RubyGems - securenative - Versions diffs - 0.1.24 → 0.1.30 - Mend

securenative 0.1.24 → 0.1.30

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (102) hide show

data/out/production/securenative-ruby/securenative.rb DELETED

@@ -1,83 +0,0 @@
-# frozen_string_literal: true
-require 'utils/secure_native_logger'
-require 'utils/signature_utils'
-require 'utils/utils'
-require 'errors/securenative_sdk_error'
-require 'errors/securenative_sdk_Illegal_state_error'
-require 'errors/securenative_config_error'
-require 'enums/failover_strategy'
-require 'config/configuration_builder'
-require 'config/configuration_manager'
-require 'event_manager'
-require 'api_manager'
-class SecureNative
-  attr_reader :options
-  def initialize(options)
-    @securenative = nil
-    raise SecureNativeSDKError, 'You must pass your SecureNative api key' if Utils.null_or_empty?(options.api_key)
-    @options = options
-    @event_manager = EventManager.new(@options)
-    @event_manager.start_event_persist unless @options.api_url.nil?
-    @api_manager = ApiManager.new(@event_manager, @options)
-    SecureNativeLogger.init_logger(@options.log_level)
-  end
-  def self.init_with_options(options)
-    if @securenative.nil?
-      @securenative = SecureNative.new(options)
-      @securenative
-    else
-      SecureNativeLogger.debug('This SDK was already initialized.')
-      raise SecureNativeSDKError, 'This SDK was already initialized.'
-    end
-  end
-  def self.init_with_api_key(api_key)
-    raise SecureNativeConfigError, 'You must pass your SecureNative api key' if Utils.null_or_empty?(api_key)
-    if @securenative.nil?
-      options = ConfigurationBuilder.new(api_key: api_key)
-      @securenative = SecureNative.new(options)
-      @securenative
-    else
-      SecureNativeLogger.debug('This SDK was already initialized.')
-      raise SecureNativeSDKError, 'This SDK was already initialized.'
-    end
-  end
-  def self.init
-    options = ConfigurationManager.load_config
-    init_with_options(options)
-  end
-  def self.instance
-    raise SecureNativeSDKIllegalStateError if @securenative.nil?
-    @securenative
-  end
-  def track(event_options)
-    @api_manager.track(event_options)
-  end
-  def verify(event_options)
-    @api_manager.verify(event_options)
-  end
-  def self._flush
-    @securenative = nil
-  end
-  def verify_request_payload(request)
-    request_signature = request.header[SignatureUtils.SIGNATURE_HEADER]
-    body = request.body
-    SignatureUtils.valid_signature?(@options.api_key, body, request_signature)
-  end
-end

data/out/production/securenative-ruby/utils/date_utils.rb DELETED

@@ -1,9 +0,0 @@
-# frozen_string_literal: true
-class DateUtils
-  def self.to_timestamp(date)
-    return Time.now.utc.iso8601 if date.nil?
-    Time.parse(date).iso8601
-  end
-end

data/out/production/securenative-ruby/utils/encryption_utils.rb DELETED

@@ -1,49 +0,0 @@
-# frozen_string_literal: true
-require 'openssl'
-require 'digest'
-require 'base64'
-require 'models/client_token'
-class EncryptionUtils
-  def self.padding_key(key, length)
-    if key.length == length
-      key
-    else
-      if key.length > length
-        key.slice(0, length)
-      else
-        (length - key.length).times { key << '0' }
-        key
-      end
-    end
-  end
-  def self.encrypt(plain_text, secret_key)
-    begin
-      cipher = OpenSSL::Cipher.new('aes-256-cbc')
-      cipher.encrypt
-      iv = cipher.random_iv
-      cipher.key = padding_key(secret_key, 32)
-      encrypted = cipher.update(plain_text) + cipher.final
-      (iv + encrypted).unpack1('H*')
-    rescue StandardError
-      ''
-    end
-  end
-  def self.decrypt(cipher_text, secret_key)
-    begin
-      cipher = OpenSSL::Cipher.new('aes-256-cbc')
-      cipher.decrypt
-      raw_data = [cipher_text].pack('H*')
-      cipher.iv = raw_data.slice(0, 16)
-      cipher.key = padding_key(secret_key, 32)
-      decrypted = JSON.parse(cipher.update(raw_data.slice(16, raw_data.length)) + cipher.final)
-      return ClientToken.new(decrypted['cid'], decrypted['vid'], decrypted['fp'])
-    rescue StandardError
-      ClientToken.new('', '','')
-    end
-  end
-end

