securenative 0.1.29 → 0.1.34

data/lib/securenative/event_options.rb

@@ -0,0 +1,35 @@
+# frozen_string_literal: true
+
+module SecureNative
+  class EventOptions
+    attr_reader :event, :user_id, :user_traits, :context, :properties, :timestamp
+    attr_writer :event, :user_id, :user_traits, :context, :properties, :timestamp
+
+    MAX_PROPERTIES_SIZE = 10
+
+    def initialize(event: nil, user_id: nil, user_traits: nil, user_name: nil, email: nil, phone: nil, created_at: nil, context: nil, properties: nil, timestamp: nil)
+      if !properties.nil? && properties.length > MAX_PROPERTIES_SIZE
+        raise SecureNativeInvalidOptionsError, "You can have only up to #{MAX_PROPERTIES_SIZE} custom properties"
+      end
+
+      if user_traits.nil?
+        if user_name && email && phone && created_at
+          user_traits = SecureNative::UserTraits(user_name, email, phone, created_at)
+        elsif user_name && email && phone
+          user_traits = SecureNative::UserTraits(user_name, email, phone)
+        elsif user_name && email
+          user_traits = SecureNative::UserTraits(user_name, email)
+        else
+          user_traits = UserTraits.new
+        end
+      end
+
+      @event = event
+      @user_id = user_id
+      @user_traits = user_traits
+      @context = context
+      @properties = properties
+      @timestamp = timestamp
+    end
+  end
+end

data/lib/securenative/event_types.rb

@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+
+module SecureNative
+  module EventTypes
+    LOG_IN = 'sn.user.login'
+    LOG_IN_CHALLENGE = 'sn.user.login.challenge'
+    LOG_IN_FAILURE = 'sn.user.login.failure'
+    LOG_OUT = 'sn.user.logout'
+    SIGN_UP = 'sn.user.signup'
+    AUTH_CHALLENGE = 'sn.user.auth.challenge'
+    AUTH_CHALLENGE_SUCCESS = 'sn.user.auth.challenge.success'
+    AUTH_CHALLENGE_FAILURE = 'sn.user.auth.challenge.failure'
+    TWO_FACTOR_DISABLE = 'sn.user.2fa.disable'
+    EMAIL_UPDATE = 'sn.user.email.update'
+    PASSWORD_REST = 'sn.user.password.reset'
+    PASSWORD_REST_SUCCESS = 'sn.user.password.reset.success'
+    PASSWORD_UPDATE = 'sn.user.password.update'
+    PASSWORD_REST_FAILURE = 'sn.user.password.reset.failure'
+    USER_INVITE = 'sn.user.invite'
+    ROLE_UPDATE = 'sn.user.role.update'
+    PROFILE_UPDATE = 'sn.user.profile.update'
+    PAGE_VIEW = 'sn.user.page.view'
+    VERIFY = 'sn.verify'
+  end
+end

data/lib/securenative/failover_strategy.rb

@@ -0,0 +1,8 @@
+# frozen_string_literal: true
+
+module SecureNative
+  module FailOverStrategy
+    FAIL_OPEN = 'fail-open'
+    FAIL_CLOSED = 'fail-closed'
+  end
+end

data/lib/securenative/frameworks/hanami.rb

@@ -0,0 +1,49 @@
+# frozen_string_literal: true
+
+module SecureNative
+  module Frameworks
+    class Hanami
+      SECURENATIVE_COOKIE = '_sn'
+
+      def self.get_client_token(request)
+        begin
+          request.env[SECURENATIVE_COOKIE]
+        rescue StandardError
+          begin
+            request.cookies[SECURENATIVE_COOKIE]
+          rescue StandardError
+            nil
+          end
+        end
+      end
+
+      def self.get_url(request)
+        begin
+          request.env['REQUEST_PATH']
+        rescue StandardError
+          nil
+        end
+      end
+
+      def self.get_method(request)
+        begin
+          request.request_method
+        rescue StandardError
+          nil
+        end
+      end
+
+      def self.get_headers(request)
+        begin
+          headers = []
+          request.headers.env.select { |k, _| k.in?(ActionDispatch::Http::Headers::CGI_VARIABLES) || k =~ /^HTTP_/ }.each { |header|
+            headers.append(header[0].downcase.gsub("http_", "").gsub("_", "-"))
+          }
+          return headers
+        rescue StandardError
+          nil
+        end
+      end
+    end
+  end
+end

data/lib/securenative/frameworks/rails.rb

@@ -0,0 +1,51 @@
+# frozen_string_literal: true
+
+module SecureNative
+  module Frameworks
+    class Rails
+      SECURENATIVE_COOKIE = '_sn'
+
+      def self.get_client_token(request)
+        begin
+          request.cookies[SECURENATIVE_COOKIE]
+        rescue StandardError
+          nil
+        end
+      end
+
+      def self.get_url(request)
+        begin
+          # Rails >= 3.x
+          request.fullpath
+        rescue StandardError
+          begin
+            # Rails < 3.x & Sinatra
+            request.url if url.nil?
+          rescue StandardError
+            nil
+          end
+        end
+      end
+
+      def self.get_method(request)
+        begin
+          request.method
+        rescue StandardError
+          nil
+        end
+      end
+
+      def self.get_headers(request)
+        begin
+          headers = []
+          request.headers.env.select { |k, _| k.in?(ActionDispatch::Http::Headers::CGI_VARIABLES) || k =~ /^HTTP_/ }.each { |header|
+            headers.append(header[0].downcase.gsub("http_", "").gsub("_", "-"))
+          }
+          return headers
+        rescue StandardError
+          nil
+        end
+      end
+    end
+  end
+end

data/lib/securenative/frameworks/sinatra.rb

@@ -0,0 +1,49 @@
+# frozen_string_literal: true
+
+module SecureNative
+  module Frameworks
+    class Sinatra
+      SECURENATIVE_COOKIE = '_sn'
+
+      def self.get_client_token(request)
+        begin
+          request.env[SECURENATIVE_COOKIE]
+        rescue StandardError
+          begin
+            request.cookies[SECURENATIVE_COOKIE]
+          rescue StandardError
+            nil
+          end
+        end
+      end
+
+      def self.get_url(request)
+        begin
+          request.env['REQUEST_URI']
+        rescue StandardError
+          nil
+        end
+      end
+
+      def self.get_method(request)
+        begin
+          request.env['REQUEST_METHOD']
+        rescue StandardError
+          nil
+        end
+      end
+
+      def self.get_headers(request)
+        begin
+          headers = []
+          request.headers.env.select { |k, _| k.in?(ActionDispatch::Http::Headers::CGI_VARIABLES) || k =~ /^HTTP_/ }.each { |header|
+            headers.append(header[0].downcase.gsub("http_", "").gsub("_", "-"))
+          }
+          return headers
+        rescue StandardError
+          nil
+        end
+      end
+    end
+  end
+end

data/lib/securenative/http_client.rb

@@ -0,0 +1,47 @@
+# frozen_string_literal: true
+
+module SecureNative
+  class HttpClient
+    AUTHORIZATION_HEADER = 'Authorization'
+    VERSION_HEADER = 'SN-Version'
+    USER_AGENT_HEADER = 'User-Agent'
+    USER_AGENT_HEADER_VALUE = 'SecureNative-ruby'
+    CONTENT_TYPE_HEADER = 'Content-Type'
+    CONTENT_TYPE_HEADER_VALUE = 'application/json'
+
+    def initialize(securenative_options)
+      @options = securenative_options
+    end
+
+    def _headers
+      {
+        CONTENT_TYPE_HEADER => CONTENT_TYPE_HEADER_VALUE,
+        USER_AGENT_HEADER => USER_AGENT_HEADER_VALUE,
+        VERSION_HEADER => SecureNative::Utils::VersionUtils.version,
+        AUTHORIZATION_HEADER => @options.api_key
+      }
+    end
+
+    def post(path, body)
+      uri = URI.parse("#{@options.api_url}/#{path}")
+      headers = _headers
+
+      client = Net::HTTP.new(uri.host, uri.port)
+      client.read_timeout = @options.timeout
+      client.use_ssl = true
+      client.verify_mode = OpenSSL::SSL::VERIFY_NONE
+
+      request = Net::HTTP::Post.new(uri.request_uri, headers)
+      request.body = body
+
+      res = nil
+      begin
+        res = client.request(request)
+      rescue StandardError => e
+        SecureNative::Log.error("Failed to send request; #{e}")
+        return res
+      end
+      res
+    end
+  end
+end

data/lib/securenative/http_response.rb

@@ -0,0 +1,14 @@
+# frozen_string_literal: true
+
+module SecureNative
+  class HttpResponse
+    attr_reader :ok, :status_code, :body
+    attr_writer :ok, :status_code, :body
+
+    def initialize(ok, status_code, body)
+      @ok = ok
+      @status_code = status_code
+      @body = body
+    end
+  end
+end

data/lib/securenative/options.rb

@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+module SecureNative
+  class Options
+    attr_reader :api_key, :api_url, :interval, :max_events, :timeout, :auto_send, :disable, :log_level, :fail_over_strategy, :proxy_headers
+    attr_writer :api_key, :api_url, :interval, :max_events, :timeout, :auto_send, :disable, :log_level, :fail_over_strategy, :proxy_headers
+
+    def initialize(api_key: nil, api_url: "https://api.securenative.com/collector/api/v1", interval: 1000,
+                   max_events: 1000, timeout: 1500, auto_send: true, disable: false, log_level: "FATAL",
+                   fail_over_strategy: FailOverStrategy::FAIL_OPEN, proxy_headers: nil)
+      @api_key = api_key
+      @api_url = api_url
+      @interval = interval
+      @max_events = max_events
+      @timeout = timeout
+      @auto_send = auto_send
+      @disable = disable
+      @log_level = log_level
+      @fail_over_strategy = fail_over_strategy
+      @proxy_headers = proxy_headers
+    end
+  end
+end

data/lib/securenative/request_context.rb

@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+
+module SecureNative
+  class RequestContext
+    attr_reader :cid, :vid, :fp, :ip, :remote_ip, :headers, :url, :http_method
+    attr_writer :cid, :vid, :fp, :ip, :remote_ip, :headers, :url, :http_method
+
+    def initialize(cid: nil, vid: nil, fp: nil, ip: nil, remote_ip: nil, headers: nil, url: nil, http_method: nil)
+      @cid = cid
+      @vid = vid
+      @fp = fp
+      @ip = ip
+      @remote_ip = remote_ip
+      @headers = headers
+      @url = url
+      @method = http_method
+    end
+  end
+end
+

data/lib/securenative/request_options.rb

@@ -0,0 +1,14 @@
+# frozen_string_literal: true
+
+module SecureNative
+  class RequestOptions
+    attr_reader :url, :body, :retry_sending
+    attr_writer :url, :body, :retry_sending
+
+    def initialize(url, body, retry_sending)
+      @url = url
+      @body = body
+      @retry_sending = retry_sending
+    end
+  end
+end

data/lib/securenative/sdk_event.rb

@@ -0,0 +1,44 @@
+# frozen_string_literal: true
+
+module SecureNative
+  class SDKEvent
+    attr_reader :context, :rid, :event_type, :user_id, :user_traits, :request, :timestamp, :properties
+    attr_writer :context, :rid, :event_type, :user_id, :user_traits, :request, :timestamp, :properties
+
+    def initialize(event_options, securenative_options)
+      if event_options.user_id.nil? || event_options.user_id.length <= 0 || event_options.user_id == ''
+        raise SecureNativeInvalidOptionsError.new, 'Invalid event structure; User Id is missing'
+      end
+
+      if event_options.event.nil? || event_options.event.length <= 0 || event_options.event == ''
+        raise SecureNativeInvalidOptionsError.new, 'Invalid event structure; Event Type is missing'
+      end
+
+      @context = if !event_options.context.nil?
+                   event_options.context
+                 else
+                   Context.default_context_builder
+                 end
+
+      client_token = SecureNative::Utils::EncryptionUtils.decrypt(@context.client_token, securenative_options.api_key)
+
+      @rid = SecureRandom.uuid.to_str
+      @event_type = event_options.event
+      @user_id = event_options.user_id
+      @user_traits = event_options.user_traits
+      @request = RequestContext.new(cid: client_token ? client_token.cid : '', vid: client_token ? client_token.vid : '',
+                                    fp: client_token ? client_token.fp : '', ip: @context.ip,
+                                    remote_ip: @context.remote_ip, headers: @context.headers,
+                                    url: @context.url, http_method: @context.http_method)
+
+
+      @timestamp = SecureNative::Utils::DateUtils.to_timestamp(event_options.timestamp)
+      @properties = event_options.properties
+    end
+
+    def to_s
+      "context: #{@context}, rid: #{@rid}, event_type: #{@event_type}, user_id: #{@user_id},
+    user_traits: #{@user_traits}, request: #{@request}, timestamp: #{@timestamp}, properties: #{@properties}"
+    end
+  end
+end

data/lib/securenative/user_traits.rb

@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+
+module SecureNative
+  class UserTraits
+    attr_reader :name, :email, :phone, :created_at
+    attr_writer :name, :email, :phone, :created_at
+
+    def initialize(name: nil, email: nil, phone: nil, created_at: nil)
+      @name = name
+      @email = email
+      @created_at = created_at
+      @phone = phone
+    end
+  end
+end

data/lib/securenative/utils/date_utils.rb

@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+module SecureNative
+  module Utils
+    class DateUtils
+      def self.to_timestamp(date)
+        return Time.now.utc.iso8601 if date.nil?
+
+        Time.parse(date).iso8601
+      end
+    end
+  end
+end

data/lib/securenative/utils/encryption_utils.rb

@@ -0,0 +1,48 @@
+# frozen_string_literal: true
+
+module SecureNative
+  module Utils
+    class EncryptionUtils
+      def self.padding_key(key, length)
+        if key.length == length
+          key
+        else
+          if key.length > length
+            key.slice(0, length)
+          else
+            (length - key.length).times { key << '0' }
+            key
+          end
+        end
+      end
+
+      def self.encrypt(plain_text, secret_key)
+        begin
+          cipher = OpenSSL::Cipher.new('aes-256-cbc')
+          cipher.encrypt
+          iv = cipher.random_iv
+          cipher.key = padding_key(secret_key, 32)
+          encrypted = cipher.update(plain_text) + cipher.final
+          (iv + encrypted).unpack1('H*')
+        rescue StandardError
+          ''
+        end
+      end
+
+      def self.decrypt(cipher_text, secret_key)
+        begin
+          cipher = OpenSSL::Cipher.new('aes-256-cbc')
+          cipher.decrypt
+          raw_data = [cipher_text].pack('H*')
+          cipher.iv = raw_data.slice(0, 16)
+          cipher.key = padding_key(secret_key, 32)
+          decrypted = JSON.parse(cipher.update(raw_data.slice(16, raw_data.length)) + cipher.final)
+
+          SecureNative::ClientToken.new(decrypted['cid'], decrypted['vid'], decrypted['fp'])
+        rescue StandardError
+          SecureNative::ClientToken.new('', '', '')
+        end
+      end
+    end
+  end
+end