securenative 0.1.23 → 0.1.29

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (107) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +43 -29
  3. data/lib/securenative.rb +47 -81
  4. data/{out/test/securenative-ruby → spec}/spec_helper.rb +0 -0
  5. metadata +8 -109
  6. data/.github/workflows/ci.yml +0 -49
  7. data/.github/workflows/publish.yml +0 -60
  8. data/.github/workflows/test.yml +0 -48
  9. data/.gitignore +0 -40
  10. data/.rakeTasks +0 -7
  11. data/.rspec +0 -3
  12. data/Gemfile +0 -11
  13. data/Gemfile.lock +0 -272
  14. data/LICENSE +0 -21
  15. data/Rakefile +0 -6
  16. data/bin/console +0 -14
  17. data/bin/setup +0 -8
  18. data/lib/api_manager.rb +0 -39
  19. data/lib/config/configuration_builder.rb +0 -27
  20. data/lib/config/configuration_manager.rb +0 -56
  21. data/lib/config/securenative_options.rb +0 -23
  22. data/lib/context/hanami_context.rb +0 -42
  23. data/lib/context/rails_context.rb +0 -44
  24. data/lib/context/securenative_context.rb +0 -67
  25. data/lib/context/sinatra_context.rb +0 -42
  26. data/lib/enums/api_route.rb +0 -6
  27. data/lib/enums/event_types.rb +0 -23
  28. data/lib/enums/failover_strategy.rb +0 -6
  29. data/lib/enums/risk_level.rb +0 -7
  30. data/lib/errors/securenative_config_error.rb +0 -4
  31. data/lib/errors/securenative_http_error.rb +0 -4
  32. data/lib/errors/securenative_invalid_options_error.rb +0 -4
  33. data/lib/errors/securenative_invalid_uri_error.rb +0 -4
  34. data/lib/errors/securenative_parse_error.rb +0 -4
  35. data/lib/errors/securenative_sdk_Illegal_state_error.rb +0 -4
  36. data/lib/errors/securenative_sdk_error.rb +0 -4
  37. data/lib/event_manager.rb +0 -157
  38. data/lib/http/secure_native_http_response.rb +0 -12
  39. data/lib/http/securenative_http_client.rb +0 -50
  40. data/lib/models/client_token.rb +0 -12
  41. data/lib/models/device.rb +0 -10
  42. data/lib/models/event_options.rb +0 -37
  43. data/lib/models/request_context.rb +0 -18
  44. data/lib/models/request_options.rb +0 -12
  45. data/lib/models/sdk_event.rb +0 -49
  46. data/lib/models/user_traits.rb +0 -13
  47. data/lib/models/verify_result.rb +0 -16
  48. data/lib/utils/date_utils.rb +0 -9
  49. data/lib/utils/encryption_utils.rb +0 -49
  50. data/lib/utils/ip_utils.rb +0 -23
  51. data/lib/utils/request_utils.rb +0 -69
  52. data/lib/utils/secure_native_logger.rb +0 -44
  53. data/lib/utils/signature_utils.rb +0 -16
  54. data/lib/utils/utils.rb +0 -9
  55. data/lib/utils/version_utils.rb +0 -11
  56. data/out/production/securenative-ruby/api_manager.rb +0 -39
  57. data/out/production/securenative-ruby/config/configuration_builder.rb +0 -27
  58. data/out/production/securenative-ruby/config/configuration_manager.rb +0 -56
  59. data/out/production/securenative-ruby/config/securenative_options.rb +0 -23
  60. data/out/production/securenative-ruby/context/hanami_context.rb +0 -42
  61. data/out/production/securenative-ruby/context/rails_context.rb +0 -44
  62. data/out/production/securenative-ruby/context/securenative_context.rb +0 -67
  63. data/out/production/securenative-ruby/context/sinatra_context.rb +0 -42
  64. data/out/production/securenative-ruby/enums/api_route.rb +0 -6
  65. data/out/production/securenative-ruby/enums/event_types.rb +0 -23
  66. data/out/production/securenative-ruby/enums/failover_strategy.rb +0 -6
  67. data/out/production/securenative-ruby/enums/risk_level.rb +0 -7
  68. data/out/production/securenative-ruby/errors/securenative_config_error.rb +0 -4
