securenative 0.1.17 → 0.1.18

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 01eee863c8dda0e4bf97b91bc69c577d7720f44266e447f27493d270768ea200
-  data.tar.gz: 981056596af0d2595d5119fe27655b757ff6a1afc057dd6ee567e2a4b51dd2ac
+  metadata.gz: 8d858e629da2a2f7f0c3cfaed2578bebe8560231c80b150a63286c2b06783aa4
+  data.tar.gz: ad059fb8d2ae68ee261cc42fc33039091ef69988d81d5df268a9480006b21509
 SHA512:
-  metadata.gz: aaec6f599e8d4ba3efc0d645d6d84704b8fba065c430a206563bcbd547e6de281d946eb97fc173c7d1d9ce09b3ff4f7b0ea7abfdb98f9b3f4d9bfa9fa0e71d28
-  data.tar.gz: 87b602345c3ff2566f36b9b6f47a66abdda7907f3f2fd9d0797a9ee1b3ac2d0443283f0e53d4f3cf7131e50fdf08bbc8f673ebfe42b1c8b6c3f032c0137cc921
+  metadata.gz: c011475a3513e520305e4a7fab927238050b22c29142b726801544b10c7dd6fdba348a0eb9ac3dee2e69b67dca037fa77aa1ed2f4cae1ae6f6ec95293855d93f
+  data.tar.gz: 811bb374f34727eb9c0ef82ec3fa7e54248cfa753fb880129660643716e79dbaf56b276f87fb63e711bc32544020b3f6eedea09f88578f71eaab6f85d6c5468f

data/.github/workflows/ci.yml

@@ -10,7 +10,10 @@ on:
 jobs:
   test:
     name: CI
-    runs-on: ubuntu-18.04
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        os: [ubuntu-latest]
     steps:
       - uses: actions/checkout@v1
       - uses: actions/setup-ruby@v1
@@ -21,7 +24,7 @@ jobs:
           gem install bundler
           bundler install
       - name: Run tests
-        run: bundler exec rspec
+        run: bundle exec rspec spec --pattern **/spec_*.rb
 
       - name: Notify slack success
         if: success()

data/.github/workflows/test.yml

@@ -9,7 +9,10 @@ on:
 jobs:
   test:
     name: Testing
-    runs-on: ubuntu-18.04
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        os: [ubuntu-latest]
     steps:
       - uses: actions/checkout@v1
       - uses: actions/setup-ruby@v1
@@ -20,7 +23,7 @@ jobs:
           gem install bundler
           bundler install
       - name: Run tests
-        run: bundler exec rspec
+        run: bundle exec rspec spec --pattern **/spec_*.rb
 
       - name: Notify slack success
         if: success()

data/.gitignore

@@ -10,6 +10,7 @@
 /test/version_tmp/
 /tmp/
 .idea
+*.iml
 # Used by dotenv library to load environment variables.
 # .env
 
@@ -35,4 +36,5 @@
 
 # unless supporting rvm < 1.11.0 or doing something fancy, ignore this:
 .rvmrc
-.DS_Store
+.DS_Store
+.rspec_status

data/Gemfile

@@ -5,5 +5,8 @@ gem "rspec"
 gem "rake"
 gem "httpclient"
 gem "parseconfig"
-gem "webmock"
-gem "codecov", :require => false, :group => :test
+gem "simplecov", :require => false, :group => :test
+gem "webmock", :require => false, :group => :test
+gem "rails", :require => false, :group => :test
+gem "hanami", :require => false, :group => :test
+gem "sinatra", :require => false, :group => :test

data/Gemfile.lock

@@ -1,27 +1,208 @@
 PATH
   remote: .
   specs:
-    securenative (0.1.16)
+    securenative (0.1.18)
 
 GEM
   remote: https://rubygems.org/
   specs:
+    actioncable (6.0.3.2)
+      actionpack (= 6.0.3.2)
+      nio4r (~> 2.0)
+      websocket-driver (>= 0.6.1)
+    actionmailbox (6.0.3.2)
+      actionpack (= 6.0.3.2)
+      activejob (= 6.0.3.2)
+      activerecord (= 6.0.3.2)
+      activestorage (= 6.0.3.2)
+      activesupport (= 6.0.3.2)
+      mail (>= 2.7.1)
+    actionmailer (6.0.3.2)
+      actionpack (= 6.0.3.2)
+      actionview (= 6.0.3.2)
+      activejob (= 6.0.3.2)
+      mail (~> 2.5, >= 2.5.4)
+      rails-dom-testing (~> 2.0)
+    actionpack (6.0.3.2)
+      actionview (= 6.0.3.2)
+      activesupport (= 6.0.3.2)
+      rack (~> 2.0, >= 2.0.8)
+      rack-test (>= 0.6.3)
+      rails-dom-testing (~> 2.0)
+      rails-html-sanitizer (~> 1.0, >= 1.2.0)
+    actiontext (6.0.3.2)
+      actionpack (= 6.0.3.2)
+      activerecord (= 6.0.3.2)
+      activestorage (= 6.0.3.2)
+      activesupport (= 6.0.3.2)
+      nokogiri (>= 1.8.5)
+    actionview (6.0.3.2)
+      activesupport (= 6.0.3.2)
+      builder (~> 3.1)
+      erubi (~> 1.4)
+      rails-dom-testing (~> 2.0)
+      rails-html-sanitizer (~> 1.1, >= 1.2.0)
+    activejob (6.0.3.2)
+      activesupport (= 6.0.3.2)
+      globalid (>= 0.3.6)
+    activemodel (6.0.3.2)
+      activesupport (= 6.0.3.2)
+    activerecord (6.0.3.2)
+      activemodel (= 6.0.3.2)
+      activesupport (= 6.0.3.2)
+    activestorage (6.0.3.2)
+      actionpack (= 6.0.3.2)
+      activejob (= 6.0.3.2)
+      activerecord (= 6.0.3.2)
+      marcel (~> 0.3.1)
+    activesupport (6.0.3.2)
+      concurrent-ruby (~> 1.0, >= 1.0.2)
+      i18n (>= 0.7, < 2)
+      minitest (~> 5.1)
+      tzinfo (~> 1.1)
+      zeitwerk (~> 2.2, >= 2.2.2)
     addressable (2.7.0)
       public_suffix (>= 2.0.2, < 5.0)
-    codecov (0.1.17)
-      json
-      simplecov
-      url
+    builder (3.2.4)
+    concurrent-ruby (1.1.7)
     crack (0.4.3)
       safe_yaml (~> 1.0.0)
+    crass (1.0.6)
     diff-lcs (1.3)
     docile (1.3.2)
+    dry-configurable (0.11.6)
+      concurrent-ruby (~> 1.0)
+      dry-core (~> 0.4, >= 0.4.7)
+      dry-equalizer (~> 0.2)
+    dry-container (0.7.2)
+      concurrent-ruby (~> 1.0)
+      dry-configurable (~> 0.1, >= 0.1.3)
+    dry-core (0.4.9)
+      concurrent-ruby (~> 1.0)
+    dry-equalizer (0.3.0)
+    dry-logic (0.4.2)
+      dry-container (~> 0.2, >= 0.2.6)
+      dry-core (~> 0.2)
+      dry-equalizer (~> 0.2)
+    dry-types (0.12.3)
+      concurrent-ruby (~> 1.0)
+      dry-configurable (~> 0.1)
+      dry-container (~> 0.3)
+      dry-core (~> 0.2, >= 0.2.1)
+      dry-equalizer (~> 0.2)
+      dry-logic (~> 0.4, >= 0.4.2)
+      inflecto (~> 0.0.0, >= 0.0.2)
+    dry-validation (0.11.2)
+      concurrent-ruby (~> 1.0)
+      dry-configurable (~> 0.1, >= 0.1.3)
+      dry-core (~> 0.2, >= 0.2.1)
+      dry-equalizer (~> 0.2)
+      dry-logic (~> 0.4.2)
+      dry-types (~> 0.12.0)
+    erubi (1.9.0)
+    globalid (0.4.2)
+      activesupport (>= 4.2.0)
+    hanami (1.3.3)
+      bundler (>= 1.6, < 3)
+      concurrent-ruby (~> 1.0)
+      hanami-assets (~> 1.3)
+      hanami-cli (~> 0.3)
+      hanami-controller (~> 1.3)
+      hanami-helpers (~> 1.3)
+      hanami-mailer (~> 1.3)
+      hanami-router (~> 1.3)
+      hanami-utils (~> 1.3)
+      hanami-validations (>= 1.3, < 3)
+      hanami-view (~> 1.3)
+    hanami-assets (1.3.4)
+      hanami-helpers (~> 1.3)
+      hanami-utils (~> 1.3)
+      tilt (~> 2.0, >= 2.0.2)
