securenative 0.1.24 → 0.1.30

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: d106e0702046e45250d4005ee93dc1baa17d5fa31cf393f3993a5667e3d14703
-  data.tar.gz: caba785bb61b1c517d98669d59f9ef1ae6e357f49ef2dbfbd6f41eeb0c96f0da
+  metadata.gz: 37b0720aab5431b97f1b2313e9e1e88d6a3ce712ba342575c86884a5d3ed9f7c
+  data.tar.gz: 74258ad8d16b072378bda84119bb65831cb1441f186fcb49a893308d777249d6
 SHA512:
-  metadata.gz: ab405d8068d865533569350a378853d5b864ad3933f7d394c8fb81e3d08365bfffff6f1fdf9bd5da6e8ca25adb9355ca1cd473ce68aed723318fa86171834d9c
-  data.tar.gz: 2b0f71f461ac6c9ec58f9c7d3cc75ac6cde418ee70da7f2df73102e56ddf4a3a0d22d883f124efe95e807c2cd07ba969f860561eccc8d460a45e775aab324bf0
+  metadata.gz: bb0ce8d22b7b1ce832c49a3690856312b298cc8cc55046ebe966cf7ddb410079ae5d13cc93a4fd25b4a111fd971ec7be9782f92b5716103bba2842ce72607d8e
+  data.tar.gz: 17dece79e7f8dabed7fd270d1da3d7cc50f94691bfed65324e45b961ac8bd0a33371d4390f941cb3fa460e24a72fb86487a466ceaff91ec6d23595fc6cb6b9a8

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    securenative (0.1.24)
+    securenative (0.1.30)
 
 GEM
   remote: https://rubygems.org/
@@ -208,7 +208,7 @@ GEM
       rspec-core (~> 3.9.0)
       rspec-expectations (~> 3.9.0)
       rspec-mocks (~> 3.9.0)
-    rspec-core (3.9.2)
+    rspec-core (3.9.3)
       rspec-support (~> 3.9.3)
     rspec-expectations (3.9.2)
       diff-lcs (>= 1.2.0, < 2.0)

data/README.md

@@ -50,36 +50,36 @@ To get your *API KEY*, login to your SecureNative account and go to project sett
 SecureNative can automatically load your config from *securenative.yml* file or from the file that is specified in your *SECURENATIVE_CONFIG_FILE* env variable:
 
 ```ruby
-require 'securenative/securenative'
+require 'securenative'
 
 
-secureative =  SecureNative::SecureNative.init
+secureative =  SecureNative::Client.init
 ```
 ### Option 2: Initialize via API Key
 
 ```ruby
-require 'securenative/sdk'
+require 'securenative'
 
 
-securenative =  SecureNative::SecureNative.init_with_api_key('YOUR_API_KEY')
+securenative =  SecureNative::Client.init_with_api_key('YOUR_API_KEY')
 ```
 
 ### Option 3: Initialize via ConfigurationBuilder
 ```ruby
-require 'securenative/sdk'
+require 'securenative'
 
 
-options = SecureNative::ConfigurationBuilder.new(api_key: 'API_KEY', max_events: 10, log_level: 'ERROR')
-SecureNative::SecureNative.init_with_options(options)                                 
+options = SecureNative::Config::ConfigurationBuilder.new(api_key: 'API_KEY', max_events: 10, log_level: 'ERROR')
+SecureNative::Client.init_with_options(options)                                 
 ```
 
 ## Getting SecureNative instance
 Once initialized, sdk will create a singleton instance which you can get: 
 ```ruby
-require 'securenative/sdk'
+require 'securenative'
 
 
-secureNative = SecureNative::SecureNative.instance
+secureNative = SecureNative::Client.instance
 ```
 
 ## Tracking events
@@ -88,15 +88,12 @@ Once the SDK has been initialized, tracking requests sent through the SDK
 instance. Make sure you build event with the EventBuilder:
 
  ```ruby
-require 'securenative/sdk'
-require 'securenative/models/event_options'
-require 'securenative/enums/event_types'
-require 'securenative/models/user_traits'
+require 'securenative'
 
 
 def track
-    securenative = SecureNative::SecureNative.instance
-    context = SecureNative::SecureNativeContext.new(client_token: 'SECURED_CLIENT_TOKEN', ip: '127.0.0.1',
+    securenative = SecureNative::Client.instance
+    context = SecureNative::Context.new(client_token: 'SECURED_CLIENT_TOKEN', ip: '127.0.0.1',
                                        headers: { 'user-agent' => 'Mozilla: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:47.0) Gecko/20100101 Firefox/47.3 Mozilla/5.0 (Macintosh; Intel Mac OS X x.y; rv:42.0) Gecko/20100101 Firefox/43.4' })
     
     event_options = SecureNative::EventOptions.new(event: SecureNative::EventTypes::LOG_IN, user_id: '1234', context: context,
@@ -112,15 +109,12 @@ end
 You can also create request securenative.context from requests:
 
 ```ruby
-require 'securenative/sdk'
-require 'securenative/models/event_options'
-require 'securenative/enums/event_types'
-require 'securenative/models/user_traits'
+require 'securenative'
 
 
 def track(request)
-    securenative = SecureNative::SecureNative.instance
-    context = SecureNative::SecureNativeContext.from_http_request(request)
+    securenative = SecureNative::Client.instance
+    context = SecureNative::Context.from_http_request(request)
     
     event_options = SecureNative::EventOptions.new(event: SecureNative::EventTypes::LOG_IN, user_id: '1234', context: context,
                                      user_traits: SecureNative::UserTraits.new(name: 'Your Name', email: 'name@gmail.com', phone: '+1234567890'),
@@ -137,15 +131,12 @@ end
 **Example**
 
 ```ruby
-require 'securenative/sdk'
-require 'securenative/models/event_options'
-require 'securenative/enums/event_types'
-require 'securenative/models/user_traits'
+require 'securenative'
 
 
 def verify(request)
-    securenative = SecureNative::SecureNative.instance
-    context = SecureNative::SecureNativeContext.from_http_request(request)
+    securenative = SecureNative::Client.instance
+    context = SecureNative::Context.from_http_request(request)
 
     event_options = SecureNative::EventOptions.new(event: SecureNative::EventTypes::LOG_IN, user_id: '1234', context: context,
                                          user_traits: SecureNative::UserTraits.new(name: 'Your Name', email: 'name@gmail.com', phone: '+1234567890'),
@@ -163,13 +154,36 @@ end
 Apply our filter to verify the request is from us, for example:
 
 ```ruby
-require 'securenative/sdk'
+require 'securenative'
 
 
 def webhook_endpoint(request)
-    securenative = SecureNative::SecureNative.instance
+    securenative = SecureNative::Client.instance
     
     # Checks if request is verified
     is_verified = securenative.verify_request_payload(request)
 end
- ```
+ ```
+
+## Extract proxy headers from Cloudflare
+
+You can specify custom header keys to allow extraction of client ip from different providers.
+This example demonstrates the usage of proxy headers for ip extraction from Cloudflare.
+
+### Option 1: Using config file
+```yaml
+SECURENATIVE_API_KEY: dsbe27fh3437r2yd326fg3fdg36f43
+SECURENATIVE_PROXY_HEADERS: ["CF-Connecting-IP"]
+```
+
+Initialize sdk as showed above.
+
+### Options 2: Using ConfigurationBuilder
+
+```ruby
+require 'securenative'
+
+options = SecureNative::Options.new(api_key: 'API_KEY', max_events: 10, log_level: 'ERROR', proxy_headers: ['CF-Connecting-IP'])
+
+SecureNative::Client.init_with_options(options)
+``` 

data/lib/securenative.rb

@@ -0,0 +1,49 @@
+# frozen_string_literal: true
+
+require 'securenative/failover_strategy'
+require 'securenative/enums/risk_level'
+require 'securenative/enums/api_route'
+require 'securenative/event_types'
+require 'securenative/enums/risk_level'
+require 'securenative/config/configuration_builder'
+require 'securenative/config/configuration_manager'
+require 'securenative/options'
+require 'securenative/utils/request_utils'
+require 'securenative/utils/version_utils'
+require 'securenative/utils/encryption_utils'
+require 'securenative/utils/signature_utils'
+require 'securenative/utils/date_utils'
+require 'securenative/utils/utils'
+require 'securenative/utils/log'
+require 'securenative/utils/ip_utils'
+require 'securenative/frameworks/hanami'
+require 'securenative/frameworks/sinatra'
+require 'securenative/frameworks/rails'
+require 'securenative/context'
+require 'securenative/event_options'
+require 'securenative/user_traits'
+require 'securenative/request_context'
+require 'securenative/client_token'
+require 'securenative/sdk_event'
+require 'securenative/verify_result'
+require 'securenative/errors/invalid_options_error'
+require 'securenative/errors/sdk_Illegal_state_error'
+require 'securenative/errors/config_error'
+require 'securenative/errors/sdk_error'
+require 'securenative/errors/http_error'
+require 'securenative/http_client'
+require 'securenative/event_manager'
+require 'securenative/api_manager'
+require 'securenative/client'
+require 'securenative/version'
+
+require 'yaml'
+require 'net/http'
+require 'uri'
+require 'json'
+require 'securerandom'
+require 'openssl'
+require 'digest'
+require 'base64'
+require 'resolv'
+require 'logger'

data/lib/securenative/api_manager.rb

@@ -1,12 +1,5 @@
 # frozen_string_literal: true
 
-require 'securenative/models/sdk_event'
-require 'securenative/enums/failover_strategy'
-require 'securenative/enums/risk_level'
-require 'securenative/enums/api_route'
-require 'securenative/models/verify_result'
-require 'json'
-
 module SecureNative
   class ApiManager
     def initialize(event_manager, securenative_options)
@@ -15,27 +8,27 @@ module SecureNative
     end
 
     def track(event_options)
-      SecureNativeLogger.debug('Track event call')
-      event = SDKEvent.new(event_options, @options)
-      @event_manager.send_async(event, ApiRoute::TRACK)
+      SecureNative::Log.debug('Track event call')
+      event = SecureNative::SDKEvent.new(event_options, @options)
+      @event_manager.send_async(event, SecureNative::Enums::ApiRoute::TRACK)
     end
 
     def verify(event_options)
-      SecureNativeLogger.debug('Verify event call')
-      event = SDKEvent.new(event_options, @options)
+      SecureNative::Log.debug('Verify event call')
+      event = SecureNative::SDKEvent.new(event_options, @options)
 
       begin
-        res = @event_manager.send_sync(event, ApiRoute::VERIFY, false)
+        res = @event_manager.send_sync(event, SecureNative::Enums::ApiRoute::VERIFY)
         ver_result = JSON.parse(res.body)
         return VerifyResult.new(risk_level: ver_result['riskLevel'], score: ver_result['score'], triggers: ver_result['triggers'])
       rescue StandardError => e
-        SecureNativeLogger.debug("Failed to call verify; #{e}")
+        SecureNative::Log.debug("Failed to call verify; #{e}")
       end
-      if @options.fail_over_strategy == FailOverStrategy::FAIL_OPEN
-        return VerifyResult.new(risk_level: RiskLevel::LOW, score: 0, triggers: nil)
+      if @options.fail_over_strategy == SecureNative::FailOverStrategy::FAIL_OPEN
+        return SecureNative::VerifyResult.new(risk_level: SecureNative::Enums::RiskLevel::LOW, score: 0, triggers: nil)
       end
 
-      VerifyResult.new(risk_level: RiskLevel::HIGH, score: 1, triggers: nil)
+      VerifyResult.new(risk_level: SecureNative::Enums::RiskLevel::HIGH, score: 1, triggers: nil)
     end
   end
 end

data/lib/securenative/client.rb

@@ -0,0 +1,75 @@
+# frozen_string_literal: true
+
+module SecureNative
+  class Client
+    attr_reader :options
+
+    def initialize(options)
+      @securenative = nil
+      if SecureNative::Utils::Utils.null_or_empty?(options.api_key)
+        raise SecureNativeSDKError, 'You must pass your SecureNative api key'
+      end
+
+      @options = options
+      @event_manager = EventManager.new(@options)
+
+      @api_manager = SecureNative::ApiManager.new(@event_manager, @options)
+      SecureNative::Log.init_logger(@options.log_level)
+    end
+
+    def self.init_with_options(options)
+      if @securenative.nil?
+        @securenative = SecureNative::Client.new(options)
+        @securenative
+      else
+        SecureNative::Log.debug('This SDK was already initialized.')
+        raise SecureNativeSDKError, 'This SDK was already initialized.'
+      end
+    end
+
+    def self.init_with_api_key(api_key)
+      if SecureNative::Utils::Utils.null_or_empty?(api_key)
+        raise SecureNativeConfigError, 'You must pass your SecureNative api key'
+      end
+
+      if @securenative.nil?
+        options = SecureNative::Config::ConfigurationBuilder.new(api_key: api_key)
+        @securenative = SecureNative::Client.new(options)
+        @securenative
+      else
+        SecureNative::Log.debug('This SDK was already initialized.')
+        raise SecureNativeSDKError, 'This SDK was already initialized.'
+      end
+    end
+
+    def self.init
+      options = SecureNative::Config::ConfigurationManager.load_config
+      init_with_options(options)
+    end
+
+    def self.instance
+      raise SecureNativeSDKIllegalStateError if @securenative.nil?
+
+      @securenative
+    end
+
+    def track(event_options)
+      @api_manager.track(event_options)
+    end
+
+    def verify(event_options)
+      @api_manager.verify(event_options)
+    end
+
+    def self._flush
+      @securenative = nil
+    end
+
+    def verify_request_payload(request)
+      request_signature = request.header[SignatureUtils.SIGNATURE_HEADER]
+      body = request.body
+
+      SignatureUtils.valid_signature?(@options.api_key, body, request_signature)
+    end
+  end
+end

data/lib/securenative/config/configuration_builder.rb

@@ -1,29 +1,29 @@
 # frozen_string_literal: true
 
-require 'securenative/enums/failover_strategy'
-
 module SecureNative
-  class ConfigurationBuilder
-    attr_reader :api_key, :api_url, :interval, :max_events, :timeout, :auto_send, :disable, :log_level, :fail_over_strategy, :proxy_headers
-    attr_writer :api_key, :api_url, :interval, :max_events, :timeout, :auto_send, :disable, :log_level, :fail_over_strategy, :proxy_headers
+  module Config
+    class ConfigurationBuilder
+      attr_reader :api_key, :api_url, :interval, :max_events, :timeout, :auto_send, :disable, :log_level, :fail_over_strategy, :proxy_headers
+      attr_writer :api_key, :api_url, :interval, :max_events, :timeout, :auto_send, :disable, :log_level, :fail_over_strategy, :proxy_headers
 
-    def initialize(api_key: nil, api_url: 'https://api.securenative.com/collector/api/v1', interval: 1000,
-                   max_events: 1000, timeout: 1500, auto_send: true, disable: false, log_level: 'FATAL',
-                   fail_over_strategy: FailOverStrategy::FAIL_OPEN, proxy_headers: nil)
-      @api_key = api_key
-      @api_url = api_url
-      @interval = interval
-      @max_events = max_events
-      @timeout = timeout
-      @auto_send = auto_send
-      @disable = disable
-      @log_level = log_level
-      @fail_over_strategy = fail_over_strategy
-      @proxy_headers = proxy_headers
-    end
+      def initialize(api_key: nil, api_url: 'https://api.securenative.com/collector/api/v1', interval: 1000,
+                     max_events: 1000, timeout: 1500, auto_send: true, disable: false, log_level: 'FATAL',
+                     fail_over_strategy: SecureNative::FailOverStrategy::FAIL_OPEN, proxy_headers: nil)
+        @api_key = api_key
+        @api_url = api_url
+        @interval = interval
+        @max_events = max_events
+        @timeout = timeout
+        @auto_send = auto_send
+        @disable = disable
+        @log_level = log_level
+        @fail_over_strategy = fail_over_strategy
+        @proxy_headers = proxy_headers
+      end
 
-    def self.default_securenative_options
-      SecureNativeOptions.new
+      def self.default_securenative_options
+        Options.new
+      end
     end
   end
-end
+end

data/lib/securenative/config/configuration_manager.rb

@@ -1,58 +1,57 @@
 # frozen_string_literal: true
 
-require 'yaml'
-require 'securenative/config/configuration_builder'
-
 module SecureNative
-  class ConfigurationManager
-    DEFAULT_CONFIG_FILE = 'securenative.yml'
-    CUSTOM_CONFIG_FILE_ENV_NAME = 'SECURENATIVE_CONFIG_FILE'
-    @config = nil
-
-    def self.read_resource_file(resource_path)
-      properties = {}
-      begin
-        @config = YAML.load_file(resource_path)
-        properties = @config unless @config.nil?
-      rescue StandardError => e
-        SecureNativeLogger.error("Could not parse securenative.config file #{resource_path}; #{e}")
+  module Config
+    class ConfigurationManager
+      DEFAULT_CONFIG_FILE = 'securenative.yml'
+      CUSTOM_CONFIG_FILE_ENV_NAME = 'SECURENATIVE_CONFIG_FILE'
+      @config = nil
+
+      def self.read_resource_file(resource_path)
+        properties = {}
+        begin
+          @config = YAML.load_file(resource_path)
+          properties = @config unless @config.nil?
+        rescue StandardError => e
+          SecureNative::Log.error("Could not parse securenative.config file #{resource_path}; #{e}")
+        end
+        properties
       end
-      properties
-    end
 
