securenative 0.1.5 → 0.1.21

data/README.md

@@ -1,7 +1,32 @@
-# SecureNative
-**[SecureNative](https://www.securenative.com/) is rethinking-security-as-a-service, disrupting the cyber security space and the way enterprises consume and implement security solutions.**
-
-## Installation
+<p align="center">
+  <a href="https://www.securenative.com"><img src="https://user-images.githubusercontent.com/45174009/77826512-f023ed80-7120-11ea-80e0-58aacde0a84e.png" alt="SecureNative Logo"/></a>
+</p>
+
+<p align="center">
+  <b>A Cloud-Native Security Monitoring and Protection for Modern Applications</b>
+</p>
+<p align="center">
+  <a href="https://github.com/securenative/securenative-ruby">
+    <img alt="Github Actions" src="https://github.com/securenative/securenative-ruby/workflows/CI/badge.svg">
+  </a>
+  <a href="https://codecov.io/gh/securenative/securenative-ruby">
+    <img src="https://codecov.io/gh/securenative/securenative-ruby/branch/master/graph/badge.svg" />
+  </a>
+  <a href="https://badge.fury.io/rb/securenative"><img src="https://badge.fury.io/rb/securenative.svg" alt="Gem Version" height="18"></a>
+</p>
+<p align="center">
+  <a href="https://docs.securenative.com">Documentation</a> |
+  <a href="https://docs.securenative.com/quick-start">Quick Start</a> |
+  <a href="https://blog.securenative.com">Blog</a> |
+  <a href="">Chat with us on Slack!</a>
+</p>
+<hr/>
+
+
+[SecureNative](https://www.securenative.com/) performs user monitoring by analyzing user interactions with your application and various factors such as network, devices, locations and access patterns to stop and prevent account takeover attacks.
+
+
+## Install the SDK
 
 Add this line to your application's Gemfile:
 
@@ -9,94 +34,142 @@ Add this line to your application's Gemfile:
 gem 'securenative'
 ```
 
-And then execute:
+Then execute:
 
-    $ bundle
+    $ bundle install
 
 Or install it yourself as:
 
     $ gem install securenative
 
 ## Initialize the SDK
-Retrieve your API key from settings page of your SecureNative account and use the following in your code to initialize and use the sdk.
+
+To get your *API KEY*, login to your SecureNative account and go to project settings page:
+
+### Option 1: Initialize via Config file
+SecureNative can automatically load your config from *securenative.yml* file or from the file that is specified in your *SECURENATIVE_CONFIG_FILE* env variable:
+
 ```ruby
 require 'securenative'
 
