securenative 0.1.29 → 0.1.30

data/LICENSE

@@ -0,0 +1,21 @@
+The MIT License
+
+Copyright (c) 2019 SecureNative
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/Rakefile

@@ -0,0 +1,6 @@
+require "bundler/gem_tasks"
+task :default => :spec
+
+require 'rspec/core/rake_task'
+task :default => :spec
+RSpec::Core::RakeTask.new

data/bin/console

@@ -0,0 +1,14 @@
+#!/usr/bin/env ruby
+
+require "bundler/setup"
+require "securenative"
+
+# You can add fixtures and/or initialization code here to make experimenting
+# with your gem easier. You can also use a different console, if you like.
+
+# (If you use this, don't forget to add pry to your Gemfile!)
+# require "pry"
+# Pry.start
+
+require "irb"
+IRB.start(__FILE__)

data/bin/setup

@@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+set -euo pipefail
+IFS=$'\n\t'
+set -vx
+
+bundle install
+
+# Do any other automated setup that you need to do here

data/lib/securenative/api_manager.rb

@@ -0,0 +1,34 @@
+# frozen_string_literal: true
+
+module SecureNative
+  class ApiManager
+    def initialize(event_manager, securenative_options)
+      @event_manager = event_manager
+      @options = securenative_options
+    end
+
+    def track(event_options)
+      SecureNative::Log.debug('Track event call')
+      event = SecureNative::SDKEvent.new(event_options, @options)
+      @event_manager.send_async(event, SecureNative::Enums::ApiRoute::TRACK)
+    end
+
+    def verify(event_options)
+      SecureNative::Log.debug('Verify event call')
+      event = SecureNative::SDKEvent.new(event_options, @options)
+
+      begin
+        res = @event_manager.send_sync(event, SecureNative::Enums::ApiRoute::VERIFY)
+        ver_result = JSON.parse(res.body)
+        return VerifyResult.new(risk_level: ver_result['riskLevel'], score: ver_result['score'], triggers: ver_result['triggers'])
+      rescue StandardError => e
+        SecureNative::Log.debug("Failed to call verify; #{e}")
+      end
+      if @options.fail_over_strategy == SecureNative::FailOverStrategy::FAIL_OPEN
+        return SecureNative::VerifyResult.new(risk_level: SecureNative::Enums::RiskLevel::LOW, score: 0, triggers: nil)
+      end
+
+      VerifyResult.new(risk_level: SecureNative::Enums::RiskLevel::HIGH, score: 1, triggers: nil)
+    end
+  end
+end

data/lib/securenative/client.rb

@@ -0,0 +1,75 @@
+# frozen_string_literal: true
+
+module SecureNative
+  class Client
+    attr_reader :options
+
+    def initialize(options)
+      @securenative = nil
+      if SecureNative::Utils::Utils.null_or_empty?(options.api_key)
+        raise SecureNativeSDKError, 'You must pass your SecureNative api key'
+      end
+
+      @options = options
+      @event_manager = EventManager.new(@options)
+
+      @api_manager = SecureNative::ApiManager.new(@event_manager, @options)
+      SecureNative::Log.init_logger(@options.log_level)
+    end
+
+    def self.init_with_options(options)
+      if @securenative.nil?
+        @securenative = SecureNative::Client.new(options)
+        @securenative
+      else
+        SecureNative::Log.debug('This SDK was already initialized.')
+        raise SecureNativeSDKError, 'This SDK was already initialized.'
+      end
+    end
+
+    def self.init_with_api_key(api_key)
+      if SecureNative::Utils::Utils.null_or_empty?(api_key)
+        raise SecureNativeConfigError, 'You must pass your SecureNative api key'
+      end
+
+      if @securenative.nil?
+        options = SecureNative::Config::ConfigurationBuilder.new(api_key: api_key)
+        @securenative = SecureNative::Client.new(options)
+        @securenative
+      else
+        SecureNative::Log.debug('This SDK was already initialized.')
+        raise SecureNativeSDKError, 'This SDK was already initialized.'
+      end
+    end
+
+    def self.init
+      options = SecureNative::Config::ConfigurationManager.load_config
+      init_with_options(options)
+    end
+
+    def self.instance
+      raise SecureNativeSDKIllegalStateError if @securenative.nil?
+
+      @securenative
+    end
+
+    def track(event_options)
+      @api_manager.track(event_options)
+    end
+
+    def verify(event_options)
+      @api_manager.verify(event_options)
+    end
+
+    def self._flush
+      @securenative = nil
+    end
+
+    def verify_request_payload(request)
+      request_signature = request.header[SignatureUtils.SIGNATURE_HEADER]
+      body = request.body
+
+      SignatureUtils.valid_signature?(@options.api_key, body, request_signature)
+    end
+  end
+end

