securenative 0.1.29 → 0.1.30

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (55) hide show
  1. checksums.yaml +4 -4
  2. data/.github/workflows/ci.yml +49 -0
  3. data/.github/workflows/publish.yml +60 -0
  4. data/.github/workflows/test.yml +48 -0
  5. data/.gitignore +40 -0
  6. data/.rakeTasks +7 -0
  7. data/.rspec +3 -0
  8. data/Gemfile +11 -0
  9. data/Gemfile.lock +270 -0
  10. data/LICENSE +21 -0
  11. data/Rakefile +6 -0
  12. data/bin/console +14 -0
  13. data/bin/setup +8 -0
  14. data/lib/securenative/api_manager.rb +34 -0
  15. data/lib/securenative/client.rb +75 -0
  16. data/lib/securenative/client_token.rb +14 -0
  17. data/lib/securenative/config/configuration_builder.rb +29 -0
  18. data/lib/securenative/config/configuration_manager.rb +57 -0
  19. data/lib/securenative/context.rb +65 -0
  20. data/lib/securenative/device.rb +12 -0
  21. data/lib/securenative/enums/api_route.rb +10 -0
  22. data/lib/securenative/enums/risk_level.rb +11 -0
  23. data/lib/securenative/errors/config_error.rb +4 -0
  24. data/lib/securenative/errors/http_error.rb +4 -0
  25. data/lib/securenative/errors/invalid_options_error.rb +4 -0
  26. data/lib/securenative/errors/invalid_uri_error.rb +6 -0
  27. data/lib/securenative/errors/parse_error.rb +4 -0
  28. data/lib/securenative/errors/sdk_Illegal_state_error.rb +4 -0
  29. data/lib/securenative/errors/sdk_error.rb +4 -0
  30. data/lib/securenative/event_manager.rb +156 -0
  31. data/lib/securenative/event_options.rb +35 -0
  32. data/lib/securenative/event_types.rb +25 -0
  33. data/lib/securenative/failover_strategy.rb +8 -0
  34. data/lib/securenative/frameworks/hanami.rb +46 -0
  35. data/lib/securenative/frameworks/rails.rb +48 -0
  36. data/lib/securenative/frameworks/sinatra.rb +46 -0
  37. data/lib/securenative/http_client.rb +47 -0
  38. data/lib/securenative/http_response.rb +14 -0
  39. data/lib/securenative/options.rb +23 -0
  40. data/lib/securenative/request_context.rb +20 -0
  41. data/lib/securenative/request_options.rb +14 -0
  42. data/lib/securenative/sdk_event.rb +44 -0
  43. data/lib/securenative/user_traits.rb +15 -0
  44. data/lib/securenative/utils/date_utils.rb +13 -0
  45. data/lib/securenative/utils/encryption_utils.rb +48 -0
  46. data/lib/securenative/utils/ip_utils.rb +25 -0
  47. data/lib/securenative/utils/log.rb +46 -0
  48. data/lib/securenative/utils/request_utils.rb +84 -0
  49. data/lib/securenative/utils/signature_utils.rb +18 -0
  50. data/lib/securenative/utils/utils.rb +13 -0
  51. data/lib/securenative/utils/version_utils.rb +15 -0
  52. data/lib/securenative/verify_result.rb +18 -0
  53. data/lib/securenative/version.rb +5 -0
  54. data/securenative.gemspec +33 -0
  55. metadata +55 -2
@@ -0,0 +1,25 @@
1
+ # frozen_string_literal: true
2
+
3
+ module SecureNative
4
+ module Utils
5
+ class IpUtils
6
+ def self.ip_address?(ip_address)
7
+ return true if ip_address =~ Resolv::IPv4::Regex
8
+ return true if ip_address =~ Resolv::IPv6::Regex
9
+
10
+ false
11
+ end
12
+
13
+ def self.valid_public_ip?(ip_address)
14
+ ip = IPAddr.new(ip_address)
15
+ return false if ip.loopback? || ip.private? || ip.link_local? || ip.untrusted? || ip.tainted?
16
+
17
+ true
18
+ end
19
+
20
+ def self.loop_back?(ip_address)
21
+ IPAddr.new(ip_address).loopback?
