securenative 0.1.27 → 0.1.32

data/lib/securenative/frameworks/rails.rb

@@ -0,0 +1,48 @@
+# frozen_string_literal: true
+
+module SecureNative
+  module Frameworks
+    class Rails
+      SECURENATIVE_COOKIE = '_sn'
+
+      def self.get_client_token(request)
+        begin
+          request.cookies[SECURENATIVE_COOKIE]
+        rescue StandardError
+          nil
+        end
+      end
+
+      def self.get_url(request)
+        begin
+          # Rails >= 3.x
+          request.fullpath
+        rescue StandardError
+          begin
+            # Rails < 3.x & Sinatra
+            request.url if url.nil?
+          rescue StandardError
+            nil
+          end
+        end
+      end
+
+      def self.get_method(request)
+        begin
+          request.method
+        rescue StandardError
+          nil
+        end
+      end
+
+      def self.get_headers(request)
+        begin
+          # Note: At the moment we're filtering out everything but user-agent since ruby's payload is way too big
+          {'user-agent' => request.env['HTTP_USER_AGENT']}
+        rescue StandardError
+          nil
+        end
+      end
+    end
+  end
+end

data/lib/securenative/frameworks/sinatra.rb

@@ -0,0 +1,46 @@
+# frozen_string_literal: true
+
+module SecureNative
+  module Frameworks
+    class Sinatra
+      SECURENATIVE_COOKIE = '_sn'
+
+      def self.get_client_token(request)
+        begin
+          request.env[SECURENATIVE_COOKIE]
+        rescue StandardError
+          begin
+            request.cookies[SECURENATIVE_COOKIE]
+          rescue StandardError
+            nil
+          end
+        end
+      end
+
+      def self.get_url(request)
+        begin
+          request.env['REQUEST_URI']
+        rescue StandardError
+          nil
+        end
+      end
+
+      def self.get_method(request)
+        begin
+          request.env['REQUEST_METHOD']
+        rescue StandardError
+          nil
+        end
+      end
+
+      def self.get_headers(request)
+        begin
+          # Note: At the moment we're filtering out everything but user-agent since ruby's payload is way too big
+          {'user-agent' => request.env['HTTP_USER_AGENT']}
+        rescue StandardError
+          nil
+        end
+      end
+    end
+  end
+end

data/lib/securenative/{http/securenative_http_client.rb → http_client.rb}

@@ -1,13 +1,7 @@
 # frozen_string_literal: true
 
-require 'net/http'
-require 'uri'
-require 'json'
-require 'securenative/utils/version_utils'
-require 'securenative/utils/secure_native_logger'
-
 module SecureNative
-  class SecureNativeHttpClient
+  class HttpClient
     AUTHORIZATION_HEADER = 'Authorization'
     VERSION_HEADER = 'SN-Version'
     USER_AGENT_HEADER = 'User-Agent'
@@ -21,10 +15,10 @@ module SecureNative
 
     def _headers
       {
-          CONTENT_TYPE_HEADER => CONTENT_TYPE_HEADER_VALUE,
-          USER_AGENT_HEADER => USER_AGENT_HEADER_VALUE,
-          VERSION_HEADER => VersionUtils.version,
-          AUTHORIZATION_HEADER => @options.api_key
+        CONTENT_TYPE_HEADER => CONTENT_TYPE_HEADER_VALUE,
+        USER_AGENT_HEADER => USER_AGENT_HEADER_VALUE,
+        VERSION_HEADER => SecureNative::Utils::VersionUtils.version,
+        AUTHORIZATION_HEADER => @options.api_key
       }
     end
 
@@ -33,6 +27,7 @@ module SecureNative
       headers = _headers
 
       client = Net::HTTP.new(uri.host, uri.port)
+      client.read_timeout = @options.timeout
       client.use_ssl = true
       client.verify_mode = OpenSSL::SSL::VERIFY_NONE
 
