securenative 0.1.29 → 0.1.34
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/workflows/ci.yml +49 -0
- data/.github/workflows/publish.yml +60 -0
- data/.github/workflows/test.yml +48 -0
- data/.gitignore +40 -0
- data/.rakeTasks +7 -0
- data/.rspec +3 -0
- data/Gemfile +11 -0
- data/Gemfile.lock +270 -0
- data/LICENSE +21 -0
- data/README.md +2 -2
- data/Rakefile +6 -0
- data/bin/console +14 -0
- data/bin/setup +8 -0
- data/lib/securenative/api_manager.rb +34 -0
- data/lib/securenative/client.rb +79 -0
- data/lib/securenative/client_token.rb +14 -0
- data/lib/securenative/config/configuration_builder.rb +29 -0
- data/lib/securenative/config/configuration_manager.rb +57 -0
- data/lib/securenative/context.rb +65 -0
- data/lib/securenative/device.rb +12 -0
- data/lib/securenative/enums/api_route.rb +10 -0
- data/lib/securenative/enums/risk_level.rb +11 -0
- data/lib/securenative/errors/config_error.rb +4 -0
- data/lib/securenative/errors/http_error.rb +4 -0
- data/lib/securenative/errors/invalid_options_error.rb +4 -0
- data/lib/securenative/errors/invalid_uri_error.rb +6 -0
- data/lib/securenative/errors/parse_error.rb +4 -0
- data/lib/securenative/errors/sdk_Illegal_state_error.rb +4 -0
- data/lib/securenative/errors/sdk_error.rb +4 -0
- data/lib/securenative/event_manager.rb +156 -0
- data/lib/securenative/event_options.rb +35 -0
- data/lib/securenative/event_types.rb +25 -0
- data/lib/securenative/failover_strategy.rb +8 -0
- data/lib/securenative/frameworks/hanami.rb +49 -0
- data/lib/securenative/frameworks/rails.rb +51 -0
- data/lib/securenative/frameworks/sinatra.rb +49 -0
- data/lib/securenative/http_client.rb +47 -0
- data/lib/securenative/http_response.rb +14 -0
- data/lib/securenative/options.rb +23 -0
- data/lib/securenative/request_context.rb +20 -0
- data/lib/securenative/request_options.rb +14 -0
- data/lib/securenative/sdk_event.rb +44 -0
- data/lib/securenative/user_traits.rb +15 -0
- data/lib/securenative/utils/date_utils.rb +13 -0
- data/lib/securenative/utils/encryption_utils.rb +48 -0
- data/lib/securenative/utils/ip_utils.rb +25 -0
- data/lib/securenative/utils/log.rb +46 -0
- data/lib/securenative/utils/request_utils.rb +101 -0
- data/lib/securenative/utils/signature_utils.rb +18 -0
- data/lib/securenative/utils/utils.rb +13 -0
- data/lib/securenative/utils/version_utils.rb +15 -0
- data/lib/securenative/verify_result.rb +18 -0
- data/lib/securenative/version.rb +5 -0
- data/securenative.gemspec +33 -0
- metadata +56 -3
@@ -0,0 +1,25 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module SecureNative
|
4
|
+
module Utils
|
5
|
+
class IpUtils
|
6
|
+
def self.ip_address?(ip_address)
|
7
|
+
return true if ip_address =~ Resolv::IPv4::Regex
|
8
|
+
return true if ip_address =~ Resolv::IPv6::Regex
|
9
|
+
|
10
|
+
false
|
11
|
+
end
|
12
|
+
|
13
|
+
def self.valid_public_ip?(ip_address)
|
14
|
+
ip = IPAddr.new(ip_address)
|
15
|
+
return false if ip.loopback? || ip.private? || ip.link_local? || ip.untrusted? || ip.tainted?
|
16
|
+
|
17
|
+
true
|
18
|
+
end
|
19
|
+
|
20
|
+
def self.loop_back?(ip_address)
|
21
|
+
IPAddr.new(ip_address).loopback?
|
22
|
+
end
|
23
|
+
end
|
24
|
+
end
|
25
|
+
end
|
@@ -0,0 +1,46 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'logger'
|
4
|
+
|
5
|
+
module SecureNative
|
6
|
+
class Log
|
7
|
+
@logger = Logger.new(STDOUT)
|
8
|
+
|
9
|
+
def self.init_logger(level = 'DEBUG')
|
10
|
+
@logger.level = case level
|
11
|
+
when 'WARN'
|
12
|
+
Logger::WARN
|
13
|
+
when 'DEBUG'
|
14
|
+
Logger::DEBUG
|
15
|
+
when 'ERROR'
|
16
|
+
Logger::ERROR
|
17
|
+
when 'FATAL'
|
18
|
+
Logger::FATAL
|
19
|
+
when 'INFO'
|
20
|
+
Logger::INFO
|
21
|
+
else
|
22
|
+
Logger::FATAL
|
23
|
+
end
|
24
|
+
|
25
|
+
@logger.formatter = proc do |severity, datetime, progname, msg|
|
26
|
+
"[#{datetime}] #{severity} (#{progname}): #{msg}\n"
|
27
|
+
end
|
28
|
+
end
|
29
|
+
|
30
|
+
def self.info(msg)
|
31
|
+
@logger.info(msg)
|
32
|
+
end
|
33
|
+
|
34
|
+
def self.debug(msg)
|
35
|
+
@logger.debug(msg)
|
36
|
+
end
|
37
|
+
|
38
|
+
def self.warning(msg)
|
39
|
+
@logger.warning(msg)
|
40
|
+
end
|
41
|
+
|
42
|
+
def self.error(msg)
|
43
|
+
@logger.error(msg)
|
44
|
+
end
|
45
|
+
end
|
46
|
+
end
|
@@ -0,0 +1,101 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module SecureNative
|
4
|
+
module Utils
|
5
|
+
class RequestUtils
|
6
|
+
SECURENATIVE_COOKIE = '_sn'
|
7
|
+
SECURENATIVE_HEADER = 'x-securenative'
|
8
|
+
PREFIX = 'HTTP_'
|
9
|
+
|
10
|
+
def self.get_secure_header_from_request(headers)
|
11
|
+
begin
|
12
|
+
return headers[SECURENATIVE_HEADER] unless headers.nil?
|
13
|
+
rescue StandardError
|
14
|
+
[]
|
15
|
+
end
|
16
|
+
[]
|
17
|
+
end
|
18
|
+
|
19
|
+
def self.get_client_ip_from_request(request, options)
|
20
|
+
unless options.proxy_headers.nil?
|
21
|
+
options.proxy_headers.each { |header|
|
22
|
+
begin
|
23
|
+
h = request.env[header]
|
24
|
+
if h.nil?
|
25
|
+
h = request.env[self.parse_ip(header)]
|
26
|
+
end
|
27
|
+
return h.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless h.nil?
|
28
|
+
rescue NoMethodError
|
29
|
+
begin
|
30
|
+
h = request[header]
|
31
|
+
if h.nil?
|
32
|
+
h = request.env[self.parse_ip(header)]
|
33
|
+
end
|
34
|
+
return h.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless h.nil?
|
35
|
+
rescue NoMethodError
|
36
|
+
# Ignored
|
37
|
+
end
|
38
|
+
end
|
39
|
+
}
|
40
|
+
end
|
41
|
+
|
42
|
+
begin
|
43
|
+
x_forwarded_for = request.env['HTTP_X_FORWARDED_FOR']
|
44
|
+
return x_forwarded_for.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless x_forwarded_for.nil?
|
45
|
+
rescue NoMethodError
|
46
|
+
begin
|
47
|
+
x_forwarded_for = request['HTTP_X_FORWARDED_FOR']
|
48
|
+
return x_forwarded_for.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless x_forwarded_for.nil?
|
49
|
+
rescue NoMethodError
|
50
|
+
# Ignored
|
51
|
+
end
|
52
|
+
end
|
53
|
+
|
54
|
+
begin
|
55
|
+
x_forwarded_for = request.env['HTTP_X_REAL_IP']
|
56
|
+
return x_forwarded_for.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless x_forwarded_for.nil?
|
57
|
+
rescue NoMethodError
|
58
|
+
begin
|
59
|
+
x_forwarded_for = request['HTTP_X_REAL_IP']
|
60
|
+
return x_forwarded_for.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless x_forwarded_for.nil?