22
+ end
23
+ end
24
+ end
25
+ end
@@ -0,0 +1,46 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'logger'
4
+
5
+ module SecureNative
6
+ class Log
7
+ @logger = Logger.new(STDOUT)
8
+
9
+ def self.init_logger(level = 'DEBUG')
10
+ @logger.level = case level
11
+ when 'WARN'
12
+ Logger::WARN
13
+ when 'DEBUG'
14
+ Logger::DEBUG
15
+ when 'ERROR'
16
+ Logger::ERROR
17
+ when 'FATAL'
18
+ Logger::FATAL
19
+ when 'INFO'
20
+ Logger::INFO
21
+ else
22
+ Logger::FATAL
23
+ end
24
+
25
+ @logger.formatter = proc do |severity, datetime, progname, msg|
26
+ "[#{datetime}] #{severity} (#{progname}): #{msg}\n"
27
+ end
28
+ end
29
+
30
+ def self.info(msg)
31
+ @logger.info(msg)
32
+ end
33
+
34
+ def self.debug(msg)
35
+ @logger.debug(msg)
36
+ end
37
+
38
+ def self.warning(msg)
39
+ @logger.warning(msg)
40
+ end
41
+
42
+ def self.error(msg)
43
+ @logger.error(msg)
44
+ end
45
+ end
46
+ end
@@ -0,0 +1,84 @@
1
+ # frozen_string_literal: true
2
+
3
+ module SecureNative
4
+ module Utils
5
+ class RequestUtils
6
+ SECURENATIVE_COOKIE = '_sn'
7
+ SECURENATIVE_HEADER = 'x-securenative'
8
+
9
+ def self.get_secure_header_from_request(headers)
10
+ begin
11
+ return headers[SECURENATIVE_HEADER] unless headers.nil?
12
+ rescue StandardError
13
+ []
14
+ end
15
+ []
16
+ end
17
+
18
+ def self.get_client_ip_from_request(request, options = nil)
19
+ unless options.nil?
20
+ for header in options.proxy_headers do
21
+ begin
22
+ h = request.env[header]
23
+ return h.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless h.nil?
24
+ rescue NoMethodError
25
+ begin
26
+ h = request[header]
27
+ return h.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless h.nil?
28
+ rescue NoMethodError
29
+ end
30
+ end
31
+ end
32
+ end
33
+
34
+ begin
35
+ x_forwarded_for = request.env['HTTP_X_FORWARDED_FOR']
36
+ return x_forwarded_for.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless x_forwarded_for.nil?
37
+ rescue NoMethodError
38
+ begin
39
+ x_forwarded_for = request['HTTP_X_FORWARDED_FOR']
40
+ return x_forwarded_for.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless x_forwarded_for.nil?
41
+ rescue NoMethodError
42
+ end
43
+ end
44
+
45
+ begin
46
+ x_forwarded_for = request.env['HTTP_X_REAL_IP']
47
+ return x_forwarded_for.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless x_forwarded_for.nil?
48
+ rescue NoMethodError
49
+ begin
50
+ x_forwarded_for = request['HTTP_X_REAL_IP']
51
+ return x_forwarded_for.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless x_forwarded_for.nil?
52
+ rescue NoMethodError
53
+ end
54
+ end
55
+
56
+ begin
57
+ x_forwarded_for = request.env['REMOTE_ADDR']
58
+ return x_forwarded_for.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless x_forwarded_for.nil?
59
+ rescue NoMethodError
60
+ begin
61
+ x_forwarded_for = request['REMOTE_ADDR']
62
+ return x_forwarded_for.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless x_forwarded_for.nil?
63
+ rescue NoMethodError
64
+ end
65
+ end
66
+
67
+ begin
68
+ return request.ip unless request.ip.nil?
69
+ rescue NoMethodError
70
+ end
71
+
72
+ ''
73
+ end
74
+
75
+ def self.get_remote_ip_from_request(request)
76
+ begin
77
+ request.remote_ip
78
+ rescue NoMethodError
79
+ ''
80
+ end
81
+ end
82
+ end
83
+ end
84
+ end
@@ -0,0 +1,18 @@
1
+ # frozen_string_literal: true
2
+
3
+ module SecureNative
4
+ module Utils
5
+ class SignatureUtils
6
+ SIGNATURE_HEADER = 'x-securenative'
7
+
8
+ def self.valid_signature?(api_key, payload, header_signature)
9
+ key = api_key.encode('utf-8')
10
+ body = payload.encode('utf-8')
11
+ calculated_signature = OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha512'), key, body)
12
+ calculated_signature.eql? header_signature
13
+ rescue StandardError
14
+ false
15
+ end
16
+ end
17
+ end
18
+ end
@@ -0,0 +1,13 @@
1
+ # frozen_string_literal: true
2
+
3
+ module SecureNative
4
+ module Utils
5
+ class Utils
6
+ def self.null_or_empty?(string)
7
+ return true if !string || string.empty? || string.nil?
