RubyGems - securenative - Versions diffs - 0.1.17 → 0.1.23 - Mend

securenative 0.1.17 → 0.1.23

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (132) hide show

data/lib/{securenative/http/http_response.rb → http/secure_native_http_response.rb} RENAMED

@@ -1,4 +1,6 @@
-class HttpResponse
+# frozen_string_literal: true
+class SecureNativeHttpResponse
   attr_reader :ok, :status_code, :body
   attr_writer :ok, :status_code, :body
@@ -7,4 +9,4 @@ class HttpResponse
     @status_code = status_code
     @body = body
   end
-end
+end

data/lib/http/securenative_http_client.rb ADDED

@@ -0,0 +1,50 @@
+# frozen_string_literal: true
+require 'net/http'
+require 'uri'
+require 'json'
+require 'utils/version_utils'
+require 'utils/secure_native_logger'
+class SecureNativeHttpClient
+  AUTHORIZATION_HEADER = 'Authorization'
+  VERSION_HEADER = 'SN-Version'
+  USER_AGENT_HEADER = 'User-Agent'
+  USER_AGENT_HEADER_VALUE = 'SecureNative-ruby'
+  CONTENT_TYPE_HEADER = 'Content-Type'
+  CONTENT_TYPE_HEADER_VALUE = 'application/json'
+  def initialize(securenative_options)
+    @options = securenative_options
+  end
+  def _headers
+    {
+      CONTENT_TYPE_HEADER => CONTENT_TYPE_HEADER_VALUE,
+      USER_AGENT_HEADER => USER_AGENT_HEADER_VALUE,
+      VERSION_HEADER => VersionUtils.version,
+      AUTHORIZATION_HEADER => @options.api_key
+    }
+  end
+  def post(path, body)
+    uri = URI.parse("#{@options.api_url}/#{path}")
+    headers = _headers
+    client = Net::HTTP.new(uri.host, uri.port)
+    client.use_ssl = true
+    client.verify_mode = OpenSSL::SSL::VERIFY_NONE
+    request = Net::HTTP::Post.new(uri.request_uri, headers)
+    request.body = body
+    res = nil
+    begin
+      res = client.request(request)
+    rescue StandardError => e
+      SecureNativeLogger.error("Failed to send request; #{e}")
+      return res
+    end
+    res
+  end
+end

data/lib/{securenative/models → models}/client_token.rb RENAMED

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 class ClientToken
   attr_reader :cid, :vid, :fp
   attr_writer :cid, :vid, :fp

data/lib/{securenative/models → models}/device.rb RENAMED

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 class Device
   attr_reader :device_id
   attr_writer :device_id
@@ -5,4 +7,4 @@ class Device
   def initialize(device_id)
     @device_id = device_id
   end
-end
+end

data/lib/models/event_options.rb ADDED

@@ -0,0 +1,37 @@
+# frozen_string_literal: true
+require 'models/event_options'
+require 'models/user_traits'
+require 'errors/securenative_invalid_options_error'
+class EventOptions
+  attr_reader :event, :user_id, :user_traits, :context, :properties, :timestamp
+  attr_writer :event, :user_id, :user_traits, :context, :properties, :timestamp
+  MAX_PROPERTIES_SIZE = 10
+  def initialize(event: nil, user_id: nil, user_traits: nil, user_name: nil, email: nil, phone: nil, created_at: nil, context: nil, properties: nil, timestamp: nil)
+    if !properties.nil? && properties.length > MAX_PROPERTIES_SIZE
+      raise SecureNativeInvalidOptionsError, "You can have only up to #{MAX_PROPERTIES_SIZE} custom properties"
+    end
+    if user_traits.nil?
+      if user_name && email && phone && created_at
+        user_traits = UserTraits(user_name, email, phone, created_at)
+      elsif user_name && email && phone
+        user_traits = UserTraits(user_name, email, phone)
+      elsif user_name && email
+        user_traits = UserTraits(user_name, email)
+      else
+        user_traits = UserTraits.new
+      end
+    end
+    @event = event
+    @user_id = user_id
+    @user_traits = user_traits
+    @context = context
+    @properties = properties
+    @timestamp = timestamp
+  end
+end

