securenative 0.1.21 → 0.1.27

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 8aa7eb317d253da74f5b3f78ef8ca0739074e23c0c06396b4a4fb23d40e44320
-  data.tar.gz: '0975ccad317a881c689bc6b5d80d9c38b677d2d65907f275548471e4cc4c5f9d'
+  metadata.gz: d18bd4d9d663ea3a9c66c02568a6bb7da1c51184025aaad518e54581098ea6fb
+  data.tar.gz: 1f6ef18b8eeda3e0db99439b61e74bf752cd249551aafb7a84c36a22a23a6243
 SHA512:
-  metadata.gz: 5d032dcb9eead67fd2cda1e40e3d402853fc250134d3a325bfb37edf5545440307dd53def5ea79d40e737b2afc2a472110c6a7e9a5092f37d540f7a205637a1b
-  data.tar.gz: f8093a2e2c272d911f5a0ae9f6039e229f1598b1a428efdcdf6752f2f20b7b98acf5aa4553c820e8868b36d218937b7e26c85ab13ce4682ffa4054a729518cdd
+  metadata.gz: 51fefc82971f4be81fc80e53e8df4ae49defb30a773af44ad08da9adad03e4a14d5c6b68b4a24ef30b3948b854f7b4efa442eb946e68e7ca4dc972f1e951804a
+  data.tar.gz: 1a407b96bc50cc0f8db661d70d39a5106e8bc40e37b27e820976c1d989179eca194e866a160e021f1b044a7e066dc6a2c3e06f6ee86fbb553213cb559592cd47

data/Gemfile.lock

@@ -1,61 +1,61 @@
 PATH
   remote: .
   specs:
-    securenative (0.1.21)
+    securenative (0.1.27)
 
