securenative 0.1.22 → 0.1.23
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Gemfile.lock +62 -64
- data/lib/config/configuration_builder.rb +4 -3
- data/lib/config/configuration_manager.rb +2 -1
- data/lib/config/securenative_options.rb +4 -3
- data/lib/utils/request_utils.rb +20 -5
- data/out/production/securenative-ruby/api_manager.rb +13 -5
- data/out/production/securenative-ruby/config/configuration_builder.rb +6 -9
- data/out/production/securenative-ruby/config/configuration_manager.rb +24 -23
- data/out/production/securenative-ruby/config/securenative_options.rb +8 -5
- data/out/production/securenative-ruby/context/hanami_context.rb +42 -0
- data/out/production/securenative-ruby/context/rails_context.rb +44 -0
- data/out/production/securenative-ruby/context/securenative_context.rb +35 -8
- data/out/production/securenative-ruby/context/sinatra_context.rb +42 -0
- data/out/production/securenative-ruby/event_manager.rb +15 -14
- data/out/production/securenative-ruby/http/{http_response.rb → secure_native_http_response.rb} +1 -1
- data/out/production/securenative-ruby/http/securenative_http_client.rb +23 -5
- data/out/production/securenative-ruby/models/event_options.rb +23 -1
- data/out/production/securenative-ruby/models/request_context.rb +2 -2
- data/out/production/securenative-ruby/models/sdk_event.rb +22 -6
- data/out/production/securenative-ruby/models/user_traits.rb +1 -1
- data/out/production/securenative-ruby/models/verify_result.rb +5 -1
- data/out/production/securenative-ruby/securenative.rb +2 -10
- data/out/production/securenative-ruby/utils/date_utils.rb +1 -1
- data/out/production/securenative-ruby/utils/encryption_utils.rb +38 -24
- data/out/production/securenative-ruby/utils/request_utils.rb +53 -7
- data/out/production/securenative-ruby/utils/secure_native_logger.rb +6 -6
- data/out/production/securenative-ruby/utils/version_utils.rb +5 -6
- data/out/test/securenative-ruby/spec_api_manager.rb +37 -31
- data/out/test/securenative-ruby/spec_context_builder.rb +52 -34
- data/out/test/securenative-ruby/spec_encryption_utils.rb +13 -13
- data/out/test/securenative-ruby/spec_event_manager.rb +49 -15
- data/out/test/securenative-ruby/spec_helper.rb +8 -0
- data/out/test/securenative-ruby/spec_request_utils.rb +25 -0
- data/out/test/securenative-ruby/spec_sdk_event.rb +24 -0
- data/out/test/securenative-ruby/spec_securenative.rb +35 -39
- data/out/test/securenative-ruby/spec_securenative_http_client.rb +13 -5
- data/out/test/securenative-ruby/spec_signature_utils.rb +1 -1
- data/out/test/securenative-ruby/spec_version_util.rb +10 -0
- data/securenative.gemspec +1 -1
- metadata +9 -4
- data/out/production/securenative-ruby/event_options.rb +0 -32
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 7ba285b1ac9a68c9cb1143ab595a4c052636e47b8d4cc39e16821e0582e06a62
|
|
4
|
+
data.tar.gz: c6295e963d7440c4dc8be4046077cafb4af96311f500fa2220717bf726b0ffba
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 7f78c7385e543d75dd106611eb77f71004fcb12d10702ae99a02af27cf3273bd45fcb2d5c7725a7001f143973f1cf2d70c19b3d57e3222d0b7965a40ec343f2c
|
|
7
|
+
data.tar.gz: fada20df309348b5e74a8886fb5855d51aed1ad4ba2245dd23df60f409b1fd6e3bc11efd829b4b21a2b0fa9cf2dac45c08628f088e49879a09a45853aee52ef7
|
data/Gemfile.lock
CHANGED
|
@@ -1,61 +1,61 @@
|
|
|
1
1
|
PATH
|
|
2
2
|
remote: .
|
|
3
3
|
specs:
|
|
4
|
-
securenative (0.1.
|
|
4
|
+
securenative (0.1.23)
|
|
5
5
|
|
|
6
6
|
GEM
|
|
7
7
|
remote: https://rubygems.org/
|
|
8
8
|
specs:
|
|
9
|
-
actioncable (6.0.3.
|
|
10
|
-
actionpack (= 6.0.3.
|
|
9
|
+
actioncable (6.0.3.3)
|
|
10
|
+
actionpack (= 6.0.3.3)
|
|
11
11
|
nio4r (~> 2.0)
|
|
12
12
|
websocket-driver (>= 0.6.1)
|
|
13
|
-
actionmailbox (6.0.3.
|
|
14
|
-
actionpack (= 6.0.3.
|
|
15
|
-
activejob (= 6.0.3.
|
|
16
|
-
activerecord (= 6.0.3.
|
|
17
|
-
activestorage (= 6.0.3.
|
|
18
|
-
activesupport (= 6.0.3.
|
|
13
|
+
actionmailbox (6.0.3.3)
|
|
14
|
+
actionpack (= 6.0.3.3)
|
|
15
|
+
activejob (= 6.0.3.3)
|
|
16
|
+
activerecord (= 6.0.3.3)
|
|
17
|
+
activestorage (= 6.0.3.3)
|
|
18
|
+
activesupport (= 6.0.3.3)
|
|
19
19
|
mail (>= 2.7.1)
|
|
20
|
-
actionmailer (6.0.3.
|
|
21
|
-
actionpack (= 6.0.3.
|
|
22
|
-
actionview (= 6.0.3.
|
|
23
|
-
activejob (= 6.0.3.
|
|
20
|
+
actionmailer (6.0.3.3)
|
|
21
|
+
actionpack (= 6.0.3.3)
|
|
22
|
+
actionview (= 6.0.3.3)
|
|
23
|
+
activejob (= 6.0.3.3)
|
|
24
24
|
mail (~> 2.5, >= 2.5.4)
|
|
25
25
|
rails-dom-testing (~> 2.0)
|
|
26
|
-
actionpack (6.0.3.
|
|
27
|
-
actionview (= 6.0.3.
|
|
28
|
-
activesupport (= 6.0.3.
|
|
26
|
+
actionpack (6.0.3.3)
|
|
27
|
+
actionview (= 6.0.3.3)
|
|
28
|
+
activesupport (= 6.0.3.3)
|
|
29
29
|
rack (~> 2.0, >= 2.0.8)
|
|
30
30
|
rack-test (>= 0.6.3)
|
|
31
31
|
rails-dom-testing (~> 2.0)
|
|
32
32
|
rails-html-sanitizer (~> 1.0, >= 1.2.0)
|
|
33
|
-
actiontext (6.0.3.
|
|
34
|
-
actionpack (= 6.0.3.
|
|
35
|
-
activerecord (= 6.0.3.
|
|
36
|
-
activestorage (= 6.0.3.
|
|
37
|
-
activesupport (= 6.0.3.
|
|
33
|
+
actiontext (6.0.3.3)
|
|
34
|
+
actionpack (= 6.0.3.3)
|
|
35
|
+
activerecord (= 6.0.3.3)
|
|
36
|
+
activestorage (= 6.0.3.3)
|
|
37
|
+
activesupport (= 6.0.3.3)
|
|
38
38
|
nokogiri (>= 1.8.5)
|
|
39
|
-
actionview (6.0.3.
|
|
40
|
-
activesupport (= 6.0.3.
|
|
39
|
+
actionview (6.0.3.3)
|
|
40
|
+
activesupport (= 6.0.3.3)
|
|
41
41
|
builder (~> 3.1)
|
|
42
42
|
erubi (~> 1.4)
|
|
43
43
|
rails-dom-testing (~> 2.0)
|
|
44
44
|
rails-html-sanitizer (~> 1.1, >= 1.2.0)
|
|
45
|
-
activejob (6.0.3.
|
|
46
|
-
activesupport (= 6.0.3.
