securenative 0.1.29 → 0.1.30
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.github/workflows/ci.yml +49 -0
- data/.github/workflows/publish.yml +60 -0
- data/.github/workflows/test.yml +48 -0
- data/.gitignore +40 -0
- data/.rakeTasks +7 -0
- data/.rspec +3 -0
- data/Gemfile +11 -0
- data/Gemfile.lock +270 -0
- data/LICENSE +21 -0
- data/Rakefile +6 -0
- data/bin/console +14 -0
- data/bin/setup +8 -0
- data/lib/securenative/api_manager.rb +34 -0
- data/lib/securenative/client.rb +75 -0
- data/lib/securenative/client_token.rb +14 -0
- data/lib/securenative/config/configuration_builder.rb +29 -0
- data/lib/securenative/config/configuration_manager.rb +57 -0
- data/lib/securenative/context.rb +65 -0
- data/lib/securenative/device.rb +12 -0
- data/lib/securenative/enums/api_route.rb +10 -0
- data/lib/securenative/enums/risk_level.rb +11 -0
- data/lib/securenative/errors/config_error.rb +4 -0
- data/lib/securenative/errors/http_error.rb +4 -0
- data/lib/securenative/errors/invalid_options_error.rb +4 -0
- data/lib/securenative/errors/invalid_uri_error.rb +6 -0
- data/lib/securenative/errors/parse_error.rb +4 -0
- data/lib/securenative/errors/sdk_Illegal_state_error.rb +4 -0
- data/lib/securenative/errors/sdk_error.rb +4 -0
- data/lib/securenative/event_manager.rb +156 -0
- data/lib/securenative/event_options.rb +35 -0
- data/lib/securenative/event_types.rb +25 -0
- data/lib/securenative/failover_strategy.rb +8 -0
- data/lib/securenative/frameworks/hanami.rb +46 -0
- data/lib/securenative/frameworks/rails.rb +48 -0
- data/lib/securenative/frameworks/sinatra.rb +46 -0
- data/lib/securenative/http_client.rb +47 -0
- data/lib/securenative/http_response.rb +14 -0
- data/lib/securenative/options.rb +23 -0
- data/lib/securenative/request_context.rb +20 -0
- data/lib/securenative/request_options.rb +14 -0
- data/lib/securenative/sdk_event.rb +44 -0
- data/lib/securenative/user_traits.rb +15 -0
- data/lib/securenative/utils/date_utils.rb +13 -0
- data/lib/securenative/utils/encryption_utils.rb +48 -0
- data/lib/securenative/utils/ip_utils.rb +25 -0
- data/lib/securenative/utils/log.rb +46 -0
- data/lib/securenative/utils/request_utils.rb +84 -0
- data/lib/securenative/utils/signature_utils.rb +18 -0
- data/lib/securenative/utils/utils.rb +13 -0
- data/lib/securenative/utils/version_utils.rb +15 -0
- data/lib/securenative/verify_result.rb +18 -0
- data/lib/securenative/version.rb +5 -0
- data/securenative.gemspec +33 -0
- metadata +55 -2
@@ -0,0 +1,25 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module SecureNative
|
4
|
+
module Utils
|
5
|
+
class IpUtils
|
6
|
+
def self.ip_address?(ip_address)
|
7
|
+
return true if ip_address =~ Resolv::IPv4::Regex
|
8
|
+
return true if ip_address =~ Resolv::IPv6::Regex
|
9
|
+
|
10
|
+
false
|
11
|
+
end
|
12
|
+
|
13
|
+
def self.valid_public_ip?(ip_address)
|
14
|
+
ip = IPAddr.new(ip_address)
|
15
|
+
return false if ip.loopback? || ip.private? || ip.link_local? || ip.untrusted? || ip.tainted?
|
16
|
+
|
17
|
+
true
|
18
|
+
end
|
19
|
+
|
20
|
+
def self.loop_back?(ip_address)
|
21
|
+
IPAddr.new(ip_address).loopback?
|
22
|
+
end
|
23
|
+
end
|
24
|
+
end
|
25
|
+
end
|
@@ -0,0 +1,46 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'logger'
|
4
|
+
|
5
|
+
module SecureNative
|
6
|
+
class Log
|
7
|
+
@logger = Logger.new(STDOUT)
|
8
|
+
|
9
|
+
def self.init_logger(level = 'DEBUG')
|
10
|
+
@logger.level = case level
|
11
|
+
when 'WARN'
|
12
|
+
Logger::WARN
|
13
|
+
when 'DEBUG'
|
14
|
+
Logger::DEBUG
|
15
|
+
when 'ERROR'
|
16
|
+
Logger::ERROR
|
17
|
+
when 'FATAL'
|
18
|
+
Logger::FATAL
|
19
|
+
when 'INFO'
|
20
|
+
Logger::INFO
|
21
|
+
else
|
22
|
+
Logger::FATAL
|
23
|
+
end
|
24
|
+
|
25
|
+
@logger.formatter = proc do |severity, datetime, progname, msg|
|
26
|
+
"[#{datetime}] #{severity} (#{progname}): #{msg}\n"
|
27
|
+
end
|
28
|
+
end
|
29
|
+
|
30
|
+
def self.info(msg)
|
31
|
+
@logger.info(msg)
|
32
|
+
end
|
33
|
+
|
34
|
+
def self.debug(msg)
|
35
|
+
@logger.debug(msg)
|
36
|
+
end
|
37
|
+
|
38
|
+
def self.warning(msg)
|
39
|
+
@logger.warning(msg)
|
40
|
+
end
|
41
|
+
|
42
|
+
def self.error(msg)
|
43
|
+
@logger.error(msg)
|
44
|
+
end
|
45
|
+
end
|
46
|
+
end
|
@@ -0,0 +1,84 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module SecureNative
|
4
|
+
module Utils
|
5
|
+
class RequestUtils
|
6
|
+
SECURENATIVE_COOKIE = '_sn'
|
7
|
+
SECURENATIVE_HEADER = 'x-securenative'
|
8
|
+
|
9
|
+
def self.get_secure_header_from_request(headers)
|
10
|
+
begin
|
11
|
+
return headers[SECURENATIVE_HEADER] unless headers.nil?
|
12
|
+
rescue StandardError
|
13
|
+
[]
|
14
|
+
end
|
15
|
+
[]
|
16
|
+
end
|
17
|
+
|
18
|
+
def self.get_client_ip_from_request(request, options = nil)
|
19
|
+
unless options.nil?
|
20
|
+
for header in options.proxy_headers do
|
21
|
+
begin
|
22
|
+
h = request.env[header]
|
23
|
+
return h.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless h.nil?
|
24
|
+
rescue NoMethodError
|
25
|
+
begin
|
26
|
+
h = request[header]
|
27
|
+
return h.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless h.nil?
|
28
|
+
rescue NoMethodError
|
29
|
+
end
|
30
|
+
end
|
31
|
+
end
|
32
|
+
end
|
33
|
+
|
34
|
+
begin
|
35
|
+
x_forwarded_for = request.env['HTTP_X_FORWARDED_FOR']
|
36
|
+
return x_forwarded_for.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless x_forwarded_for.nil?
|
37
|
+
rescue NoMethodError
|
38
|
+
begin
|
39
|
+
x_forwarded_for = request['HTTP_X_FORWARDED_FOR']
|
40
|
+
return x_forwarded_for.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless x_forwarded_for.nil?
|
41
|
+
rescue NoMethodError
|
42
|
+
end
|
43
|
+
end
|
44
|
+
|
45
|
+
begin
|
46
|
+
x_forwarded_for = request.env['HTTP_X_REAL_IP']
|
47
|
+
return x_forwarded_for.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless x_forwarded_for.nil?
|
48
|
+
rescue NoMethodError
|
49
|
+
begin
|
50
|
+
x_forwarded_for = request['HTTP_X_REAL_IP']
|
51
|
+
return x_forwarded_for.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless x_forwarded_for.nil?