data/lib/{securenative/models → models}/request_context.rb RENAMED

@@ -1,8 +1,10 @@
+# frozen_string_literal: true
 class RequestContext
-  attr_reader :cid, :vid, :fp, :ip, :remote_ip, :headers, :url, :method
-  attr_writer :cid, :vid, :fp, :ip, :remote_ip, :headers, :url, :method
+  attr_reader :cid, :vid, :fp, :ip, :remote_ip, :headers, :url, :http_method
+  attr_writer :cid, :vid, :fp, :ip, :remote_ip, :headers, :url, :http_method
-  def initialize(cid = nil, vid = nil, fp = nil, ip = nil, remote_ip = nil, headers = nil, url = nil, method = nil)
+  def initialize(cid: nil, vid: nil, fp: nil, ip: nil, remote_ip: nil, headers: nil, url: nil, http_method: nil)
     @cid = cid
     @vid = vid
     @fp = fp
@@ -10,6 +12,7 @@ class RequestContext
     @remote_ip = remote_ip
     @headers = headers
     @url = url
-    @method = method
+    @method = http_method
   end
 end

data/lib/models/request_options.rb ADDED

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+class RequestOptions
+  attr_reader :url, :body, :retry_sending
+  attr_writer :url, :body, :retry_sending
+  def initialize(url, body, retry_sending)
+    @url = url
+    @body = body
+    @retry_sending = retry_sending
+  end
+end

data/lib/models/sdk_event.rb ADDED

@@ -0,0 +1,49 @@
+# frozen_string_literal: true
+require 'context/securenative_context'
+require 'errors/securenative_invalid_options_error'
+require 'utils/encryption_utils'
+require 'utils/date_utils'
+require 'models/request_context'
+require 'securerandom'
+class SDKEvent
+  attr_reader :context, :rid, :event_type, :user_id, :user_traits, :request, :timestamp, :properties
+  attr_writer :context, :rid, :event_type, :user_id, :user_traits, :request, :timestamp, :properties
+  def initialize(event_options, securenative_options)
+    if event_options.user_id.nil? || event_options.user_id.length <= 0 || event_options.user_id == ''
+      raise SecureNativeInvalidOptionsError.new, 'Invalid event structure; User Id is missing'
+    end
+    if event_options.event.nil? || event_options.event.length <= 0 || event_options.event == ''
+      raise SecureNativeInvalidOptionsError.new, 'Invalid event structure; Event Type is missing'
+    end
+    @context = if !event_options.context.nil?
+                 event_options.context
+               else
+                 SecureNativeContext.default_context_builder
+               end
+    client_token = EncryptionUtils.decrypt(@context.client_token, securenative_options.api_key)
+    @rid = SecureRandom.uuid.to_str
+    @event_type = event_options.event
+    @user_id = event_options.user_id
+    @user_traits = event_options.user_traits
+    @request = RequestContext.new(cid: client_token ? client_token.cid : '', vid: client_token ? client_token.vid : '',
+                                  fp: client_token ? client_token.fp : '', ip: @context.ip,
+                                  remote_ip: @context.remote_ip, headers: @context.headers,
+                                  url: @context.url, http_method: @context.http_method)
+    @timestamp = DateUtils.to_timestamp(event_options.timestamp)
+    @properties = event_options.properties
+  end
+  def to_s
+    "context: #{@context}, rid: #{@rid}, event_type: #{@event_type}, user_id: #{@user_id},
+    user_traits: #{@user_traits}, request: #{@request}, timestamp: #{@timestamp}, properties: #{@properties}"
+  end
+end

data/lib/{securenative/models → models}/user_traits.rb RENAMED

@@ -1,11 +1,13 @@
+# frozen_string_literal: true
 class UserTraits
   attr_reader :name, :email, :phone, :created_at
   attr_writer :name, :email, :phone, :created_at
-  def initialize(name = nil, email = nil, phone = nil, created_at = nil)
+  def initialize(name: nil, email: nil, phone: nil, created_at: nil)
     @name = name
     @email = email
     @created_at = created_at
     @phone = phone
   end
-end
+end

