securenative 0.1.23 → 0.1.24

data/lib/securenative/models/request_context.rb

@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+
+module SecureNative
+  class RequestContext
+    attr_reader :cid, :vid, :fp, :ip, :remote_ip, :headers, :url, :http_method
+    attr_writer :cid, :vid, :fp, :ip, :remote_ip, :headers, :url, :http_method
+
+    def initialize(cid: nil, vid: nil, fp: nil, ip: nil, remote_ip: nil, headers: nil, url: nil, http_method: nil)
+      @cid = cid
+      @vid = vid
+      @fp = fp
+      @ip = ip
+      @remote_ip = remote_ip
+      @headers = headers
+      @url = url
+      @method = http_method
+    end
+  end
+end
+

data/lib/securenative/models/request_options.rb

@@ -0,0 +1,14 @@
+# frozen_string_literal: true
+
+module SecureNative
+  class RequestOptions
+    attr_reader :url, :body, :retry_sending
+    attr_writer :url, :body, :retry_sending
+
+    def initialize(url, body, retry_sending)
+      @url = url
+      @body = body
+      @retry_sending = retry_sending
+    end
+  end
+end

data/lib/securenative/models/sdk_event.rb

@@ -0,0 +1,51 @@
+# frozen_string_literal: true
+
+require 'securenative/context/securenative_context'
+require 'securenative/errors/securenative_invalid_options_error'
+require 'securenative/utils/encryption_utils'
+require 'securenative/utils/date_utils'
+require 'securenative/models/request_context'
+require 'securerandom'
+
+module SecureNative
+  class SDKEvent
+    attr_reader :context, :rid, :event_type, :user_id, :user_traits, :request, :timestamp, :properties
+    attr_writer :context, :rid, :event_type, :user_id, :user_traits, :request, :timestamp, :properties
+
+    def initialize(event_options, securenative_options)
+      if event_options.user_id.nil? || event_options.user_id.length <= 0 || event_options.user_id == ''
+        raise SecureNativeInvalidOptionsError.new, 'Invalid event structure; User Id is missing'
+      end
+
+      if event_options.event.nil? || event_options.event.length <= 0 || event_options.event == ''
+        raise SecureNativeInvalidOptionsError.new, 'Invalid event structure; Event Type is missing'
+      end
+
+      @context = if !event_options.context.nil?
+                   event_options.context
+                 else
+                   SecureNativeContext.default_context_builder
+                 end
+
+      client_token = EncryptionUtils.decrypt(@context.client_token, securenative_options.api_key)
+
+      @rid = SecureRandom.uuid.to_str
+      @event_type = event_options.event
+      @user_id = event_options.user_id
+      @user_traits = event_options.user_traits
+      @request = RequestContext.new(cid: client_token ? client_token.cid : '', vid: client_token ? client_token.vid : '',
+                                    fp: client_token ? client_token.fp : '', ip: @context.ip,
+                                    remote_ip: @context.remote_ip, headers: @context.headers,
+                                    url: @context.url, http_method: @context.http_method)
+
+
+      @timestamp = DateUtils.to_timestamp(event_options.timestamp)
+      @properties = event_options.properties
+    end
+
+    def to_s
+      "securenative.context: #{@context}, rid: #{@rid}, event_type: #{@event_type}, user_id: #{@user_id},
+    user_traits: #{@user_traits}, request: #{@request}, timestamp: #{@timestamp}, properties: #{@properties}"
+    end
+  end
+end

data/lib/securenative/models/user_traits.rb

@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+
+module SecureNative
+  class UserTraits
+    attr_reader :name, :email, :phone, :created_at
+    attr_writer :name, :email, :phone, :created_at
+
+    def initialize(name: nil, email: nil, phone: nil, created_at: nil)
+      @name = name
+      @email = email
+      @created_at = created_at
+      @phone = phone
+    end
+  end
+end

data/lib/securenative/models/verify_result.rb

@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+
+module SecureNative
+  class VerifyResult
+    attr_reader :risk_level, :score, :triggers
+    attr_writer :risk_level, :score, :triggers
+
+    def initialize(risk_level: nil, score: nil, triggers: nil)
+      @risk_level = risk_level
+      @score = score
+      @triggers = triggers
+    end
+
+    def to_s
+      "risk_level: #{@risk_level}, score: #{@score}, triggers: #{@triggers}"
+    end
+  end
+end

