securenative 0.1.5 → 0.1.16

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: b39e9c3c819d0191bcf78f5813681f6679b82c5a864eb04f7bdd05d754b01643
-  data.tar.gz: a21bcbf70729dace6553c7853154f6a76d341d894a9398cce5c298e9201e8ed7
+  metadata.gz: 9b47b308123b4c5c01e92666737a18cdc3bed2757b8486c982fbe6b3f4d3a137
+  data.tar.gz: 9b7d71c86d11319bac529cd21e7c7e9647f8d1ffadc8a870000adf53308c1ee6
 SHA512:
-  metadata.gz: e4e85d1e8119c75f2e31dfdf74231a20bfc0b5af77b30cca2886a2860a0f7354d28956fcb8aa9a155b3a68c4fe383de9789d9d751ee11111f34646e9aa01db70
-  data.tar.gz: fc5a540361c33c0570d7be6769418cc2b58ed484e22ca59697508c5f67aca673674c7dd505f53d23ddf0022335a26dc04c95bc93cc1507e174f0af423b1c791e
+  metadata.gz: 3c3a1914b13f3fc2faf39f2cdaa48be431f4258d267748318174d2ee30877f1f72f2a2d2f5b93321603f2ad115414b7e3378f360d10c5a9fc9b35cabe4532772
+  data.tar.gz: de8e3e0ec647d8a03904aa8e0e0940cab416476b4354df598d4c0aeee221a82b4d4a60c65187a4c3f5de87631622064daa3a69bd4e89926ba29c4282cba89ef3

data/.github/workflows/ci.yml

@@ -0,0 +1,57 @@
+name: CI
+
+on:
+  pull_request:
+    branches:
+      - master
+      - dev
+      - dev-*
+
+jobs:
+  ci:
+    runs-on: ubuntu-latest
+    name: CI
+    steps:
+      - name: Notify slack success
+        if: success()
+        id: slack # IMPORTANT: reference this step ID value in future Slack steps
+        env:
+          SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }}
+        uses: voxmedia/github-action-slack-notify-build@v1.1.1
+        with:
+          channel: github-actions
+          status: STARTING
+          color: warning
+
+      - uses: actions/checkout@v1
+      - uses: actions/setup-ruby@v1
+        with:
+          ruby-version: 2.6.x
+      - name: Install dependencies
+        run: |
+          gem install bundler
+          bundler install
+      - name: Run tests
+        run: bundler exec rspec
+
+      - name: Notify slack success
+        if: success()
+        env:
+          SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }}
+        uses: voxmedia/github-action-slack-notify-build@v1.1.1
+        with:
+          message_id: ${{ steps.slack.outputs.message_id }}
+          channel: github-actions
+          status: SUCCESS
+          color: good
+
+      - name: Notify slack fail
+        if: failure()
+        env:
+          SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }}
+        uses: voxmedia/github-action-slack-notify-build@v1.1.1
+        with:
+          message_id: ${{ steps.slack.outputs.message_id }}
+          channel: github-actions
+          status: FAILED
+          color: danger

data/.github/workflows/publish.yml

@@ -0,0 +1,60 @@
+name: Upload Python Package
+
+on:
+  release:
+    types: [created]
+
+jobs:
+  deploy:
+    name: Publish
+    runs-on: ubuntu-latest
+    steps:
+      - name: Notify slack success
+        if: success()
+        id: slack # IMPORTANT: reference this step ID value in future Slack steps
+        env:
+          SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }}
+        uses: voxmedia/github-action-slack-notify-build@v1.1.1
+        with:
+          channel: github-actions
+          status: STARTING
+          color: warning
+
+      - uses: actions/checkout@v2
+      - name: Set up Ruby 2.6
+        uses: actions/setup-ruby@v1
+        with:
+          version: 2.6.x
+
+      - name: Publish to RubyGems
+        run: |
+          mkdir -p $HOME/.gem
+          touch $HOME/.gem/credentials
+          chmod 0600 $HOME/.gem/credentials
+          printf -- "---\n:rubygems_api_key: ${GEM_HOST_API_KEY}\n" > $HOME/.gem/credentials
+          gem build *.gemspec
+          gem push *.gem
+        env:
+          GEM_HOST_API_KEY: ${{secrets.RUBYGEMS_AUTH_TOKEN}}
+
+      - name: Notify slack success
+        if: success()
+        env:
+          SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }}
+        uses: voxmedia/github-action-slack-notify-build@v1.1.1
+        with:
+          message_id: ${{ steps.slack.outputs.message_id }}
+          channel: github-actions
+          status: SUCCESS
+          color: good
+
+      - name: Notify slack fail
+        if: failure()
+        env:
+          SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }}
+        uses: voxmedia/github-action-slack-notify-build@v1.1.1
+        with:
+          message_id: ${{ steps.slack.outputs.message_id }}
+          channel: github-actions
+          status: FAILED
+          color: danger

data/.github/workflows/test.yml

@@ -0,0 +1,45 @@
+name: Testing
+
+on:
+  push:
+    branches:
+      - '*'
+      - '!master'
+
+jobs:
+  test:
+    name: Testing
+    runs-on: ubuntu-18.04
+    steps:
+      - uses: actions/checkout@v1
+      - uses: actions/setup-ruby@v1
+        with:
+          ruby-version: 2.6.x
+      - name: Install dependencies
+        run: |
+          gem install bundler
+          bundler install
+      - name: Run tests
+        run: bundler exec rspec
+
+      - name: Notify slack success
+        if: success()
+        env:
+          SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }}
+        uses: voxmedia/github-action-slack-notify-build@v1.1.1
+        with:
+          message_id: ${{ steps.slack.outputs.message_id }}
+          channel: github-actions
+          status: SUCCESS
+          color: good
+
+      - name: Notify slack fail
+        if: failure()
+        env:
+          SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }}
+        uses: voxmedia/github-action-slack-notify-build@v1.1.1
+        with:
+          message_id: ${{ steps.slack.outputs.message_id }}
+          channel: github-actions
+          status: FAILED
+          color: danger

data/.rakeTasks

@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<Settings><!--This file was automatically generated by Ruby plugin.
+You are allowed to: 
+1. Remove rake task
+2. Add existing rake tasks
+To add existing rake tasks automatically delete this file and reload the project.
+--><RakeGroup description="" fullCmd="" taksId="rake" /></Settings>

data/.rspec

@@ -0,0 +1,3 @@
+--format documentation
+--color
+--require spec_helper

data/.travis.yml

@@ -0,0 +1,6 @@
+---
+language: ruby
+cache: bundler
+rvm:
+  - 2.7.1
+before_install: gem install bundler -v 2.1.2

data/Gemfile

@@ -3,4 +3,7 @@ source "https://rubygems.org"
 gemspec
 gem "rspec"
 gem "rake"
-gem "httpclient"
+gem "httpclient"
+gem "parseconfig"
+gem "webmock"
+gem "codecov", :require => false, :group => :test

data/Gemfile.lock

@@ -1,13 +1,26 @@
 PATH
   remote: .
   specs:
-    securenative (0.1.5)
+    securenative (0.1.16)
 
 GEM
   remote: https://rubygems.org/
   specs:
+    addressable (2.7.0)
+      public_suffix (>= 2.0.2, < 5.0)
+    codecov (0.1.17)
+      json
+      simplecov
+      url
+    crack (0.4.3)
+      safe_yaml (~> 1.0.0)
     diff-lcs (1.3)
+    docile (1.3.2)
+    hashdiff (1.0.1)
     httpclient (2.8.3)
+    json (2.3.0)
+    parseconfig (1.0.8)
+    public_suffix (4.0.5)
     rake (12.3.3)
     rspec (3.8.0)
       rspec-core (~> 3.8.0)
@@ -22,16 +35,29 @@ GEM
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.8.0)
     rspec-support (3.8.2)
+    safe_yaml (1.0.5)
+    simplecov (0.18.5)
+      docile (~> 1.1)
+      simplecov-html (~> 0.11)
+    simplecov-html (0.12.2)
+    url (0.3.2)
+    webmock (3.8.3)
+      addressable (>= 2.3.6)
+      crack (>= 0.3.2)
+      hashdiff (>= 0.4.0, < 2.0.0)
 
 PLATFORMS
   ruby
 
 DEPENDENCIES
   bundler (~> 2.0)
+  codecov
   httpclient
+  parseconfig
   rake
   rspec
   securenative!
+  webmock
 
 BUNDLED WITH
-   2.1.0.pre.1
+   2.1.4

data/README.md

@@ -1,7 +1,32 @@
-# SecureNative
-**[SecureNative](https://www.securenative.com/) is rethinking-security-as-a-service, disrupting the cyber security space and the way enterprises consume and implement security solutions.**
-
-## Installation
+<p align="center">
+  <a href="https://www.securenative.com"><img src="https://user-images.githubusercontent.com/45174009/77826512-f023ed80-7120-11ea-80e0-58aacde0a84e.png" alt="SecureNative Logo"/></a>
+</p>
+
+<p align="center">
+  <b>A Cloud-Native Security Monitoring and Protection for Modern Applications</b>
+</p>
+<p align="center">
+  <a href="https://github.com/securenative/securenative-ruby">
+    <img alt="Github Actions" src="https://github.com/securenative/securenative-ruby/workflows/CI/badge.svg">
+  </a>
+  <a href="https://codecov.io/gh/securenative/securenative-ruby">
+    <img src="https://codecov.io/gh/securenative/securenative-ruby/branch/master/graph/badge.svg" />
+  </a>
+  <a href="https://badge.fury.io/rb/securenative"><img src="https://badge.fury.io/rb/securenative.svg" alt="Gem Version" height="18"></a>
+</p>
+<p align="center">
+  <a href="https://docs.securenative.com">Documentation</a> |
+  <a href="https://docs.securenative.com/quick-start">Quick Start</a> |
+  <a href="https://blog.securenative.com">Blog</a> |
+  <a href="">Chat with us on Slack!</a>
+</p>
+<hr/>
+
+
+[SecureNative](https://www.securenative.com/) performs user monitoring by analyzing user interactions with your application and various factors such as network, devices, locations and access patterns to stop and prevent account takeover attacks.
+
+
+## Install the SDK
 
 Add this line to your application's Gemfile:
 
@@ -9,7 +34,7 @@ Add this line to your application's Gemfile:
 gem 'securenative'
 ```
 
-And then execute:
+Then execute:
 
     $ bundle
 
@@ -18,85 +43,128 @@ Or install it yourself as:
     $ gem install securenative
 
 ## Initialize the SDK
-Retrieve your API key from settings page of your SecureNative account and use the following in your code to initialize and use the sdk.
+
+To get your *API KEY*, login to your SecureNative account and go to project settings page:
+
+### Option 1: Initialize via Config file
+SecureNative can automatically load your config from *securenative.cfg* file or from the file that is specified in your *SECURENATIVE_CONFIG_FILE* env variable:
+
 ```ruby
 require 'securenative'
 
-# Do some cool stuff here
-# ...
-# ...
- 
-begin
-  SecureNative.init('YOUR_API_KEY') # Should be called before any other call to securenative
-rescue SecureNativeSDKException => e
-  # Do some error handling
-end
+
+secureative =  SecureNative.init
+```
+### Option 2: Initialize via API Key
+
+```ruby
+require 'securenative'
+
+
+securenative =  SecureNative.init_with_api_key('YOUR_API_KEY')
+```
+
+### Option 3: Initialize via ConfigurationBuilder
+```ruby
+require 'securenative'
+
+
+securenative = SecureNative.init_with_options(SecureNative.config_builder(api_key = 'API_KEY', max_event = 10, log_level = 'ERROR'))                                 
+```
+
+## Getting SecureNative instance
+Once initialized, sdk will create a singleton instance which you can get: 
+```ruby
+require 'securenative'
+
+
+secureNative = SecureNative.instance
 ```
 
 ## Tracking events
-Once the SDK has been initialized, you can start sending new events with the `track` function:
+
+Once the SDK has been initialized, tracking requests sent through the SDK
+instance. Make sure you build event with the EventBuilder:
+
+ ```ruby
+require 'securenative'
+require 'securenative/enums/event_types'
+require 'securenative/event_options_builder'
+require 'securenative/models/user_traits'
+require 'securenative/context/context_builder'
+
+
+securenative = SecureNative.instance
+
+context = securenative.context_builder(ip = '127.0.0.1', client_token = 'SECURED_CLIENT_TOKEN',
+        headers = { 'user-agent' => 'Mozilla/5.0 (iPad; U; CPU OS 3_2_1 like Mac OS X; en-us) AppleWebKit/531.21.10 (KHTML, like Gecko) Mobile/7B405' })
+
+event_options = EventOptionsBuilder(event_type = EventTypes::LOG_IN,
+        user_id = 'USER_ID', user_traits = UserTraits('USER_NAME', 'USER_EMAIL'),
+        context = context, properties = {prop1 => 'CUSTOM_PARAM_VALUE', prop2 => true, prop3 => 3}).build
+
+securenative.track(event_options)
+ ```
+
+You can also create request context from requests:
+
 ```ruby
 require 'securenative'
-require 'securenative/event_type'
-
-
-def login
-  # Do some cool stuff here
-  # ...
-  # ...
-  
-  SecureNative.track(Event.new(
-            event_type = EventTypes::LOG_IN,
-            user: User.new("1", "Jon Snow", "jon@snow.com"),
-            ip: "1.2.3.4",
-            remote_ip: "5.6.7.8",
-            user_agent: "Mozilla/5.0 (Linux; U; Android 4.4.2; zh-cn; GT-I9500 Build/KOT49H) AppleWebKit/537.36 (KHTML, like Gecko)Version/4.0 MQQBrowser/5.0 QQ-URL-Manager Mobile Safari/537.36",
-            sn_cookie: "cookie"))
+require 'securenative/enums/event_types'
+require 'securenative/event_options_builder'
+require 'securenative/models/user_traits'
+
+
+def track(request)
+    securenative = SecureNative.instance
+    context = SecureNative.context_builder.from_http_request(request).build
+
+    event_options = EventOptionsBuilder(event_type = EventTypes::LOG_IN,
+            user_id = 'USER_ID', user_traits = UserTraits('USER_NAME', 'USER_EMAIL'),
+            context = context, properties = {prop1 => 'CUSTOM_PARAM_VALUE', prop2 => true, prop3 => 3}).build
+    
+    securenative.track(event_options)
 end
 ```
 
-## Verification events
-Once the SDK has been initialized, you can start sending new events with the `verify` function:
+## Verify events
+
+**Example**
+
 ```ruby
 require 'securenative'
-require 'securenative/event_type'
-
-
-def reset_password   
-    res = SecureNative.verify(Event.new(
-              event_type = EventTypes::PASSWORD_RESET,
-              user: User.new("1", "Jon Snow", "jon@snow.com"),
-              ip: "1.2.3.4",
-              remote_ip: "5.6.7.8",
-              user_agent: "Mozilla/5.0 (Linux; U; Android 4.4.2; zh-cn; GT-I9500 Build/KOT49H) AppleWebKit/537.36 (KHTML, like Gecko)Version/4.0 MQQBrowser/5.0 QQ-URL-Manager Mobile Safari/537.36",
-              sn_cookie: "cookie"))
-                  
-    if res['riskLevel'] == 'high'
-        return 'Cannot change password'
-    else res['riskLevel'] == 'medium'
-        return 'MFA'
-     end   
+require 'securenative/enums/event_types'
+require 'securenative/event_options_builder'
+require 'securenative/models/user_traits'
+
+
+def track(request)
+    securenative = SecureNative.instance
+    context = SecureNative.context_builder.from_http_request(request).build
+
+    event_options = EventOptionsBuilder(event_type = EventTypes::LOG_IN,
+        user_id = 'USER_ID', user_traits = UserTraits('USER_NAME', 'USER_EMAIL'),
+        context = context, properties = {prop1 => 'CUSTOM_PARAM_VALUE', prop2 => true, prop3 => 3}).build
+    
+    verify_result = securenative.verify(event_options)
+    verify_result.risk_level  # Low, Medium, High
+    verify_result.score  # Risk score: 0 -1 (0 - Very Low, 1 - Very High)
+    verify_result.triggers  # ["TOR", "New IP", "New City"]
 end
 ```
 
-## Using webhooks
-You can use the SDK to verify incoming webhooks from SecureNative, just call the `veriy_webhook` function which return a boolean which indicates if the webhook came from Secure Native servers.
+## Webhook signature verification
+
+Apply our filter to verify the request is from us, for example:
+
 ```ruby
 require 'securenative'
 
-begin
-  SecureNative.init('YOUR_API_KEY') # Should be called before any other call to securenative
-rescue SecureNativeSDKException => e
-  # Do some error handling
-end
 
-def handle_some_code(headers, body)
-  sig_header = headers["X-SecureNative"]
-  if SecureNative.verify_webhook(sig_header, body)
-      # Handle the webhook
-      level = body['riskLevel']
-  else
-      # This request wasn't sent from Secure Native servers, you can dismiss/investigate it
-  end
+def webhook_endpoint(request)
+    securenative = SecureNative.instance
+    
+    # Checks if request is verified
+    is_verified = securenative.verify_request_payload(request)
 end
-```
+ ```