securenative 0.1.30 → 0.1.35

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (12) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile.lock +53 -53
  3. data/README.md +2 -2
  4. data/lib/securenative/api_manager.rb +8 -2
  5. data/lib/securenative/client.rb +4 -0
  6. data/lib/securenative/context.rb +6 -6
  7. data/lib/securenative/frameworks/hanami.rb +5 -2
  8. data/lib/securenative/frameworks/rails.rb +5 -2
  9. data/lib/securenative/frameworks/sinatra.rb +5 -2
  10. data/lib/securenative/utils/request_utils.rb +21 -4
  11. data/lib/securenative/version.rb +1 -1
  12. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 37b0720aab5431b97f1b2313e9e1e88d6a3ce712ba342575c86884a5d3ed9f7c
4
- data.tar.gz: 74258ad8d16b072378bda84119bb65831cb1441f186fcb49a893308d777249d6
3
+ metadata.gz: 20dc3ef7982fbbe1393a802c4b3e146bc5e2c156bbe47d69ab51de349af96897
4
+ data.tar.gz: 7f45ebdfc1015a73c592e38bb51b1dde881db64268c7de7844a0891fcebfd6af
5
5
  SHA512:
6
- metadata.gz: bb0ce8d22b7b1ce832c49a3690856312b298cc8cc55046ebe966cf7ddb410079ae5d13cc93a4fd25b4a111fd971ec7be9782f92b5716103bba2842ce72607d8e
7
- data.tar.gz: 17dece79e7f8dabed7fd270d1da3d7cc50f94691bfed65324e45b961ac8bd0a33371d4390f941cb3fa460e24a72fb86487a466ceaff91ec6d23595fc6cb6b9a8
6
+ metadata.gz: d9dec72d78c52595114438d45f22d14ae719f1852050af0c694791e66cc8292d9b9b1a6eabd4ea459f192bac694272f2f1167d9e147512df01e9c605a7bef9cd
7
+ data.tar.gz: e88c021e75f087d06f7ba6ba9760fe71ee9b49c950d9d69da424a95e17b2b17e9f6b56c08b70486e245425f5147954ab9bed60a37c9b34784dcda4d29a8ca9b9
data/Gemfile.lock CHANGED
@@ -1,61 +1,61 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- securenative (0.1.30)
4
+ securenative (0.1.35)
5
5
 
