securenative 0.1.28 → 0.1.33
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile.lock +2 -2
- data/README.md +23 -32
- data/lib/securenative.rb +49 -0
- data/lib/securenative/api_manager.rb +10 -17
- data/lib/securenative/client.rb +79 -0
- data/lib/securenative/{models/client_token.rb → client_token.rb} +0 -0
- data/lib/securenative/config/configuration_builder.rb +22 -22
- data/lib/securenative/config/configuration_manager.rb +42 -43
- data/lib/securenative/context.rb +65 -0
- data/lib/securenative/{models/device.rb → device.rb} +0 -0
- data/lib/securenative/enums/api_route.rb +5 -3
- data/lib/securenative/enums/risk_level.rb +7 -5
- data/{out/production/securenative-ruby/errors/securenative_config_error.rb → lib/securenative/errors/config_error.rb} +0 -0
- data/{out/production/securenative-ruby/errors/securenative_http_error.rb → lib/securenative/errors/http_error.rb} +0 -0
- data/{out/production/securenative-ruby/errors/securenative_invalid_options_error.rb → lib/securenative/errors/invalid_options_error.rb} +0 -0
- data/lib/securenative/errors/{securenative_invalid_uri_error.rb → invalid_uri_error.rb} +0 -0
- data/lib/securenative/errors/{securenative_parse_error.rb → parse_error.rb} +0 -2
- data/{out/production/securenative-ruby/errors/securenative_sdk_Illegal_state_error.rb → lib/securenative/errors/sdk_Illegal_state_error.rb} +0 -0
- data/{out/production/securenative-ruby/errors/securenative_sdk_error.rb → lib/securenative/errors/sdk_error.rb} +0 -0
- data/lib/securenative/event_manager.rb +125 -127
- data/lib/securenative/{models/event_options.rb → event_options.rb} +3 -7
- data/lib/securenative/{enums/event_types.rb → event_types.rb} +0 -0
- data/lib/securenative/{enums/failover_strategy.rb → failover_strategy.rb} +0 -0
- data/lib/securenative/frameworks/hanami.rb +46 -0
- data/lib/securenative/frameworks/rails.rb +48 -0
- data/lib/securenative/frameworks/sinatra.rb +46 -0
- data/lib/securenative/{http/securenative_http_client.rb → http_client.rb} +7 -12
- data/lib/securenative/{http/secure_native_http_response.rb → http_response.rb} +1 -1
- data/lib/securenative/{config/securenative_options.rb → options.rb} +1 -3
- data/lib/securenative/{models/request_context.rb → request_context.rb} +0 -0
- data/lib/securenative/{models/request_options.rb → request_options.rb} +0 -0
- data/lib/securenative/{models/sdk_event.rb → sdk_event.rb} +4 -11
- data/lib/securenative/{models/user_traits.rb → user_traits.rb} +0 -0
- data/lib/securenative/utils/date_utils.rb +6 -4
- data/lib/securenative/utils/encryption_utils.rb +34 -37
- data/lib/securenative/utils/ip_utils.rb +15 -15
- data/lib/securenative/utils/{secure_native_logger.rb → log.rb} +1 -1
- data/lib/securenative/utils/request_utils.rb +66 -47
- data/lib/securenative/utils/signature_utils.rb +12 -12
- data/lib/securenative/utils/utils.rb +6 -4
- data/lib/securenative/utils/version_utils.rb +9 -7
- data/lib/securenative/{models/verify_result.rb → verify_result.rb} +0 -0
- data/lib/securenative/{errors/securenative_sdk_error.rb → version.rb} +1 -2
- data/securenative.gemspec +5 -2
- data/{out/test/securenative-ruby → spec}/spec_helper.rb +0 -0
- metadata +35 -83
- data/lib/securenative/context/hanami_context.rb +0 -44
- data/lib/securenative/context/rails_context.rb +0 -46
- data/lib/securenative/context/securenative_context.rb +0 -69
- data/lib/securenative/context/sinatra_context.rb +0 -44
- data/lib/securenative/errors/securenative_config_error.rb +0 -6
- data/lib/securenative/errors/securenative_http_error.rb +0 -6
- data/lib/securenative/errors/securenative_invalid_options_error.rb +0 -6
- data/lib/securenative/errors/securenative_sdk_Illegal_state_error.rb +0 -6
- data/lib/securenative/sdk.rb +0 -85
- data/out/production/securenative-ruby/api_manager.rb +0 -39