data/out/production/securenative-ruby/utils/ip_utils.rb DELETED

@@ -1,23 +0,0 @@
-# frozen_string_literal: true
-require "resolv"
-class IpUtils
-  def self.ip_address?(ip_address)
-    return true if ip_address =~ Resolv::IPv4::Regex
-    return true if ip_address =~ Resolv::IPv6::Regex
-    false
-  end
-  def self.valid_public_ip?(ip_address)
-    ip = IPAddr.new(ip_address)
-    return false if ip.loopback? || ip.private? || ip.link_local? || ip.untrusted? || ip.tainted?
-    true
-  end
-  def self.loop_back?(ip_address)
-    IPAddr.new(ip_address).loopback?
-  end
-end

data/out/production/securenative-ruby/utils/request_utils.rb DELETED

@@ -1,69 +0,0 @@
-# frozen_string_literal: true
-class RequestUtils
-  SECURENATIVE_COOKIE = '_sn'
-  SECURENATIVE_HEADER = 'x-securenative'
-  def self.get_secure_header_from_request(headers)
-    begin
-      return headers[SECURENATIVE_HEADER] unless headers.nil?
-    rescue StandardError
-      []
-    end
-    []
-  end
-  def self.get_client_ip_from_request(request, options = nil)
-    begin
-      return request.ip unless request.ip.nil?
-    rescue NoMethodError
-    end
-    begin
-      x_forwarded_for = request.env['HTTP_X_FORWARDED_FOR']
-      return x_forwarded_for unless x_forwarded_for.nil?
-    rescue NoMethodError
-      begin
-        x_forwarded_for = request['HTTP_X_FORWARDED_FOR']
-        return x_forwarded_for unless x_forwarded_for.nil?
-      rescue NoMethodError
-      end
-    end
-    begin
-      x_forwarded_for = request.env['REMOTE_ADDR']
-      return x_forwarded_for unless x_forwarded_for.nil?
-    rescue NoMethodError
-      begin
-        x_forwarded_for = request['REMOTE_ADDR']
-        return x_forwarded_for unless x_forwarded_for.nil?
-      rescue NoMethodError
-      end
-    end
-    unless options.nil?
-      for header in options.proxy_headers do
-        begin
-          h = request.env[header]
-          return h unless h.nil?
-        rescue NoMethodError
-          begin
-            h = request[header]
-            return h unless h.nil?
-          rescue NoMethodError
-          end
-        end
-      end
-    end
-    ''
-  end
-  def self.get_remote_ip_from_request(request)
-    begin
-      request.remote_ip
-    rescue NoMethodError
-      ''
-    end
-  end
-end

data/out/production/securenative-ruby/utils/secure_native_logger.rb DELETED

@@ -1,44 +0,0 @@
-# frozen_string_literal: true
-require 'logger'
-class SecureNativeLogger
-  @logger = Logger.new(STDOUT)
-  def self.init_logger(level = 'DEBUG')
-    @logger.level = case level
-                    when 'WARN'
-                      Logger::WARN
-                    when 'DEBUG'
-                      Logger::DEBUG
-                    when 'ERROR'
-                      Logger::ERROR
-                    when 'FATAL'
-                      Logger::FATAL
-                    when 'INFO'
-                      Logger::INFO
-                    else
-                      Logger::FATAL
-                    end
-    @logger.formatter = proc do |severity, datetime, progname, msg|
-      "[#{datetime}] #{severity}  (#{progname}): #{msg}\n"
-    end
-  end
-  def self.info(msg)
-    @logger.info(msg)
-  end
-  def self.debug(msg)
-    @logger.debug(msg)
-  end
-  def self.warning(msg)
-    @logger.warning(msg)
-  end
-  def self.error(msg)
-    @logger.error(msg)
-  end
-end

data/out/production/securenative-ruby/utils/signature_utils.rb DELETED

@@ -1,16 +0,0 @@
-# frozen_string_literal: true
-require 'openssl'
-class SignatureUtils
-  SIGNATURE_HEADER = 'x-securenative'
-  def self.valid_signature?(api_key, payload, header_signature)
-    key = api_key.encode('utf-8')
-    body = payload.encode('utf-8')
-    calculated_signature = OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha512'), key, body)
-    calculated_signature.eql? header_signature
-  rescue StandardError
-    false
-  end
-end

data/out/production/securenative-ruby/utils/utils.rb DELETED

@@ -1,9 +0,0 @@
-# frozen_string_literal: true
-class Utils
-  def self.null_or_empty?(string)
-    return true if !string || string.empty? || string.nil?
-    false
-  end
-end

data/out/production/securenative-ruby/utils/version_utils.rb DELETED

@@ -1,11 +0,0 @@
-# frozen_string_literal: true
-class VersionUtils
-  def self.version
-    begin
-      Gem.loaded_specs['securenative'].version.to_s
-    rescue StandardError
-      'unknown'
-    end
-  end
-end

data/out/test/securenative-ruby/spec_api_manager.rb DELETED

@@ -1,87 +0,0 @@
-# frozen_string_literal: true
-require 'api_manager'
-require 'webmock/rspec'
-require 'config/configuration_builder'
-require 'errors/securenative_invalid_options_error'
-require 'models/event_options'
-require 'models/verify_result'
-require 'models/user_traits'
-require 'enums/event_types'
-require 'enums/risk_level'
-require 'event_manager'
-require 'rspec'
-RSpec.describe ApiManager do
-  it 'tracks an event' do
-    options = ConfigurationBuilder.new(api_key: 'YOUR_API_KEY', auto_send: true, interval: 10, api_url: 'https://api.securenative-stg.com/collector/api/v1')
-    stub_request(:post, 'https://api.securenative-stg.com/collector/api/v1/track').to_return(status: 200)
-    event_manager = EventManager.new(options)
-    event_manager.start_event_persist
-    api_manager = ApiManager.new(event_manager, options)
-    event_options = EventOptions.new(event: EventTypes::LOG_IN, user_id: 'USER_ID',
-                                     user_traits: UserTraits.new(name: 'USER_NAME', email: 'USER_EMAIL', phone: '+1234567890'),
-                                     properties: { prop1: 'CUSTOM_PARAM_VALUE', prop2: true, prop3: 3 })
-    begin
-      res = api_manager.track(event_options)
-    ensure
-      event_manager.stop_event_persist
-    end
-    expect(res).to_not be_nil
-  end
-  it 'uses invalid options' do
-    options = ConfigurationBuilder.new(api_key: 'YOUR_API_KEY', auto_send: true, interval: 10, api_url: 'https://api.securenative-stg.com/collector/api/v1')
-    properties = {}
-    (0..12).each do |i|
-      properties[i] = i
-    end
-    stub_request(:post, 'https://api.securenative-stg.com/collector/api/v1/track').to_return(status: 200)
-    event_manager = EventManager.new(options)
-    event_manager.start_event_persist
-    api_manager = ApiManager.new(event_manager, options)
-    begin
-      expect { api_manager.track(EventOptions.new(event: EventTypes::LOG_IN, properties: properties)) }
-        .to raise_error(SecureNativeInvalidOptionsError)
-    ensure
-      event_manager.stop_event_persist
-    end
-  end
-  it 'verifies an event' do
-    options = ConfigurationBuilder.new(api_key: 'YOUR_API_KEY', api_url: 'https://api.securenative-stg.com/collector/api/v1')
-    stub_request(:post, "https://api.securenative-stg.com/collector/api/v1/verify").
-        with(
-            headers: {
-                'Accept'=>'*/*',
-                'Accept-Encoding'=>'gzip;q=1.0,deflate;q=0.6,identity;q=0.3',
-                'Authorization'=>'YOUR_API_KEY',
-                'Content-Type'=>'application/json',
-                'Sn-Version'=>'0.1.22',
-                'User-Agent'=>'SecureNative-ruby'
-            }).
-        to_return(status: 200, body: "", headers: {})
-    event_manager = EventManager.new(options)
-    event_manager.start_event_persist
-    api_manager = ApiManager.new(event_manager, options)
-    event_options = EventOptions.new(event: EventTypes::LOG_IN, user_id: 'USER_ID',
-                                     user_traits: UserTraits.new(name: 'USER_NAME', email: 'USER_EMAIL', phone: '+1234567890'),
-                                     properties: { prop1: 'CUSTOM_PARAM_VALUE', prop2: true, prop3: 3 })
-    result = api_manager.verify(event_options)
-    expect(result).not_to be_nil
-    expect(result.risk_level).to eq('low')
-    expect(result.score).to eq(0)
-    expect(result.triggers).to eq(nil)
-  end
-end