6
6
  GEM
7
7
  remote: https://rubygems.org/
8
8
  specs:
9
- actioncable (6.0.3.3)
10
- actionpack (= 6.0.3.3)
9
+ actioncable (6.0.3.4)
10
+ actionpack (= 6.0.3.4)
11
11
  nio4r (~> 2.0)
12
12
  websocket-driver (>= 0.6.1)
13
- actionmailbox (6.0.3.3)
14
- actionpack (= 6.0.3.3)
15
- activejob (= 6.0.3.3)
16
- activerecord (= 6.0.3.3)
17
- activestorage (= 6.0.3.3)
18
- activesupport (= 6.0.3.3)
13
+ actionmailbox (6.0.3.4)
14
+ actionpack (= 6.0.3.4)
15
+ activejob (= 6.0.3.4)
16
+ activerecord (= 6.0.3.4)
17
+ activestorage (= 6.0.3.4)
18
+ activesupport (= 6.0.3.4)
19
19
  mail (>= 2.7.1)
20
- actionmailer (6.0.3.3)
21
- actionpack (= 6.0.3.3)
22
- actionview (= 6.0.3.3)
23
- activejob (= 6.0.3.3)
20
+ actionmailer (6.0.3.4)
21
+ actionpack (= 6.0.3.4)
22
+ actionview (= 6.0.3.4)
23
+ activejob (= 6.0.3.4)
24
24
  mail (~> 2.5, >= 2.5.4)
25
25
  rails-dom-testing (~> 2.0)
26
- actionpack (6.0.3.3)
27
- actionview (= 6.0.3.3)
28
- activesupport (= 6.0.3.3)
26
+ actionpack (6.0.3.4)
27
+ actionview (= 6.0.3.4)
28
+ activesupport (= 6.0.3.4)
29
29
  rack (~> 2.0, >= 2.0.8)
30
30
  rack-test (>= 0.6.3)
31
31
  rails-dom-testing (~> 2.0)
32
32
  rails-html-sanitizer (~> 1.0, >= 1.2.0)
33
- actiontext (6.0.3.3)
34
- actionpack (= 6.0.3.3)
35
- activerecord (= 6.0.3.3)
36
- activestorage (= 6.0.3.3)
37
- activesupport (= 6.0.3.3)
33
+ actiontext (6.0.3.4)
34
+ actionpack (= 6.0.3.4)
35
+ activerecord (= 6.0.3.4)
36
+ activestorage (= 6.0.3.4)
37
+ activesupport (= 6.0.3.4)
38
38
  nokogiri (>= 1.8.5)
39
- actionview (6.0.3.3)
40
- activesupport (= 6.0.3.3)
39
+ actionview (6.0.3.4)
40
+ activesupport (= 6.0.3.4)
41
41
  builder (~> 3.1)
42
42
  erubi (~> 1.4)
43
43
  rails-dom-testing (~> 2.0)
44
44
  rails-html-sanitizer (~> 1.1, >= 1.2.0)
45
- activejob (6.0.3.3)
46
- activesupport (= 6.0.3.3)
45
+ activejob (6.0.3.4)
46
+ activesupport (= 6.0.3.4)
47
47
  globalid (>= 0.3.6)
48
- activemodel (6.0.3.3)
49
- activesupport (= 6.0.3.3)
50
- activerecord (6.0.3.3)
51
- activemodel (= 6.0.3.3)
52
- activesupport (= 6.0.3.3)
53
- activestorage (6.0.3.3)
54
- actionpack (= 6.0.3.3)
55
- activejob (= 6.0.3.3)
56
- activerecord (= 6.0.3.3)
48
+ activemodel (6.0.3.4)
49
+ activesupport (= 6.0.3.4)
50
+ activerecord (6.0.3.4)
51
+ activemodel (= 6.0.3.4)
52
+ activesupport (= 6.0.3.4)
53
+ activestorage (6.0.3.4)
54
+ actionpack (= 6.0.3.4)
55
+ activejob (= 6.0.3.4)
56
+ activerecord (= 6.0.3.4)
57
57
  marcel (~> 0.3.1)
58
- activesupport (6.0.3.3)
58
+ activesupport (6.0.3.4)
59
59
  concurrent-ruby (~> 1.0, >= 1.0.2)
60
60
  i18n (>= 0.7, < 2)
61
61
  minitest (~> 5.1)
@@ -64,7 +64,7 @@ GEM
64
64
  addressable (2.7.0)
65
65
  public_suffix (>= 2.0.2, < 5.0)
66
66
  builder (3.2.4)
67
- codecov (0.2.11)
67
+ codecov (0.2.12)
68
68
  json
69
69
  simplecov
70
70
  concurrent-ruby (1.1.7)
@@ -177,29 +177,29 @@ GEM
177
177
  rack
178
178
  rack-test (1.1.0)
179
179
  rack (>= 1.0, < 3)
180
- rails (6.0.3.3)
181
- actioncable (= 6.0.3.3)
182
- actionmailbox (= 6.0.3.3)
183
- actionmailer (= 6.0.3.3)
184
- actionpack (= 6.0.3.3)
185
- actiontext (= 6.0.3.3)
186
- actionview (= 6.0.3.3)
187
- activejob (= 6.0.3.3)
188
- activemodel (= 6.0.3.3)
189
- activerecord (= 6.0.3.3)
190
- activestorage (= 6.0.3.3)
191
- activesupport (= 6.0.3.3)
180
+ rails (6.0.3.4)
181
+ actioncable (= 6.0.3.4)
182
+ actionmailbox (= 6.0.3.4)
183
+ actionmailer (= 6.0.3.4)
184
+ actionpack (= 6.0.3.4)
185
+ actiontext (= 6.0.3.4)
186
+ actionview (= 6.0.3.4)
187
+ activejob (= 6.0.3.4)
188
+ activemodel (= 6.0.3.4)
189
+ activerecord (= 6.0.3.4)
190
+ activestorage (= 6.0.3.4)
191
+ activesupport (= 6.0.3.4)
192
192
  bundler (>= 1.3.0)
193
- railties (= 6.0.3.3)
193
+ railties (= 6.0.3.4)
194
194
  sprockets-rails (>= 2.0.0)
195
195
  rails-dom-testing (2.0.3)
196
196
  activesupport (>= 4.2.0)
197
197
  nokogiri (>= 1.6)
198
198
  rails-html-sanitizer (1.3.0)
199
199
  loofah (~> 2.3)
200
- railties (6.0.3.3)
201
- actionpack (= 6.0.3.3)
202
- activesupport (= 6.0.3.3)
200
+ railties (6.0.3.4)
201
+ actionpack (= 6.0.3.4)
202
+ activesupport (= 6.0.3.4)
203
203
  method_source
204
204
  rake (>= 0.8.7)
205
205
  thor (>= 0.20.3, < 2.0)
@@ -242,7 +242,7 @@ GEM
242
242
  thread_safe (~> 0.1)
243
243
  url_mount (0.2.1)
244
244
  rack
245
- webmock (3.9.1)
245
+ webmock (3.9.2)
246
246
  addressable (>= 2.3.6)
247
247
  crack (>= 0.3.2)
248
248
  hashdiff (>= 0.4.0, < 2.0.0)
data/README.md CHANGED
@@ -114,7 +114,7 @@ require 'securenative'
114
114
 
115
115
  def track(request)
116
116
  securenative = SecureNative::Client.instance
117
- context = SecureNative::Context.from_http_request(request)
117
+ context = securenative.from_http_request(request)
118
118
 
119
119
  event_options = SecureNative::EventOptions.new(event: SecureNative::EventTypes::LOG_IN, user_id: '1234', context: context,
120
120
  user_traits: SecureNative::UserTraits.new(name: 'Your Name', email: 'name@gmail.com', phone: '+1234567890'),
@@ -136,7 +136,7 @@ require 'securenative'
136
136
 
137
137
  def verify(request)
138
138
  securenative = SecureNative::Client.instance
139
- context = SecureNative::Context.from_http_request(request)
139
+ context = securenative.from_http_request(request)
140
140
 
141
141
  event_options = SecureNative::EventOptions.new(event: SecureNative::EventTypes::LOG_IN, user_id: '1234', context: context,
142
142
  user_traits: SecureNative::UserTraits.new(name: 'Your Name', email: 'name@gmail.com', phone: '+1234567890'),
data/lib/securenative/api_manager.rb CHANGED
@@ -20,15 +20,21 @@ module SecureNative
20
20
  begin
21
21
  res = @event_manager.send_sync(event, SecureNative::Enums::ApiRoute::VERIFY)
22
22
  ver_result = JSON.parse(res.body)
23
+ if res.code != "200"
24
+ if @options.fail_over_strategy == SecureNative::FailOverStrategy::FAIL_OPEN
25
+ return SecureNative::VerifyResult.new(risk_level: SecureNative::Enums::RiskLevel::LOW, score: 0, triggers: [])
26
+ end
27
+ return VerifyResult.new(risk_level: SecureNative::Enums::RiskLevel::HIGH, score: 1, triggers: [])
28
+ end
23
29
  return VerifyResult.new(risk_level: ver_result['riskLevel'], score: ver_result['score'], triggers: ver_result['triggers'])
24
30
  rescue StandardError => e
25
31
  SecureNative::Log.debug("Failed to call verify; #{e}")
26
32
  end
27
33
  if @options.fail_over_strategy == SecureNative::FailOverStrategy::FAIL_OPEN
28
- return SecureNative::VerifyResult.new(risk_level: SecureNative::Enums::RiskLevel::LOW, score: 0, triggers: nil)
34
+ return SecureNative::VerifyResult.new(risk_level: SecureNative::Enums::RiskLevel::LOW, score: 0, triggers: [])
29
35
  end
30
36
 
31
- VerifyResult.new(risk_level: SecureNative::Enums::RiskLevel::HIGH, score: 1, triggers: nil)
37
+ VerifyResult.new(risk_level: SecureNative::Enums::RiskLevel::HIGH, score: 1, triggers: [])
32
38
  end
33
39
  end
34
40
  end
data/lib/securenative/client.rb CHANGED
@@ -42,6 +42,10 @@ module SecureNative
42
42
  end
43
43
  end
44
44
 
45
+ def from_http_request(request)
46
+ SecureNative::Context.from_http_request(request, @options)
47
+ end
48
+
45
49
  def self.init
46
50
  options = SecureNative::Config::ConfigurationManager.load_config
47
51
  init_with_options(options)
data/lib/securenative/context.rb CHANGED
@@ -21,7 +21,7 @@ module SecureNative
21
21
  SecureNative::Context.new
22
22
  end
23
23
 
24
- def self.from_http_request(request)
24
+ def self.from_http_request(request, options)
25
25
  client_token = SecureNative::Frameworks::Rails.get_client_token(request)
26
26
  client_token = SecureNative::Frameworks::Sinatra.get_client_token(request) if client_token.nil?
27
27
  client_token = SecureNative::Frameworks::Hanami.get_client_token(request) if client_token.nil?
@@ -34,7 +34,7 @@ module SecureNative
34
34
  # Standard Ruby request
35
35
  headers = request.header.to_hash if headers.nil?
36
36
  rescue StandardError
37
- headers = []
37
+ headers = {}
38
38
  end
39
39
 
40
40
  url = SecureNative::Frameworks::Rails.get_url(request)
@@ -54,12 +54,12 @@ module SecureNative
54
54
  end
55
55
 
56
56
  if SecureNative::Utils::Utils.null_or_empty?(client_token)
57
- client_token = SecureNative::Utils::RequestUtils.get_secure_header_from_request(headers)
57
+ client_token = SecureNative::Utils::RequestUtils.get_secure_header_from_request(request.headers)
58
58
  end
59
59
 
60
- SecureNative::Context.new(client_token: client_token, ip: SecureNative::Utils::RequestUtils.get_client_ip_from_request(request),
61
- remote_ip: SecureNative::Utils::RequestUtils.get_remote_ip_from_request(request),
62
- headers: headers, url: url, http_method: method || '', body: body)
60
+ SecureNative::Context.new(client_token: client_token, ip: SecureNative::Utils::RequestUtils.get_client_ip_from_request(request, options),
61
+ remote_ip: SecureNative::Utils::RequestUtils.get_remote_ip_from_request(request),
62
+ headers: headers, url: url, http_method: method || '', body: body)
63
63
  end
64
64
  end
65
65
  end
data/lib/securenative/frameworks/hanami.rb CHANGED
@@ -35,8 +35,11 @@ module SecureNative
35
35
 
36
36
  def self.get_headers(request)
37
37
  begin
38
- # Note: At the moment we're filtering out everything but user-agent since ruby's payload is way too big
39
- { 'user-agent' => request.env['HTTP_USER_AGENT'] }
38
+ headers = {}
39
+ request.headers.env.select { |k, _| k.in?(ActionDispatch::Http::Headers::CGI_VARIABLES) || k =~ /^HTTP_/ }.each { |header|
40
+ headers[header[0].downcase.gsub("http_", "").gsub("_", "-")] = header[1]
41
+ }
42
+ return headers
40
43
  rescue StandardError
41
44
  nil
42
45
  end
data/lib/securenative/frameworks/rails.rb CHANGED
@@ -37,8 +37,11 @@ module SecureNative
37
37
 
38
38
  def self.get_headers(request)
39
39
  begin
40
- # Note: At the moment we're filtering out everything but user-agent since ruby's payload is way too big
41
- {'user-agent' => request.env['HTTP_USER_AGENT']}
40
+ headers = {}
41
+ request.headers.env.select { |k, _| k.in?(ActionDispatch::Http::Headers::CGI_VARIABLES) || k =~ /^HTTP_/ }.each { |header|
42
+ headers[header[0].downcase.gsub("http_", "").gsub("_", "-")] = header[1]
43
+ }
44
+ return headers
42
45
  rescue StandardError
43
46
  nil
44
47
  end
data/lib/securenative/frameworks/sinatra.rb CHANGED
@@ -35,8 +35,11 @@ module SecureNative
35
35
 
36
36
  def self.get_headers(request)
37
37
  begin
38
- # Note: At the moment we're filtering out everything but user-agent since ruby's payload is way too big
39
- {'user-agent' => request.env['HTTP_USER_AGENT']}
38
+ headers = {}
39
+ request.headers.env.select { |k, _| k.in?(ActionDispatch::Http::Headers::CGI_VARIABLES) || k =~ /^HTTP_/ }.each { |header|
40
+ headers[header[0].downcase.gsub("http_", "").gsub("_", "-")] = header[1]
41
+ }
42
+ return headers
40
43
  rescue StandardError
41
44
  nil
42
45
  end
data/lib/securenative/utils/request_utils.rb CHANGED
@@ -5,6 +5,7 @@ module SecureNative
5
5
  class RequestUtils
6
6
  SECURENATIVE_COOKIE = '_sn'
7
7
  SECURENATIVE_HEADER = 'x-securenative'
8
+ PREFIX = 'HTTP_'
8
9
 
9
10
  def self.get_secure_header_from_request(headers)
10
11
  begin
@@ -15,20 +16,27 @@ module SecureNative
15
16
  []
16
17
  end
17
18
 
18
- def self.get_client_ip_from_request(request, options = nil)
19
- unless options.nil?
20
- for header in options.proxy_headers do
19
+ def self.get_client_ip_from_request(request, options)
20
+ unless options.proxy_headers.nil?
21
+ options.proxy_headers.each { |header|
21
22
  begin
22
23
  h = request.env[header]
24
+ if h.nil?
25
+ h = request.env[self.parse_ip(header)]
26
+ end
23
27
  return h.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless h.nil?
24
28
  rescue NoMethodError
25
29
  begin
26
30
  h = request[header]
31
+ if h.nil?
32
+ h = request.env[self.parse_ip(header)]
33
+ end
27
34
  return h.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless h.nil?
28
35
  rescue NoMethodError
36
+ # Ignored
29
37
  end
30
38
  end
31
- end
39
+ }
32
40
  end
33
41
 
34
42
  begin
@@ -39,6 +47,7 @@ module SecureNative
39
47
  x_forwarded_for = request['HTTP_X_FORWARDED_FOR']
40
48
  return x_forwarded_for.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless x_forwarded_for.nil?
41
49
  rescue NoMethodError
50
+ # Ignored
42
51
  end
43
52
  end
44
53
 
@@ -50,6 +59,7 @@ module SecureNative
50
59
  x_forwarded_for = request['HTTP_X_REAL_IP']
51
60
  return x_forwarded_for.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless x_forwarded_for.nil?
52
61
  rescue NoMethodError
62
+ # Ignored
53
63
  end
54
64
  end
55
65
 
@@ -61,12 +71,14 @@ module SecureNative
61
71
  x_forwarded_for = request['REMOTE_ADDR']
62
72
  return x_forwarded_for.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/)[0] unless x_forwarded_for.nil?
63
73
  rescue NoMethodError
74
+ # Ignored
64
75
  end
65
76
  end
66
77
 
67
78
  begin
68
79
  return request.ip unless request.ip.nil?
69
80
  rescue NoMethodError
81
+ # Ignored
70
82
  end
71
83
 
72
84
  ''
@@ -79,6 +91,11 @@ module SecureNative
79
91
  ''
80
92
  end
81
93
  end
94
+
95
+ def self.parse_ip(headers)
96
+ h = headers.gsub('-', '_')
97
+ return PREFIX + h.upcase
98
+ end
82
99
  end
83
100
  end
84
101
  end
data/lib/securenative/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module SecureNative
4
- VERSION = '0.1.30'
4
+ VERSION = '0.1.35'
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: securenative
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.30
4
+ version: 0.1.35
5
5
  platform: ruby
6
6
  authors:
7
7
  - SecureNative
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2020-10-01 00:00:00.000000000 Z
11
+ date: 2020-10-13 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler