
19
+ possibletoken = request.headers["HTTP_TOKEN"].split("Bearer ")
20
+ token = request.headers["HTTP_TOKEN"] || possibletoken
21
+ headers = {
22
+ "method" => request.method,
23
+ "ip" => ip,
24
+ "token" => token,
25
+ "api" => request.original_url.split(request.original_fullpath)[0],
26
+ "action" => request.original_fullpath,
27
+ "fullActionPath" => request.original_url
28
+ }
29
+
30
+ if devicetoken != nil
31
+ headers["device_token"] = devicetoken
32
+ end
33
+
34
+ if otp != nil
35
+ headers["otp"] = otp
36
+ end
37
+
38
+ if humantoken != nil
39
+ headers["humantoken"] = humantoken
40
+ end
41
+ authorizedMessage = HTTParty.get(url, :headers => headers)
42
+ authorizationResult = JSON.parse(authorizedMessage.body)
43
+ return authorizationResult
44
+ end
45
+
46
+
47
+ end
metadata ADDED
@@ -0,0 +1,57 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: ronin_security
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.0.2
5
+ platform: ruby
6
+ authors:
7
+ - andrew van beek
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+ date: 2021-12-19 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: httparty
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - ">="
18
+ - !ruby/object:Gem::Version
19
+ version: '0'
20
+ type: :runtime
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - ">="
25
+ - !ruby/object:Gem::Version
26
+ version: '0'
27
+ description: Ronin Enforcement Module for Ruby
28
+ email: andrew.vanbeek@vanbeektech.com
29
+ executables: []
30
+ extensions: []
31
+ extra_rdoc_files: []
32
+ files:
33
+ - lib/ronin_security.rb
34
+ homepage: https://rubygems.org/gems/ronin-enforcement
35
+ licenses:
36
+ - MIT
37
+ metadata: {}
38
+ post_install_message:
39
+ rdoc_options: []
40
+ require_paths:
41
+ - lib
42
+ required_ruby_version: !ruby/object:Gem::Requirement
43
+ requirements:
44
+ - - ">="
45
+ - !ruby/object:Gem::Version
46
+ version: '0'
47
+ required_rubygems_version: !ruby/object:Gem::Requirement
48
+ requirements:
49
+ - - ">="
50
+ - !ruby/object:Gem::Version
51
+ version: '0'
52
+ requirements: []
53
+ rubygems_version: 3.2.3
54
+ signing_key:
55
+ specification_version: 4
56
+ summary: Ronin Enforcement Module for Ruby
57
+ test_files: []