 GEM
   remote: https://rubygems.org/
   specs:
-    actioncable (6.0.3.2)
-      actionpack (= 6.0.3.2)
+    actioncable (6.0.3.3)
+      actionpack (= 6.0.3.3)
       nio4r (~> 2.0)
       websocket-driver (>= 0.6.1)
-    actionmailbox (6.0.3.2)
-      actionpack (= 6.0.3.2)
-      activejob (= 6.0.3.2)
-      activerecord (= 6.0.3.2)
-      activestorage (= 6.0.3.2)
-      activesupport (= 6.0.3.2)
+    actionmailbox (6.0.3.3)
+      actionpack (= 6.0.3.3)
+      activejob (= 6.0.3.3)
+      activerecord (= 6.0.3.3)
+      activestorage (= 6.0.3.3)
+      activesupport (= 6.0.3.3)
       mail (>= 2.7.1)
-    actionmailer (6.0.3.2)
-      actionpack (= 6.0.3.2)
-      actionview (= 6.0.3.2)
-      activejob (= 6.0.3.2)
+    actionmailer (6.0.3.3)
+      actionpack (= 6.0.3.3)
+      actionview (= 6.0.3.3)
+      activejob (= 6.0.3.3)
       mail (~> 2.5, >= 2.5.4)
       rails-dom-testing (~> 2.0)
-    actionpack (6.0.3.2)
-      actionview (= 6.0.3.2)
-      activesupport (= 6.0.3.2)
+    actionpack (6.0.3.3)
+      actionview (= 6.0.3.3)
+      activesupport (= 6.0.3.3)
       rack (~> 2.0, >= 2.0.8)
       rack-test (>= 0.6.3)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.0, >= 1.2.0)
-    actiontext (6.0.3.2)
-      actionpack (= 6.0.3.2)
-      activerecord (= 6.0.3.2)
-      activestorage (= 6.0.3.2)
-      activesupport (= 6.0.3.2)
+    actiontext (6.0.3.3)
+      actionpack (= 6.0.3.3)
+      activerecord (= 6.0.3.3)
+      activestorage (= 6.0.3.3)
+      activesupport (= 6.0.3.3)
       nokogiri (>= 1.8.5)
-    actionview (6.0.3.2)
-      activesupport (= 6.0.3.2)
+    actionview (6.0.3.3)
+      activesupport (= 6.0.3.3)
       builder (~> 3.1)
       erubi (~> 1.4)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.1, >= 1.2.0)
-    activejob (6.0.3.2)
-      activesupport (= 6.0.3.2)
+    activejob (6.0.3.3)
+      activesupport (= 6.0.3.3)
       globalid (>= 0.3.6)
-    activemodel (6.0.3.2)
-      activesupport (= 6.0.3.2)
-    activerecord (6.0.3.2)
-      activemodel (= 6.0.3.2)
-      activesupport (= 6.0.3.2)
-    activestorage (6.0.3.2)
-      actionpack (= 6.0.3.2)
-      activejob (= 6.0.3.2)
-      activerecord (= 6.0.3.2)
+    activemodel (6.0.3.3)
+      activesupport (= 6.0.3.3)
+    activerecord (6.0.3.3)
+      activemodel (= 6.0.3.3)
+      activesupport (= 6.0.3.3)
+    activestorage (6.0.3.3)
+      actionpack (= 6.0.3.3)
+      activejob (= 6.0.3.3)
+      activerecord (= 6.0.3.3)
       marcel (~> 0.3.1)
-    activesupport (6.0.3.2)
+    activesupport (6.0.3.3)
       concurrent-ruby (~> 1.0, >= 1.0.2)
       i18n (>= 0.7, < 2)
       minitest (~> 5.1)
@@ -64,14 +64,11 @@ GEM
     addressable (2.7.0)
       public_suffix (>= 2.0.2, < 5.0)
     builder (3.2.4)
-    codecov (0.2.6)
-      colorize
+    codecov (0.2.11)
       json
       simplecov
-    colorize (0.8.1)
     concurrent-ruby (1.1.7)
-    crack (0.4.3)
-      safe_yaml (~> 1.0.0)
+    crack (0.4.4)
     crass (1.0.6)
     diff-lcs (1.4.4)
     docile (1.3.2)
@@ -157,7 +154,7 @@ GEM
       concurrent-ruby (~> 1.0)
     inflecto (0.0.2)
     json (2.3.1)
-    loofah (2.6.0)
+    loofah (2.7.0)
       crass (~> 1.0.2)
       nokogiri (>= 1.5.9)
     mail (2.7.1)
@@ -168,41 +165,41 @@ GEM
     mimemagic (0.3.5)
     mini_mime (1.0.2)
     mini_portile2 (2.4.0)
-    minitest (5.14.1)
+    minitest (5.14.2)
     mustermann (1.1.1)
       ruby2_keywords (~> 0.0.1)
-    nio4r (2.5.2)
+    nio4r (2.5.4)
     nokogiri (1.10.10)
       mini_portile2 (~> 2.4.0)
-    public_suffix (4.0.5)
+    public_suffix (4.0.6)
     rack (2.2.3)
-    rack-protection (2.0.8.1)
+    rack-protection (2.1.0)
       rack
     rack-test (1.1.0)
       rack (>= 1.0, < 3)
-    rails (6.0.3.2)
-      actioncable (= 6.0.3.2)
-      actionmailbox (= 6.0.3.2)
-      actionmailer (= 6.0.3.2)
-      actionpack (= 6.0.3.2)
-      actiontext (= 6.0.3.2)
-      actionview (= 6.0.3.2)
-      activejob (= 6.0.3.2)
-      activemodel (= 6.0.3.2)
-      activerecord (= 6.0.3.2)
-      activestorage (= 6.0.3.2)
-      activesupport (= 6.0.3.2)
+    rails (6.0.3.3)
+      actioncable (= 6.0.3.3)
+      actionmailbox (= 6.0.3.3)
+      actionmailer (= 6.0.3.3)
+      actionpack (= 6.0.3.3)
+      actiontext (= 6.0.3.3)
+      actionview (= 6.0.3.3)
+      activejob (= 6.0.3.3)
+      activemodel (= 6.0.3.3)
+      activerecord (= 6.0.3.3)
+      activestorage (= 6.0.3.3)
+      activesupport (= 6.0.3.3)
       bundler (>= 1.3.0)
-      railties (= 6.0.3.2)
+      railties (= 6.0.3.3)
       sprockets-rails (>= 2.0.0)
     rails-dom-testing (2.0.3)
       activesupport (>= 4.2.0)
       nokogiri (>= 1.6)
     rails-html-sanitizer (1.3.0)
       loofah (~> 2.3)
-    railties (6.0.3.2)
-      actionpack (= 6.0.3.2)
-      activesupport (= 6.0.3.2)
+    railties (6.0.3.3)
+      actionpack (= 6.0.3.3)
+      activesupport (= 6.0.3.3)
       method_source
       rake (>= 0.8.7)
       thor (>= 0.20.3, < 2.0)
@@ -221,20 +218,19 @@ GEM
       rspec-support (~> 3.9.0)
     rspec-support (3.9.3)
     ruby2_keywords (0.0.2)
-    safe_yaml (1.0.5)
     simplecov (0.19.0)
       docile (~> 1.1)
       simplecov-html (~> 0.11)
-    simplecov-html (0.12.2)
-    sinatra (2.0.8.1)
+    simplecov-html (0.12.3)
+    sinatra (2.1.0)
       mustermann (~> 1.0)
-      rack (~> 2.0)
-      rack-protection (= 2.0.8.1)
+      rack (~> 2.2)
+      rack-protection (= 2.1.0)
       tilt (~> 2.0)
     sprockets (4.0.2)
       concurrent-ruby (~> 1.0)
       rack (> 1, < 3)
-    sprockets-rails (3.2.1)
+    sprockets-rails (3.2.2)
       actionpack (>= 4.0)
       activesupport (>= 4.0)
       sprockets (>= 3.0.0)
@@ -246,7 +242,7 @@ GEM
       thread_safe (~> 0.1)
     url_mount (0.2.1)
       rack
-    webmock (3.8.3)
+    webmock (3.9.1)
       addressable (>= 2.3.6)
       crack (>= 0.3.2)
       hashdiff (>= 0.4.0, < 2.0.0)

data/README.md

@@ -50,36 +50,36 @@ To get your *API KEY*, login to your SecureNative account and go to project sett
 SecureNative can automatically load your config from *securenative.yml* file or from the file that is specified in your *SECURENATIVE_CONFIG_FILE* env variable:
 
 ```ruby
-require 'securenative'
+require 'securenative/securenative'
 
 
-secureative =  SecureNative.init
+secureative =  SecureNative::SecureNative.init
 ```
 ### Option 2: Initialize via API Key
 
 ```ruby
-require 'securenative'
+require 'securenative/sdk'
 
 
-securenative =  SecureNative.init_with_api_key('YOUR_API_KEY')
+securenative =  SecureNative::SecureNative.init_with_api_key('YOUR_API_KEY')
 ```
 
 ### Option 3: Initialize via ConfigurationBuilder
 ```ruby
-require 'securenative'
+require 'securenative/sdk'
 
 
-options = ConfigurationBuilder.new(api_key: 'API_KEY', max_events: 10, log_level: 'ERROR')
-SecureNative.init_with_options(options)                                 
+options = SecureNative::ConfigurationBuilder.new(api_key: 'API_KEY', max_events: 10, log_level: 'ERROR')
+SecureNative::SecureNative.init_with_options(options)                                 
 ```
 
 ## Getting SecureNative instance
 Once initialized, sdk will create a singleton instance which you can get: 
 ```ruby
-require 'securenative'
+require 'securenative/sdk'
 
 
-secureNative = SecureNative.instance
+secureNative = SecureNative::SecureNative.instance
 ```
 
 ## Tracking events
@@ -88,19 +88,19 @@ Once the SDK has been initialized, tracking requests sent through the SDK
 instance. Make sure you build event with the EventBuilder:
 
  ```ruby
-require 'securenative'
-require 'models/event_options'
-require 'enums/event_types'
-require 'models/user_traits'
+require 'securenative/sdk'
+require 'securenative/models/event_options'
+require 'securenative/enums/event_types'
+require 'securenative/models/user_traits'
 
 
 def track
-    securenative = SecureNative.instance
-    context = SecureNativeContext.new(client_token: '2a980d872b939c7e4f4378aa111a5eeffb22808b58b5372f658d34904ebd5b05fff0daab91921243ac08b72442a5b3992e402dc21df16aa7cc0e19f8bffa9d6cc59996d480d70aa22b857189403675d37fd144ebaf9dc697fed149b907678f2b1f964d73b332dc8ea7df63fcfc3c11f7bbb51ba2672652ca7d5d43f36a62e15db8b13dfd794a5eccfc5968ca514dd7cce59f2df2b9d8184d076eba808c81b311', ip: '127.0.0.1',
+    securenative = SecureNative::SecureNative.instance
+    context = SecureNative::SecureNativeContext.new(client_token: 'SECURED_CLIENT_TOKEN', ip: '127.0.0.1',
                                        headers: { 'user-agent' => 'Mozilla: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:47.0) Gecko/20100101 Firefox/47.3 Mozilla/5.0 (Macintosh; Intel Mac OS X x.y; rv:42.0) Gecko/20100101 Firefox/43.4' })
     
-    event_options = EventOptions.new(event: EventTypes::LOG_IN, user_id: '1234', context: context,
-                                     user_traits: UserTraits.new(name: 'Your Name', email: 'name@gmail.com', phone: '+1234567890'),
+    event_options = SecureNative::EventOptions.new(event: SecureNative::EventTypes::LOG_IN, user_id: '1234', context: context,
+                                     user_traits: SecureNative::UserTraits.new(name: 'Your Name', email: 'name@gmail.com', phone: '+1234567890'),
                                      properties: { custom_param1: 'CUSTOM_PARAM_VALUE', custom_param2: true, custom_param3: 3 })
     
     securenative.track(event_options)
@@ -109,21 +109,21 @@ def track
 end
  ```
 