data/lib/securenative/sdk.rb

@@ -0,0 +1,85 @@
+# frozen_string_literal: true
+
+require 'securenative/utils/secure_native_logger'
+require 'securenative/utils/signature_utils'
+require 'securenative/utils/utils'
+require 'securenative/errors/securenative_sdk_error'
+require 'securenative/errors/securenative_sdk_Illegal_state_error'
+require 'securenative/errors/securenative_config_error'
+require 'securenative/enums/failover_strategy'
+require 'securenative/config/configuration_builder'
+require 'securenative/config/configuration_manager'
+require 'securenative/event_manager'
+require 'securenative/api_manager'
+
+module SecureNative
+  class SecureNative
+    attr_reader :options
+
+    def initialize(options)
+      @securenative = nil
+      raise SecureNativeSDKError, 'You must pass your SecureNative api key' if Utils.null_or_empty?(options.api_key)
+
+      @options = options
+      @event_manager = EventManager.new(@options)
+
+      @event_manager.start_event_persist unless @options.api_url.nil?
+
+      @api_manager = ApiManager.new(@event_manager, @options)
+      SecureNativeLogger.init_logger(@options.log_level)
+    end
+
+    def self.init_with_options(options)
+      if @securenative.nil?
+        @securenative = SecureNative.new(options)
+        @securenative
+      else
+        SecureNativeLogger.debug('This SDK was already initialized.')
+        raise SecureNativeSDKError, 'This SDK was already initialized.'
+      end
+    end
+
+    def self.init_with_api_key(api_key)
+      raise SecureNativeConfigError, 'You must pass your SecureNative api key' if Utils.null_or_empty?(api_key)
+
+      if @securenative.nil?
+        options = ConfigurationBuilder.new(api_key: api_key)
+        @securenative = SecureNative.new(options)
+        @securenative
+      else
+        SecureNativeLogger.debug('This SDK was already initialized.')
+        raise SecureNativeSDKError, 'This SDK was already initialized.'
+      end
+    end
+
+    def self.init
+      options = ConfigurationManager.load_config
+      init_with_options(options)
+    end
+
+    def self.instance
+      raise SecureNativeSDKIllegalStateError if @securenative.nil?
+
+      @securenative
+    end
+
+    def track(event_options)
+      @api_manager.track(event_options)
+    end
+
+    def verify(event_options)
+      @api_manager.verify(event_options)
+    end
+
+    def self._flush
+      @securenative = nil
+    end
+
+    def verify_request_payload(request)
+      request_signature = request.header[SignatureUtils.SIGNATURE_HEADER]
+      body = request.body
+
+      SignatureUtils.valid_signature?(@options.api_key, body, request_signature)
+    end
+  end
+end

data/lib/securenative/utils/date_utils.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+module SecureNative
+  class DateUtils
+    def self.to_timestamp(date)
+      return Time.now.utc.iso8601 if date.nil?
+
+      Time.parse(date).iso8601
+    end
+  end
+end

data/lib/securenative/utils/encryption_utils.rb

@@ -0,0 +1,51 @@
+# frozen_string_literal: true
+
+require 'openssl'
+require 'digest'
+require 'base64'
+require 'securenative/models/client_token'
+
+module SecureNative
+  class EncryptionUtils
+    def self.padding_key(key, length)
+      if key.length == length
+        key
+      else
+        if key.length > length
+          key.slice(0, length)
+        else
+          (length - key.length).times { key << '0' }
+          key
+        end
+      end
+    end
+
+    def self.encrypt(plain_text, secret_key)
+      begin
+        cipher = OpenSSL::Cipher.new('aes-256-cbc')
+        cipher.encrypt
+        iv = cipher.random_iv
+        cipher.key = padding_key(secret_key, 32)
+        encrypted = cipher.update(plain_text) + cipher.final
+        (iv + encrypted).unpack1('H*')
+      rescue StandardError
+        ''
+      end
+    end
+
+    def self.decrypt(cipher_text, secret_key)
+      begin
+        cipher = OpenSSL::Cipher.new('aes-256-cbc')
+        cipher.decrypt
+        raw_data = [cipher_text].pack('H*')
+        cipher.iv = raw_data.slice(0, 16)
+        cipher.key = padding_key(secret_key, 32)
+        decrypted = JSON.parse(cipher.update(raw_data.slice(16, raw_data.length)) + cipher.final)
+
+        return ClientToken.new(decrypted['cid'], decrypted['vid'], decrypted['fp'])
+      rescue StandardError
+        ClientToken.new('', '', '')
+      end
+    end
+  end
+end

data/lib/securenative/utils/ip_utils.rb

@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+
+require "resolv"
+
+module SecureNative
+  class IpUtils
+    def self.ip_address?(ip_address)
+      return true if ip_address =~ Resolv::IPv4::Regex
+      return true if ip_address =~ Resolv::IPv6::Regex
+
+      false
+    end
+
+    def self.valid_public_ip?(ip_address)
+      ip = IPAddr.new(ip_address)
+      return false if ip.loopback? || ip.private? || ip.link_local? || ip.untrusted? || ip.tainted?
+
+      true
+    end
+
+    def self.loop_back?(ip_address)
+      IPAddr.new(ip_address).loopback?
+    end
+  end
+end

data/lib/securenative/utils/request_utils.rb

@@ -0,0 +1,71 @@
+# frozen_string_literal: true
+
+module SecureNative
+  class RequestUtils
+    SECURENATIVE_COOKIE = '_sn'
+    SECURENATIVE_HEADER = 'x-securenative'
+
+    def self.get_secure_header_from_request(headers)
+      begin
+        return headers[SECURENATIVE_HEADER] unless headers.nil?
+      rescue StandardError
+        []
+      end
+      []
+    end
+
+    def self.get_client_ip_from_request(request, options = nil)
+      begin
+        return request.ip unless request.ip.nil?
+      rescue NoMethodError
+      end
+
+      begin
+        x_forwarded_for = request.env['HTTP_X_FORWARDED_FOR']
+        return x_forwarded_for.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless x_forwarded_for.nil?
+      rescue NoMethodError
+        begin
+          x_forwarded_for = request['HTTP_X_FORWARDED_FOR']
+          return x_forwarded_for.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless x_forwarded_for.nil?
+        rescue NoMethodError
+        end
+      end
+
+      begin
+        x_forwarded_for = request.env['REMOTE_ADDR']
+        return x_forwarded_for.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless x_forwarded_for.nil?
+      rescue NoMethodError
+        begin
+          x_forwarded_for = request['REMOTE_ADDR']
+          return x_forwarded_for.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless x_forwarded_for.nil?
+        rescue NoMethodError
+        end
+      end
+
+      unless options.nil?
+        for header in options.proxy_headers do
+          begin
+            h = request.env[header]
+            return h.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless h.nil?
+          rescue NoMethodError
+            begin
+              h = request[header]
+              return h.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless h.nil?
+            rescue NoMethodError
+            end
+          end
+        end
+      end
+
+      ''
+    end
+
+    def self.get_remote_ip_from_request(request)
+      begin
+        request.remote_ip
+      rescue NoMethodError
+        ''
+      end
+    end
+  end
+end

data/lib/securenative/utils/secure_native_logger.rb

@@ -0,0 +1,46 @@
+# frozen_string_literal: true
+
+require 'logger'
+
+module SecureNative
+  class SecureNativeLogger
+    @logger = Logger.new(STDOUT)
+
+    def self.init_logger(level = 'DEBUG')
+      @logger.level = case level
+                      when 'WARN'
+                        Logger::WARN
+                      when 'DEBUG'
+                        Logger::DEBUG
+                      when 'ERROR'
+                        Logger::ERROR
+                      when 'FATAL'
+                        Logger::FATAL
+                      when 'INFO'
+                        Logger::INFO
+                      else
+                        Logger::FATAL
+                      end
+
+      @logger.formatter = proc do |severity, datetime, progname, msg|
+        "[#{datetime}] #{severity}  (#{progname}): #{msg}\n"
+      end
+    end
+
+    def self.info(msg)
+      @logger.info(msg)
+    end
+
+    def self.debug(msg)
+      @logger.debug(msg)
+    end
+
+    def self.warning(msg)
+      @logger.warning(msg)
+    end
+
+    def self.error(msg)
+      @logger.error(msg)
+    end
+  end
+end

data/lib/securenative/utils/signature_utils.rb

@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+
+require 'openssl'
+
+module SecureNative
+  class SignatureUtils
+    SIGNATURE_HEADER = 'x-securenative'
+
+    def self.valid_signature?(api_key, payload, header_signature)
+      key = api_key.encode('utf-8')
+      body = payload.encode('utf-8')
+      calculated_signature = OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha512'), key, body)
+      calculated_signature.eql? header_signature
+    rescue StandardError
+      false
+    end
+  end
+end

data/lib/securenative/utils/utils.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+module SecureNative
+  class Utils
+    def self.null_or_empty?(string)
+      return true if !string || string.empty? || string.nil?
+
+      false
+    end
+  end
+end