|
61
|
+
rescue NoMethodError
|
62
|
+
# Ignored
|
63
|
+
end
|
64
|
+
end
|
65
|
+
|
66
|
+
begin
|
67
|
+
x_forwarded_for = request.env['REMOTE_ADDR']
|
68
|
+
return x_forwarded_for.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless x_forwarded_for.nil?
|
69
|
+
rescue NoMethodError
|
70
|
+
begin
|
71
|
+
x_forwarded_for = request['REMOTE_ADDR']
|
72
|
+
return x_forwarded_for.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless x_forwarded_for.nil?
|
73
|
+
rescue NoMethodError
|
74
|
+
# Ignored
|
75
|
+
end
|
76
|
+
end
|
77
|
+
|
78
|
+
begin
|
79
|
+
return request.ip unless request.ip.nil?
|
80
|
+
rescue NoMethodError
|
81
|
+
# Ignored
|
82
|
+
end
|
83
|
+
|
84
|
+
''
|
85
|
+
end
|
86
|
+
|
87
|
+
def self.get_remote_ip_from_request(request)
|
88
|
+
begin
|
89
|
+
request.remote_ip
|
90
|
+
rescue NoMethodError
|
91
|
+
''
|
92
|
+
end
|
93
|
+
end
|
94
|
+
|
95
|
+
def self.parse_ip(headers)
|
96
|
+
h = headers.gsub('-', '_')
|
97
|
+
return PREFIX + h.upcase
|
98
|
+
end
|
99
|
+
end
|
100
|
+
end
|
101
|
+
end
|
@@ -0,0 +1,18 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module SecureNative
|
4
|
+
module Utils
|
5
|
+
class SignatureUtils
|
6
|
+
SIGNATURE_HEADER = 'x-securenative'
|
7
|
+
|
8
|
+
def self.valid_signature?(api_key, payload, header_signature)
|
9
|
+
key = api_key.encode('utf-8')
|
10
|
+
body = payload.encode('utf-8')
|
11
|
+
calculated_signature = OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha512'), key, body)
|
12
|
+
calculated_signature.eql? header_signature
|
13
|
+
rescue StandardError
|
14
|
+
false
|
15
|
+
end
|
16
|
+
end
|
17
|
+
end
|
18
|
+
end
|
@@ -0,0 +1,18 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module SecureNative
|
4
|
+
class VerifyResult
|
5
|
+
attr_reader :risk_level, :score, :triggers
|
6
|
+
attr_writer :risk_level, :score, :triggers
|
7
|
+
|
8
|
+
def initialize(risk_level: nil, score: nil, triggers: nil)
|
9
|
+
@risk_level = risk_level
|
10
|
+
@score = score
|
11
|
+
@triggers = triggers
|
12
|
+
end
|
13
|
+
|
14
|
+
def to_s
|
15
|
+
"risk_level: #{@risk_level}, score: #{@score}, triggers: #{@triggers}"
|
16
|
+
end
|
17
|
+
end
|
18
|
+
end
|
@@ -0,0 +1,33 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
lib = File.expand_path('lib', __dir__)
|
4
|
+
$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
5
|
+
require 'securenative'
|
6
|
+
|
7
|
+
Gem::Specification.new do |spec|
|
8
|
+
spec.name = 'securenative'
|
9
|
+
spec.version = SecureNative::VERSION
|
10
|
+
spec.authors = ['SecureNative']
|
11
|
+
spec.email = ['support@securenative.com']
|
12
|
+
spec.required_ruby_version = '>= 2.4'
|
13
|
+
|
14
|
+
spec.summary = 'SecureNative SDK for Ruby'
|
15
|
+
spec.homepage = 'https://www.securenative.com'
|
16
|
+
spec.license = 'MIT'
|
17
|
+
|
18
|
+
spec.metadata['homepage_uri'] = spec.homepage
|
19
|
+
spec.test_files = Dir['spec//*']
|
20
|
+
|
21
|
+
# Specify which files should be added to the gem when it is released.
|
22
|
+
# The `git ls-files -z` loads the files in the RubyGem that have been added into git.
|
23
|
+
spec.files = Dir.chdir(File.expand_path('..', __FILE__)) do
|
24
|
+
`git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
|
25
|
+
end
|
26
|
+
|
27
|
+
spec.bindir = 'exe'
|
28
|
+
spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
|
29
|
+
spec.require_paths = ['lib']
|
30
|
+
|
31
|
+
spec.add_development_dependency 'bundler', '~> 2.0'
|
32
|
+
spec.add_development_dependency 'rake', '~> 12.3.3'
|
33
|
+
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: securenative
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.1.
|
4
|
+
version: 0.1.34
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- SecureNative
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2020-10-
|
11
|
+
date: 2020-10-13 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|
@@ -45,8 +45,61 @@ executables: []
|
|
45
45
|
extensions: []
|
46
46
|
extra_rdoc_files: []
|
47
47
|
files:
|
48
|
+
- ".github/workflows/ci.yml"
|
49
|
+
- ".github/workflows/publish.yml"
|
50
|
+
- ".github/workflows/test.yml"
|
51
|
+
- ".gitignore"
|
52
|
+
- ".rakeTasks"
|
53
|
+
- ".rspec"
|
54
|
+
- Gemfile
|
55
|
+
- Gemfile.lock
|
56
|
+
- LICENSE
|
48
57
|
- README.md
|
49
|
-
-
|
58
|
+
- Rakefile
|
59
|
+
- bin/console
|
60
|
+
- bin/setup
|
61
|
+
- lib/securenative.rb
|
62
|
+
- lib/securenative/api_manager.rb
|
63
|
+
- lib/securenative/client.rb
|
64
|
+
- lib/securenative/client_token.rb
|
65
|
+
- lib/securenative/config/configuration_builder.rb
|
66
|
+
- lib/securenative/config/configuration_manager.rb
|
67
|
+
- lib/securenative/context.rb
|
68
|
+
- lib/securenative/device.rb
|
69
|
+
- lib/securenative/enums/api_route.rb
|
70
|
+
- lib/securenative/enums/risk_level.rb
|
71
|
+
- lib/securenative/errors/config_error.rb
|
72
|
+
- lib/securenative/errors/http_error.rb
|
73
|
+
- lib/securenative/errors/invalid_options_error.rb
|
74
|
+
- lib/securenative/errors/invalid_uri_error.rb
|
75
|
+
- lib/securenative/errors/parse_error.rb
|
76
|
+
- lib/securenative/errors/sdk_Illegal_state_error.rb
|
77
|
+
- lib/securenative/errors/sdk_error.rb
|
78
|
+
- lib/securenative/event_manager.rb
|
79
|
+
- lib/securenative/event_options.rb
|
80
|
+
- lib/securenative/event_types.rb
|
81
|
+
- lib/securenative/failover_strategy.rb
|
82
|
+
- lib/securenative/frameworks/hanami.rb
|
83
|
+
- lib/securenative/frameworks/rails.rb
|
84
|
+
- lib/securenative/frameworks/sinatra.rb
|
85
|
+
- lib/securenative/http_client.rb
|
86
|
+
- lib/securenative/http_response.rb
|
87
|
+
- lib/securenative/options.rb
|
88
|
+
- lib/securenative/request_context.rb
|
89
|
+
- lib/securenative/request_options.rb
|
90
|
+
- lib/securenative/sdk_event.rb
|
91
|
+
- lib/securenative/user_traits.rb
|
92
|
+
- lib/securenative/utils/date_utils.rb
|
93
|
+
- lib/securenative/utils/encryption_utils.rb
|
94
|
+
- lib/securenative/utils/ip_utils.rb
|
95
|
+
- lib/securenative/utils/log.rb
|
96
|
+
- lib/securenative/utils/request_utils.rb
|
97
|
+
- lib/securenative/utils/signature_utils.rb
|
98
|
+
- lib/securenative/utils/utils.rb
|
99
|
+
- lib/securenative/utils/version_utils.rb
|
100
|
+
- lib/securenative/verify_result.rb
|
101
|
+
- lib/securenative/version.rb
|
102
|
+
- securenative.gemspec
|
50
103
|
- spec//spec_helper.rb
|
51
104
|
homepage: https://www.securenative.com
|
52
105
|
licenses:
|