- data/out/production/securenative-ruby/config/configuration_builder.rb +0 -27
- data/out/production/securenative-ruby/config/configuration_manager.rb +0 -56
- data/out/production/securenative-ruby/config/securenative_options.rb +0 -23
- data/out/production/securenative-ruby/context/hanami_context.rb +0 -42
- data/out/production/securenative-ruby/context/rails_context.rb +0 -44
- data/out/production/securenative-ruby/context/securenative_context.rb +0 -67
- data/out/production/securenative-ruby/context/sinatra_context.rb +0 -42
- data/out/production/securenative-ruby/enums/api_route.rb +0 -6
- data/out/production/securenative-ruby/enums/event_types.rb +0 -23
- data/out/production/securenative-ruby/enums/failover_strategy.rb +0 -6
- data/out/production/securenative-ruby/enums/risk_level.rb +0 -7
- data/out/production/securenative-ruby/errors/securenative_invalid_uri_error.rb +0 -4
- data/out/production/securenative-ruby/errors/securenative_parse_error.rb +0 -4
- data/out/production/securenative-ruby/event_manager.rb +0 -157
- data/out/production/securenative-ruby/http/secure_native_http_response.rb +0 -12
- data/out/production/securenative-ruby/http/securenative_http_client.rb +0 -50
- data/out/production/securenative-ruby/models/client_token.rb +0 -12
- data/out/production/securenative-ruby/models/device.rb +0 -10
- data/out/production/securenative-ruby/models/event_options.rb +0 -37
- data/out/production/securenative-ruby/models/request_context.rb +0 -18
- data/out/production/securenative-ruby/models/request_options.rb +0 -12
- data/out/production/securenative-ruby/models/sdk_event.rb +0 -49
- data/out/production/securenative-ruby/models/user_traits.rb +0 -13
- data/out/production/securenative-ruby/models/verify_result.rb +0 -16
- data/out/production/securenative-ruby/securenative.rb +0 -83
- data/out/production/securenative-ruby/utils/date_utils.rb +0 -9
- data/out/production/securenative-ruby/utils/encryption_utils.rb +0 -49
- data/out/production/securenative-ruby/utils/ip_utils.rb +0 -23
- data/out/production/securenative-ruby/utils/request_utils.rb +0 -69
- data/out/production/securenative-ruby/utils/secure_native_logger.rb +0 -44
- data/out/production/securenative-ruby/utils/signature_utils.rb +0 -16
- data/out/production/securenative-ruby/utils/utils.rb +0 -9
- data/out/production/securenative-ruby/utils/version_utils.rb +0 -11
- data/out/test/securenative-ruby/spec_api_manager.rb +0 -87
- data/out/test/securenative-ruby/spec_context_builder.rb +0 -87
- data/out/test/securenative-ruby/spec_date_utils.rb +0 -13
- data/out/test/securenative-ruby/spec_encryption_utils.rb +0 -26
- data/out/test/securenative-ruby/spec_event_manager.rb +0 -93
- data/out/test/securenative-ruby/spec_ip_utils.rb +0 -41
- data/out/test/securenative-ruby/spec_request_utils.rb +0 -25
- data/out/test/securenative-ruby/spec_sdk_event.rb +0 -24
- data/out/test/securenative-ruby/spec_securenative.rb +0 -61
- data/out/test/securenative-ruby/spec_securenative_http_client.rb +0 -31
- data/out/test/securenative-ruby/spec_signature_utils.rb +0 -18
- data/out/test/securenative-ruby/spec_version_util.rb +0 -10
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: a3fe3afee2e1f23bf0d5170952904e4e66078fb392a791dee566da36b39df2e7
|
4
|
+
data.tar.gz: 8b36837fe92f5a823a12d456cfc33f462a754bac28917a85a736fc37988ec72c
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: ee1cde9a072ac6292dcb80ca41da67d925ede12be54f10c79ff59c17a2be29b566b2a0ae4cdcd17c69446e996bcc863ae4e98c4079748b184842fb2c55f171f1
|
7
|
+
data.tar.gz: c2c3cd008ffd8719acf11d4b31792b303cd649f090c2bb81567995fe5802d205c97601ff050f03d8bd33c1931a9cc65cca6873405df674768cfcca3a134c9f38
|
data/Gemfile.lock
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
PATH
|
2
2
|
remote: .