  69. data/out/production/securenative-ruby/errors/securenative_http_error.rb +0 -4
  70. data/out/production/securenative-ruby/errors/securenative_invalid_options_error.rb +0 -4
  71. data/out/production/securenative-ruby/errors/securenative_invalid_uri_error.rb +0 -4
  72. data/out/production/securenative-ruby/errors/securenative_parse_error.rb +0 -4
  73. data/out/production/securenative-ruby/errors/securenative_sdk_Illegal_state_error.rb +0 -4
  74. data/out/production/securenative-ruby/errors/securenative_sdk_error.rb +0 -4
  75. data/out/production/securenative-ruby/event_manager.rb +0 -157
  76. data/out/production/securenative-ruby/http/secure_native_http_response.rb +0 -12
  77. data/out/production/securenative-ruby/http/securenative_http_client.rb +0 -50
  78. data/out/production/securenative-ruby/models/client_token.rb +0 -12
  79. data/out/production/securenative-ruby/models/device.rb +0 -10
  80. data/out/production/securenative-ruby/models/event_options.rb +0 -37
  81. data/out/production/securenative-ruby/models/request_context.rb +0 -18
  82. data/out/production/securenative-ruby/models/request_options.rb +0 -12
  83. data/out/production/securenative-ruby/models/sdk_event.rb +0 -49
  84. data/out/production/securenative-ruby/models/user_traits.rb +0 -13
  85. data/out/production/securenative-ruby/models/verify_result.rb +0 -16
  86. data/out/production/securenative-ruby/securenative.rb +0 -83
  87. data/out/production/securenative-ruby/utils/date_utils.rb +0 -9
  88. data/out/production/securenative-ruby/utils/encryption_utils.rb +0 -49
  89. data/out/production/securenative-ruby/utils/ip_utils.rb +0 -23
  90. data/out/production/securenative-ruby/utils/request_utils.rb +0 -69
  91. data/out/production/securenative-ruby/utils/secure_native_logger.rb +0 -44
  92. data/out/production/securenative-ruby/utils/signature_utils.rb +0 -16
  93. data/out/production/securenative-ruby/utils/utils.rb +0 -9
  94. data/out/production/securenative-ruby/utils/version_utils.rb +0 -11
  95. data/out/test/securenative-ruby/spec_api_manager.rb +0 -87
  96. data/out/test/securenative-ruby/spec_context_builder.rb +0 -87
  97. data/out/test/securenative-ruby/spec_date_utils.rb +0 -13
  98. data/out/test/securenative-ruby/spec_encryption_utils.rb +0 -26
  99. data/out/test/securenative-ruby/spec_event_manager.rb +0 -93
  100. data/out/test/securenative-ruby/spec_ip_utils.rb +0 -41
  101. data/out/test/securenative-ruby/spec_request_utils.rb +0 -25
  102. data/out/test/securenative-ruby/spec_sdk_event.rb +0 -24
  103. data/out/test/securenative-ruby/spec_securenative.rb +0 -61
  104. data/out/test/securenative-ruby/spec_securenative_http_client.rb +0 -31
  105. data/out/test/securenative-ruby/spec_signature_utils.rb +0 -18
  106. data/out/test/securenative-ruby/spec_version_util.rb +0 -10
  107. data/securenative.gemspec +0 -28
data/LICENSE DELETED
@@ -1,21 +0,0 @@
1
- The MIT License
2
-
3
- Copyright (c) 2019 SecureNative
4
-
5
- Permission is hereby granted, free of charge, to any person obtaining a copy
6
- of this software and associated documentation files (the "Software"), to deal
7
- in the Software without restriction, including without limitation the rights
8
- to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9
- copies of the Software, and to permit persons to whom the Software is
10
- furnished to do so, subject to the following conditions:
11
-
12
- The above copyright notice and this permission notice shall be included in
13
- all copies or substantial portions of the Software.
