RubyGems - securenative - Versions diffs - 0.1.17 → 0.1.18 - Mend

securenative 0.1.17 → 0.1.18

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (117) hide show

data/lib/{securenative/event_options_builder.rb → event_options.rb} RENAMED

@@ -1,4 +1,6 @@
-class EventOptionsBuilder
+# frozen_string_literal: true
+class EventOptions
   MAX_PROPERTIES_SIZE = 10
   def initialize(event_type, user_id, user_traits, user_name, email, phone, created_at, context, properties, timestamp)
@@ -22,9 +24,9 @@ class EventOptionsBuilder
   def build
     if !@event_options.properties.nil? && @event_options.properties.length > MAX_PROPERTIES_SIZE
-      raise SecureNativeInvalidOptionsException('You can have only up to {} custom properties', MAX_PROPERTIES_SIZE)
+      raise SecureNativeInvalidOptionsError('You can have only up to {} custom properties', MAX_PROPERTIES_SIZE)
     end
     @event_options
   end
-end
+end

data/lib/http/secure_native_http_response.rb ADDED

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+class SecureNativeHttpResponse
+  attr_reader :ok, :status_code, :body
+  attr_writer :ok, :status_code, :body
+  def initialize(ok, status_code, body)
+    @ok = ok
+    @status_code = status_code
+    @body = body
+  end
+end

data/lib/http/securenative_http_client.rb ADDED

@@ -0,0 +1,32 @@
+# frozen_string_literal: true
+require 'httpclient'
+class SecureNativeHttpClient
+  AUTHORIZATION_HEADER = 'Authorization'
+  VERSION_HEADER = 'SN-Version'
+  USER_AGENT_HEADER = 'User-Agent'
+  USER_AGENT_HEADER_VALUE = 'SecureNative-python'
+  CONTENT_TYPE_HEADER = 'Content-Type'
+  CONTENT_TYPE_HEADER_VALUE = 'application/json'
+  def initialize(securenative_options)
+    @options = securenative_options
+    @client = HTTPClient.new
+  end
+  def _headers
+    {
+      CONTENT_TYPE_HEADER => CONTENT_TYPE_HEADER_VALUE,
+      USER_AGENT_HEADER => USER_AGENT_HEADER_VALUE,
+      VERSION_HEADER => VersionUtils.version,
+      AUTHORIZATION_HEADER => @options.api_key
+    }
+  end
+  def post(path, body)
+    url = "#{@options.api_url}/#{path}"
+    headers = _headers
+    @client.post(url, body, headers)
+  end
+end

data/lib/{securenative/models → models}/client_token.rb RENAMED

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 class ClientToken
   attr_reader :cid, :vid, :fp
   attr_writer :cid, :vid, :fp

data/lib/{securenative/models → models}/device.rb RENAMED

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 class Device
   attr_reader :device_id
   attr_writer :device_id
@@ -5,4 +7,4 @@ class Device
   def initialize(device_id)
     @device_id = device_id
   end
-end
+end

data/lib/models/event_options.rb ADDED

@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+class EventOptions
+  attr_reader :event, :user_id, :user_traits, :context, :properties, :timestamp
+  attr_writer :event, :user_id, :user_traits, :context, :properties, :timestamp
+  def initialize(event: nil, user_id: nil, user_traits: nil, context: nil, properties: nil, timestamp: nil)
+    @event = event
+    @user_id = user_id
+    @user_traits = user_traits
+    @context = context
+    @properties = properties
+    @timestamp = timestamp
+  end
+end

data/lib/models/request_context.rb ADDED

@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+class RequestContext
+  attr_reader :cid, :vid, :fp, :ip, :remote_ip, :headers, :url, :http_method
+  attr_writer :cid, :vid, :fp, :ip, :remote_ip, :headers, :url, :http_method
+  def initialize(cid: nil, vid: nil, fp: nil, ip: nil, remote_ip: nil, headers: nil, url: nil, http_method: nil)
+    @cid = cid
+    @vid = vid
+    @fp = fp
+    @ip = ip
+    @remote_ip = remote_ip
+    @headers = headers
+    @url = url
+    @method = http_method
+  end
+end

data/lib/models/request_options.rb ADDED

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+class RequestOptions
+  attr_reader :url, :body, :retry_sending
+  attr_writer :url, :body, :retry_sending
+  def initialize(url, body, retry_sending)
+    @url = url
+    @body = body
+    @retry_sending = retry_sending
+  end
+end