+    hanami-cli (0.3.1)
+      concurrent-ruby (~> 1.0)
+      hanami-utils (~> 1.3)
+    hanami-controller (1.3.3)
+      hanami-utils (~> 1.3)
+      rack (~> 2.0)
+    hanami-helpers (1.3.3)
+      hanami-utils (~> 1.3)
+    hanami-mailer (1.3.2)
+      hanami-utils (~> 1.3)
+      mail (~> 2.6)
+      tilt (~> 2.0, >= 2.0.1)
+    hanami-router (1.3.2)
+      hanami-utils (~> 1.3)
+      http_router (= 0.11.2)
+      rack (~> 2.0)
+    hanami-utils (1.3.6)
+      concurrent-ruby (~> 1.0)
+      transproc (~> 1.0)
+    hanami-validations (1.3.6)
+      dry-logic (~> 0.4.2, < 0.5)
+      dry-validation (~> 0.11, < 0.12)
+      hanami-utils (~> 1.3)
+    hanami-view (1.3.3)
+      hanami-utils (~> 1.3)
+      tilt (~> 2.0, >= 2.0.1)
     hashdiff (1.0.1)
+    http_router (0.11.2)
+      rack (>= 1.0.0)
+      url_mount (~> 0.2.1)
     httpclient (2.8.3)
-    json (2.3.0)
+    i18n (1.8.5)
+      concurrent-ruby (~> 1.0)
+    inflecto (0.0.2)
+    loofah (2.6.0)
+      crass (~> 1.0.2)
+      nokogiri (>= 1.5.9)
+    mail (2.7.1)
+      mini_mime (>= 0.1.1)
+    marcel (0.3.3)
+      mimemagic (~> 0.3.2)
+    method_source (1.0.0)
+    mimemagic (0.3.5)
+    mini_mime (1.0.2)
+    mini_portile2 (2.4.0)
+    minitest (5.14.1)
+    mustermann (1.1.1)
+      ruby2_keywords (~> 0.0.1)
+    nio4r (2.5.2)
+    nokogiri (1.10.10)
+      mini_portile2 (~> 2.4.0)
     parseconfig (1.0.8)
     public_suffix (4.0.5)
-    rake (12.3.3)
+    rack (2.2.3)
+    rack-protection (2.0.8.1)
+      rack
+    rack-test (1.1.0)
+      rack (>= 1.0, < 3)
+    rails (6.0.3.2)
+      actioncable (= 6.0.3.2)
+      actionmailbox (= 6.0.3.2)
+      actionmailer (= 6.0.3.2)
+      actionpack (= 6.0.3.2)
+      actiontext (= 6.0.3.2)
+      actionview (= 6.0.3.2)
+      activejob (= 6.0.3.2)
+      activemodel (= 6.0.3.2)
+      activerecord (= 6.0.3.2)
+      activestorage (= 6.0.3.2)
+      activesupport (= 6.0.3.2)
+      bundler (>= 1.3.0)
+      railties (= 6.0.3.2)
+      sprockets-rails (>= 2.0.0)
+    rails-dom-testing (2.0.3)
+      activesupport (>= 4.2.0)
+      nokogiri (>= 1.6)
+    rails-html-sanitizer (1.3.0)
+      loofah (~> 2.3)
+    railties (6.0.3.2)
+      actionpack (= 6.0.3.2)
+      activesupport (= 6.0.3.2)
+      method_source
+      rake (>= 0.8.7)
+      thor (>= 0.20.3, < 2.0)
+    rake (13.0.1)
     rspec (3.8.0)
       rspec-core (~> 3.8.0)
       rspec-expectations (~> 3.8.0)
@@ -35,28 +216,55 @@ GEM
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.8.0)
     rspec-support (3.8.2)
+    ruby2_keywords (0.0.2)
     safe_yaml (1.0.5)
-    simplecov (0.18.5)
+    simplecov (0.19.0)
       docile (~> 1.1)
       simplecov-html (~> 0.11)
     simplecov-html (0.12.2)
-    url (0.3.2)
+    sinatra (2.0.8.1)
+      mustermann (~> 1.0)
+      rack (~> 2.0)
+      rack-protection (= 2.0.8.1)
+      tilt (~> 2.0)
+    sprockets (4.0.2)
+      concurrent-ruby (~> 1.0)
+      rack (> 1, < 3)
+    sprockets-rails (3.2.1)
+      actionpack (>= 4.0)
+      activesupport (>= 4.0)
+      sprockets (>= 3.0.0)
+    thor (1.0.1)
+    thread_safe (0.3.6)
+    tilt (2.0.10)
+    transproc (1.1.1)
+    tzinfo (1.2.7)
+      thread_safe (~> 0.1)
+    url_mount (0.2.1)
+      rack
     webmock (3.8.3)
       addressable (>= 2.3.6)
       crack (>= 0.3.2)
       hashdiff (>= 0.4.0, < 2.0.0)
+    websocket-driver (0.7.3)
+      websocket-extensions (>= 0.1.0)
+    websocket-extensions (0.1.5)
+    zeitwerk (2.4.0)
 
 PLATFORMS
   ruby
 
 DEPENDENCIES
   bundler (~> 2.0)
-  codecov
+  hanami
   httpclient
   parseconfig
+  rails
   rake
   rspec
   securenative!
+  simplecov
+  sinatra
   webmock
 
 BUNDLED WITH

data/README.md

@@ -99,7 +99,7 @@ securenative = SecureNative.instance
 context = securenative.context_builder(ip = '127.0.0.1', client_token = 'SECURED_CLIENT_TOKEN',
         headers = { 'user-agent' => 'Mozilla/5.0 (iPad; U; CPU OS 3_2_1 like Mac OS X; en-us) AppleWebKit/531.21.10 (KHTML, like Gecko) Mobile/7B405' })
 
-event_options = EventOptionsBuilder(event_type = EventTypes::LOG_IN,
+event_options = EventOptions(event_type = EventTypes::LOG_IN,
         user_id = '1234', user_traits = UserTraits('Your Name', 'name@gmail.com', '+1234567890'),
         context = context, properties = {prop1 => 'CUSTOM_PARAM_VALUE', prop2 => true, prop3 => 3}).build
 
@@ -119,7 +119,7 @@ def track(request)
     securenative = SecureNative.instance
     context = SecureNative.context_builder.from_http_request(request).build
 
-    event_options = EventOptionsBuilder(event_type = EventTypes::LOG_IN,
+    event_options = EventOptions(event_type = EventTypes::LOG_IN,
             user_id = '1234', user_traits = UserTraits('Your Name', 'name@gmail.com', '+1234567890'),
             context = context, properties = {prop1 => 'CUSTOM_PARAM_VALUE', prop2 => true, prop3 => 3}).build
     
@@ -142,7 +142,7 @@ def verify(request)
     securenative = SecureNative.instance
     context = SecureNative.context_builder.from_http_request(request).build
 
-    event_options = EventOptionsBuilder(event_type = EventTypes::LOG_IN,
+    event_options = EventOptions(event_type = EventTypes::LOG_IN,
         user_id = '1234', user_traits = UserTraits('Your Name', 'name@gmail.com', '+1234567890'),
         context = context, properties = {prop1 => 'CUSTOM_PARAM_VALUE', prop2 => true, prop3 => 3}).build
     

data/VERSION

@@ -1 +1 @@
-0.1.17
+0.1.18

data/lib/api_manager.rb

@@ -0,0 +1,35 @@
+# frozen_string_literal: true
+
+require 'models/sdk_event'
+require 'enums/failover_strategy'
+require 'json'
+
+class ApiManager
+  def initialize(event_manager, securenative_options)
+    @event_manager = event_manager
+    @options = securenative_options
+  end
+
+  def track(event_options)
+    SecureNativeLogger.debug('Track event call')
+    event = SDKEvent.new(event_options, @options)
+    @event_manager.send_async(event, ApiRoute::TRACK)
+  end
+
+  def verify(event_options)
+    SecureNativeLogger.debug('Verify event call')
+    event = SDKEvent.new(event_options, @options)
+
+    begin
+      res = JSON.parse(@event_manager.send_sync(event, ApiRoute::VERIFY, false))
+      return VerifyResult.new(risk_level: res['riskLevel'], score: res['score'], triggers: res['triggers'])
+    rescue StandardError => e
+      SecureNativeLogger.debug("Failed to call verify; #{e}")
+    end
+    if @options.fail_over_strategy == FailOverStrategy::FAIL_OPEN
+      return VerifyResult.new(risk_level: RiskLevel::LOW, score: 0, triggers: nil)
+    end
+
+    VerifyResult.new(risk_level: RiskLevel::HIGH, score: 1, triggers: nil)
+  end
+end

data/lib/config/configuration_builder.rb

@@ -0,0 +1,30 @@
+# frozen_string_literal: true
+
+require 'enums/failover_strategy'
+
+class ConfigurationBuilder
+  attr_reader :api_key, :api_url, :interval, :max_events, :timeout, :auto_send, :disable, :log_level, :fail_over_strategy
+  attr_writer :api_key, :api_url, :interval, :max_events, :timeout, :auto_send, :disable, :log_level, :fail_over_strategy
+
+  def initialize(api_key: nil, api_url: 'https://api.securenative.com/collector/api/v1', interval: 1000,
+                 max_events: 1000, timeout: 1500, auto_send: true, disable: false, log_level: 'FATAL',
+                 fail_over_strategy: FailOverStrategy::FAIL_OPEN)
+    @api_key = api_key
+    @api_url = api_url
+    @interval = interval
+    @max_events = max_events
+    @timeout = timeout
+    @auto_send = auto_send
+    @disable = disable
+    @log_level = log_level
+    @fail_over_strategy = fail_over_strategy
+  end
+
+  def self.default_config_builder
+    ConfigurationBuilder.new
+  end
+
+  def self.default_securenative_options
+    SecureNativeOptions.new
+  end
+end