|
|
45
|
+
activejob (6.0.3.3)
|
|
46
|
+
activesupport (= 6.0.3.3)
|
|
47
47
|
globalid (>= 0.3.6)
|
|
48
|
-
activemodel (6.0.3.
|
|
49
|
-
activesupport (= 6.0.3.
|
|
50
|
-
activerecord (6.0.3.
|
|
51
|
-
activemodel (= 6.0.3.
|
|
52
|
-
activesupport (= 6.0.3.
|
|
53
|
-
activestorage (6.0.3.
|
|
54
|
-
actionpack (= 6.0.3.
|
|
55
|
-
activejob (= 6.0.3.
|
|
56
|
-
activerecord (= 6.0.3.
|
|
48
|
+
activemodel (6.0.3.3)
|
|
49
|
+
activesupport (= 6.0.3.3)
|
|
50
|
+
activerecord (6.0.3.3)
|
|
51
|
+
activemodel (= 6.0.3.3)
|
|
52
|
+
activesupport (= 6.0.3.3)
|
|
53
|
+
activestorage (6.0.3.3)
|
|
54
|
+
actionpack (= 6.0.3.3)
|
|
55
|
+
activejob (= 6.0.3.3)
|
|
56
|
+
activerecord (= 6.0.3.3)
|
|
57
57
|
marcel (~> 0.3.1)
|
|
58
|
-
activesupport (6.0.3.
|
|
58
|
+
activesupport (6.0.3.3)
|
|
59
59
|
concurrent-ruby (~> 1.0, >= 1.0.2)
|
|
60
60
|
i18n (>= 0.7, < 2)
|
|
61
61
|
minitest (~> 5.1)
|
|
@@ -64,11 +64,9 @@ GEM
|
|
|
64
64
|
addressable (2.7.0)
|
|
65
65
|
public_suffix (>= 2.0.2, < 5.0)
|
|
66
66
|
builder (3.2.4)
|
|
67
|
-
codecov (0.2.
|
|
68
|
-
colorize
|
|
67
|
+
codecov (0.2.11)
|
|
69
68
|
json
|
|
70
69
|
simplecov
|
|
71
|
-
colorize (0.8.1)
|
|
72
70
|
concurrent-ruby (1.1.7)
|
|
73
71
|
crack (0.4.3)
|
|
74
72
|
safe_yaml (~> 1.0.0)
|
|
@@ -157,7 +155,7 @@ GEM
|
|
|
157
155
|
concurrent-ruby (~> 1.0)
|
|
158
156
|
inflecto (0.0.2)
|
|
159
157
|
json (2.3.1)
|
|
160
|
-
loofah (2.
|
|
158
|
+
loofah (2.7.0)
|
|
161
159
|
crass (~> 1.0.2)
|
|
162
160
|
nokogiri (>= 1.5.9)
|
|
163
161
|
mail (2.7.1)
|
|
@@ -168,41 +166,41 @@ GEM
|
|
|
168
166
|
mimemagic (0.3.5)
|
|
169
167
|
mini_mime (1.0.2)
|
|
170
168
|
mini_portile2 (2.4.0)
|
|
171
|
-
minitest (5.14.
|
|
169
|
+
minitest (5.14.2)
|
|
172
170
|
mustermann (1.1.1)
|
|
173
171
|
ruby2_keywords (~> 0.0.1)
|
|
174
|
-
nio4r (2.5.
|
|
172
|
+
nio4r (2.5.4)
|
|
175
173
|
nokogiri (1.10.10)
|
|
176
174
|
mini_portile2 (~> 2.4.0)
|
|
177
|
-
public_suffix (4.0.
|
|
175
|
+
public_suffix (4.0.6)
|
|
178
176
|
rack (2.2.3)
|
|
179
|
-
rack-protection (2.0
|
|
177
|
+
rack-protection (2.1.0)
|
|
180
178
|
rack
|
|
181
179
|
rack-test (1.1.0)
|
|
182
180
|
rack (>= 1.0, < 3)
|
|
183
|
-
rails (6.0.3.
|
|
184
|
-
actioncable (= 6.0.3.
|
|
185
|
-
actionmailbox (= 6.0.3.
|
|
186
|
-
actionmailer (= 6.0.3.
|
|
187
|
-
actionpack (= 6.0.3.
|
|
188
|
-
actiontext (= 6.0.3.
|
|
189
|
-
actionview (= 6.0.3.
|
|
190
|
-
activejob (= 6.0.3.
|
|
191
|
-
activemodel (= 6.0.3.
|
|
192
|
-
activerecord (= 6.0.3.
|
|
193
|
-
activestorage (= 6.0.3.
|
|
194
|
-
activesupport (= 6.0.3.
|
|
181
|
+
rails (6.0.3.3)
|
|
182
|
+
actioncable (= 6.0.3.3)
|
|
183
|
+
actionmailbox (= 6.0.3.3)
|
|
184
|
+
actionmailer (= 6.0.3.3)
|
|
185
|
+
actionpack (= 6.0.3.3)
|
|
186
|
+
actiontext (= 6.0.3.3)
|
|
187
|
+
actionview (= 6.0.3.3)
|
|
188
|
+
activejob (= 6.0.3.3)
|
|
189
|
+
activemodel (= 6.0.3.3)
|
|
190
|
+
activerecord (= 6.0.3.3)
|
|
191
|
+
activestorage (= 6.0.3.3)
|
|
192
|
+
activesupport (= 6.0.3.3)
|
|
195
193
|
bundler (>= 1.3.0)
|
|
196
|
-
railties (= 6.0.3.
|
|
194
|
+
railties (= 6.0.3.3)
|
|
197
195
|
sprockets-rails (>= 2.0.0)
|
|
198
196
|
rails-dom-testing (2.0.3)
|
|
199
197
|
activesupport (>= 4.2.0)
|
|
200
198
|
nokogiri (>= 1.6)
|
|
201
199
|
rails-html-sanitizer (1.3.0)
|
|
202
200
|
loofah (~> 2.3)
|
|
203
|
-
railties (6.0.3.
|
|
204
|
-
actionpack (= 6.0.3.
|
|
205
|
-
activesupport (= 6.0.3.
|
|
201
|
+
railties (6.0.3.3)
|
|
202
|
+
actionpack (= 6.0.3.3)
|
|
203
|
+
activesupport (= 6.0.3.3)
|
|
206
204
|
method_source
|
|
207
205
|
rake (>= 0.8.7)
|
|
208
206
|
thor (>= 0.20.3, < 2.0)
|
|
@@ -226,15 +224,15 @@ GEM
|
|
|
226
224
|
docile (~> 1.1)
|
|
227
225
|
simplecov-html (~> 0.11)
|
|
228
226
|
simplecov-html (0.12.2)
|
|
229
|
-
sinatra (2.0
|
|
227
|
+
sinatra (2.1.0)
|
|
230
228
|
mustermann (~> 1.0)
|
|
231
|
-
rack (~> 2.
|
|
232
|
-
rack-protection (= 2.0
|
|
229
|
+
rack (~> 2.2)
|
|
230
|
+
rack-protection (= 2.1.0)
|
|
233
231
|
tilt (~> 2.0)
|
|
234
232
|
sprockets (4.0.2)
|
|
235
233
|
concurrent-ruby (~> 1.0)
|
|
236
234
|
rack (> 1, < 3)
|
|
237
|
-
sprockets-rails (3.2.
|
|
235
|
+
sprockets-rails (3.2.2)
|
|
238
236
|
actionpack (>= 4.0)
|
|
239
237
|
activesupport (>= 4.0)
|
|
240
238
|
sprockets (>= 3.0.0)
|
|
@@ -246,7 +244,7 @@ GEM
|
|
|
246
244
|
thread_safe (~> 0.1)
|
|
247
245
|
url_mount (0.2.1)
|
|
248
246
|
rack
|
|
249
|
-
webmock (3.
|
|
247
|
+
webmock (3.9.1)
|
|
250
248
|
addressable (>= 2.3.6)
|
|
251
249
|
crack (>= 0.3.2)
|
|
252
250
|
hashdiff (>= 0.4.0, < 2.0.0)
|
|
@@ -3,12 +3,12 @@
|
|
|
3
3
|
require 'enums/failover_strategy'
|
|
4
4
|
|
|
5
5
|
class ConfigurationBuilder
|
|
6
|
-
attr_reader :api_key, :api_url, :interval, :max_events, :timeout, :auto_send, :disable, :log_level, :fail_over_strategy
|
|
7
|
-
attr_writer :api_key, :api_url, :interval, :max_events, :timeout, :auto_send, :disable, :log_level, :fail_over_strategy
|
|
6
|
+
attr_reader :api_key, :api_url, :interval, :max_events, :timeout, :auto_send, :disable, :log_level, :fail_over_strategy, :proxy_headers
|
|
7
|
+
attr_writer :api_key, :api_url, :interval, :max_events, :timeout, :auto_send, :disable, :log_level, :fail_over_strategy, :proxy_headers
|
|
8
8
|
|
|
9
9
|
def initialize(api_key: nil, api_url: 'https://api.securenative.com/collector/api/v1', interval: 1000,
|
|
10
10
|
max_events: 1000, timeout: 1500, auto_send: true, disable: false, log_level: 'FATAL',
|
|
11
|
-
fail_over_strategy: FailOverStrategy::FAIL_OPEN)
|
|
11
|
+
fail_over_strategy: FailOverStrategy::FAIL_OPEN, proxy_headers: nil)
|
|
12
12
|
@api_key = api_key
|
|
13
13
|
@api_url = api_url
|
|
14
14
|
@interval = interval
|
|
@@ -18,6 +18,7 @@ class ConfigurationBuilder
|
|
|
18
18
|
@disable = disable
|
|
19
19
|
@log_level = log_level
|
|
20
20
|
@fail_over_strategy = fail_over_strategy
|
|
21
|
+
@proxy_headers = proxy_headers
|
|
21
22
|
end
|
|
22
23
|
|
|
23
24
|
def self.default_securenative_options
|
|
@@ -50,6 +50,7 @@ class ConfigurationManager
|
|
|
50
50
|
auto_send: _get_env_or_default(properties, 'SECURENATIVE_AUTO_SEND', options.auto_send),
|
|
51
51
|
disable: _get_env_or_default(properties, 'SECURENATIVE_DISABLE', options.disable),
|
|
52
52
|
log_level: _get_env_or_default(properties, 'SECURENATIVE_LOG_LEVEL', options.log_level),
|
|
53
|
-
fail_over_strategy: _get_env_or_default(properties, 'SECURENATIVE_FAILOVER_STRATEGY', options.fail_over_strategy)
|
|
53
|
+
fail_over_strategy: _get_env_or_default(properties, 'SECURENATIVE_FAILOVER_STRATEGY', options.fail_over_strategy),
|
|
54
|
+
proxy_headers: _get_env_or_default(properties, 'SECURENATIVE_PROXY_HEADERS', options.proxy_headers))
|
|
54
55
|
end
|
|
55
56
|
end
|
|
@@ -3,12 +3,12 @@
|
|
|
3
3
|
require 'enums/failover_strategy'
|
|
4
4
|
|
|
5
5
|
class SecureNativeOptions
|
|
6
|
-
attr_reader :api_key, :api_url, :interval, :max_events, :timeout, :auto_send, :disable, :log_level, :fail_over_strategy
|
|
7
|
-
attr_writer :api_key, :api_url, :interval, :max_events, :timeout, :auto_send, :disable, :log_level, :fail_over_strategy
|
|
6
|
+
attr_reader :api_key, :api_url, :interval, :max_events, :timeout, :auto_send, :disable, :log_level, :fail_over_strategy, :proxy_headers
|
|
7
|
+
attr_writer :api_key, :api_url, :interval, :max_events, :timeout, :auto_send, :disable, :log_level, :fail_over_strategy, :proxy_headers
|
|
8
8
|
|
|
9
9
|
def initialize(api_key: nil, api_url: "https://api.securenative.com/collector/api/v1", interval: 1000,
|
|
10
10
|
max_events: 1000, timeout: 1500, auto_send: true, disable: false, log_level: "FATAL",
|
|
11
|
-
fail_over_strategy: FailOverStrategy::FAIL_OPEN)
|
|
11
|
+
fail_over_strategy: FailOverStrategy::FAIL_OPEN, proxy_headers: nil)
|
|
12
12
|
@api_key = api_key
|
|
13
13
|
@api_url = api_url
|
|
14
14
|
@interval = interval
|
|
@@ -18,5 +18,6 @@ class SecureNativeOptions
|
|
|
18
18
|
@disable = disable
|
|
19
19
|
@log_level = log_level
|
|
20
20
|
@fail_over_strategy = fail_over_strategy
|
|
21
|
+
@proxy_headers = proxy_headers
|
|
21
22
|
end
|
|
22
23
|
end
|
data/lib/utils/request_utils.rb
CHANGED
|
@@ -13,7 +13,7 @@ class RequestUtils
|
|
|
13
13
|
[]
|
|
14
14
|
end
|
|
15
15
|
|
|
16
|
-
def self.get_client_ip_from_request(request)
|
|
16
|
+
def self.get_client_ip_from_request(request, options = nil)
|
|
17
17
|
begin
|
|
18
18
|
return request.ip unless request.ip.nil?
|
|
19
19
|
rescue NoMethodError
|
|
@@ -21,26 +21,41 @@ class RequestUtils
|
|
|
21
21
|
|
|
22
22
|
begin
|
|
23
23
|
x_forwarded_for = request.env['HTTP_X_FORWARDED_FOR']
|
|
24
|
-
return x_forwarded_for unless x_forwarded_for.nil?
|
|
24
|
+
return x_forwarded_for.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless x_forwarded_for.nil?
|
|
25
25
|
rescue NoMethodError
|
|
26
26
|
begin
|
|
27
27
|
x_forwarded_for = request['HTTP_X_FORWARDED_FOR']
|
|
28
|
-
return x_forwarded_for unless x_forwarded_for.nil?
|
|
28
|
+
return x_forwarded_for.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless x_forwarded_for.nil?
|
|
29
29
|
rescue NoMethodError
|
|
30
30
|
end
|
|
31
31
|
end
|
|
32
32
|
|
|
33
33
|
begin
|
|
34
34
|
x_forwarded_for = request.env['REMOTE_ADDR']
|
|
35
|
-
return x_forwarded_for unless x_forwarded_for.nil?
|
|
35
|
+
return x_forwarded_for.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless x_forwarded_for.nil?
|
|
36
36
|
rescue NoMethodError
|
|
37
37
|
begin
|
|
38
38
|
x_forwarded_for = request['REMOTE_ADDR']
|
|
39
|
-
return x_forwarded_for unless x_forwarded_for.nil?
|
|
39
|
+
return x_forwarded_for.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless x_forwarded_for.nil?
|
|
40
40
|
rescue NoMethodError
|
|
41
41
|
end
|
|
42
42
|
end
|
|
43
43
|
|
|
44
|
+
unless options.nil?
|
|
45
|
+
for header in options.proxy_headers do
|
|
46
|
+
begin
|
|
47
|
+
h = request.env[header]
|
|
48
|
+
return h.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless h.nil?
|
|
49
|
+
rescue NoMethodError
|
|
50
|
+
begin
|
|
51
|
+
h = request[header]
|
|
52
|
+
return h.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless h.nil?
|
|
53
|
+
rescue NoMethodError
|
|
54
|
+
end
|
|
55
|
+
end
|
|
56
|
+
end
|
|
57
|
+
end
|
|
58
|
+
|
|
44
59
|
''
|
|
45
60
|
end
|
|
46
61
|
|
|
@@ -1,5 +1,10 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
|
|
3
|
+
require 'models/sdk_event'
|
|
4
|
+
require 'enums/failover_strategy'
|
|
5
|
+
require 'enums/risk_level'
|
|
6
|
+
require 'enums/api_route'
|
|
7
|
+
require 'models/verify_result'
|
|
3
8
|
require 'json'
|
|
4
9
|
|
|
5
10
|
class ApiManager
|
|
@@ -19,13 +24,16 @@ class ApiManager
|
|
|
19
24
|
event = SDKEvent.new(event_options, @options)
|
|
20
25
|
|
|
21
26
|
begin
|
|
22
|
-
res =
|
|
23
|
-
|
|
27
|
+
res = @event_manager.send_sync(event, ApiRoute::VERIFY, false)
|
|
28
|
+
ver_result = JSON.parse(res.body)
|
|
29
|
+
return VerifyResult.new(risk_level: ver_result['riskLevel'], score: ver_result['score'], triggers: ver_result['triggers'])
|
|
24
30
|
rescue StandardError => e
|
|
25
|
-
SecureNativeLogger.debug(
|
|
31
|
+
SecureNativeLogger.debug("Failed to call verify; #{e}")
|
|
32
|
+
end
|
|
33
|
+
if @options.fail_over_strategy == FailOverStrategy::FAIL_OPEN
|
|
34
|
+
return VerifyResult.new(risk_level: RiskLevel::LOW, score: 0, triggers: nil)
|
|
26
35
|
end
|
|
27
|
-
return VerifyResult.new(RiskLevel::LOW, 0, nil) if @options.fail_over_strategy == FailOverStrategy::FAIL_OPEN
|
|
28
36
|
|
|
29
|
-
VerifyResult.new(RiskLevel::HIGH, 1, nil)
|
|
37
|
+
VerifyResult.new(risk_level: RiskLevel::HIGH, score: 1, triggers: nil)
|
|
30
38
|
end
|
|
31
39
|
end
|
|
@@ -3,12 +3,12 @@
|
|
|
3
3
|
require 'enums/failover_strategy'
|
|
4
4
|
|
|
5
5
|
class ConfigurationBuilder
|
|
6
|
-
attr_reader :api_key, :api_url, :interval, :max_events, :timeout, :auto_send, :disable, :log_level, :fail_over_strategy
|
|
7
|
-
attr_writer :api_key, :api_url, :interval, :max_events, :timeout, :auto_send, :disable, :log_level, :fail_over_strategy
|
|
6
|
+
attr_reader :api_key, :api_url, :interval, :max_events, :timeout, :auto_send, :disable, :log_level, :fail_over_strategy, :proxy_headers
|
|
7
|
+
attr_writer :api_key, :api_url, :interval, :max_events, :timeout, :auto_send, :disable, :log_level, :fail_over_strategy, :proxy_headers
|
|
8
8
|
|
|
9
|
-
def initialize(api_key
|
|
10
|
-
max_events
|
|
11
|
-
fail_over_strategy
|
|
9
|
+
def initialize(api_key: nil, api_url: 'https://api.securenative.com/collector/api/v1', interval: 1000,
|
|
10
|
+
max_events: 1000, timeout: 1500, auto_send: true, disable: false, log_level: 'FATAL',
|
|
11
|
+
fail_over_strategy: FailOverStrategy::FAIL_OPEN, proxy_headers: [])
|
|
12
12
|
@api_key = api_key
|
|
13
13
|
@api_url = api_url
|
|
14
14
|
@interval = interval
|
|
@@ -18,10 +18,7 @@ class ConfigurationBuilder
|
|
|
18
18
|
@disable = disable
|
|
19
19
|
@log_level = log_level
|
|
20
20
|
@fail_over_strategy = fail_over_strategy
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
def self.default_config_builder
|
|
24
|
-
ConfigurationBuilder.new
|
|
21
|
+
@proxy_headers = proxy_headers
|
|
25
22
|
end
|
|
26
23
|
|
|
27
24
|
def self.default_securenative_options
|
|
@@ -1,21 +1,21 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
|
|
3
|
-
require '
|
|
3
|
+
require 'yaml'
|
|
4
|
+
require 'config/configuration_builder'
|
|
4
5
|
|
|
5
6
|
class ConfigurationManager
|
|
6
|
-
DEFAULT_CONFIG_FILE = 'securenative.
|
|
7
|
-
CUSTOM_CONFIG_FILE_ENV_NAME = '
|
|
7
|
+
DEFAULT_CONFIG_FILE = 'securenative.yml'
|
|
8
|
+
CUSTOM_CONFIG_FILE_ENV_NAME = 'SECURENATIVE_CONFIG_FILE'
|
|
8
9
|
@config = nil
|
|
9
10
|
|
|
10
11
|
def self.read_resource_file(resource_path)
|
|
11
|
-
@config = ParseConfig.new(resource_path)
|
|
12
|
-
|
|
13
12
|
properties = {}
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
13
|
+
begin
|
|
14
|
+
@config = YAML.load_file(resource_path)
|
|
15
|
+
properties = @config unless @config.nil?
|
|
16
|
+
rescue StandardError => e
|
|
17
|
+
SecureNativeLogger.error("Could not parse config file #{resource_path}; #{e}")
|
|
18
|
+
end
|
|
19
19
|
properties
|
|
20
20
|
end
|
|
21
21
|
|
|
@@ -24,32 +24,33 @@ class ConfigurationManager
|
|
|
24
24
|
end
|
|
25
25
|
|
|
26
26
|
def self.config_builder
|
|
27
|
-
ConfigurationBuilder.
|
|
27
|
+
ConfigurationBuilder.new
|
|
28
28
|
end
|
|
29
29
|
|
|
30
30
|
def self._get_env_or_default(properties, key, default)
|
|
31
|
-
return
|
|
31
|
+
return ENV[key] if ENV[key]
|
|
32
32
|
return properties[key] if properties[key]
|
|
33
33
|
|
|
34
34
|
default
|
|
35
35
|
end
|
|
36
36
|
|
|
37
37
|
def self.load_config
|
|
38
|
-
options = ConfigurationBuilder
|
|
38
|
+
options = ConfigurationBuilder.default_securenative_options
|
|
39
39
|
|
|
40
40
|
resource_path = DEFAULT_CONFIG_FILE
|
|
41
|
-
resource_path =
|
|
41
|
+
resource_path = ENV[CUSTOM_CONFIG_FILE_ENV_NAME] unless ENV[CUSTOM_CONFIG_FILE_ENV_NAME].nil?
|
|
42
42
|
|
|
43
43
|
properties = read_resource_file(resource_path)
|
|
44
44
|
|
|
45
|
-
ConfigurationBuilder(_get_env_or_default(properties, 'SECURENATIVE_API_KEY', options.api_key),
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
45
|
+
ConfigurationBuilder.new(api_key: _get_env_or_default(properties, 'SECURENATIVE_API_KEY', options.api_key),
|
|
46
|
+
api_url: _get_env_or_default(properties, 'SECURENATIVE_API_URL', options.api_url),
|
|
47
|
+
interval: _get_env_or_default(properties, 'SECURENATIVE_INTERVAL', options.interval),
|
|
48
|
+
max_events: _get_env_or_default(properties, 'SECURENATIVE_MAX_EVENTS', options.max_events),
|
|
49
|
+
timeout: _get_env_or_default(properties, 'SECURENATIVE_TIMEOUT', options.timeout),
|
|
50
|
+
auto_send: _get_env_or_default(properties, 'SECURENATIVE_AUTO_SEND', options.auto_send),
|
|
51
|
+
disable: _get_env_or_default(properties, 'SECURENATIVE_DISABLE', options.disable),
|
|
52
|
+
log_level: _get_env_or_default(properties, 'SECURENATIVE_LOG_LEVEL', options.log_level),
|
|
53
|
+
fail_over_strategy: _get_env_or_default(properties, 'SECURENATIVE_FAILOVER_STRATEGY', options.fail_over_strategy),
|
|
54
|
+
proxy_headers: _get_env_or_default(properties, 'SECURENATIVE_PROXY_HEADERS', options.proxy_headers))
|
|
54
55
|
end
|
|
55
56
|
end
|