14
-
15
- THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16
- IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17
- FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18
- AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19
- LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20
- OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
21
- THE SOFTWARE.
data/Rakefile DELETED
@@ -1,6 +0,0 @@
1
- require "bundler/gem_tasks"
2
- task :default => :spec
3
-
4
- require 'rspec/core/rake_task'
5
- task :default => :spec
6
- RSpec::Core::RakeTask.new
@@ -1,14 +0,0 @@
1
- #!/usr/bin/env ruby
2
-
3
- require "bundler/setup"
4
- require "securenative"
5
-
6
- # You can add fixtures and/or initialization code here to make experimenting
7
- # with your gem easier. You can also use a different console, if you like.
8
-
9
- # (If you use this, don't forget to add pry to your Gemfile!)
10
- # require "pry"
11
- # Pry.start
12
-
13
- require "irb"
14
- IRB.start(__FILE__)
data/bin/setup DELETED
@@ -1,8 +0,0 @@
1
- #!/usr/bin/env bash
2
- set -euo pipefail
3
- IFS=$'\n\t'
4
- set -vx
5
-
6
- bundle install
7
-
8
- # Do any other automated setup that you need to do here
@@ -1,39 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require 'models/sdk_event'
4
- require 'enums/failover_strategy'
5
- require 'enums/risk_level'
6
- require 'enums/api_route'
7
- require 'models/verify_result'
8
- require 'json'
9
-
10
- class ApiManager
11
- def initialize(event_manager, securenative_options)
12
- @event_manager = event_manager
13
- @options = securenative_options
14
- end
15
-
16
- def track(event_options)
17
- SecureNativeLogger.debug('Track event call')
18
- event = SDKEvent.new(event_options, @options)
19
- @event_manager.send_async(event, ApiRoute::TRACK)
20
- end
21
-
22
- def verify(event_options)
23
- SecureNativeLogger.debug('Verify event call')
24
- event = SDKEvent.new(event_options, @options)
25
-
26
- begin
27
- res = @event_manager.send_sync(event, ApiRoute::VERIFY, false)
28
- ver_result = JSON.parse(res.body)
29
- return VerifyResult.new(risk_level: ver_result['riskLevel'], score: ver_result['score'], triggers: ver_result['triggers'])
30
- rescue StandardError => e
31
- SecureNativeLogger.debug("Failed to call verify; #{e}")
32
- end
33
- if @options.fail_over_strategy == FailOverStrategy::FAIL_OPEN
34
- return VerifyResult.new(risk_level: RiskLevel::LOW, score: 0, triggers: nil)
35
- end
36
-
37
- VerifyResult.new(risk_level: RiskLevel::HIGH, score: 1, triggers: nil)
38
- end
39
- end
@@ -1,27 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require 'enums/failover_strategy'
4
-
5
- class ConfigurationBuilder
6
- attr_reader :api_key, :api_url, :interval, :max_events, :timeout, :auto_send, :disable, :log_level, :fail_over_strategy, :proxy_headers
7
- attr_writer :api_key, :api_url, :interval, :max_events, :timeout, :auto_send, :disable, :log_level, :fail_over_strategy, :proxy_headers
8
-
9
- def initialize(api_key: nil, api_url: 'https://api.securenative.com/collector/api/v1', interval: 1000,
10
- max_events: 1000, timeout: 1500, auto_send: true, disable: false, log_level: 'FATAL',
11
- fail_over_strategy: FailOverStrategy::FAIL_OPEN, proxy_headers: nil)
12
- @api_key = api_key
13
- @api_url = api_url
14
- @interval = interval
15
- @max_events = max_events
16
- @timeout = timeout
17
- @auto_send = auto_send
18
- @disable = disable
19
- @log_level = log_level
20
- @fail_over_strategy = fail_over_strategy
21
- @proxy_headers = proxy_headers
22
- end
23
-
24
- def self.default_securenative_options
25
- SecureNativeOptions.new
26
- end
27
- end
@@ -1,56 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require 'yaml'
4
- require 'config/configuration_builder'
5
-
6
- class ConfigurationManager
7
- DEFAULT_CONFIG_FILE = 'securenative.yml'
8
- CUSTOM_CONFIG_FILE_ENV_NAME = 'SECURENATIVE_CONFIG_FILE'
9
- @config = nil
10
-
11
- def self.read_resource_file(resource_path)
12
- properties = {}
13
- begin
14
- @config = YAML.load_file(resource_path)
15
- properties = @config unless @config.nil?