-    def self._get_resource_path(env_name)
-      Env.fetch(env_name, ENV[DEFAULT_CONFIG_FILE])
-    end
+      def self._get_resource_path(env_name)
+        Env.fetch(env_name, ENV[DEFAULT_CONFIG_FILE])
+      end
 
-    def self.config_builder
-      ConfigurationBuilder.new
-    end
+      def self.config_builder
+        SecureNative::Config::ConfigurationBuilder.new
+      end
 
-    def self._get_env_or_default(properties, key, default)
-      return ENV[key] if ENV[key]
-      return properties[key] if properties[key]
+      def self._get_env_or_default(properties, key, default)
+        return ENV[key] if ENV[key]
+        return properties[key] if properties[key]
 
-      default
-    end
+        default
+      end
 
-    def self.load_config
-      options = ConfigurationBuilder.default_securenative_options
+      def self.load_config
+        options = SecureNative::Config::ConfigurationBuilder.default_securenative_options
 
-      resource_path = DEFAULT_CONFIG_FILE
-      resource_path = ENV[CUSTOM_CONFIG_FILE_ENV_NAME] unless ENV[CUSTOM_CONFIG_FILE_ENV_NAME].nil?
+        resource_path = DEFAULT_CONFIG_FILE
+        resource_path = ENV[CUSTOM_CONFIG_FILE_ENV_NAME] unless ENV[CUSTOM_CONFIG_FILE_ENV_NAME].nil?
 
-      properties = read_resource_file(resource_path)
+        properties = read_resource_file(resource_path)
 
-      ConfigurationBuilder.new(api_key: _get_env_or_default(properties, 'SECURENATIVE_API_KEY', options.api_key),
-                               api_url: _get_env_or_default(properties, 'SECURENATIVE_API_URL', options.api_url),
-                               interval: _get_env_or_default(properties, 'SECURENATIVE_INTERVAL', options.interval),
-                               max_events: _get_env_or_default(properties, 'SECURENATIVE_MAX_EVENTS', options.max_events),
-                               timeout: _get_env_or_default(properties, 'SECURENATIVE_TIMEOUT', options.timeout),
-                               auto_send: _get_env_or_default(properties, 'SECURENATIVE_AUTO_SEND', options.auto_send),
-                               disable: _get_env_or_default(properties, 'SECURENATIVE_DISABLE', options.disable),
-                               log_level: _get_env_or_default(properties, 'SECURENATIVE_LOG_LEVEL', options.log_level),
-                               fail_over_strategy: _get_env_or_default(properties, 'SECURENATIVE_FAILOVER_STRATEGY', options.fail_over_strategy),
-                               proxy_headers: _get_env_or_default(properties, 'SECURENATIVE_PROXY_HEADERS', options.proxy_headers))
+        SecureNative::Config::ConfigurationBuilder.new(api_key: _get_env_or_default(properties, 'SECURENATIVE_API_KEY', options.api_key),
+                                                       api_url: _get_env_or_default(properties, 'SECURENATIVE_API_URL', options.api_url),
+                                                       interval: _get_env_or_default(properties, 'SECURENATIVE_INTERVAL', options.interval),
+                                                       max_events: _get_env_or_default(properties, 'SECURENATIVE_MAX_EVENTS', options.max_events),
+                                                       timeout: _get_env_or_default(properties, 'SECURENATIVE_TIMEOUT', options.timeout),
+                                                       auto_send: _get_env_or_default(properties, 'SECURENATIVE_AUTO_SEND', options.auto_send),
+                                                       disable: _get_env_or_default(properties, 'SECURENATIVE_DISABLE', options.disable),
+                                                       log_level: _get_env_or_default(properties, 'SECURENATIVE_LOG_LEVEL', options.log_level),
+                                                       fail_over_strategy: _get_env_or_default(properties, 'SECURENATIVE_FAILOVER_STRATEGY', options.fail_over_strategy),
+                                                       proxy_headers: _get_env_or_default(properties, 'SECURENATIVE_PROXY_HEADERS', options.proxy_headers))
+      end
     end
   end
 end