data/out/test/securenative-ruby/spec_context_builder.rb DELETED

@@ -1,87 +0,0 @@
-# frozen_string_literal: true
-require 'context/securenative_context'
-require 'webmock/rspec'
-require 'rails'
-require 'hanami'
-require 'sinatra'
-require 'rspec'
-RSpec.describe SecureNativeContext do
-  it 'creates context from ruby default request' do
-    stub_request(:any, 'www.example.com')
-      .to_return(status: 200,
-                 headers: { '_sn': '71532c1fad2c7f56118f7969e401f3cf080239140d208e7934e6a530818c37e544a0c2330a487bcc6fe4f662a57f265a3ed9f37871e80529128a5e4f2ca02db0fb975ded401398f698f19bb0cafd68a239c6caff99f6f105286ab695eaf3477365bdef524f5d70d9be1d1d474506b433aed05d7ed9a435eeca357de57817b37c638b6bb417ffb101eaf856987615a77a' })
-    request = Net::HTTP.get_response('www.example.com', '/')
-    context = SecureNativeContext.from_http_request(request)
-    expect(context.ip).to eq('')
-    expect(context.http_method).to eq('')
-    expect(context.url).to eq('')
-    expect(context.remote_ip).to eq('')
-    expect(context.headers['-sn']).to eq(['71532c1fad2c7f56118f7969e401f3cf080239140d208e7934e6a530818c37e544a0c2330a487bcc6fe4f662a57f265a3ed9f37871e80529128a5e4f2ca02db0fb975ded401398f698f19bb0cafd68a239c6caff99f6f105286ab695eaf3477365bdef524f5d70d9be1d1d474506b433aed05d7ed9a435eeca357de57817b37c638b6bb417ffb101eaf856987615a77a'])
-    expect(context.body).to eq('')
-  end
-  it 'creates context from rails request' do
-    request = ActionDispatch::Request.new(nil)
-    context = SecureNativeContext.from_http_request(request)
-    expect(context.ip).to eq('')
-    expect(context.http_method).to eq('')
-    expect(context.url).to eq('')
-    expect(context.remote_ip).to eq('')
-    expect(context.headers).to eq([])
-    expect(context.body).to eq('')
-  end
-  it 'creates context from sinatra request' do
-    request = Sinatra::Request.new(nil)
-    context = SecureNativeContext.from_http_request(request)
-    expect(context.ip).to eq('')
-    expect(context.http_method).to eq('')
-    expect(context.url).to eq('')
-    expect(context.remote_ip).to eq('')
-    expect(context.headers).to eq([])
-    expect(context.body).to eq('')
-  end
-  it 'creates context from hanami request' do
-    request = Hanami::Action::Request
-    context = SecureNativeContext.from_http_request(request)
-    expect(context.ip).to eq('')
-    expect(context.http_method).to eq('')
-    expect(context.url).to eq('')
-    expect(context.remote_ip).to eq('')
-    expect(context.headers).to eq([])
-    expect(context.body).to eq('')
-  end
-  it 'creates default context builder' do
-    context = SecureNativeContext.default_context_builder
-    expect(context.client_token).to eq('')
-    expect(context.ip).to eq('')
-    expect(context.http_method).to eq('')
-    expect(context.url).to eq('')
-    expect(context.remote_ip).to eq('')
-    expect(context.headers).to be_nil
-    expect(context.body).to eq('')
-  end
-  it 'creates custom context with context builder' do
-    context = SecureNativeContext.new(client_token: 'SECRET_TOKEN', ip: '10.0.0.0', remote_ip: '10.0.0.0',
-                                      headers: { 'header' => 'value1' }, url: '/some-url', http_method: 'Get', body: nil)
-    expect(context.url).to eq('/some-url')
-    expect(context.client_token).to eq('SECRET_TOKEN')
-    expect(context.ip).to eq('10.0.0.0')
-    expect(context.body).to be_nil
-    expect(context.http_method).to eq('Get')
-    expect(context.remote_ip).to eq('10.0.0.0')
-    expect(context.headers).to eq({ 'header' => 'value1' })
-  end
-end