16
- rescue StandardError => e
17
- SecureNativeLogger.error("Could not parse config file #{resource_path}; #{e}")
18
- end
19
- properties
20
- end
21
-
22
- def self._get_resource_path(env_name)
23
- Env.fetch(env_name, ENV[DEFAULT_CONFIG_FILE])
24
- end
25
-
26
- def self.config_builder
27
- ConfigurationBuilder.new
28
- end
29
-
30
- def self._get_env_or_default(properties, key, default)
31
- return ENV[key] if ENV[key]
32
- return properties[key] if properties[key]
33
-
34
- default
35
- end
36
-
37
- def self.load_config
38
- options = ConfigurationBuilder.default_securenative_options
39
-
40
- resource_path = DEFAULT_CONFIG_FILE
41
- resource_path = ENV[CUSTOM_CONFIG_FILE_ENV_NAME] unless ENV[CUSTOM_CONFIG_FILE_ENV_NAME].nil?
42
-
43
- properties = read_resource_file(resource_path)
44
-
45
- ConfigurationBuilder.new(api_key: _get_env_or_default(properties, 'SECURENATIVE_API_KEY', options.api_key),
46
- api_url: _get_env_or_default(properties, 'SECURENATIVE_API_URL', options.api_url),
47
- interval: _get_env_or_default(properties, 'SECURENATIVE_INTERVAL', options.interval),
48
- max_events: _get_env_or_default(properties, 'SECURENATIVE_MAX_EVENTS', options.max_events),
49
- timeout: _get_env_or_default(properties, 'SECURENATIVE_TIMEOUT', options.timeout),
50
- auto_send: _get_env_or_default(properties, 'SECURENATIVE_AUTO_SEND', options.auto_send),
51
- disable: _get_env_or_default(properties, 'SECURENATIVE_DISABLE', options.disable),
52
- log_level: _get_env_or_default(properties, 'SECURENATIVE_LOG_LEVEL', options.log_level),
53
- fail_over_strategy: _get_env_or_default(properties, 'SECURENATIVE_FAILOVER_STRATEGY', options.fail_over_strategy),
54
- proxy_headers: _get_env_or_default(properties, 'SECURENATIVE_PROXY_HEADERS', options.proxy_headers))
55
- end
56
- end
@@ -1,23 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require 'enums/failover_strategy'
4
-
5
- class SecureNativeOptions
6
- attr_reader :api_key, :api_url, :interval, :max_events, :timeout, :auto_send, :disable, :log_level, :fail_over_strategy, :proxy_headers
7
- attr_writer :api_key, :api_url, :interval, :max_events, :timeout, :auto_send, :disable, :log_level, :fail_over_strategy, :proxy_headers
8
-
9
- def initialize(api_key: nil, api_url: "https://api.securenative.com/collector/api/v1", interval: 1000,
10
- max_events: 1000, timeout: 1500, auto_send: true, disable: false, log_level: "FATAL",
11
- fail_over_strategy: FailOverStrategy::FAIL_OPEN, proxy_headers: nil)
12
- @api_key = api_key
13
- @api_url = api_url
14
- @interval = interval
15
- @max_events = max_events
16
- @timeout = timeout
17
- @auto_send = auto_send
18
- @disable = disable
19
- @log_level = log_level
20
- @fail_over_strategy = fail_over_strategy
21
- @proxy_headers = proxy_headers
22
- end
23
- end
@@ -1,42 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- class HanamiContext
4
- SECURENATIVE_COOKIE = '_sn'
5
-
6
- def self.get_client_token(request)
7
- begin
8
- request.env[SECURENATIVE_COOKIE]
9
- rescue StandardError
10
- begin
11
- request.cookies[SECURENATIVE_COOKIE]
12
- rescue StandardError
13
- nil
14
- end
15
- end
16
- end
17
-
18
- def self.get_url(request)
19
- begin
20
- request.env['REQUEST_PATH']
21
- rescue StandardError
22
- nil
23
- end
24
- end
25
-
26
- def self.get_method(request)
27
- begin
28
- request.request_method
29
- rescue StandardError
30
- nil
31
- end
32
- end
33
-
34
- def self.get_headers(request)
35
- begin
36
- # Note: At the moment we're filtering out everything but user-agent since ruby's payload is way too big
37
- { 'user-agent' => request.env['HTTP_USER_AGENT'] }
38
- rescue StandardError
39
- nil
40
- end
41
- end
42
- end
@@ -1,44 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- class RailsContext
4
- SECURENATIVE_COOKIE = '_sn'
5
-
6
- def self.get_client_token(request)
7
- begin
8
- request.cookies[SECURENATIVE_COOKIE]
9
- rescue StandardError
10
- nil
11
- end
12
- end
13
-
14
- def self.get_url(request)
15
- begin
16
- # Rails >= 3.x
17
- request.fullpath
18
- rescue StandardError
19
- begin
20
- # Rails < 3.x & Sinatra
21
- request.url if url.nil?
22
- rescue StandardError
23
- nil
24
- end
25
- end
26
- end
27
-
28
- def self.get_method(request)
29
- begin
30
- request.method
31
- rescue StandardError
32
- nil
33
- end
34
- end
35
-
36
- def self.get_headers(request)
37
- begin
38
- # Note: At the moment we're filtering out everything but user-agent since ruby's payload is way too big
39
- { 'user-agent' => request.env['HTTP_USER_AGENT'] }
40
- rescue StandardError
41
- nil
42
- end
43
- end
44
- end
@@ -1,67 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require 'utils/request_utils'
4
- require 'utils/utils'
5
- require 'context/rails_context'
6
- require 'context/hanami_context'
7
- require 'context/sinatra_context'
8
-
9
- class SecureNativeContext
10
- attr_reader :client_token, :ip, :remote_ip, :headers, :url, :http_method, :body
11
- attr_writer :client_token, :ip, :remote_ip, :headers, :url, :http_method, :body
12
-
13
- SECURENATIVE_COOKIE = '_sn'
14
-
15
- def initialize(client_token: '', ip: '', remote_ip: '', headers: nil, url: '', http_method: '', body: '')
16
- @client_token = client_token
17
- @ip = ip
18
- @remote_ip = remote_ip
19
- @headers = headers
20
- @url = url
21
- @http_method = http_method
22
- @body = body
23
- end
24
-
25
- def self.default_context_builder
26
- SecureNativeContext.new
27
- end
28
-
29
- def self.from_http_request(request)
30
- client_token = RailsContext.get_client_token(request)
31
- client_token = SinatraContext.get_client_token(request) if client_token.nil?
32
- client_token = HanamiContext.get_client_token(request) if client_token.nil?
33
-
34
- begin
35
- headers = RailsContext.get_headers(request)
36
- headers = SinatraContext.get_headers(request) if headers.nil?
37
- headers = HanamiContext.get_headers(request) if headers.nil?
38
-
39
- # Standard Ruby request
40
- headers = request.header.to_hash if headers.nil?
41
- rescue StandardError
42
- headers = []
43
- end
44
-
45
- url = RailsContext.get_url(request)
46
- url = SinatraContext.get_url(request) if url.nil?
47
- url = HanamiContext.get_url(request) if url.nil?
48
- url = '' if url.nil?
49
-
50
- method = RailsContext.get_method(request)
51
- method = SinatraContext.get_method(request) if method.nil?
52
- method = HanamiContext.get_method(request) if method.nil?
53
- method = '' if method.nil?
54
-
55
- begin
56
- body = request.body.to_s
57
- rescue StandardError
58
- body = ''
59
- end
60
-
61
- client_token = RequestUtils.get_secure_header_from_request(headers) if Utils.null_or_empty?(client_token)
62
-
63
- SecureNativeContext.new(client_token: client_token, ip: RequestUtils.get_client_ip_from_request(request),
64
- remote_ip: RequestUtils.get_remote_ip_from_request(request),
65
- headers: headers, url: url, http_method: method || '', body: body)
66
- end
67
- end
@@ -1,42 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- class SinatraContext
4
- SECURENATIVE_COOKIE = '_sn'
5
-
6
- def self.get_client_token(request)
7
- begin
8
- request.env[SECURENATIVE_COOKIE]
9
- rescue StandardError
10
- begin
11
- request.cookies[SECURENATIVE_COOKIE]
12
- rescue StandardError
13
- nil
14
- end
15
- end
16
- end
17
-
18
- def self.get_url(request)
19
- begin
20
- request.env['REQUEST_URI']
21
- rescue StandardError
22
- nil
23
- end
24
- end
25
-
26
- def self.get_method(request)
27
- begin
28
- request.env['REQUEST_METHOD']
29
- rescue StandardError
30
- nil
31
- end
32
- end
33
-
34
- def self.get_headers(request)
35
- begin
36
- # Note: At the moment we're filtering out everything but user-agent since ruby's payload is way too big
37
- { 'user-agent' => request.env['HTTP_USER_AGENT'] }
38
- rescue StandardError
39
- nil
40
- end
41
- end
42
- end
@@ -1,6 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- module ApiRoute
4
- TRACK = 'track'
5
- VERIFY = 'verify'
6
- end
@@ -1,23 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- module EventTypes
4
- LOG_IN = 'sn.user.login'
5
- LOG_IN_CHALLENGE = 'sn.user.login.challenge'
6
- LOG_IN_FAILURE = 'sn.user.login.failure'
7
- LOG_OUT = 'sn.user.logout'
8
- SIGN_UP = 'sn.user.signup'
9
- AUTH_CHALLENGE = 'sn.user.auth.challenge'
10
- AUTH_CHALLENGE_SUCCESS = 'sn.user.auth.challenge.success'
11
- AUTH_CHALLENGE_FAILURE = 'sn.user.auth.challenge.failure'
12
- TWO_FACTOR_DISABLE = 'sn.user.2fa.disable'
13
- EMAIL_UPDATE = 'sn.user.email.update'
14
- PASSWORD_REST = 'sn.user.password.reset'
15
- PASSWORD_REST_SUCCESS = 'sn.user.password.reset.success'
16
- PASSWORD_UPDATE = 'sn.user.password.update'
17
- PASSWORD_REST_FAILURE = 'sn.user.password.reset.failure'
18
- USER_INVITE = 'sn.user.invite'
19
- ROLE_UPDATE = 'sn.user.role.update'
20
- PROFILE_UPDATE = 'sn.user.profile.update'
21
- PAGE_VIEW = 'sn.user.page.view'
22
- VERIFY = 'sn.verify'
23
- end
@@ -1,6 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- module FailOverStrategy
4
- FAIL_OPEN = 'fail-open'
5
- FAIL_CLOSED = 'fail-closed'
6
- end