data/lib/models/sdk_event.rb ADDED

@@ -0,0 +1,35 @@
+# frozen_string_literal: true
+require 'context/securenative_context'
+require 'utils/encryption_utils'
+class SDKEvent
+  attr_reader :context, :rid, :event_type, :user_id, :user_traits, :request, :timestamp, :properties
+  attr_writer :context, :rid, :event_type, :user_id, :user_traits, :request, :timestamp, :properties
+  def initialize(event_options, securenative_options)
+    @context = if !event_options.context.nil?
+                 event_options.context
+               else
+                 SecureNativeContext.default_context_builder
+               end
+    client_token = EncryptionUtils.decrypt(@context.client_token, securenative_options.api_key)
+    @rid = SecureRandom.uuid.to_str
+    @event_type = event_options.event
+    @user_id = event_options.user_id
+    @user_traits = event_options.user_traits
+    @request = RequestContext(client_token ? client_token.cid : '', client_token ? client_token.vid : '',
+                              client_token ? client_token.fp : '', @context.ip,
+                              @context.remote_ip, @context.headers, @context.url, @context.http_method)
+    @timestamp = DateUtils.to_timestamp(event_options.timestamp)
+    @properties = event_options.properties
+  end
+  def to_s
+    "context: #{@context}, rid: #{@rid}, event_type: #{@event_type}, user_id: #{@user_id},
+    user_traits: #{@user_traits}, request: #{@request}, timestamp: #{@timestamp}, properties: #{@properties}"
+  end
+end

data/lib/models/user_traits.rb ADDED

@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+class UserTraits
+  attr_reader :name, :email, :phone, :created_at
+  attr_writer :name, :email, :phone, :created_at
+  def initialize(name: nil, email: nil, phone: nil, created_at: nil)
+    @name = name
+    @email = email
+    @created_at = created_at
+    @phone = phone
+  end
+end

data/lib/models/verify_result.rb ADDED

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+class VerifyResult
+  attr_reader :risk_level, :score, :triggers
+  attr_writer :risk_level, :score, :triggers
+  def initialize(risk_level: nil, score: nil, triggers: nil)
+    @risk_level = risk_level
+    @score = score
+    @triggers = triggers
+  end
+end

data/lib/securenative.rb ADDED

@@ -0,0 +1,95 @@
+# frozen_string_literal: true
+require 'utils/secure_native_logger'
+require 'utils/signature_utils'
+require 'utils/utils'
+require 'errors/securenative_sdk_error'
+require 'errors/securenative_sdk_Illegal_state_error'
+require 'errors/securenative_config_error'
+require 'enums/failover_strategy'
+require 'config/configuration_builder'
+require 'event_manager'
+require 'api_manager'
+class SecureNative
+  attr_reader :options
+  def initialize(options)
+    @securenative = nil
+    raise SecureNativeSDKError, 'You must pass your SecureNative api key' if Utils.null_or_empty?(options.api_key)
+    @options = options
+    @event_manager = EventManager.new(@options)
+    @event_manager.start_event_persist unless @options.api_url.nil?
+    @api_manager = ApiManager.new(@event_manager, @options)
+    SecureNativeLogger.init_logger(@options.log_level)
+  end
+  def self.init_with_options(options)
+    if @securenative.nil?
+      @securenative = SecureNative.new(options)
+      @securenative
+    else
+      SecureNativeLogger.debug('This SDK was already initialized.')
+      raise SecureNativeSDKError, 'This SDK was already initialized.'
+    end
+  end
+  def self.init_with_api_key(api_key)
+    raise SecureNativeConfigError, 'You must pass your SecureNative api key' if Utils.null_or_empty?(api_key)
+    if @securenative.nil?
+      options = ConfigurationBuilder.new(api_key: api_key)
+      @securenative = SecureNative.new(options)
+      @securenative
+    else
+      SecureNativeLogger.debug('This SDK was already initialized.')
+      raise SecureNativeSDKError, 'This SDK was already initialized.'
+    end
+  end
+  def self.init
+    options = ConfigurationManager.load_config
+    init_with_options(options)
+  end
+  def self.instance
+    raise SecureNativeSDKIllegalStateError if @securenative.nil?
+    @securenative
+  end
+  def self.config_builder(api_key: nil, api_url: 'https://api.securenative.com/collector/api/v1', interval: 1000,
+                          max_events: 1000, timeout: 1500, auto_send: true, disable: false, log_level: 'FATAL',
+                          fail_over_strategy: FailOverStrategy::FAIL_OPEN)
+    ConfigurationBuilder.new(api_key: api_key, api_url: api_url, interval: interval, max_events: max_events,
+                             timeout: timeout, auto_send: auto_send, disable: disable, log_level: log_level,
+                             fail_over_strategy: fail_over_strategy)
+  end
+  def self.context_builder(client_token: nil, ip: nil, remote_ip: nil, headers: nil, url: nil, http_method: nil, body: nil)
+    SecureNativeContext.new(client_token: client_token, ip: ip, remote_ip: remote_ip, headers: headers,
+                            url: url, http_method: http_method, body: body)
+  end
+  def track(event_options)
+    @api_manager.track(event_options)
+  end
+  def verify(event_options)
+    @api_manager.verify(event_options)
+  end
+  def self._flush
+    @securenative = nil
+  end
+  def verify_request_payload(request)
+    request_signature = request.header[SignatureUtils.SIGNATURE_HEADER]
+    body = request.body
+    SignatureUtils.valid_signature?(@options.api_key, body, request_signature)
+  end
+end