-# Do some cool stuff here
-# ...
-# ...
- 
-begin
-  SecureNative.init('YOUR_API_KEY') # Should be called before any other call to securenative
-rescue SecureNativeSDKException => e
-  # Do some error handling
-end
+
+secureative =  SecureNative.init
+```
+### Option 2: Initialize via API Key
+
+```ruby
+require 'securenative'
+
+
+securenative =  SecureNative.init_with_api_key('YOUR_API_KEY')
+```
+
+### Option 3: Initialize via ConfigurationBuilder
+```ruby
+require 'securenative'
+
+
+options = ConfigurationBuilder.new(api_key: 'API_KEY', max_events: 10, log_level: 'ERROR')
+SecureNative.init_with_options(options)                                 
+```
+
+## Getting SecureNative instance
+Once initialized, sdk will create a singleton instance which you can get: 
+```ruby
+require 'securenative'
+
+
+secureNative = SecureNative.instance
 ```
 
 ## Tracking events
-Once the SDK has been initialized, you can start sending new events with the `track` function:
+
+Once the SDK has been initialized, tracking requests sent through the SDK
+instance. Make sure you build event with the EventBuilder:
+
+ ```ruby
+require 'securenative'
+require 'models/event_options'
+require 'enums/event_types'
+require 'models/user_traits'
+
+
+def track
+    securenative = SecureNative.instance
+    context = SecureNativeContext.new(client_token: '2a980d872b939c7e4f4378aa111a5eeffb22808b58b5372f658d34904ebd5b05fff0daab91921243ac08b72442a5b3992e402dc21df16aa7cc0e19f8bffa9d6cc59996d480d70aa22b857189403675d37fd144ebaf9dc697fed149b907678f2b1f964d73b332dc8ea7df63fcfc3c11f7bbb51ba2672652ca7d5d43f36a62e15db8b13dfd794a5eccfc5968ca514dd7cce59f2df2b9d8184d076eba808c81b311', ip: '127.0.0.1',
+                                       headers: { 'user-agent' => 'Mozilla: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:47.0) Gecko/20100101 Firefox/47.3 Mozilla/5.0 (Macintosh; Intel Mac OS X x.y; rv:42.0) Gecko/20100101 Firefox/43.4' })
+    
+    event_options = EventOptions.new(event: EventTypes::LOG_IN, user_id: '1234', context: context,
+                                     user_traits: UserTraits.new(name: 'Your Name', email: 'name@gmail.com', phone: '+1234567890'),
+                                     properties: { custom_param1: 'CUSTOM_PARAM_VALUE', custom_param2: true, custom_param3: 3 })
+    
+    securenative.track(event_options)
+    
+    @message = 'tracked'
+end
+ ```
+
+You can also create request context from requests:
+
 ```ruby
 require 'securenative'
-require 'securenative/event_type'
-
-
-def login
-  # Do some cool stuff here
-  # ...
-  # ...
-  
-  SecureNative.track(Event.new(
-            event_type = EventTypes::LOG_IN,
-            user: User.new("1", "Jon Snow", "jon@snow.com"),
-            ip: "1.2.3.4",
-            remote_ip: "5.6.7.8",
-            user_agent: "Mozilla/5.0 (Linux; U; Android 4.4.2; zh-cn; GT-I9500 Build/KOT49H) AppleWebKit/537.36 (KHTML, like Gecko)Version/4.0 MQQBrowser/5.0 QQ-URL-Manager Mobile Safari/537.36",
-            sn_cookie: "cookie"))
+require 'models/event_options'
+require 'enums/event_types'
+require 'models/user_traits'
+
+
+def track
+    securenative = SecureNative.instance
+    context = SecureNativeContext.from_http_request(request)
+    
+    event_options = EventOptions.new(event: EventTypes::LOG_IN, user_id: '1234', context: context,
+                                     user_traits: UserTraits.new(name: 'Your Name', email: 'name@gmail.com', phone: '+1234567890'),
+                                     properties: { custom_param1: 'CUSTOM_PARAM_VALUE', custom_param2: true, custom_param3: 3 })
+    
+    securenative.track(event_options)
+    
+    @message = 'tracked'
 end
 ```
 
-## Verification events
-Once the SDK has been initialized, you can start sending new events with the `verify` function:
+## Verify events
+
+**Example**
+
 ```ruby
 require 'securenative'
-require 'securenative/event_type'
-
-
-def reset_password   
-    res = SecureNative.verify(Event.new(
-              event_type = EventTypes::PASSWORD_RESET,
-              user: User.new("1", "Jon Snow", "jon@snow.com"),
-              ip: "1.2.3.4",
-              remote_ip: "5.6.7.8",
-              user_agent: "Mozilla/5.0 (Linux; U; Android 4.4.2; zh-cn; GT-I9500 Build/KOT49H) AppleWebKit/537.36 (KHTML, like Gecko)Version/4.0 MQQBrowser/5.0 QQ-URL-Manager Mobile Safari/537.36",
-              sn_cookie: "cookie"))
-                  
-    if res['riskLevel'] == 'high'
-        return 'Cannot change password'
-    else res['riskLevel'] == 'medium'
-        return 'MFA'
-     end   
+require 'models/event_options'
+require 'enums/event_types'
+require 'models/user_traits'
+
+
+def verify(request)
+    securenative = SecureNative.instance
+    context = SecureNativeContext.from_http_request(request)
+
+    event_options = EventOptions.new(event: EventTypes::LOG_IN, user_id: '1234', context: context,
+                                         user_traits: UserTraits.new(name: 'Your Name', email: 'name@gmail.com', phone: '+1234567890'),
+                                         properties: { custom_param1: 'CUSTOM_PARAM_VALUE', custom_param2: true, custom_param3: 3 })
+    
+    verify_result = securenative.verify(event_options)
+    verify_result.risk_level  # Low, Medium, High
+    verify_result.score  # Risk score: 0 -1 (0 - Very Low, 1 - Very High)
+    verify_result.triggers  # ["TOR", "New IP", "New City"]
 end
 ```
 
-## Using webhooks
-You can use the SDK to verify incoming webhooks from SecureNative, just call the `veriy_webhook` function which return a boolean which indicates if the webhook came from Secure Native servers.
+## Webhook signature verification
+
+Apply our filter to verify the request is from us, for example:
+
 ```ruby
 require 'securenative'
 
-begin
-  SecureNative.init('YOUR_API_KEY') # Should be called before any other call to securenative
-rescue SecureNativeSDKException => e
-  # Do some error handling
-end
 
-def handle_some_code(headers, body)
-  sig_header = headers["X-SecureNative"]
-  if SecureNative.verify_webhook(sig_header, body)
-      # Handle the webhook
-      level = body['riskLevel']
-  else
-      # This request wasn't sent from Secure Native servers, you can dismiss/investigate it
-  end
+def webhook_endpoint(request)
+    securenative = SecureNative.instance
+    
+    # Checks if request is verified
+    is_verified = securenative.verify_request_payload(request)
 end
-```
+ ```

data/Rakefile

@@ -1,2 +1,6 @@
 require "bundler/gem_tasks"
-task :default => :spec
+task :default => :spec
+
+require 'rspec/core/rake_task'
+task :default => :spec
+RSpec::Core::RakeTask.new

data/lib/api_manager.rb

@@ -0,0 +1,39 @@
+# frozen_string_literal: true
+
+require 'models/sdk_event'
+require 'enums/failover_strategy'
+require 'enums/risk_level'
+require 'enums/api_route'
+require 'models/verify_result'
+require 'json'
+
+class ApiManager
+  def initialize(event_manager, securenative_options)
+    @event_manager = event_manager
+    @options = securenative_options
+  end
+
+  def track(event_options)
+    SecureNativeLogger.debug('Track event call')
+    event = SDKEvent.new(event_options, @options)
+    @event_manager.send_async(event, ApiRoute::TRACK)
+  end
+
+  def verify(event_options)
+    SecureNativeLogger.debug('Verify event call')
+    event = SDKEvent.new(event_options, @options)
+
+    begin
+      res = @event_manager.send_sync(event, ApiRoute::VERIFY, false)
+      ver_result = JSON.parse(res.body)
+      return VerifyResult.new(risk_level: ver_result['riskLevel'], score: ver_result['score'], triggers: ver_result['triggers'])
+    rescue StandardError => e
+      SecureNativeLogger.debug("Failed to call verify; #{e}")
+    end
+    if @options.fail_over_strategy == FailOverStrategy::FAIL_OPEN
+      return VerifyResult.new(risk_level: RiskLevel::LOW, score: 0, triggers: nil)
+    end
+
+    VerifyResult.new(risk_level: RiskLevel::HIGH, score: 1, triggers: nil)
+  end
+end

data/lib/config/configuration_builder.rb

@@ -0,0 +1,26 @@
+# frozen_string_literal: true
+
+require 'enums/failover_strategy'
+
+class ConfigurationBuilder
+  attr_reader :api_key, :api_url, :interval, :max_events, :timeout, :auto_send, :disable, :log_level, :fail_over_strategy
+  attr_writer :api_key, :api_url, :interval, :max_events, :timeout, :auto_send, :disable, :log_level, :fail_over_strategy
+
+  def initialize(api_key: nil, api_url: 'https://api.securenative.com/collector/api/v1', interval: 1000,
+                 max_events: 1000, timeout: 1500, auto_send: true, disable: false, log_level: 'FATAL',
+                 fail_over_strategy: FailOverStrategy::FAIL_OPEN)
+    @api_key = api_key
+    @api_url = api_url
+    @interval = interval
+    @max_events = max_events
+    @timeout = timeout
+    @auto_send = auto_send
+    @disable = disable
+    @log_level = log_level
+    @fail_over_strategy = fail_over_strategy
+  end
+
+  def self.default_securenative_options
+    SecureNativeOptions.new
+  end
+end

data/lib/config/configuration_manager.rb

@@ -0,0 +1,55 @@
+# frozen_string_literal: true
+
+require 'yaml'
+require 'config/configuration_builder'
+
+class ConfigurationManager
+  DEFAULT_CONFIG_FILE = 'securenative.yml'
+  CUSTOM_CONFIG_FILE_ENV_NAME = 'SECURENATIVE_CONFIG_FILE'
+  @config = nil
+
+  def self.read_resource_file(resource_path)
+    properties = {}
+    begin
+      @config = YAML.load_file(resource_path)
+      properties = @config unless @config.nil?
+    rescue StandardError => e
+      SecureNativeLogger.error("Could not parse config file #{resource_path}; #{e}")
+    end
+    properties
+  end
+
+  def self._get_resource_path(env_name)
+    Env.fetch(env_name, ENV[DEFAULT_CONFIG_FILE])
+  end
+
+  def self.config_builder
+    ConfigurationBuilder.new
+  end
+
+  def self._get_env_or_default(properties, key, default)
+    return ENV[key] if ENV[key]
+    return properties[key] if properties[key]
+
+    default
+  end
+
+  def self.load_config
+    options = ConfigurationBuilder.default_securenative_options