data/lib/{securenative/models → models}/verify_result.rb RENAMED

@@ -1,10 +1,16 @@
+# frozen_string_literal: true
 class VerifyResult
   attr_reader :risk_level, :score, :triggers
   attr_writer :risk_level, :score, :triggers
-  def initialize(risk_level = nil, score = nil, triggers = nil)
+  def initialize(risk_level: nil, score: nil, triggers: nil)
     @risk_level = risk_level
     @score = score
     @triggers = triggers
   end
-end
+  def to_s
+    "risk_level: #{@risk_level}, score: #{@score}, triggers: #{@triggers}"
+  end
+end

data/lib/securenative.rb ADDED

@@ -0,0 +1,83 @@
+# frozen_string_literal: true
+require 'utils/secure_native_logger'
+require 'utils/signature_utils'
+require 'utils/utils'
+require 'errors/securenative_sdk_error'
+require 'errors/securenative_sdk_Illegal_state_error'
+require 'errors/securenative_config_error'
+require 'enums/failover_strategy'
+require 'config/configuration_builder'
+require 'config/configuration_manager'
+require 'event_manager'
+require 'api_manager'
+class SecureNative
+  attr_reader :options
+  def initialize(options)
+    @securenative = nil
+    raise SecureNativeSDKError, 'You must pass your SecureNative api key' if Utils.null_or_empty?(options.api_key)
+    @options = options
+    @event_manager = EventManager.new(@options)
+    @event_manager.start_event_persist unless @options.api_url.nil?
+    @api_manager = ApiManager.new(@event_manager, @options)
+    SecureNativeLogger.init_logger(@options.log_level)
+  end
+  def self.init_with_options(options)
+    if @securenative.nil?
+      @securenative = SecureNative.new(options)
+      @securenative
+    else
+      SecureNativeLogger.debug('This SDK was already initialized.')
+      raise SecureNativeSDKError, 'This SDK was already initialized.'
+    end
+  end
+  def self.init_with_api_key(api_key)
+    raise SecureNativeConfigError, 'You must pass your SecureNative api key' if Utils.null_or_empty?(api_key)
+    if @securenative.nil?
+      options = ConfigurationBuilder.new(api_key: api_key)
+      @securenative = SecureNative.new(options)
+      @securenative
+    else
+      SecureNativeLogger.debug('This SDK was already initialized.')
+      raise SecureNativeSDKError, 'This SDK was already initialized.'
+    end
+  end
+  def self.init
+    options = ConfigurationManager.load_config
+    init_with_options(options)
+  end
+  def self.instance
+    raise SecureNativeSDKIllegalStateError if @securenative.nil?
+    @securenative
+  end
+  def track(event_options)
+    @api_manager.track(event_options)
+  end
+  def verify(event_options)
+    @api_manager.verify(event_options)
+  end
+  def self._flush
+    @securenative = nil
+  end
+  def verify_request_payload(request)
+    request_signature = request.header[SignatureUtils.SIGNATURE_HEADER]
+    body = request.body
+    SignatureUtils.valid_signature?(@options.api_key, body, request_signature)
+  end
+end

data/lib/utils/date_utils.rb ADDED

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+class DateUtils
+  def self.to_timestamp(date)
+    return Time.now.utc.iso8601 if date.nil?
+    Time.parse(date).iso8601
+  end
+end

data/lib/utils/encryption_utils.rb ADDED

@@ -0,0 +1,49 @@
+# frozen_string_literal: true
+require 'openssl'
+require 'digest'
+require 'base64'
+require 'models/client_token'
+class EncryptionUtils
+  def self.padding_key(key, length)
+    if key.length == length
+      key
+    else
+      if key.length > length
+        key.slice(0, length)
+      else
+        (length - key.length).times { key << '0' }
+        key
+      end
+    end
+  end
+  def self.encrypt(plain_text, secret_key)
+    begin
+      cipher = OpenSSL::Cipher.new('aes-256-cbc')
+      cipher.encrypt
+      iv = cipher.random_iv
+      cipher.key = padding_key(secret_key, 32)
+      encrypted = cipher.update(plain_text) + cipher.final
+      (iv + encrypted).unpack1('H*')
+    rescue StandardError
+      ''
+    end
+  end
+  def self.decrypt(cipher_text, secret_key)
+    begin
+      cipher = OpenSSL::Cipher.new('aes-256-cbc')
+      cipher.decrypt
+      raw_data = [cipher_text].pack('H*')
+      cipher.iv = raw_data.slice(0, 16)
+      cipher.key = padding_key(secret_key, 32)
+      decrypted = JSON.parse(cipher.update(raw_data.slice(16, raw_data.length)) + cipher.final)
+      return ClientToken.new(decrypted['cid'], decrypted['vid'], decrypted['fp'])
+    rescue StandardError
+      ClientToken.new('', '','')
+    end
+  end
+end

data/lib/{securenative/utils → utils}/ip_utils.rb RENAMED

@@ -1,10 +1,11 @@
-class IpUtils
-  VALID_IPV4_PATTERN = '(([01]?\\d\\d?|2[0-4]\\d|25[0-5])\\.){3}([01]?\\d\\d?|2[0-4]\\d|25[0-5])'.freeze
-  VALID_IPV6_PATTERN = '([0-9a-f]{1,4}:){7}([0-9a-f]){1,4}'.freeze
+# frozen_string_literal: true
+require "resolv"
+class IpUtils
   def self.ip_address?(ip_address)
-    return true if IpUtils.VALID_IPV4_PATTERN.match(ip_address)
-    return true if IpUtils.VALID_IPV6_PATTERN.match(ip_address)
+    return true if ip_address =~ Resolv::IPv4::Regex
+    return true if ip_address =~ Resolv::IPv6::Regex
     false
   end
@@ -19,4 +20,4 @@ class IpUtils
   def self.loop_back?(ip_address)
     IPAddr.new(ip_address).loopback?
   end
-end
+end

data/lib/utils/request_utils.rb ADDED

@@ -0,0 +1,69 @@
+# frozen_string_literal: true
+class RequestUtils
+  SECURENATIVE_COOKIE = '_sn'
+  SECURENATIVE_HEADER = 'x-securenative'
+  def self.get_secure_header_from_request(headers)
+    begin
+      return headers[SECURENATIVE_HEADER] unless headers.nil?
+    rescue StandardError
+      []
+    end
+    []
+  end
+  def self.get_client_ip_from_request(request, options = nil)
+    begin
+      return request.ip unless request.ip.nil?
+    rescue NoMethodError
+    end
+    begin
+      x_forwarded_for = request.env['HTTP_X_FORWARDED_FOR']
+      return x_forwarded_for.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless x_forwarded_for.nil?
+    rescue NoMethodError
+      begin
+        x_forwarded_for = request['HTTP_X_FORWARDED_FOR']
+        return x_forwarded_for.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless x_forwarded_for.nil?
+      rescue NoMethodError
+      end
+    end
+    begin
+      x_forwarded_for = request.env['REMOTE_ADDR']
+      return x_forwarded_for.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless x_forwarded_for.nil?
+    rescue NoMethodError
+      begin
+        x_forwarded_for = request['REMOTE_ADDR']
+        return x_forwarded_for.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless x_forwarded_for.nil?
+      rescue NoMethodError
+      end
+    end
+    unless options.nil?
+      for header in options.proxy_headers do
+        begin
+          h = request.env[header]
+          return h.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless h.nil?
+        rescue NoMethodError
+          begin
+            h = request[header]
+            return h.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless h.nil?
+          rescue NoMethodError
+          end
+        end
+      end
+    end
+    ''
+  end
+  def self.get_remote_ip_from_request(request)
+    begin
+      request.remote_ip
+    rescue NoMethodError
+      ''
+    end
+  end
+end