securenative 0.1.23 → 0.1.29

data/lib/utils/date_utils.rb

@@ -1,9 +0,0 @@
-# frozen_string_literal: true
-
-class DateUtils
-  def self.to_timestamp(date)
-    return Time.now.utc.iso8601 if date.nil?
-
-    Time.parse(date).iso8601
-  end
-end

data/lib/utils/encryption_utils.rb

@@ -1,49 +0,0 @@
-# frozen_string_literal: true
-
-require 'openssl'
-require 'digest'
-require 'base64'
-require 'models/client_token'
-
-class EncryptionUtils
-  def self.padding_key(key, length)
-    if key.length == length
-      key
-    else
-      if key.length > length
-        key.slice(0, length)
-      else
-        (length - key.length).times { key << '0' }
-        key
-      end
-    end
-  end
-
-  def self.encrypt(plain_text, secret_key)
-    begin
-      cipher = OpenSSL::Cipher.new('aes-256-cbc')
-      cipher.encrypt
-      iv = cipher.random_iv
-      cipher.key = padding_key(secret_key, 32)
-      encrypted = cipher.update(plain_text) + cipher.final
-      (iv + encrypted).unpack1('H*')
-    rescue StandardError
-      ''
-    end
-  end
-
-  def self.decrypt(cipher_text, secret_key)
-    begin
-      cipher = OpenSSL::Cipher.new('aes-256-cbc')
-      cipher.decrypt
-      raw_data = [cipher_text].pack('H*')
-      cipher.iv = raw_data.slice(0, 16)
-      cipher.key = padding_key(secret_key, 32)
-      decrypted = JSON.parse(cipher.update(raw_data.slice(16, raw_data.length)) + cipher.final)
-
-      return ClientToken.new(decrypted['cid'], decrypted['vid'], decrypted['fp'])
-    rescue StandardError
-      ClientToken.new('', '','')
-    end
-  end
-end

data/lib/utils/ip_utils.rb

@@ -1,23 +0,0 @@
-# frozen_string_literal: true
-
-require "resolv"
-
-class IpUtils
-  def self.ip_address?(ip_address)
-    return true if ip_address =~ Resolv::IPv4::Regex
-    return true if ip_address =~ Resolv::IPv6::Regex
-
-    false
-  end
-
-  def self.valid_public_ip?(ip_address)
-    ip = IPAddr.new(ip_address)
-    return false if ip.loopback? || ip.private? || ip.link_local? || ip.untrusted? || ip.tainted?
-
-    true
-  end
-
-  def self.loop_back?(ip_address)
-    IPAddr.new(ip_address).loopback?
-  end
-end

data/lib/utils/request_utils.rb

@@ -1,69 +0,0 @@
-# frozen_string_literal: true
-
-class RequestUtils
-  SECURENATIVE_COOKIE = '_sn'
-  SECURENATIVE_HEADER = 'x-securenative'
-
-  def self.get_secure_header_from_request(headers)
-    begin
-      return headers[SECURENATIVE_HEADER] unless headers.nil?
-    rescue StandardError
-      []
-    end
-    []
-  end
-
-  def self.get_client_ip_from_request(request, options = nil)
-    begin
-      return request.ip unless request.ip.nil?
-    rescue NoMethodError
-    end
-
-    begin
-      x_forwarded_for = request.env['HTTP_X_FORWARDED_FOR']
-      return x_forwarded_for.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless x_forwarded_for.nil?
-    rescue NoMethodError
-      begin
-        x_forwarded_for = request['HTTP_X_FORWARDED_FOR']
-        return x_forwarded_for.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless x_forwarded_for.nil?
-      rescue NoMethodError
-      end
-    end
-
-    begin
-      x_forwarded_for = request.env['REMOTE_ADDR']
-      return x_forwarded_for.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless x_forwarded_for.nil?
-    rescue NoMethodError
-      begin
-        x_forwarded_for = request['REMOTE_ADDR']
-        return x_forwarded_for.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless x_forwarded_for.nil?
-      rescue NoMethodError
-      end
-    end
-
-    unless options.nil?
-      for header in options.proxy_headers do
-        begin
-          h = request.env[header]
-          return h.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless h.nil?
-        rescue NoMethodError
-          begin
-            h = request[header]
-            return h.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless h.nil?
-          rescue NoMethodError
-          end
-        end
-      end
-    end
-
-    ''
-  end
-
-  def self.get_remote_ip_from_request(request)
-    begin
-      request.remote_ip
-    rescue NoMethodError
-      ''
-    end
-  end
-end