data/lib/securenative/client_token.rb

@@ -0,0 +1,14 @@
+# frozen_string_literal: true
+
+module SecureNative
+  class ClientToken
+    attr_reader :cid, :vid, :fp
+    attr_writer :cid, :vid, :fp
+
+    def initialize(cid, vid, fp)
+      @cid = cid
+      @vid = vid
+      @fp = fp
+    end
+  end
+end

data/lib/securenative/config/configuration_builder.rb

@@ -0,0 +1,29 @@
+# frozen_string_literal: true
+
+module SecureNative
+  module Config
+    class ConfigurationBuilder
+      attr_reader :api_key, :api_url, :interval, :max_events, :timeout, :auto_send, :disable, :log_level, :fail_over_strategy, :proxy_headers
+      attr_writer :api_key, :api_url, :interval, :max_events, :timeout, :auto_send, :disable, :log_level, :fail_over_strategy, :proxy_headers
+
+      def initialize(api_key: nil, api_url: 'https://api.securenative.com/collector/api/v1', interval: 1000,
+                     max_events: 1000, timeout: 1500, auto_send: true, disable: false, log_level: 'FATAL',
+                     fail_over_strategy: SecureNative::FailOverStrategy::FAIL_OPEN, proxy_headers: nil)
+        @api_key = api_key
+        @api_url = api_url
+        @interval = interval
+        @max_events = max_events
+        @timeout = timeout
+        @auto_send = auto_send
+        @disable = disable
+        @log_level = log_level
+        @fail_over_strategy = fail_over_strategy
+        @proxy_headers = proxy_headers
+      end
+
+      def self.default_securenative_options
+        Options.new
+      end
+    end
+  end
+end

data/lib/securenative/config/configuration_manager.rb

@@ -0,0 +1,57 @@
+# frozen_string_literal: true
+
+module SecureNative
+  module Config
+    class ConfigurationManager
+      DEFAULT_CONFIG_FILE = 'securenative.yml'
+      CUSTOM_CONFIG_FILE_ENV_NAME = 'SECURENATIVE_CONFIG_FILE'
+      @config = nil
+
+      def self.read_resource_file(resource_path)
+        properties = {}
+        begin
+          @config = YAML.load_file(resource_path)
+          properties = @config unless @config.nil?
+        rescue StandardError => e
+          SecureNative::Log.error("Could not parse securenative.config file #{resource_path}; #{e}")
+        end
+        properties
+      end
+
+      def self._get_resource_path(env_name)
+        Env.fetch(env_name, ENV[DEFAULT_CONFIG_FILE])
+      end
+
+      def self.config_builder
+        SecureNative::Config::ConfigurationBuilder.new
+      end
+
+      def self._get_env_or_default(properties, key, default)
+        return ENV[key] if ENV[key]
+        return properties[key] if properties[key]
+
+        default
+      end
+
+      def self.load_config
+        options = SecureNative::Config::ConfigurationBuilder.default_securenative_options
+
+        resource_path = DEFAULT_CONFIG_FILE
+        resource_path = ENV[CUSTOM_CONFIG_FILE_ENV_NAME] unless ENV[CUSTOM_CONFIG_FILE_ENV_NAME].nil?
+
+        properties = read_resource_file(resource_path)
+
+        SecureNative::Config::ConfigurationBuilder.new(api_key: _get_env_or_default(properties, 'SECURENATIVE_API_KEY', options.api_key),
+                                                       api_url: _get_env_or_default(properties, 'SECURENATIVE_API_URL', options.api_url),
+                                                       interval: _get_env_or_default(properties, 'SECURENATIVE_INTERVAL', options.interval),
+                                                       max_events: _get_env_or_default(properties, 'SECURENATIVE_MAX_EVENTS', options.max_events),
+                                                       timeout: _get_env_or_default(properties, 'SECURENATIVE_TIMEOUT', options.timeout),
+                                                       auto_send: _get_env_or_default(properties, 'SECURENATIVE_AUTO_SEND', options.auto_send),
+                                                       disable: _get_env_or_default(properties, 'SECURENATIVE_DISABLE', options.disable),
+                                                       log_level: _get_env_or_default(properties, 'SECURENATIVE_LOG_LEVEL', options.log_level),
+                                                       fail_over_strategy: _get_env_or_default(properties, 'SECURENATIVE_FAILOVER_STRATEGY', options.fail_over_strategy),
+                                                       proxy_headers: _get_env_or_default(properties, 'SECURENATIVE_PROXY_HEADERS', options.proxy_headers))
+      end
+    end
+  end
+end