8
+
9
+ false
10
+ end
11
+ end
12
+ end
13
+ end
@@ -0,0 +1,15 @@
1
+ # frozen_string_literal: true
2
+
3
+ module SecureNative
4
+ module Utils
5
+ class VersionUtils
6
+ def self.version
7
+ begin
8
+ Gem.loaded_specs['securenative'].version.to_s
9
+ rescue StandardError
10
+ 'unknown'
11
+ end
12
+ end
13
+ end
14
+ end
15
+ end
@@ -0,0 +1,18 @@
1
+ # frozen_string_literal: true
2
+
3
+ module SecureNative
4
+ class VerifyResult
5
+ attr_reader :risk_level, :score, :triggers
6
+ attr_writer :risk_level, :score, :triggers
7
+
8
+ def initialize(risk_level: nil, score: nil, triggers: nil)
9
+ @risk_level = risk_level
10
+ @score = score
11
+ @triggers = triggers
12
+ end
13
+
14
+ def to_s
15
+ "risk_level: #{@risk_level}, score: #{@score}, triggers: #{@triggers}"
16
+ end
17
+ end
18
+ end
@@ -0,0 +1,5 @@
1
+ # frozen_string_literal: true
2
+
3
+ module SecureNative
4
+ VERSION = '0.1.30'
5
+ end
@@ -0,0 +1,33 @@
1
+ # frozen_string_literal: true
2
+
3
+ lib = File.expand_path('lib', __dir__)
4
+ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
5
+ require 'securenative'
6
+
7
+ Gem::Specification.new do |spec|
8
+ spec.name = 'securenative'
9
+ spec.version = SecureNative::VERSION
10
+ spec.authors = ['SecureNative']
11
+ spec.email = ['support@securenative.com']
12
+ spec.required_ruby_version = '>= 2.4'
13
+
14
+ spec.summary = 'SecureNative SDK for Ruby'
15
+ spec.homepage = 'https://www.securenative.com'
16
+ spec.license = 'MIT'
17
+
18
+ spec.metadata['homepage_uri'] = spec.homepage
19
+ spec.test_files = Dir['spec//*']
20
+
21
+ # Specify which files should be added to the gem when it is released.
22
+ # The `git ls-files -z` loads the files in the RubyGem that have been added into git.
23
+ spec.files = Dir.chdir(File.expand_path('..', __FILE__)) do
24
+ `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
25
+ end
26
+
27
+ spec.bindir = 'exe'
28
+ spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
29
+ spec.require_paths = ['lib']
30
+
31
+ spec.add_development_dependency 'bundler', '~> 2.0'
32
+ spec.add_development_dependency 'rake', '~> 12.3.3'
33
+ end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: securenative
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.29
4
+ version: 0.1.30
5
5
  platform: ruby
6
6
  authors:
7
7
  - SecureNative
@@ -45,8 +45,61 @@ executables: []
45
45
  extensions: []
46
46
  extra_rdoc_files: []
47
47
  files:
48
+ - ".github/workflows/ci.yml"
49
+ - ".github/workflows/publish.yml"
50
+ - ".github/workflows/test.yml"
51
+ - ".gitignore"
52
+ - ".rakeTasks"
53
+ - ".rspec"
54
+ - Gemfile
55
+ - Gemfile.lock
56
+ - LICENSE
48
57
  - README.md
49
- - lib//securenative.rb
58
+ - Rakefile
59
+ - bin/console
60
+ - bin/setup
61
+ - lib/securenative.rb
62
+ - lib/securenative/api_manager.rb
63
+ - lib/securenative/client.rb
64
+ - lib/securenative/client_token.rb
65
+ - lib/securenative/config/configuration_builder.rb
66
+ - lib/securenative/config/configuration_manager.rb
67
+ - lib/securenative/context.rb
68
+ - lib/securenative/device.rb
69
+ - lib/securenative/enums/api_route.rb
70
+ - lib/securenative/enums/risk_level.rb
71
+ - lib/securenative/errors/config_error.rb
72
+ - lib/securenative/errors/http_error.rb
73
+ - lib/securenative/errors/invalid_options_error.rb
74
+ - lib/securenative/errors/invalid_uri_error.rb
75
+ - lib/securenative/errors/parse_error.rb
76
+ - lib/securenative/errors/sdk_Illegal_state_error.rb
77
+ - lib/securenative/errors/sdk_error.rb
78
+ - lib/securenative/event_manager.rb
79
+ - lib/securenative/event_options.rb
80
+ - lib/securenative/event_types.rb
81
+ - lib/securenative/failover_strategy.rb
82
+ - lib/securenative/frameworks/hanami.rb
83
+ - lib/securenative/frameworks/rails.rb
84
+ - lib/securenative/frameworks/sinatra.rb
85
+ - lib/securenative/http_client.rb
86
+ - lib/securenative/http_response.rb
87
+ - lib/securenative/options.rb
88
+ - lib/securenative/request_context.rb
89
+ - lib/securenative/request_options.rb
90
+ - lib/securenative/sdk_event.rb
91
+ - lib/securenative/user_traits.rb
92
+ - lib/securenative/utils/date_utils.rb
93
+ - lib/securenative/utils/encryption_utils.rb
94
+ - lib/securenative/utils/ip_utils.rb
95
+ - lib/securenative/utils/log.rb
96
+ - lib/securenative/utils/request_utils.rb
97
+ - lib/securenative/utils/signature_utils.rb
98
+ - lib/securenative/utils/utils.rb
99
+ - lib/securenative/utils/version_utils.rb
100
+ - lib/securenative/verify_result.rb
101
+ - lib/securenative/version.rb
102
+ - securenative.gemspec
50
103
  - spec//spec_helper.rb
51
104
  homepage: https://www.securenative.com
52
105
  licenses: