securenative 0.1.17 → 0.1.23

data/out/production/securenative-ruby/securenative.rb

@@ -0,0 +1,83 @@
+# frozen_string_literal: true
+
+require 'utils/secure_native_logger'
+require 'utils/signature_utils'
+require 'utils/utils'
+require 'errors/securenative_sdk_error'
+require 'errors/securenative_sdk_Illegal_state_error'
+require 'errors/securenative_config_error'
+require 'enums/failover_strategy'
+require 'config/configuration_builder'
+require 'config/configuration_manager'
+require 'event_manager'
+require 'api_manager'
+
+class SecureNative
+  attr_reader :options
+
+  def initialize(options)
+    @securenative = nil
+    raise SecureNativeSDKError, 'You must pass your SecureNative api key' if Utils.null_or_empty?(options.api_key)
+
+    @options = options
+    @event_manager = EventManager.new(@options)
+
+    @event_manager.start_event_persist unless @options.api_url.nil?
+
+    @api_manager = ApiManager.new(@event_manager, @options)
+    SecureNativeLogger.init_logger(@options.log_level)
+  end
+
+  def self.init_with_options(options)
+    if @securenative.nil?
+      @securenative = SecureNative.new(options)
+      @securenative
+    else
+      SecureNativeLogger.debug('This SDK was already initialized.')
+      raise SecureNativeSDKError, 'This SDK was already initialized.'
+    end
+  end
+
+  def self.init_with_api_key(api_key)
+    raise SecureNativeConfigError, 'You must pass your SecureNative api key' if Utils.null_or_empty?(api_key)
+
+    if @securenative.nil?
+      options = ConfigurationBuilder.new(api_key: api_key)
+      @securenative = SecureNative.new(options)
+      @securenative
+    else
+      SecureNativeLogger.debug('This SDK was already initialized.')
+      raise SecureNativeSDKError, 'This SDK was already initialized.'
+    end
+  end
+
+  def self.init
+    options = ConfigurationManager.load_config
+    init_with_options(options)
+  end
+
+  def self.instance
+    raise SecureNativeSDKIllegalStateError if @securenative.nil?
+
+    @securenative
+  end
+
+  def track(event_options)
+    @api_manager.track(event_options)
+  end
+
+  def verify(event_options)
+    @api_manager.verify(event_options)
+  end
+
+  def self._flush
+    @securenative = nil
+  end
+
+  def verify_request_payload(request)
+    request_signature = request.header[SignatureUtils.SIGNATURE_HEADER]
+    body = request.body
+
+    SignatureUtils.valid_signature?(@options.api_key, body, request_signature)
+  end
+end

data/out/production/securenative-ruby/utils/date_utils.rb

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+class DateUtils
+  def self.to_timestamp(date)
+    return Time.now.utc.iso8601 if date.nil?
+
+    Time.parse(date).iso8601
+  end
+end

data/out/production/securenative-ruby/utils/encryption_utils.rb

@@ -0,0 +1,49 @@
+# frozen_string_literal: true
+
+require 'openssl'
+require 'digest'
+require 'base64'
+require 'models/client_token'
+
+class EncryptionUtils
+  def self.padding_key(key, length)
+    if key.length == length
+      key
+    else
+      if key.length > length
+        key.slice(0, length)
+      else
+        (length - key.length).times { key << '0' }
+        key
+      end
+    end
+  end
+
+  def self.encrypt(plain_text, secret_key)
+    begin
+      cipher = OpenSSL::Cipher.new('aes-256-cbc')
+      cipher.encrypt
+      iv = cipher.random_iv
+      cipher.key = padding_key(secret_key, 32)
+      encrypted = cipher.update(plain_text) + cipher.final
+      (iv + encrypted).unpack1('H*')
+    rescue StandardError
+      ''
+    end
+  end
+
+  def self.decrypt(cipher_text, secret_key)
+    begin
+      cipher = OpenSSL::Cipher.new('aes-256-cbc')
+      cipher.decrypt
+      raw_data = [cipher_text].pack('H*')
+      cipher.iv = raw_data.slice(0, 16)
+      cipher.key = padding_key(secret_key, 32)
+      decrypted = JSON.parse(cipher.update(raw_data.slice(16, raw_data.length)) + cipher.final)
+
+      return ClientToken.new(decrypted['cid'], decrypted['vid'], decrypted['fp'])
+    rescue StandardError
+      ClientToken.new('', '','')
+    end
+  end
+end

data/out/production/securenative-ruby/utils/ip_utils.rb

@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+require "resolv"
+
+class IpUtils
+  def self.ip_address?(ip_address)
+    return true if ip_address =~ Resolv::IPv4::Regex
+    return true if ip_address =~ Resolv::IPv6::Regex
+
+    false
+  end
+
+  def self.valid_public_ip?(ip_address)
+    ip = IPAddr.new(ip_address)
+    return false if ip.loopback? || ip.private? || ip.link_local? || ip.untrusted? || ip.tainted?
+
+    true
+  end
+
+  def self.loop_back?(ip_address)
+    IPAddr.new(ip_address).loopback?
+  end
+end

data/out/production/securenative-ruby/utils/request_utils.rb

@@ -0,0 +1,69 @@
+# frozen_string_literal: true
+
+class RequestUtils
+  SECURENATIVE_COOKIE = '_sn'
+  SECURENATIVE_HEADER = 'x-securenative'
+
+  def self.get_secure_header_from_request(headers)
+    begin
+      return headers[SECURENATIVE_HEADER] unless headers.nil?
+    rescue StandardError
+      []
+    end
+    []
+  end
+
+  def self.get_client_ip_from_request(request, options = nil)
+    begin
+      return request.ip unless request.ip.nil?
+    rescue NoMethodError
+    end
+
+    begin
+      x_forwarded_for = request.env['HTTP_X_FORWARDED_FOR']
+      return x_forwarded_for unless x_forwarded_for.nil?
+    rescue NoMethodError
+      begin
+        x_forwarded_for = request['HTTP_X_FORWARDED_FOR']
+        return x_forwarded_for unless x_forwarded_for.nil?
+      rescue NoMethodError
+      end
+    end
+
+    begin
+      x_forwarded_for = request.env['REMOTE_ADDR']
+      return x_forwarded_for unless x_forwarded_for.nil?
+    rescue NoMethodError
+      begin
+        x_forwarded_for = request['REMOTE_ADDR']
+        return x_forwarded_for unless x_forwarded_for.nil?
+      rescue NoMethodError
+      end
+    end
+
+    unless options.nil?
+      for header in options.proxy_headers do
+        begin
+          h = request.env[header]
+          return h unless h.nil?
+        rescue NoMethodError
+          begin
+            h = request[header]
+            return h unless h.nil?
+          rescue NoMethodError
+          end
+        end
+      end
+    end
+
+    ''
+  end
+
+  def self.get_remote_ip_from_request(request)
+    begin
+      request.remote_ip
+    rescue NoMethodError
+      ''
+    end
+  end
+end

data/out/production/securenative-ruby/utils/secure_native_logger.rb

@@ -0,0 +1,44 @@
+# frozen_string_literal: true
+
+require 'logger'
+
+class SecureNativeLogger
+  @logger = Logger.new(STDOUT)
+
+  def self.init_logger(level = 'DEBUG')
+    @logger.level = case level
+                    when 'WARN'
+                      Logger::WARN
+                    when 'DEBUG'
+                      Logger::DEBUG
+                    when 'ERROR'
+                      Logger::ERROR
+                    when 'FATAL'
+                      Logger::FATAL
+                    when 'INFO'
+                      Logger::INFO
+                    else
+                      Logger::FATAL
+                    end
+
+    @logger.formatter = proc do |severity, datetime, progname, msg|
+      "[#{datetime}] #{severity}  (#{progname}): #{msg}\n"
+    end
+  end
+
+  def self.info(msg)
+    @logger.info(msg)
+  end
+
+  def self.debug(msg)
+    @logger.debug(msg)
+  end
+
+  def self.warning(msg)
+    @logger.warning(msg)
+  end
+
+  def self.error(msg)
+    @logger.error(msg)
+  end
+end

data/out/production/securenative-ruby/utils/signature_utils.rb

@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+
+require 'openssl'
+
+class SignatureUtils
+  SIGNATURE_HEADER = 'x-securenative'
+
+  def self.valid_signature?(api_key, payload, header_signature)
+    key = api_key.encode('utf-8')
+    body = payload.encode('utf-8')
+    calculated_signature = OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha512'), key, body)
+    calculated_signature.eql? header_signature
+  rescue StandardError
+    false
+  end
+end

data/out/production/securenative-ruby/utils/utils.rb

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+class Utils
+  def self.null_or_empty?(string)
+    return true if !string || string.empty? || string.nil?
+
+    false
+  end
+end

data/out/production/securenative-ruby/utils/version_utils.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+class VersionUtils
+  def self.version
+    begin
+      Gem.loaded_specs['securenative'].version.to_s
+    rescue StandardError
+      'unknown'
+    end
+  end
+end

data/out/test/securenative-ruby/spec_api_manager.rb

@@ -0,0 +1,87 @@
+# frozen_string_literal: true
+
+require 'api_manager'
+require 'webmock/rspec'
+require 'config/configuration_builder'
+require 'errors/securenative_invalid_options_error'
+require 'models/event_options'
+require 'models/verify_result'
+require 'models/user_traits'
+require 'enums/event_types'
+require 'enums/risk_level'
+require 'event_manager'
+require 'rspec'
+
+RSpec.describe ApiManager do
+  it 'tracks an event' do
+    options = ConfigurationBuilder.new(api_key: 'YOUR_API_KEY', auto_send: true, interval: 10, api_url: 'https://api.securenative-stg.com/collector/api/v1')
+
+    stub_request(:post, 'https://api.securenative-stg.com/collector/api/v1/track').to_return(status: 200)
+    event_manager = EventManager.new(options)
+    event_manager.start_event_persist
+    api_manager = ApiManager.new(event_manager, options)
+    event_options = EventOptions.new(event: EventTypes::LOG_IN, user_id: 'USER_ID',
+                                     user_traits: UserTraits.new(name: 'USER_NAME', email: 'USER_EMAIL', phone: '+1234567890'),
+                                     properties: { prop1: 'CUSTOM_PARAM_VALUE', prop2: true, prop3: 3 })
+
+    begin
+      res = api_manager.track(event_options)
+    ensure
+      event_manager.stop_event_persist
+    end
+
+    expect(res).to_not be_nil
+  end
+
+  it 'uses invalid options' do
+    options = ConfigurationBuilder.new(api_key: 'YOUR_API_KEY', auto_send: true, interval: 10, api_url: 'https://api.securenative-stg.com/collector/api/v1')
+
+    properties = {}
+    (0..12).each do |i|
+      properties[i] = i
+    end
+
+    stub_request(:post, 'https://api.securenative-stg.com/collector/api/v1/track').to_return(status: 200)
+    event_manager = EventManager.new(options)
+    event_manager.start_event_persist
+    api_manager = ApiManager.new(event_manager, options)
+
+    begin
+      expect { api_manager.track(EventOptions.new(event: EventTypes::LOG_IN, properties: properties)) }
+        .to raise_error(SecureNativeInvalidOptionsError)
+    ensure
+      event_manager.stop_event_persist
+    end
+  end
+
+  it 'verifies an event' do
+    options = ConfigurationBuilder.new(api_key: 'YOUR_API_KEY', api_url: 'https://api.securenative-stg.com/collector/api/v1')
+
+    stub_request(:post, "https://api.securenative-stg.com/collector/api/v1/verify").
+        with(
+            headers: {
+                'Accept'=>'*/*',
+                'Accept-Encoding'=>'gzip;q=1.0,deflate;q=0.6,identity;q=0.3',
+                'Authorization'=>'YOUR_API_KEY',
+                'Content-Type'=>'application/json',
+                'Sn-Version'=>'0.1.22',
+                'User-Agent'=>'SecureNative-ruby'
+            }).
+        to_return(status: 200, body: "", headers: {})
+
+
+    event_manager = EventManager.new(options)
+    event_manager.start_event_persist
+    api_manager = ApiManager.new(event_manager, options)
+    event_options = EventOptions.new(event: EventTypes::LOG_IN, user_id: 'USER_ID',
+                                     user_traits: UserTraits.new(name: 'USER_NAME', email: 'USER_EMAIL', phone: '+1234567890'),
+                                     properties: { prop1: 'CUSTOM_PARAM_VALUE', prop2: true, prop3: 3 })
+
+    result = api_manager.verify(event_options)
+
+    expect(result).not_to be_nil
+    expect(result.risk_level).to eq('low')
+    expect(result.score).to eq(0)
+    expect(result.triggers).to eq(nil)
+  end
+end

data/out/test/securenative-ruby/spec_context_builder.rb

@@ -0,0 +1,87 @@
+# frozen_string_literal: true
+
+require 'context/securenative_context'
+require 'webmock/rspec'
+require 'rails'
+require 'hanami'
+require 'sinatra'
+require 'rspec'
+
+RSpec.describe SecureNativeContext do
+  it 'creates context from ruby default request' do
+    stub_request(:any, 'www.example.com')
+      .to_return(status: 200,
+                 headers: { '_sn': '71532c1fad2c7f56118f7969e401f3cf080239140d208e7934e6a530818c37e544a0c2330a487bcc6fe4f662a57f265a3ed9f37871e80529128a5e4f2ca02db0fb975ded401398f698f19bb0cafd68a239c6caff99f6f105286ab695eaf3477365bdef524f5d70d9be1d1d474506b433aed05d7ed9a435eeca357de57817b37c638b6bb417ffb101eaf856987615a77a' })
+
+    request = Net::HTTP.get_response('www.example.com', '/')
+    context = SecureNativeContext.from_http_request(request)
+
+    expect(context.ip).to eq('')
+    expect(context.http_method).to eq('')
+    expect(context.url).to eq('')
+    expect(context.remote_ip).to eq('')
+    expect(context.headers['-sn']).to eq(['71532c1fad2c7f56118f7969e401f3cf080239140d208e7934e6a530818c37e544a0c2330a487bcc6fe4f662a57f265a3ed9f37871e80529128a5e4f2ca02db0fb975ded401398f698f19bb0cafd68a239c6caff99f6f105286ab695eaf3477365bdef524f5d70d9be1d1d474506b433aed05d7ed9a435eeca357de57817b37c638b6bb417ffb101eaf856987615a77a'])
+    expect(context.body).to eq('')
+  end
+
+  it 'creates context from rails request' do
+    request = ActionDispatch::Request.new(nil)
+    context = SecureNativeContext.from_http_request(request)
+
+    expect(context.ip).to eq('')
+    expect(context.http_method).to eq('')
+    expect(context.url).to eq('')
+    expect(context.remote_ip).to eq('')
+    expect(context.headers).to eq([])
+    expect(context.body).to eq('')
+  end
+
+  it 'creates context from sinatra request' do
+    request = Sinatra::Request.new(nil)
+    context = SecureNativeContext.from_http_request(request)
+
+    expect(context.ip).to eq('')
+    expect(context.http_method).to eq('')
+    expect(context.url).to eq('')
+    expect(context.remote_ip).to eq('')
+    expect(context.headers).to eq([])
+    expect(context.body).to eq('')
+  end
+
+  it 'creates context from hanami request' do
+    request = Hanami::Action::Request
+    context = SecureNativeContext.from_http_request(request)
+
+    expect(context.ip).to eq('')
+    expect(context.http_method).to eq('')
+    expect(context.url).to eq('')
+    expect(context.remote_ip).to eq('')
+    expect(context.headers).to eq([])
+    expect(context.body).to eq('')
+  end
+
+  it 'creates default context builder' do
+    context = SecureNativeContext.default_context_builder
+
+    expect(context.client_token).to eq('')
+    expect(context.ip).to eq('')
+    expect(context.http_method).to eq('')
+    expect(context.url).to eq('')
+    expect(context.remote_ip).to eq('')
+    expect(context.headers).to be_nil
+    expect(context.body).to eq('')
+  end
+
+  it 'creates custom context with context builder' do
+    context = SecureNativeContext.new(client_token: 'SECRET_TOKEN', ip: '10.0.0.0', remote_ip: '10.0.0.0',
+                                      headers: { 'header' => 'value1' }, url: '/some-url', http_method: 'Get', body: nil)
+
+    expect(context.url).to eq('/some-url')
+    expect(context.client_token).to eq('SECRET_TOKEN')
+    expect(context.ip).to eq('10.0.0.0')
+    expect(context.body).to be_nil
+    expect(context.http_method).to eq('Get')
+    expect(context.remote_ip).to eq('10.0.0.0')
+    expect(context.headers).to eq({ 'header' => 'value1' })
+  end
+end