data/lib/securenative/context.rb

@@ -0,0 +1,65 @@
+# frozen_string_literal: true
+
+module SecureNative
+  class Context
+    attr_reader :client_token, :ip, :remote_ip, :headers, :url, :http_method, :body
+    attr_writer :client_token, :ip, :remote_ip, :headers, :url, :http_method, :body
+
+    SECURENATIVE_COOKIE = '_sn'
+
+    def initialize(client_token: '', ip: '', remote_ip: '', headers: nil, url: '', http_method: '', body: '')
+      @client_token = client_token
+      @ip = ip
+      @remote_ip = remote_ip
+      @headers = headers
+      @url = url
+      @http_method = http_method
+      @body = body
+    end
+
+    def self.default_context_builder
+      SecureNative::Context.new
+    end
+
+    def self.from_http_request(request)
+      client_token = SecureNative::Frameworks::Rails.get_client_token(request)
+      client_token = SecureNative::Frameworks::Sinatra.get_client_token(request) if client_token.nil?
+      client_token = SecureNative::Frameworks::Hanami.get_client_token(request) if client_token.nil?
+
+      begin
+        headers = SecureNative::Frameworks::Rails.get_headers(request)
+        headers = SecureNative::Frameworks::Sinatra.get_headers(request) if headers.nil?
+        headers = SecureNative::Frameworks::Hanami.get_headers(request) if headers.nil?
+
+        # Standard Ruby request
+        headers = request.header.to_hash if headers.nil?
+      rescue StandardError
+        headers = []
+      end
+
+      url = SecureNative::Frameworks::Rails.get_url(request)
+      url = SecureNative::Frameworks::Sinatra.get_url(request) if url.nil?
+      url = SecureNative::Frameworks::Hanami.get_url(request) if url.nil?
+      url = '' if url.nil?
+
+      method = SecureNative::Frameworks::Rails.get_method(request)
+      method = SecureNative::Frameworks::Sinatra.get_method(request) if method.nil?
+      method = SecureNative::Frameworks::Hanami.get_method(request) if method.nil?
+      method = '' if method.nil?
+
+      begin
+        body = request.body.to_s
+      rescue StandardError
+        body = ''
+      end
+
+      if SecureNative::Utils::Utils.null_or_empty?(client_token)
+        client_token = SecureNative::Utils::RequestUtils.get_secure_header_from_request(headers)
+      end
+
+      SecureNative::Context.new(client_token: client_token, ip: SecureNative::Utils::RequestUtils.get_client_ip_from_request(request),
+                     remote_ip: SecureNative::Utils::RequestUtils.get_remote_ip_from_request(request),
+                     headers: headers, url: url, http_method: method || '', body: body)
+    end
+  end
+end

data/lib/securenative/device.rb

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+module SecureNative
+  class Device
+    attr_reader :device_id
+    attr_writer :device_id
+
+    def initialize(device_id)
+      @device_id = device_id
+    end
+  end
+end

data/lib/securenative/enums/api_route.rb

@@ -0,0 +1,10 @@
+# frozen_string_literal: true
+
+module SecureNative
+  module Enums
+    module ApiRoute
+      TRACK = 'track'
+      VERIFY = 'verify'
+    end
+  end
+end

data/lib/securenative/enums/risk_level.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+module SecureNative
+  module Enums
+    module RiskLevel
+      LOW = 'low'
+      MEDIUM = 'medium'
+      HIGH = 'high'
+    end
+  end
+end

data/lib/securenative/errors/config_error.rb

@@ -0,0 +1,4 @@
+# frozen_string_literal: true
+
+class SecureNativeConfigError < StandardError
+end

data/lib/securenative/errors/http_error.rb

@@ -0,0 +1,4 @@
+# frozen_string_literal: true
+
+class SecureNativeHttpError < StandardError
+end

data/lib/securenative/errors/invalid_options_error.rb

@@ -0,0 +1,4 @@
+# frozen_string_literal: true
+
+class SecureNativeInvalidOptionsError < StandardError
+end

data/lib/securenative/errors/invalid_uri_error.rb

@@ -0,0 +1,6 @@
+# frozen_string_literal: true
+
+module SecureNative
+  class SecureNativeInvalidUriError < StandardError
+  end
+end

data/lib/securenative/errors/parse_error.rb

@@ -0,0 +1,4 @@
+# frozen_string_literal: true
+
+  class SecureNativeParseError < StandardError
+  end

data/lib/securenative/errors/sdk_Illegal_state_error.rb

@@ -0,0 +1,4 @@
+# frozen_string_literal: true
+
+class SecureNativeSDKIllegalStateError < StandardError
+end

data/lib/securenative/errors/sdk_error.rb

@@ -0,0 +1,4 @@
+# frozen_string_literal: true
+
+class SecureNativeSDKError < StandardError
+end

data/lib/securenative/event_manager.rb

@@ -0,0 +1,156 @@
+# frozen_string_literal: true
+
+class QueueItem
+  attr_reader :url, :body, :retry_sending
+  attr_writer :url, :body, :retry_sending
+
+  def initialize(url, body, retry_sending)
+    @url = url
+    @body = body
+    @retry = retry_sending
+  end
+end
+
+class EventManager
+  attr_reader :activated
+
+  def initialize(options = Options.new, http_client = nil)
+    if options.api_key.nil?
+      raise SecureNativeSDKError, 'API key cannot be None, please get your API key from SecureNative console.'
+    end
+
+    @http_client = if http_client.nil?
+                     SecureNative::HttpClient.new(options)
+                   else
+                     http_client
+                   end
+
+    @queue = []
+    @semaphore = Mutex.new
+    @options = options
+    @send_enabled = false
+    @attempt = 0
+    @coefficients = [1, 1, 2, 3, 5, 8, 13]
+    @thread = nil
+  end
+
+  def send_async(event, resource_path)
+    if @options.disable
+      SecureNative::Log.warning('SDK is disabled. no operation will be performed')
+      return
+    end
+
+    start_event_persist unless @send_enabled
+
+    item = QueueItem.new(resource_path, EventManager.serialize(event).to_json, false)
+    @queue.append(item)
+  end
+
+  def flush
+    @queue.each do |item|
+      @http_client.post(item.url, item.body)
+    end
+  end
+
+  def send_sync(event, resource_path)
+    if @options.disable
+      SecureNative::Log.warning('SDK is disabled. no operation will be performed')
+      return
+    end
+
+    SecureNative::Log.debug("Attempting to send event #{event}")
+    res = @http_client.post(resource_path, EventManager.serialize(event).to_json)
+
+    if res.nil? || res.code != '200'
+      SecureNative::Log.info("SecureNative failed to call endpoint #{resource_path} with event #{event}. adding back to queue")
+    end
+
+    res
+  end
+
+  def run
+    loop do
+      @semaphore.synchronize do
+        if (item = !@queue.empty? && @send_enabled)
+          begin
+            item = @queue.shift
+            res = @http_client.post(item.url, item.body)
+            if res.code == '401'
+              item.retry_sending = false
+            elsif res.code != '200'
+              @queue.append(item)
+              raise SecureNativeHttpError, res.status_code
+            end
+            SecureNative::Log.debug("Event successfully sent; #{item.body}")
+          rescue Exception => e
+            SecureNative::Log.error("Failed to send event; #{e}")
+            if item.retry_sending
+              @attempt = 0 if @coefficients.length == @attempt + 1
+
+              back_off = @coefficients[@attempt] * @options.interval
+              SecureNative::Log.debug("Automatic back-off of #{back_off}")
+              @send_enabled = false
+              sleep back_off
+              @send_enabled = true
+            end
+          end
+        end
+      end
+      sleep @options.interval / 1000 if @queue.empty?
+    end
+  end
+
+  def start_event_persist
+    SecureNative::Log.debug('Starting automatic event persistence')
+    if @options.auto_send
+      begin
+        @thread = Thread.new { run }
+        @send_enabled = true
+      rescue StandardError => e
+        SecureNative::Log.error("Could not start event scheduler; #{e}")
+        @send_enabled = false
+      end
+    else
+      SecureNative::Log.debug('Automatic event persistence is disabled, you should persist events manually')
+    end
+  end
+
+  def stop_event_persist
+    if @send_enabled
+      SecureNative::Log.debug('Attempting to stop automatic event persistence')
+      begin
+        flush
+        @thread&.stop?
+        SecureNative::Log.debug('Stopped event persistence')
+      rescue StandardError => e
+        SecureNative::Log.error("Could not stop event scheduler; #{e}")
+      end
+    end
+  end
+
+  def self.serialize(obj)
+    {
+      rid: obj.rid,
+      eventType: obj.event_type,
+      userId: obj.user_id,
+      userTraits: {
+        name: obj.user_traits.name,
+        email: obj.user_traits.email,
+        phone: obj.user_traits.phone,
+        createdAt: obj.user_traits.created_at
+      },
+      request: {
+        cid: obj.request.cid,
+        vid: obj.request.vid,
+        fp: obj.request.fp,
+        ip: obj.request.ip,
+        remoteIp: obj.request.remote_ip,
+        method: obj.request.http_method || '',
+        url: obj.request.url,
+        headers: obj.request.headers
+      },
+      timestamp: obj.timestamp,
+      properties: obj.properties
+    }
+  end
+end