@@ -43,7 +38,7 @@ module SecureNative
       begin
         res = client.request(request)
       rescue StandardError => e
-        SecureNativeLogger.error("Failed to send request; #{e}")
+        SecureNative::Log.error("Failed to send request; #{e}")
         return res
       end
       res

data/lib/securenative/{http/secure_native_http_response.rb → http_response.rb}

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 module SecureNative
-  class SecureNativeHttpResponse
+  class HttpResponse
     attr_reader :ok, :status_code, :body
     attr_writer :ok, :status_code, :body
 

data/lib/securenative/{config/securenative_options.rb → options.rb}

@@ -1,9 +1,7 @@
 # frozen_string_literal: true
 
-require 'securenative/enums/failover_strategy'
-
 module SecureNative
-  class SecureNativeOptions
+  class Options
     attr_reader :api_key, :api_url, :interval, :max_events, :timeout, :auto_send, :disable, :log_level, :fail_over_strategy, :proxy_headers
     attr_writer :api_key, :api_url, :interval, :max_events, :timeout, :auto_send, :disable, :log_level, :fail_over_strategy, :proxy_headers
 

data/lib/securenative/{models/sdk_event.rb → sdk_event.rb}

@@ -1,12 +1,5 @@
 # frozen_string_literal: true
 
-require 'securenative/context/securenative_context'
-require 'securenative/errors/securenative_invalid_options_error'
-require 'securenative/utils/encryption_utils'
-require 'securenative/utils/date_utils'
-require 'securenative/models/request_context'
-require 'securerandom'
-
 module SecureNative
   class SDKEvent
     attr_reader :context, :rid, :event_type, :user_id, :user_traits, :request, :timestamp, :properties
@@ -24,10 +17,10 @@ module SecureNative
       @context = if !event_options.context.nil?
                    event_options.context
                  else
-                   SecureNativeContext.default_context_builder
+                   Context.default_context_builder
                  end
 
-      client_token = EncryptionUtils.decrypt(@context.client_token, securenative_options.api_key)
+      client_token = SecureNative::Utils::EncryptionUtils.decrypt(@context.client_token, securenative_options.api_key)
 
       @rid = SecureRandom.uuid.to_str
       @event_type = event_options.event
@@ -39,12 +32,12 @@ module SecureNative
                                     url: @context.url, http_method: @context.http_method)
 
 
-      @timestamp = DateUtils.to_timestamp(event_options.timestamp)
+      @timestamp = SecureNative::Utils::DateUtils.to_timestamp(event_options.timestamp)
       @properties = event_options.properties
     end
 
     def to_s
-      "securenative.context: #{@context}, rid: #{@rid}, event_type: #{@event_type}, user_id: #{@user_id},
+      "context: #{@context}, rid: #{@rid}, event_type: #{@event_type}, user_id: #{@user_id},
     user_traits: #{@user_traits}, request: #{@request}, timestamp: #{@timestamp}, properties: #{@properties}"
     end
   end

data/lib/securenative/utils/date_utils.rb

@@ -1,11 +1,13 @@
 # frozen_string_literal: true
 
 module SecureNative
-  class DateUtils
-    def self.to_timestamp(date)
-      return Time.now.utc.iso8601 if date.nil?
+  module Utils
+    class DateUtils
+      def self.to_timestamp(date)
+        return Time.now.utc.iso8601 if date.nil?
 
-      Time.parse(date).iso8601
+        Time.parse(date).iso8601
+      end
     end
   end
 end

data/lib/securenative/utils/encryption_utils.rb

@@ -1,50 +1,47 @@
 # frozen_string_literal: true
 
-require 'openssl'
-require 'digest'
-require 'base64'
-require 'securenative/models/client_token'
-
 module SecureNative
-  class EncryptionUtils
-    def self.padding_key(key, length)
-      if key.length == length
-        key
-      else
-        if key.length > length
-          key.slice(0, length)
-        else
-          (length - key.length).times { key << '0' }
+  module Utils
+    class EncryptionUtils
+      def self.padding_key(key, length)
+        if key.length == length
           key
+        else
+          if key.length > length
+            key.slice(0, length)
+          else
+            (length - key.length).times { key << '0' }
+            key
+          end
         end
       end
-    end
 
-    def self.encrypt(plain_text, secret_key)
-      begin
-        cipher = OpenSSL::Cipher.new('aes-256-cbc')
-        cipher.encrypt
-        iv = cipher.random_iv
-        cipher.key = padding_key(secret_key, 32)
-        encrypted = cipher.update(plain_text) + cipher.final
-        (iv + encrypted).unpack1('H*')
-      rescue StandardError
-        ''
+      def self.encrypt(plain_text, secret_key)
+        begin
+          cipher = OpenSSL::Cipher.new('aes-256-cbc')
+          cipher.encrypt
+          iv = cipher.random_iv
+          cipher.key = padding_key(secret_key, 32)
+          encrypted = cipher.update(plain_text) + cipher.final
+          (iv + encrypted).unpack1('H*')
+        rescue StandardError
+          ''
+        end
       end
-    end
 
-    def self.decrypt(cipher_text, secret_key)
-      begin
-        cipher = OpenSSL::Cipher.new('aes-256-cbc')
-        cipher.decrypt
-        raw_data = [cipher_text].pack('H*')
-        cipher.iv = raw_data.slice(0, 16)
-        cipher.key = padding_key(secret_key, 32)
-        decrypted = JSON.parse(cipher.update(raw_data.slice(16, raw_data.length)) + cipher.final)
+      def self.decrypt(cipher_text, secret_key)
+        begin
+          cipher = OpenSSL::Cipher.new('aes-256-cbc')
+          cipher.decrypt
+          raw_data = [cipher_text].pack('H*')
+          cipher.iv = raw_data.slice(0, 16)
+          cipher.key = padding_key(secret_key, 32)
+          decrypted = JSON.parse(cipher.update(raw_data.slice(16, raw_data.length)) + cipher.final)
 
-        return ClientToken.new(decrypted['cid'], decrypted['vid'], decrypted['fp'])
-      rescue StandardError
-        ClientToken.new('', '', '')
+          SecureNative::ClientToken.new(decrypted['cid'], decrypted['vid'], decrypted['fp'])
+        rescue StandardError
+          SecureNative::ClientToken.new('', '', '')
+        end
       end
     end
   end

data/lib/securenative/utils/ip_utils.rb

@@ -1,25 +1,25 @@
 # frozen_string_literal: true
 
-require "resolv"
-
 module SecureNative
-  class IpUtils
-    def self.ip_address?(ip_address)
-      return true if ip_address =~ Resolv::IPv4::Regex
-      return true if ip_address =~ Resolv::IPv6::Regex
+  module Utils
+    class IpUtils
+      def self.ip_address?(ip_address)
+        return true if ip_address =~ Resolv::IPv4::Regex
+        return true if ip_address =~ Resolv::IPv6::Regex
 
-      false
-    end
+        false
+      end
 
-    def self.valid_public_ip?(ip_address)
-      ip = IPAddr.new(ip_address)
-      return false if ip.loopback? || ip.private? || ip.link_local? || ip.untrusted? || ip.tainted?
+      def self.valid_public_ip?(ip_address)
+        ip = IPAddr.new(ip_address)
+        return false if ip.loopback? || ip.private? || ip.link_local? || ip.untrusted? || ip.tainted?
 
-      true
-    end
+        true
+      end
 
-    def self.loop_back?(ip_address)
-      IPAddr.new(ip_address).loopback?
+      def self.loop_back?(ip_address)
+        IPAddr.new(ip_address).loopback?
+      end
     end
   end
 end

data/lib/securenative/utils/{secure_native_logger.rb → log.rb}

@@ -3,7 +3,7 @@
 require 'logger'
 
 module SecureNative
-  class SecureNativeLogger
+  class Log
     @logger = Logger.new(STDOUT)
 
     def self.init_logger(level = 'DEBUG')

data/lib/securenative/utils/request_utils.rb

@@ -1,81 +1,100 @@
 # frozen_string_literal: true
 
 module SecureNative
-  class RequestUtils
-    SECURENATIVE_COOKIE = '_sn'
-    SECURENATIVE_HEADER = 'x-securenative'
+  module Utils
+    class RequestUtils
+      SECURENATIVE_COOKIE = '_sn'
+      SECURENATIVE_HEADER = 'x-securenative'
+      PREFIX = 'HTTP_'
 
-    def self.get_secure_header_from_request(headers)
-      begin
-        return headers[SECURENATIVE_HEADER] unless headers.nil?
-      rescue StandardError
+      def self.get_secure_header_from_request(headers)
+        begin
+          return headers[SECURENATIVE_HEADER] unless headers.nil?
+        rescue StandardError
+          []
+        end
         []
       end
-      []
-    end
 
-    def self.get_client_ip_from_request(request, options = nil)
-      unless options.nil?
-        for header in options.proxy_headers do
-          begin
-            h = request.env[header]
-            return h.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless h.nil?
-          rescue NoMethodError
+      def self.get_client_ip_from_request(request, options)
+        unless options.proxy_headers.nil?
+          options.proxy_headers.each { |header|
             begin
-              h = request[header]
+              h = request.env[header]
+              if h.nil?
+                h = request.env[self.parse_ip(header)]
+              end
               return h.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless h.nil?
             rescue NoMethodError
+              begin
+                h = request[header]
+                if h.nil?
+                  h = request.env[self.parse_ip(header)]
+                end
+                return h.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless h.nil?
+              rescue NoMethodError
+                # Ignored
+              end
             end
-          end
+          }
         end
-      end
 
-      begin
-        x_forwarded_for = request.env['HTTP_X_FORWARDED_FOR']
-        return x_forwarded_for.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless x_forwarded_for.nil?
-      rescue NoMethodError
         begin
-          x_forwarded_for = request['HTTP_X_FORWARDED_FOR']
+          x_forwarded_for = request.env['HTTP_X_FORWARDED_FOR']
           return x_forwarded_for.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless x_forwarded_for.nil?
         rescue NoMethodError
+          begin
+            x_forwarded_for = request['HTTP_X_FORWARDED_FOR']
+            return x_forwarded_for.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless x_forwarded_for.nil?
+          rescue NoMethodError
+            # Ignored
+          end
         end
-      end
 
-      begin
-        x_forwarded_for = request.env['HTTP_X_REAL_IP']
-        return x_forwarded_for.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless x_forwarded_for.nil?
-      rescue NoMethodError
         begin
-          x_forwarded_for = request['HTTP_X_REAL_IP']
+          x_forwarded_for = request.env['HTTP_X_REAL_IP']
           return x_forwarded_for.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless x_forwarded_for.nil?
         rescue NoMethodError
+          begin
+            x_forwarded_for = request['HTTP_X_REAL_IP']
+            return x_forwarded_for.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless x_forwarded_for.nil?
+          rescue NoMethodError
+            # Ignored
+          end
         end
-      end
 
-      begin
-        x_forwarded_for = request.env['REMOTE_ADDR']
-        return x_forwarded_for.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless x_forwarded_for.nil?
-      rescue NoMethodError
         begin
-          x_forwarded_for = request['REMOTE_ADDR']
+          x_forwarded_for = request.env['REMOTE_ADDR']
           return x_forwarded_for.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless x_forwarded_for.nil?
         rescue NoMethodError
+          begin
+            x_forwarded_for = request['REMOTE_ADDR']
+            return x_forwarded_for.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless x_forwarded_for.nil?
+          rescue NoMethodError
+            # Ignored
+          end
+        end
+
+        begin
+          return request.ip unless request.ip.nil?
+        rescue NoMethodError
+          # Ignored
         end
-      end
 
-      begin
-        return request.ip unless request.ip.nil?
-      rescue NoMethodError
+        ''
       end
 
-      ''
-    end
+      def self.get_remote_ip_from_request(request)
+        begin
+          request.remote_ip
+        rescue NoMethodError
+          ''
+        end
+      end
 
-    def self.get_remote_ip_from_request(request)
-      begin
-        request.remote_ip
-      rescue NoMethodError
-        ''
+      def self.parse_ip(headers)
+        h = headers.gsub('-', '_')
+        return PREFIX + h.upcase
       end
     end
   end