|
52
|
+
rescue NoMethodError
|
53
|
+
end
|
54
|
+
end
|
55
|
+
|
56
|
+
begin
|
57
|
+
x_forwarded_for = request.env['REMOTE_ADDR']
|
58
|
+
return x_forwarded_for.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless x_forwarded_for.nil?
|
59
|
+
rescue NoMethodError
|
60
|
+
begin
|
61
|
+
x_forwarded_for = request['REMOTE_ADDR']
|
62
|
+
return x_forwarded_for.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless x_forwarded_for.nil?
|
63
|
+
rescue NoMethodError
|
64
|
+
end
|
65
|
+
end
|
66
|
+
|
67
|
+
begin
|
68
|
+
return request.ip unless request.ip.nil?
|
69
|
+
rescue NoMethodError
|
70
|
+
end
|
71
|
+
|
72
|
+
''
|
73
|
+
end
|
74
|
+
|
75
|
+
def self.get_remote_ip_from_request(request)
|
76
|
+
begin
|
77
|
+
request.remote_ip
|
78
|
+
rescue NoMethodError
|
79
|
+
''
|
80
|
+
end
|
81
|
+
end
|
82
|
+
end
|
83
|
+
end
|
84
|
+
end
|
@@ -0,0 +1,18 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module SecureNative
|
4
|
+
module Utils
|
5
|
+
class SignatureUtils
|
6
|
+
SIGNATURE_HEADER = 'x-securenative'
|
7
|
+
|
8
|
+
def self.valid_signature?(api_key, payload, header_signature)
|
9
|
+
key = api_key.encode('utf-8')
|
10
|
+
body = payload.encode('utf-8')
|
11
|
+
calculated_signature = OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha512'), key, body)
|
12
|
+
calculated_signature.eql? header_signature
|
13
|
+
rescue StandardError
|
14
|
+
false
|
15
|
+
end
|
16
|
+
end
|
17
|
+
end
|
18
|
+
end
|
@@ -0,0 +1,18 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module SecureNative
|
4
|
+
class VerifyResult
|
5
|
+
attr_reader :risk_level, :score, :triggers
|
6
|
+
attr_writer :risk_level, :score, :triggers
|
7
|
+
|
8
|
+
def initialize(risk_level: nil, score: nil, triggers: nil)
|
9
|
+
@risk_level = risk_level
|
10
|
+
@score = score
|
11
|
+
@triggers = triggers
|
12
|
+
end
|
13
|
+
|
14
|
+
def to_s
|
15
|
+
"risk_level: #{@risk_level}, score: #{@score}, triggers: #{@triggers}"
|
16
|
+
end
|
17
|
+
end
|
18
|
+
end
|
@@ -0,0 +1,33 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
lib = File.expand_path('lib', __dir__)
|
4
|
+
$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
5
|
+
require 'securenative'
|
6
|
+
|
7
|
+
Gem::Specification.new do |spec|
|
8
|
+
spec.name = 'securenative'
|
9
|
+
spec.version = SecureNative::VERSION
|
10
|
+
spec.authors = ['SecureNative']
|
11
|
+
spec.email = ['support@securenative.com']
|
12
|
+
spec.required_ruby_version = '>= 2.4'
|
13
|
+
|
14
|
+
spec.summary = 'SecureNative SDK for Ruby'
|
15
|
+
spec.homepage = 'https://www.securenative.com'
|
16
|
+
spec.license = 'MIT'
|
17
|
+
|
18
|
+
spec.metadata['homepage_uri'] = spec.homepage
|
19
|
+
spec.test_files = Dir['spec//*']
|
20
|
+
|
21
|
+
# Specify which files should be added to the gem when it is released.
|
22
|
+
# The `git ls-files -z` loads the files in the RubyGem that have been added into git.
|
23
|
+
spec.files = Dir.chdir(File.expand_path('..', __FILE__)) do
|
24
|
+
`git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
|
25
|
+
end
|
26
|
+
|
27
|
+
spec.bindir = 'exe'
|
28
|
+
spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
|
29
|
+
spec.require_paths = ['lib']
|
30
|
+
|
31
|
+
spec.add_development_dependency 'bundler', '~> 2.0'
|
32
|
+
spec.add_development_dependency 'rake', '~> 12.3.3'
|
33
|
+
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: securenative
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.1.
|
4
|
+
version: 0.1.30
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- SecureNative
|
@@ -45,8 +45,61 @@ executables: []
|
|
45
45
|
extensions: []
|
46
46
|
extra_rdoc_files: []
|
47
47
|
files:
|
48
|
+
- ".github/workflows/ci.yml"
|
49
|
+
- ".github/workflows/publish.yml"
|
50
|
+
- ".github/workflows/test.yml"
|
51
|
+
- ".gitignore"
|
52
|
+
- ".rakeTasks"
|
53
|
+
- ".rspec"
|
54
|
+
- Gemfile
|
55
|
+
- Gemfile.lock
|
56
|
+
- LICENSE
|
48
57
|
- README.md
|
49
|
-
-
|
58
|
+
- Rakefile
|
59
|
+
- bin/console
|
60
|
+
- bin/setup
|
61
|
+
- lib/securenative.rb
|
62
|
+
- lib/securenative/api_manager.rb
|
63
|
+
- lib/securenative/client.rb
|
64
|
+
- lib/securenative/client_token.rb
|
65
|
+
- lib/securenative/config/configuration_builder.rb
|
66
|
+
- lib/securenative/config/configuration_manager.rb
|
67
|
+
- lib/securenative/context.rb
|
68
|
+
- lib/securenative/device.rb
|
69
|
+
- lib/securenative/enums/api_route.rb
|
70
|
+
- lib/securenative/enums/risk_level.rb
|
71
|
+
- lib/securenative/errors/config_error.rb
|
72
|
+
- lib/securenative/errors/http_error.rb
|
73
|
+
- lib/securenative/errors/invalid_options_error.rb
|
74
|
+
- lib/securenative/errors/invalid_uri_error.rb
|
75
|
+
- lib/securenative/errors/parse_error.rb
|
76
|
+
- lib/securenative/errors/sdk_Illegal_state_error.rb
|
77
|
+
- lib/securenative/errors/sdk_error.rb
|
78
|
+
- lib/securenative/event_manager.rb
|
79
|
+
- lib/securenative/event_options.rb
|
80
|
+
- lib/securenative/event_types.rb
|
81
|
+
- lib/securenative/failover_strategy.rb
|
82
|
+
- lib/securenative/frameworks/hanami.rb
|
83
|
+
- lib/securenative/frameworks/rails.rb
|
84
|
+
- lib/securenative/frameworks/sinatra.rb
|
85
|
+
- lib/securenative/http_client.rb
|
86
|
+
- lib/securenative/http_response.rb
|
87
|
+
- lib/securenative/options.rb
|
88
|
+
- lib/securenative/request_context.rb
|
89
|
+
- lib/securenative/request_options.rb
|
90
|
+
- lib/securenative/sdk_event.rb
|
91
|
+
- lib/securenative/user_traits.rb
|
92
|
+
- lib/securenative/utils/date_utils.rb
|
93
|
+
- lib/securenative/utils/encryption_utils.rb
|
94
|
+
- lib/securenative/utils/ip_utils.rb
|
95
|
+
- lib/securenative/utils/log.rb
|
96
|
+
- lib/securenative/utils/request_utils.rb
|
97
|
+
- lib/securenative/utils/signature_utils.rb
|
98
|
+
- lib/securenative/utils/utils.rb
|
99
|
+
- lib/securenative/utils/version_utils.rb
|
100
|
+
- lib/securenative/verify_result.rb
|
101
|
+
- lib/securenative/version.rb
|
102
|
+
- securenative.gemspec
|
50
103
|
- spec//spec_helper.rb
|
51
104
|
homepage: https://www.securenative.com
|
52
105
|
licenses:
|