data/lib/utils/date_utils.rb ADDED

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+class DateUtils
+  def self.to_timestamp(date)
+    return Time.now.strftime('%Y-%m-%dT%H:%M:%S%Z') if date.nil?
+    Time.parse(date).iso8601
+  end
+end

data/lib/{securenative/utils → utils}/encryption_utils.rb RENAMED

@@ -11,9 +11,6 @@ class EncryptionUtils
     cipher.padding = 0
     if text.size % BLOCK_SIZE != 0
-      logger = Logger.new(STDOUT)
-      logger.level = Logger::WARN
-      logger.fatal('data not multiple of block length')
       return nil
     end
@@ -35,4 +32,4 @@ class EncryptionUtils
     rv = cipher.update(s) + cipher.final
     rv.strip
   end
-end
+end

data/lib/{securenative/utils → utils}/ip_utils.rb RENAMED

@@ -1,10 +1,11 @@
-class IpUtils
-  VALID_IPV4_PATTERN = '(([01]?\\d\\d?|2[0-4]\\d|25[0-5])\\.){3}([01]?\\d\\d?|2[0-4]\\d|25[0-5])'.freeze
-  VALID_IPV6_PATTERN = '([0-9a-f]{1,4}:){7}([0-9a-f]){1,4}'.freeze
+# frozen_string_literal: true
+require "resolv"
+class IpUtils
   def self.ip_address?(ip_address)
-    return true if IpUtils.VALID_IPV4_PATTERN.match(ip_address)
-    return true if IpUtils.VALID_IPV6_PATTERN.match(ip_address)
+    return true if ip_address =~ Resolv::IPv4::Regex
+    return true if ip_address =~ Resolv::IPv6::Regex
     false
   end
@@ -19,4 +20,4 @@ class IpUtils
   def self.loop_back?(ip_address)
     IPAddr.new(ip_address).loopback?
   end
-end
+end

data/lib/utils/request_utils.rb ADDED

@@ -0,0 +1,54 @@
+# frozen_string_literal: true
+class RequestUtils
+  SECURENATIVE_COOKIE = '_sn'
+  SECURENATIVE_HEADER = 'x-securenative'
+  def self.get_secure_header_from_request(headers)
+    begin
+      return headers[SECURENATIVE_HEADER] unless headers.nil?
+    rescue StandardError
+      []
+    end
+    []
+  end
+  def self.get_client_ip_from_request(request)
+    begin
+      return request.ip unless request.ip.nil?
+    rescue NoMethodError
+    end
+    begin
+      x_forwarded_for = request.env['HTTP_X_FORWARDED_FOR']
+      return x_forwarded_for unless x_forwarded_for.nil?
+    rescue NoMethodError
+      begin
+        x_forwarded_for = request['HTTP_X_FORWARDED_FOR']
+        return x_forwarded_for unless x_forwarded_for.nil?
+      rescue NoMethodError
+      end
+    end
+    begin
+      x_forwarded_for = request.env['REMOTE_ADDR']
+      return x_forwarded_for unless x_forwarded_for.nil?
+    rescue NoMethodError
+      begin
+        x_forwarded_for = request['REMOTE_ADDR']
+        return x_forwarded_for unless x_forwarded_for.nil?
+      rescue NoMethodError
+      end
+    end
+    ''
+  end
+  def self.get_remote_ip_from_request(request)
+    begin
+      request.remote_ip
+    rescue NoMethodError
+      ''
+    end
+  end
+end

data/lib/{securenative/logger.rb → utils/secure_native_logger.rb} RENAMED

@@ -1,9 +1,11 @@
+# frozen_string_literal: true
 require 'logger'
-class Logger
+class SecureNativeLogger
   @logger = Logger.new(STDOUT)
-  def self.init_logger(level)
+  def self.init_logger(level = 'DEBUG')
     @logger.level = case level
                     when 'WARN'
                       Logger::WARN
@@ -39,4 +41,4 @@ class Logger
   def self.error(msg)
     @logger.error(msg)
   end
-end
+end

data/lib/{securenative/utils → utils}/signature_utils.rb RENAMED

@@ -1,7 +1,9 @@
+# frozen_string_literal: true
 require 'openssl'
 class SignatureUtils
-  SIGNATURE_HEADER = 'x-securenative'.freeze
+  SIGNATURE_HEADER = 'x-securenative'
   def self.valid_signature?(api_key, payload, header_signature)
     key = api_key.encode('utf-8')
@@ -11,4 +13,4 @@ class SignatureUtils
   rescue StandardError
     false
   end
-end
+end

data/lib/utils/utils.rb ADDED

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+class Utils
+  def self.null_or_empty?(string)
+    return true if !string || string.empty? || string.nil?
+    false
+  end
+end