|
3
3
|
specs:
|
4
|
-
securenative (0.1.
|
4
|
+
securenative (0.1.33)
|
5
5
|
|
6
6
|
GEM
|
7
7
|
remote: https://rubygems.org/
|
@@ -208,7 +208,7 @@ GEM
|
|
208
208
|
rspec-core (~> 3.9.0)
|
209
209
|
rspec-expectations (~> 3.9.0)
|
210
210
|
rspec-mocks (~> 3.9.0)
|
211
|
-
rspec-core (3.9.
|
211
|
+
rspec-core (3.9.3)
|
212
212
|
rspec-support (~> 3.9.3)
|
213
213
|
rspec-expectations (3.9.2)
|
214
214
|
diff-lcs (>= 1.2.0, < 2.0)
|
data/README.md
CHANGED
@@ -50,36 +50,36 @@ To get your *API KEY*, login to your SecureNative account and go to project sett
|
|
50
50
|
SecureNative can automatically load your config from *securenative.yml* file or from the file that is specified in your *SECURENATIVE_CONFIG_FILE* env variable:
|
51
51
|
|
52
52
|
```ruby
|
53
|
-
require 'securenative
|
53
|
+
require 'securenative'
|
54
54
|
|
55
55
|
|
56
|
-
secureative = SecureNative::
|
56
|
+
secureative = SecureNative::Client.init
|
57
57
|
```
|
58
58
|
### Option 2: Initialize via API Key
|
59
59
|
|
60
60
|
```ruby
|
61
|
-
require 'securenative
|
61
|
+
require 'securenative'
|
62
62
|
|
63
63
|
|
64
|
-
securenative = SecureNative::
|
64
|
+
securenative = SecureNative::Client.init_with_api_key('YOUR_API_KEY')
|
65
65
|
```
|
66
66
|
|
67
67
|
### Option 3: Initialize via ConfigurationBuilder
|
68
68
|
```ruby
|
69
|
-
require 'securenative
|
69
|
+
require 'securenative'
|
70
70
|
|
71
71
|
|
72
|
-
options = SecureNative::ConfigurationBuilder.new(api_key: 'API_KEY', max_events: 10, log_level: 'ERROR')
|
73
|
-
SecureNative::
|
72
|
+
options = SecureNative::Config::ConfigurationBuilder.new(api_key: 'API_KEY', max_events: 10, log_level: 'ERROR')
|
73
|
+
SecureNative::Client.init_with_options(options)
|
74
74
|
```
|
75
75
|
|
76
76
|
## Getting SecureNative instance
|
77
77
|
Once initialized, sdk will create a singleton instance which you can get:
|
78
78
|
```ruby
|
79
|
-
require 'securenative
|
79
|
+
require 'securenative'
|
80
80
|
|
81
81
|
|
82
|
-
secureNative = SecureNative::
|
82
|
+
secureNative = SecureNative::Client.instance
|
83
83
|
```
|
84
84
|
|
85
85
|
## Tracking events
|
@@ -88,15 +88,12 @@ Once the SDK has been initialized, tracking requests sent through the SDK
|
|
88
88
|
instance. Make sure you build event with the EventBuilder:
|
89
89
|
|
90
90
|
```ruby
|
91
|
-
require 'securenative
|
92
|
-
require 'securenative/models/event_options'
|
93
|
-
require 'securenative/enums/event_types'
|
94
|
-
require 'securenative/models/user_traits'
|
91
|
+
require 'securenative'
|
95
92
|
|
96
93
|
|
97
94
|
def track
|
98
|
-
securenative = SecureNative::
|
99
|
-
context = SecureNative::
|
95
|
+
securenative = SecureNative::Client.instance
|
96
|
+
context = SecureNative::Context.new(client_token: 'SECURED_CLIENT_TOKEN', ip: '127.0.0.1',
|
100
97
|
headers: { 'user-agent' => 'Mozilla: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:47.0) Gecko/20100101 Firefox/47.3 Mozilla/5.0 (Macintosh; Intel Mac OS X x.y; rv:42.0) Gecko/20100101 Firefox/43.4' })
|
101
98
|
|
102
99
|
event_options = SecureNative::EventOptions.new(event: SecureNative::EventTypes::LOG_IN, user_id: '1234', context: context,
|
@@ -112,15 +109,12 @@ end
|
|
112
109
|
You can also create request securenative.context from requests:
|
113
110
|
|
114
111
|
```ruby
|
115
|
-
require 'securenative
|
116
|
-
require 'securenative/models/event_options'
|
117
|
-
require 'securenative/enums/event_types'
|
118
|
-
require 'securenative/models/user_traits'
|
112
|
+
require 'securenative'
|
119
113
|
|
120
114
|
|
121
115
|
def track(request)
|
122
|
-
securenative = SecureNative::
|
123
|
-
context =
|
116
|
+
securenative = SecureNative::Client.instance
|
117
|
+
context = securenative.from_http_request(request)
|
124
118
|
|
125
119
|
event_options = SecureNative::EventOptions.new(event: SecureNative::EventTypes::LOG_IN, user_id: '1234', context: context,
|
126
120
|
user_traits: SecureNative::UserTraits.new(name: 'Your Name', email: 'name@gmail.com', phone: '+1234567890'),
|
@@ -137,15 +131,12 @@ end
|
|
137
131
|
**Example**
|
138
132
|
|
139
133
|
```ruby
|
140
|
-
require 'securenative
|
141
|
-
require 'securenative/models/event_options'
|
142
|
-
require 'securenative/enums/event_types'
|
143
|
-
require 'securenative/models/user_traits'
|
134
|
+
require 'securenative'
|
144
135
|
|
145
136
|
|
146
137
|
def verify(request)
|
147
|
-
securenative = SecureNative::
|
148
|
-
context =
|
138
|
+
securenative = SecureNative::Client.instance
|
139
|
+
context = securenative.from_http_request(request)
|
149
140
|
|
150
141
|
event_options = SecureNative::EventOptions.new(event: SecureNative::EventTypes::LOG_IN, user_id: '1234', context: context,
|
151
142
|
user_traits: SecureNative::UserTraits.new(name: 'Your Name', email: 'name@gmail.com', phone: '+1234567890'),
|
@@ -163,11 +154,11 @@ end
|
|
163
154
|
Apply our filter to verify the request is from us, for example:
|
164
155
|
|
165
156
|
```ruby
|
166
|
-
require 'securenative
|
157
|
+
require 'securenative'
|
167
158
|
|
168
159
|
|
169
160
|
def webhook_endpoint(request)
|
170
|
-
securenative = SecureNative::
|
161
|
+
securenative = SecureNative::Client.instance
|
171
162
|
|
172
163
|
# Checks if request is verified
|
173
164
|
is_verified = securenative.verify_request_payload(request)
|
@@ -190,9 +181,9 @@ Initialize sdk as showed above.
|
|
190
181
|
### Options 2: Using ConfigurationBuilder
|
191
182
|
|
192
183
|
```ruby
|
193
|
-
require 'securenative
|
184
|
+
require 'securenative'
|
194
185
|
|
195
|
-
options = SecureNative::
|
186
|
+
options = SecureNative::Options.new(api_key: 'API_KEY', max_events: 10, log_level: 'ERROR', proxy_headers: ['CF-Connecting-IP'])
|
196
187
|
|
197
|
-
SecureNative::
|
188
|
+
SecureNative::Client.init_with_options(options)
|
198
189
|
```
|
data/lib/securenative.rb
ADDED
@@ -0,0 +1,49 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'securenative/failover_strategy'
|
4
|
+
require 'securenative/enums/risk_level'
|
5
|
+
require 'securenative/enums/api_route'
|
6
|
+
require 'securenative/event_types'
|
7
|
+
require 'securenative/enums/risk_level'
|
8
|
+
require 'securenative/config/configuration_builder'
|
9
|
+
require 'securenative/config/configuration_manager'
|
10
|
+
require 'securenative/options'
|
11
|
+
require 'securenative/utils/request_utils'
|
12
|
+
require 'securenative/utils/version_utils'
|
13
|
+
require 'securenative/utils/encryption_utils'
|
14
|
+
require 'securenative/utils/signature_utils'
|
15
|
+
require 'securenative/utils/date_utils'
|
16
|
+
require 'securenative/utils/utils'
|
17
|
+
require 'securenative/utils/log'
|
18
|
+
require 'securenative/utils/ip_utils'
|
19
|
+
require 'securenative/frameworks/hanami'
|
20
|
+
require 'securenative/frameworks/sinatra'
|
21
|
+
require 'securenative/frameworks/rails'
|
22
|
+
require 'securenative/context'
|
23
|
+
require 'securenative/event_options'
|
24
|
+
require 'securenative/user_traits'
|
25
|
+
require 'securenative/request_context'
|
26
|
+
require 'securenative/client_token'
|
27
|
+
require 'securenative/sdk_event'
|
28
|
+
require 'securenative/verify_result'
|
29
|
+
require 'securenative/errors/invalid_options_error'
|
30
|
+
require 'securenative/errors/sdk_Illegal_state_error'
|
31
|
+
require 'securenative/errors/config_error'
|
32
|
+
require 'securenative/errors/sdk_error'
|
33
|
+
require 'securenative/errors/http_error'
|
34
|
+
require 'securenative/http_client'
|
35
|
+
require 'securenative/event_manager'
|
36
|
+
require 'securenative/api_manager'
|
37
|
+
require 'securenative/client'
|
38
|
+
require 'securenative/version'
|
39
|
+
|
40
|
+
require 'yaml'
|
41
|
+
require 'net/http'
|
42
|
+
require 'uri'
|
43
|
+
require 'json'
|
44
|
+
require 'securerandom'
|
45
|
+
require 'openssl'
|
46
|
+
require 'digest'
|
47
|
+
require 'base64'
|
48
|
+
require 'resolv'
|
49
|
+
require 'logger'
|
@@ -1,12 +1,5 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
-
require 'securenative/models/sdk_event'
|
4
|
-
require 'securenative/enums/failover_strategy'
|
5
|
-
require 'securenative/enums/risk_level'
|
6
|
-
require 'securenative/enums/api_route'
|
7
|
-
require 'securenative/models/verify_result'
|
8
|
-
require 'json'
|
9
|
-
|
10
3
|
module SecureNative
|
11
4
|
class ApiManager
|
12
5
|
def initialize(event_manager, securenative_options)
|
@@ -15,27 +8,27 @@ module SecureNative
|
|
15
8
|
end
|
16
9
|
|
17
10
|
def track(event_options)
|
18
|
-
|
19
|
-
event = SDKEvent.new(event_options, @options)
|
20
|
-
@event_manager.send_async(event, ApiRoute::TRACK)
|
11
|
+
SecureNative::Log.debug('Track event call')
|
12
|
+
event = SecureNative::SDKEvent.new(event_options, @options)
|
13
|
+
@event_manager.send_async(event, SecureNative::Enums::ApiRoute::TRACK)
|
21
14
|
end
|
22
15
|
|
23
16
|
def verify(event_options)
|
24
|
-
|
25
|
-
event = SDKEvent.new(event_options, @options)
|
17
|
+
SecureNative::Log.debug('Verify event call')
|
18
|
+
event = SecureNative::SDKEvent.new(event_options, @options)
|
26
19
|
|
27
20
|
begin
|
28
|
-
res = @event_manager.send_sync(event, ApiRoute::VERIFY
|
21
|
+
res = @event_manager.send_sync(event, SecureNative::Enums::ApiRoute::VERIFY)
|
29
22
|
ver_result = JSON.parse(res.body)
|
30
23
|
return VerifyResult.new(risk_level: ver_result['riskLevel'], score: ver_result['score'], triggers: ver_result['triggers'])
|
31
24
|
rescue StandardError => e
|
32
|
-
|
25
|
+
SecureNative::Log.debug("Failed to call verify; #{e}")
|
33
26
|
end
|
34
|
-
if @options.fail_over_strategy == FailOverStrategy::FAIL_OPEN
|
35
|
-
return VerifyResult.new(risk_level: RiskLevel::LOW, score: 0, triggers:
|
27
|
+
if @options.fail_over_strategy == SecureNative::FailOverStrategy::FAIL_OPEN
|
28
|
+
return SecureNative::VerifyResult.new(risk_level: SecureNative::Enums::RiskLevel::LOW, score: 0, triggers: [])
|
36
29
|
end
|
37
30
|
|
38
|
-
VerifyResult.new(risk_level: RiskLevel::HIGH, score: 1, triggers:
|
31
|
+
VerifyResult.new(risk_level: SecureNative::Enums::RiskLevel::HIGH, score: 1, triggers: [])
|
39
32
|
end
|
40
33
|
end
|
41
34
|
end
|
@@ -0,0 +1,79 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module SecureNative
|
4
|
+
class Client
|
5
|
+
attr_reader :options
|
6
|
+
|
7
|
+
def initialize(options)
|
8
|
+
@securenative = nil
|
9
|
+
if SecureNative::Utils::Utils.null_or_empty?(options.api_key)
|
10
|
+
raise SecureNativeSDKError, 'You must pass your SecureNative api key'
|
11
|
+
end
|
12
|
+
|
13
|
+
@options = options
|
14
|
+
@event_manager = EventManager.new(@options)
|
15
|
+
|
16
|
+
@api_manager = SecureNative::ApiManager.new(@event_manager, @options)
|
17
|
+
SecureNative::Log.init_logger(@options.log_level)
|
18
|
+
end
|
19
|
+
|
20
|
+
def self.init_with_options(options)
|
21
|
+
if @securenative.nil?
|
22
|
+
@securenative = SecureNative::Client.new(options)
|
23
|
+
@securenative
|
24
|
+
else
|
25
|
+
SecureNative::Log.debug('This SDK was already initialized.')
|
26
|
+
raise SecureNativeSDKError, 'This SDK was already initialized.'
|
27
|
+
end
|
28
|
+
end
|
29
|
+
|
30
|
+
def self.init_with_api_key(api_key)
|
31
|
+
if SecureNative::Utils::Utils.null_or_empty?(api_key)
|
32
|
+
raise SecureNativeConfigError, 'You must pass your SecureNative api key'
|
33
|
+
end
|
34
|
+
|
35
|
+
if @securenative.nil?
|
36
|
+
options = SecureNative::Config::ConfigurationBuilder.new(api_key: api_key)
|
37
|
+
@securenative = SecureNative::Client.new(options)
|
38
|
+
@securenative
|
39
|
+
else
|
40
|
+
SecureNative::Log.debug('This SDK was already initialized.')
|
41
|
+
raise SecureNativeSDKError, 'This SDK was already initialized.'
|
42
|
+
end
|
43
|
+
end
|
44
|
+
|
45
|
+
def from_http_request(request)
|
46
|
+
SecureNative::Context.from_http_request(request, @options)
|
47
|
+
end
|
48
|
+
|
49
|
+
def self.init
|
50
|
+
options = SecureNative::Config::ConfigurationManager.load_config
|
51
|
+
init_with_options(options)
|
52
|
+
end
|
53
|
+
|
54
|
+
def self.instance
|
55
|
+
raise SecureNativeSDKIllegalStateError if @securenative.nil?
|
56
|
+
|
57
|
+
@securenative
|
58
|
+
end
|
59
|
+
|
60
|
+
def track(event_options)
|
61
|
+
@api_manager.track(event_options)
|
62
|
+
end
|
63
|
+
|
64
|
+
def verify(event_options)
|
65
|
+
@api_manager.verify(event_options)
|
66
|
+
end
|
67
|
+
|
68
|
+
def self._flush
|
69
|
+
@securenative = nil
|
70
|
+
end
|
71
|
+
|
72
|
+
def verify_request_payload(request)
|
73
|
+
request_signature = request.header[SignatureUtils.SIGNATURE_HEADER]
|
74
|
+
body = request.body
|
75
|
+
|
76
|
+
SignatureUtils.valid_signature?(@options.api_key, body, request_signature)
|
77
|
+
end
|
78
|
+
end
|
79
|
+
end
|
File without changes
|
@@ -1,29 +1,29 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
-
require 'securenative/enums/failover_strategy'
|
4
|
-
|
5
3
|
module SecureNative
|
6
|
-
|
7
|
-
|
8
|
-
|
4
|
+
module Config
|
5
|
+
class ConfigurationBuilder
|
6
|
+
attr_reader :api_key, :api_url, :interval, :max_events, :timeout, :auto_send, :disable, :log_level, :fail_over_strategy, :proxy_headers
|
7
|
+
attr_writer :api_key, :api_url, :interval, :max_events, :timeout, :auto_send, :disable, :log_level, :fail_over_strategy, :proxy_headers
|
9
8
|
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
9
|
+
def initialize(api_key: nil, api_url: 'https://api.securenative.com/collector/api/v1', interval: 1000,
|
10
|
+
max_events: 1000, timeout: 1500, auto_send: true, disable: false, log_level: 'FATAL',
|
11
|
+
fail_over_strategy: SecureNative::FailOverStrategy::FAIL_OPEN, proxy_headers: nil)
|
12
|
+
@api_key = api_key
|
13
|
+
@api_url = api_url
|
14
|
+
@interval = interval
|
15
|
+
@max_events = max_events
|
16
|
+
@timeout = timeout
|
17
|
+
@auto_send = auto_send
|
18
|
+
@disable = disable
|
19
|
+
@log_level = log_level
|
20
|
+
@fail_over_strategy = fail_over_strategy
|
21
|
+
@proxy_headers = proxy_headers
|
22
|
+
end
|
24
23
|
|
25
|
-
|
26
|
-
|
24
|
+
def self.default_securenative_options
|
25
|
+
Options.new
|
26
|
+
end
|
27
27
|
end
|
28
28
|
end
|
29
|
-
end
|
29
|
+
end
|
@@ -1,58 +1,57 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
-
require 'yaml'
|
4
|
-
require 'securenative/config/configuration_builder'
|
5
|
-
|
6
3
|
module SecureNative
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
4
|
+
module Config
|
5
|
+
class ConfigurationManager
|
6
|
+
DEFAULT_CONFIG_FILE = 'securenative.yml'
|
7
|
+
CUSTOM_CONFIG_FILE_ENV_NAME = 'SECURENATIVE_CONFIG_FILE'
|
8
|
+
@config = nil
|
9
|
+
|
10
|
+
def self.read_resource_file(resource_path)
|
11
|
+
properties = {}
|
12
|
+
begin
|
13
|
+
@config = YAML.load_file(resource_path)
|
14
|
+
properties = @config unless @config.nil?
|
15
|
+
rescue StandardError => e
|
16
|
+
SecureNative::Log.error("Could not parse securenative.config file #{resource_path}; #{e}")
|
17
|
+
end
|
18
|
+
properties
|
19
19
|
end
|
20
|
-
properties
|
21
|
-
end
|
22
20
|
|
23
|
-
|
24
|
-
|
25
|
-
|
21
|
+
def self._get_resource_path(env_name)
|
22
|
+
Env.fetch(env_name, ENV[DEFAULT_CONFIG_FILE])
|
23
|
+
end
|
26
24
|
|
27
|
-
|
28
|
-
|
29
|
-
|
25
|
+
def self.config_builder
|
26
|
+
SecureNative::Config::ConfigurationBuilder.new
|
27
|
+
end
|
30
28
|
|
31
|
-
|
32
|
-
|
33
|
-
|
29
|
+
def self._get_env_or_default(properties, key, default)
|
30
|
+
return ENV[key] if ENV[key]
|
31
|
+
return properties[key] if properties[key]
|
34
32
|
|
35
|
-
|
36
|
-
|
33
|
+
default
|
34
|
+
end
|
37
35
|
|
38
|
-
|
39
|
-
|
36
|
+
def self.load_config
|
37
|
+
options = SecureNative::Config::ConfigurationBuilder.default_securenative_options
|
40
38
|
|
41
|
-
|
42
|
-
|
39
|
+
resource_path = DEFAULT_CONFIG_FILE
|
40
|
+
resource_path = ENV[CUSTOM_CONFIG_FILE_ENV_NAME] unless ENV[CUSTOM_CONFIG_FILE_ENV_NAME].nil?
|
43
41
|
|
44
|
-
|
42
|
+
properties = read_resource_file(resource_path)
|
45
43
|
|
46
|
-
|
47
|
-
|
48
|
-
|
49
|
-
|
50
|
-
|
51
|
-
|
52
|
-
|
53
|
-
|
54
|
-
|
55
|
-
|
44
|
+
SecureNative::Config::ConfigurationBuilder.new(api_key: _get_env_or_default(properties, 'SECURENATIVE_API_KEY', options.api_key),
|
45
|
+
api_url: _get_env_or_default(properties, 'SECURENATIVE_API_URL', options.api_url),
|
46
|
+
interval: _get_env_or_default(properties, 'SECURENATIVE_INTERVAL', options.interval),
|
47
|
+
max_events: _get_env_or_default(properties, 'SECURENATIVE_MAX_EVENTS', options.max_events),
|
48
|
+
timeout: _get_env_or_default(properties, 'SECURENATIVE_TIMEOUT', options.timeout),
|
49
|
+
auto_send: _get_env_or_default(properties, 'SECURENATIVE_AUTO_SEND', options.auto_send),
|
50
|
+
disable: _get_env_or_default(properties, 'SECURENATIVE_DISABLE', options.disable),
|
51
|
+
log_level: _get_env_or_default(properties, 'SECURENATIVE_LOG_LEVEL', options.log_level),
|
52
|
+
fail_over_strategy: _get_env_or_default(properties, 'SECURENATIVE_FAILOVER_STRATEGY', options.fail_over_strategy),
|
53
|
+
proxy_headers: _get_env_or_default(properties, 'SECURENATIVE_PROXY_HEADERS', options.proxy_headers))
|
54
|
+
end
|
56
55
|
end
|
57
56
|
end
|
58
57
|
end
|