+
+    resource_path = DEFAULT_CONFIG_FILE
+    resource_path = ENV[CUSTOM_CONFIG_FILE_ENV_NAME] unless ENV[CUSTOM_CONFIG_FILE_ENV_NAME].nil?
+
+    properties = read_resource_file(resource_path)
+
+    ConfigurationBuilder.new(api_key: _get_env_or_default(properties, 'SECURENATIVE_API_KEY', options.api_key),
+                             api_url: _get_env_or_default(properties, 'SECURENATIVE_API_URL', options.api_url),
+                             interval: _get_env_or_default(properties, 'SECURENATIVE_INTERVAL', options.interval),
+                             max_events: _get_env_or_default(properties, 'SECURENATIVE_MAX_EVENTS', options.max_events),
+                             timeout: _get_env_or_default(properties, 'SECURENATIVE_TIMEOUT', options.timeout),
+                             auto_send: _get_env_or_default(properties, 'SECURENATIVE_AUTO_SEND', options.auto_send),
+                             disable: _get_env_or_default(properties, 'SECURENATIVE_DISABLE', options.disable),
+                             log_level: _get_env_or_default(properties, 'SECURENATIVE_LOG_LEVEL', options.log_level),
+                             fail_over_strategy: _get_env_or_default(properties, 'SECURENATIVE_FAILOVER_STRATEGY', options.fail_over_strategy))
+  end
+end

data/lib/config/securenative_options.rb

@@ -0,0 +1,22 @@
+# frozen_string_literal: true
+
+require 'enums/failover_strategy'
+
+class SecureNativeOptions
+  attr_reader :api_key, :api_url, :interval, :max_events, :timeout, :auto_send, :disable, :log_level, :fail_over_strategy
+  attr_writer :api_key, :api_url, :interval, :max_events, :timeout, :auto_send, :disable, :log_level, :fail_over_strategy
+
+  def initialize(api_key: nil, api_url: "https://api.securenative.com/collector/api/v1", interval: 1000,
+                 max_events: 1000, timeout: 1500, auto_send: true, disable: false, log_level: "FATAL",
+                 fail_over_strategy: FailOverStrategy::FAIL_OPEN)
+    @api_key = api_key
+    @api_url = api_url
+    @interval = interval
+    @max_events = max_events
+    @timeout = timeout
+    @auto_send = auto_send
+    @disable = disable
+    @log_level = log_level
+    @fail_over_strategy = fail_over_strategy
+  end
+end

data/lib/context/hanami_context.rb

@@ -0,0 +1,42 @@
+# frozen_string_literal: true
+
+class HanamiContext
+  SECURENATIVE_COOKIE = '_sn'
+
+  def self.get_client_token(request)
+    begin
+      request.env[SECURENATIVE_COOKIE]
+    rescue StandardError
+      begin
+        request.cookies[SECURENATIVE_COOKIE]
+      rescue StandardError
+        nil
+      end
+    end
+  end
+
+  def self.get_url(request)
+    begin
+      request.env['REQUEST_PATH']
+    rescue StandardError
+      nil
+    end
+  end
+
+  def self.get_method(request)
+    begin
+      request.request_method
+    rescue StandardError
+      nil
+    end
+  end
+
+  def self.get_headers(request)
+    begin
+      # Note: At the moment we're filtering out everything but user-agent since ruby's payload is way too big
+      { 'user-agent' => request.env['HTTP_USER_AGENT'] }
+    rescue StandardError
+      nil
+    end
+  end
+end

data/lib/context/rails_context.rb

@@ -0,0 +1,44 @@
+# frozen_string_literal: true
+
+class RailsContext
+  SECURENATIVE_COOKIE = '_sn'
+
+  def self.get_client_token(request)
+    begin
+      request.cookies[SECURENATIVE_COOKIE]
+    rescue StandardError
+      nil
+    end
+  end
+
+  def self.get_url(request)
+    begin
+      # Rails >= 3.x
+      request.fullpath
+    rescue StandardError
+      begin
+        # Rails < 3.x & Sinatra
+        request.url if url.nil?
+      rescue StandardError
+        nil
+      end
+    end
+  end
+
+  def self.get_method(request)
+    begin
+      request.method
+    rescue StandardError
+      nil
+    end
+  end
+
+  def self.get_headers(request)
+    begin
+      # Note: At the moment we're filtering out everything but user-agent since ruby's payload is way too big
+      { 'user-agent' => request.env['HTTP_USER_AGENT'] }
+    rescue StandardError
+      nil
+    end
+  end
+end