data/lib/utils/secure_native_logger.rb

@@ -1,44 +0,0 @@
-# frozen_string_literal: true
-
-require 'logger'
-
-class SecureNativeLogger
-  @logger = Logger.new(STDOUT)
-
-  def self.init_logger(level = 'DEBUG')
-    @logger.level = case level
-                    when 'WARN'
-                      Logger::WARN
-                    when 'DEBUG'
-                      Logger::DEBUG
-                    when 'ERROR'
-                      Logger::ERROR
-                    when 'FATAL'
-                      Logger::FATAL
-                    when 'INFO'
-                      Logger::INFO
-                    else
-                      Logger::FATAL
-                    end
-
-    @logger.formatter = proc do |severity, datetime, progname, msg|
-      "[#{datetime}] #{severity}  (#{progname}): #{msg}\n"
-    end
-  end
-
-  def self.info(msg)
-    @logger.info(msg)
-  end
-
-  def self.debug(msg)
-    @logger.debug(msg)
-  end
-
-  def self.warning(msg)
-    @logger.warning(msg)
-  end
-
-  def self.error(msg)
-    @logger.error(msg)
-  end
-end

data/lib/utils/signature_utils.rb

@@ -1,16 +0,0 @@
-# frozen_string_literal: true
-
-require 'openssl'
-
-class SignatureUtils
-  SIGNATURE_HEADER = 'x-securenative'
-
-  def self.valid_signature?(api_key, payload, header_signature)
-    key = api_key.encode('utf-8')
-    body = payload.encode('utf-8')
-    calculated_signature = OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha512'), key, body)
-    calculated_signature.eql? header_signature
-  rescue StandardError
-    false
-  end
-end

data/lib/utils/utils.rb

@@ -1,9 +0,0 @@
-# frozen_string_literal: true
-
-class Utils
-  def self.null_or_empty?(string)
-    return true if !string || string.empty? || string.nil?
-
-    false
-  end
-end

data/lib/utils/version_utils.rb

@@ -1,11 +0,0 @@
-# frozen_string_literal: true
-
-class VersionUtils
-  def self.version
-    begin
-      Gem.loaded_specs['securenative'].version.to_s
-    rescue StandardError
-      'unknown'
-    end
-  end
-end

data/out/production/securenative-ruby/api_manager.rb

@@ -1,39 +0,0 @@
-# frozen_string_literal: true
-
-require 'models/sdk_event'
-require 'enums/failover_strategy'
-require 'enums/risk_level'
-require 'enums/api_route'
-require 'models/verify_result'
-require 'json'
-
-class ApiManager
-  def initialize(event_manager, securenative_options)
-    @event_manager = event_manager
-    @options = securenative_options
-  end
-
-  def track(event_options)
-    SecureNativeLogger.debug('Track event call')
-    event = SDKEvent.new(event_options, @options)
-    @event_manager.send_async(event, ApiRoute::TRACK)
-  end
-
-  def verify(event_options)
-    SecureNativeLogger.debug('Verify event call')
-    event = SDKEvent.new(event_options, @options)
-
-    begin
-      res = @event_manager.send_sync(event, ApiRoute::VERIFY, false)
-      ver_result = JSON.parse(res.body)
-      return VerifyResult.new(risk_level: ver_result['riskLevel'], score: ver_result['score'], triggers: ver_result['triggers'])
-    rescue StandardError => e
-      SecureNativeLogger.debug("Failed to call verify; #{e}")
-    end
-    if @options.fail_over_strategy == FailOverStrategy::FAIL_OPEN
-      return VerifyResult.new(risk_level: RiskLevel::LOW, score: 0, triggers: nil)
-    end
-
-    VerifyResult.new(risk_level: RiskLevel::HIGH, score: 1, triggers: nil)
-  end
-end

data/out/production/securenative-ruby/config/configuration_builder.rb

@@ -1,27 +0,0 @@
-# frozen_string_literal: true
-
-require 'enums/failover_strategy'
-
-class ConfigurationBuilder
-  attr_reader :api_key, :api_url, :interval, :max_events, :timeout, :auto_send, :disable, :log_level, :fail_over_strategy, :proxy_headers
-  attr_writer :api_key, :api_url, :interval, :max_events, :timeout, :auto_send, :disable, :log_level, :fail_over_strategy, :proxy_headers
-
-  def initialize(api_key: nil, api_url: 'https://api.securenative.com/collector/api/v1', interval: 1000,
-                 max_events: 1000, timeout: 1500, auto_send: true, disable: false, log_level: 'FATAL',
-                 fail_over_strategy: FailOverStrategy::FAIL_OPEN, proxy_headers: [])
-    @api_key = api_key
-    @api_url = api_url
-    @interval = interval
-    @max_events = max_events
-    @timeout = timeout
-    @auto_send = auto_send
-    @disable = disable
-    @log_level = log_level
-    @fail_over_strategy = fail_over_strategy
-    @proxy_headers = proxy_headers
-  end
-
-  def self.default_securenative_options
-    SecureNativeOptions.new
-  end
-end

data/out/production/securenative-ruby/config/configuration_manager.rb

@@ -1,56 +0,0 @@
-# frozen_string_literal: true
-
-require 'yaml'
-require 'config/configuration_builder'
-
-class ConfigurationManager
-  DEFAULT_CONFIG_FILE = 'securenative.yml'
-  CUSTOM_CONFIG_FILE_ENV_NAME = 'SECURENATIVE_CONFIG_FILE'
-  @config = nil
-
-  def self.read_resource_file(resource_path)
-    properties = {}
-    begin
-      @config = YAML.load_file(resource_path)
-      properties = @config unless @config.nil?
-    rescue StandardError => e
-      SecureNativeLogger.error("Could not parse config file #{resource_path}; #{e}")
-    end
-    properties
-  end
-
-  def self._get_resource_path(env_name)
-    Env.fetch(env_name, ENV[DEFAULT_CONFIG_FILE])
-  end
-
-  def self.config_builder
-    ConfigurationBuilder.new
-  end
-
-  def self._get_env_or_default(properties, key, default)
-    return ENV[key] if ENV[key]
-    return properties[key] if properties[key]
-
-    default
-  end
-
-  def self.load_config
-    options = ConfigurationBuilder.default_securenative_options
-
-    resource_path = DEFAULT_CONFIG_FILE
-    resource_path = ENV[CUSTOM_CONFIG_FILE_ENV_NAME] unless ENV[CUSTOM_CONFIG_FILE_ENV_NAME].nil?
-
-    properties = read_resource_file(resource_path)
-
-    ConfigurationBuilder.new(api_key: _get_env_or_default(properties, 'SECURENATIVE_API_KEY', options.api_key),
-                             api_url: _get_env_or_default(properties, 'SECURENATIVE_API_URL', options.api_url),
-                             interval: _get_env_or_default(properties, 'SECURENATIVE_INTERVAL', options.interval),
-                             max_events: _get_env_or_default(properties, 'SECURENATIVE_MAX_EVENTS', options.max_events),
-                             timeout: _get_env_or_default(properties, 'SECURENATIVE_TIMEOUT', options.timeout),
-                             auto_send: _get_env_or_default(properties, 'SECURENATIVE_AUTO_SEND', options.auto_send),
-                             disable: _get_env_or_default(properties, 'SECURENATIVE_DISABLE', options.disable),
-                             log_level: _get_env_or_default(properties, 'SECURENATIVE_LOG_LEVEL', options.log_level),
-                             fail_over_strategy: _get_env_or_default(properties, 'SECURENATIVE_FAILOVER_STRATEGY', options.fail_over_strategy),
-                             proxy_headers: _get_env_or_default(properties, 'SECURENATIVE_PROXY_HEADERS', options.proxy_headers))
-  end
-end

data/out/production/securenative-ruby/config/securenative_options.rb

@@ -1,23 +0,0 @@
-# frozen_string_literal: true
-
-require 'enums/failover_strategy'
-
-class SecureNativeOptions
-  attr_reader :api_key, :api_url, :interval, :max_events, :timeout, :auto_send, :disable, :log_level, :fail_over_strategy, :proxy_headers
-  attr_writer :api_key, :api_url, :interval, :max_events, :timeout, :auto_send, :disable, :log_level, :fail_over_strategy, :proxy_headers
-
-  def initialize(api_key: nil, api_url: "https://api.securenative.com/collector/api/v1", interval: 1000,
-                 max_events: 1000, timeout: 1500, auto_send: true, disable: false, log_level: "FATAL",
-                 fail_over_strategy: FailOverStrategy::FAIL_OPEN, proxy_headers: [])
-    @api_key = api_key
-    @api_url = api_url
-    @interval = interval
-    @max_events = max_events
-    @timeout = timeout
-    @auto_send = auto_send
-    @disable = disable
-    @log_level = log_level
-    @fail_over_strategy = fail_over_strategy
-    @proxy_headers = proxy_headers
-  end
-end

data/out/production/securenative-ruby/context/hanami_context.rb

@@ -1,42 +0,0 @@
-# frozen_string_literal: true
-
-class HanamiContext
-  SECURENATIVE_COOKIE = '_sn'
-
-  def self.get_client_token(request)
-    begin
-      request.env[SECURENATIVE_COOKIE]
-    rescue StandardError
-      begin
-        request.cookies[SECURENATIVE_COOKIE]
-      rescue StandardError
-        nil
-      end
-    end
-  end
-
-  def self.get_url(request)
-    begin
-      request.env['REQUEST_PATH']
-    rescue StandardError
-      nil
-    end
-  end
-
-  def self.get_method(request)
-    begin
-      request.request_method
-    rescue StandardError
-      nil
-    end
-  end
-
-  def self.get_headers(request)
-    begin
-      # Note: At the moment we're filtering out everything but user-agent since ruby's payload is way too big
-      { 'user-agent' => request.env['HTTP_USER_AGENT'] }
-    rescue StandardError
-      nil
-    end
-  end
-end

data/out/production/securenative-ruby/context/rails_context.rb

@@ -1,44 +0,0 @@
-# frozen_string_literal: true
-
-class RailsContext
-  SECURENATIVE_COOKIE = '_sn'
-
-  def self.get_client_token(request)
-    begin
-      request.cookies[SECURENATIVE_COOKIE]
-    rescue StandardError
-      nil
-    end
-  end
-
-  def self.get_url(request)
-    begin
-      # Rails >= 3.x
-      request.fullpath
-    rescue StandardError
-      begin
-        # Rails < 3.x & Sinatra
-        request.url if url.nil?
-      rescue StandardError
-        nil
-      end
-    end
-  end
-
-  def self.get_method(request)
-    begin
-      request.method
-    rescue StandardError
-      nil
-    end
-  end
-
-  def self.get_headers(request)
-    begin
-      # Note: At the moment we're filtering out everything but user-agent since ruby's payload is way too big
-      { 'user-agent' => request.env['HTTP_USER_AGENT'] }
-    rescue StandardError
-      nil
-    end
-  end
-end