-You can also create request context from requests:
+You can also create request securenative.context from requests:
 
 ```ruby
-require 'securenative'
-require 'models/event_options'
-require 'enums/event_types'
-require 'models/user_traits'
+require 'securenative/sdk'
+require 'securenative/models/event_options'
+require 'securenative/enums/event_types'
+require 'securenative/models/user_traits'
 
 
-def track
-    securenative = SecureNative.instance
-    context = SecureNativeContext.from_http_request(request)
+def track(request)
+    securenative = SecureNative::SecureNative.instance
+    context = SecureNative::SecureNativeContext.from_http_request(request)
     
-    event_options = EventOptions.new(event: EventTypes::LOG_IN, user_id: '1234', context: context,
-                                     user_traits: UserTraits.new(name: 'Your Name', email: 'name@gmail.com', phone: '+1234567890'),
+    event_options = SecureNative::EventOptions.new(event: SecureNative::EventTypes::LOG_IN, user_id: '1234', context: context,
+                                     user_traits: SecureNative::UserTraits.new(name: 'Your Name', email: 'name@gmail.com', phone: '+1234567890'),
                                      properties: { custom_param1: 'CUSTOM_PARAM_VALUE', custom_param2: true, custom_param3: 3 })
     
     securenative.track(event_options)
@@ -137,18 +137,18 @@ end
 **Example**
 
 ```ruby
-require 'securenative'
-require 'models/event_options'
-require 'enums/event_types'
-require 'models/user_traits'
+require 'securenative/sdk'
+require 'securenative/models/event_options'
+require 'securenative/enums/event_types'
+require 'securenative/models/user_traits'
 
 
 def verify(request)
-    securenative = SecureNative.instance
-    context = SecureNativeContext.from_http_request(request)
+    securenative = SecureNative::SecureNative.instance
+    context = SecureNative::SecureNativeContext.from_http_request(request)
 
-    event_options = EventOptions.new(event: EventTypes::LOG_IN, user_id: '1234', context: context,
-                                         user_traits: UserTraits.new(name: 'Your Name', email: 'name@gmail.com', phone: '+1234567890'),
+    event_options = SecureNative::EventOptions.new(event: SecureNative::EventTypes::LOG_IN, user_id: '1234', context: context,
+                                         user_traits: SecureNative::UserTraits.new(name: 'Your Name', email: 'name@gmail.com', phone: '+1234567890'),
                                          properties: { custom_param1: 'CUSTOM_PARAM_VALUE', custom_param2: true, custom_param3: 3 })
     
     verify_result = securenative.verify(event_options)
@@ -163,11 +163,11 @@ end
 Apply our filter to verify the request is from us, for example:
 
 ```ruby
-require 'securenative'
+require 'securenative/sdk'
 
 
 def webhook_endpoint(request)
-    securenative = SecureNative.instance
+    securenative = SecureNative::SecureNative.instance
     
     # Checks if request is verified
     is_verified = securenative.verify_request_payload(request)

data/lib/securenative/api_manager.rb

@@ -0,0 +1,41 @@
+# frozen_string_literal: true
+
+require 'securenative/models/sdk_event'
+require 'securenative/enums/failover_strategy'
+require 'securenative/enums/risk_level'
+require 'securenative/enums/api_route'
+require 'securenative/models/verify_result'
+require 'json'
+
+module SecureNative
+  class ApiManager
+    def initialize(event_manager, securenative_options)
+      @event_manager = event_manager
+      @options = securenative_options
+    end
+
+    def track(event_options)
+      SecureNativeLogger.debug('Track event call')
+      event = SDKEvent.new(event_options, @options)
+      @event_manager.send_async(event, ApiRoute::TRACK)
+    end
+
+    def verify(event_options)
+      SecureNativeLogger.debug('Verify event call')
+      event = SDKEvent.new(event_options, @options)
+
+      begin
+        res = @event_manager.send_sync(event, ApiRoute::VERIFY, false)
+        ver_result = JSON.parse(res.body)
+        return VerifyResult.new(risk_level: ver_result['riskLevel'], score: ver_result['score'], triggers: ver_result['triggers'])
+      rescue StandardError => e
+        SecureNativeLogger.debug("Failed to call verify; #{e}")
+      end
+      if @options.fail_over_strategy == FailOverStrategy::FAIL_OPEN
+        return VerifyResult.new(risk_level: RiskLevel::LOW, score: 0, triggers: nil)
+      end
+
+      VerifyResult.new(risk_level: RiskLevel::HIGH, score: 1, triggers: nil)
+    end
+  end
+end

data/lib/securenative/config/configuration_builder.rb

@@ -0,0 +1,29 @@
+# frozen_string_literal: true
+
+require 'securenative/enums/failover_strategy'
+
+module SecureNative
+  class ConfigurationBuilder
+    attr_reader :api_key, :api_url, :interval, :max_events, :timeout, :auto_send, :disable, :log_level, :fail_over_strategy, :proxy_headers
+    attr_writer :api_key, :api_url, :interval, :max_events, :timeout, :auto_send, :disable, :log_level, :fail_over_strategy, :proxy_headers
+
+    def initialize(api_key: nil, api_url: 'https://api.securenative.com/collector/api/v1', interval: 1000,
+                   max_events: 1000, timeout: 1500, auto_send: true, disable: false, log_level: 'FATAL',
+                   fail_over_strategy: FailOverStrategy::FAIL_OPEN, proxy_headers: nil)
+      @api_key = api_key
+      @api_url = api_url
+      @interval = interval
+      @max_events = max_events
+      @timeout = timeout
+      @auto_send = auto_send
+      @disable = disable
+      @log_level = log_level
+      @fail_over_strategy = fail_over_strategy
+      @proxy_headers = proxy_headers
+    end
+
+    def self.default_securenative_options
+      SecureNativeOptions.new
+    end
+  end
+end

data/lib/securenative/config/configuration_manager.rb

@@ -0,0 +1,58 @@
+# frozen_string_literal: true
+
+require 'yaml'
+require 'securenative/config/configuration_builder'
+
+module SecureNative
+  class ConfigurationManager
+    DEFAULT_CONFIG_FILE = 'securenative.yml'
+    CUSTOM_CONFIG_FILE_ENV_NAME = 'SECURENATIVE_CONFIG_FILE'
+    @config = nil
+
+    def self.read_resource_file(resource_path)
+      properties = {}
+      begin
+        @config = YAML.load_file(resource_path)
+        properties = @config unless @config.nil?
+      rescue StandardError => e
+        SecureNativeLogger.error("Could not parse securenative.config file #{resource_path}; #{e}")
+      end
+      properties
+    end
+
+    def self._get_resource_path(env_name)
+      Env.fetch(env_name, ENV[DEFAULT_CONFIG_FILE])
+    end
+
+    def self.config_builder
+      ConfigurationBuilder.new
+    end
+
+    def self._get_env_or_default(properties, key, default)
+      return ENV[key] if ENV[key]
+      return properties[key] if properties[key]
+
+      default
+    end
+
+    def self.load_config
+      options = ConfigurationBuilder.default_securenative_options
+
+      resource_path = DEFAULT_CONFIG_FILE
+      resource_path = ENV[CUSTOM_CONFIG_FILE_ENV_NAME] unless ENV[CUSTOM_CONFIG_FILE_ENV_NAME].nil?
+
+      properties = read_resource_file(resource_path)
+
+      ConfigurationBuilder.new(api_key: _get_env_or_default(properties, 'SECURENATIVE_API_KEY', options.api_key),
+                               api_url: _get_env_or_default(properties, 'SECURENATIVE_API_URL', options.api_url),
+                               interval: _get_env_or_default(properties, 'SECURENATIVE_INTERVAL', options.interval),
+                               max_events: _get_env_or_default(properties, 'SECURENATIVE_MAX_EVENTS', options.max_events),
+                               timeout: _get_env_or_default(properties, 'SECURENATIVE_TIMEOUT', options.timeout),
+                               auto_send: _get_env_or_default(properties, 'SECURENATIVE_AUTO_SEND', options.auto_send),
+                               disable: _get_env_or_default(properties, 'SECURENATIVE_DISABLE', options.disable),
+                               log_level: _get_env_or_default(properties, 'SECURENATIVE_LOG_LEVEL', options.log_level),
+                               fail_over_strategy: _get_env_or_default(properties, 'SECURENATIVE_FAILOVER_STRATEGY', options.fail_over_strategy),
+                               proxy_headers: _get_env_or_default(properties, 'SECURENATIVE_PROXY_HEADERS', options.proxy_headers))
+    end
+  end
+end