securenative 0.1.5 → 0.1.21

data/out/production/securenative-ruby/utils/signature_utils.rb

@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+
+require 'openssl'
+
+class SignatureUtils
+  SIGNATURE_HEADER = 'x-securenative'
+
+  def self.valid_signature?(api_key, payload, header_signature)
+    key = api_key.encode('utf-8')
+    body = payload.encode('utf-8')
+    calculated_signature = OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha512'), key, body)
+    calculated_signature.eql? header_signature
+  rescue StandardError
+    false
+  end
+end

data/out/production/securenative-ruby/utils/utils.rb

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+class Utils
+  def self.null_or_empty?(string)
+    return true if !string || string.empty? || string.nil?
+
+    false
+  end
+end

data/out/production/securenative-ruby/utils/version_utils.rb

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+class VersionUtils
+  def self.version
+    path = 'VERSION'
+    file = File.open(path)
+    version = file.read
+    file.close
+
+    version
+  end
+end

data/out/test/securenative-ruby/spec_api_manager.rb

@@ -0,0 +1,81 @@
+# frozen_string_literal: true
+
+require 'api_manager'
+require 'webmock/rspec'
+require 'rspec'
+
+RSpec.describe ApiManager do
+  let(:context) do
+    ContextBuilder(ip: '127.0.0.1', client_token: 'SECURED_CLIENT_TOKEN',
+                   headers: { 'user-agent' => 'Mozilla/5.0 (iPad; U; CPU OS 3_2_1 like Mac OS X; en-us)
+                   AppleWebKit/531.21.10 (KHTML, like Gecko) Mobile/7B405' })
+  end
+  let(:event_options) do
+    EventOptions(event_type: EventTypes.LOG_IN, user_id: 'USER_ID',
+                 user_traits: UserTraits('USER_NAME', 'USER_EMAIL', '+1234567890'),
+                 properties: { prop1: 'CUSTOM_PARAM_VALUE', prop2: true, prop3: 3 }).build
+  end
+
+  it 'tracks an event' do
+    options = ConfigurationBuilder.new(api_key: 'YOUR_API_KEY', auto_send: true, interval: 10, api_url: 'https://api.securenative-stg.com/collector/api/v1')
+
+    expected = '{"eventType":"sn.user.login","userId":"USER_ID","userTraits":{' \
+                   '"name":"USER_NAME","email":"USER_EMAIL","phone":"+1234567890","createdAt":null},"request":{' \
+                   '"cid":null,"vid":null,"fp":null,"ip":"127.0.0.1","remoteIp":null,"headers":{' \
+                   '"user-agent":"Mozilla/5.0 (iPad; U; CPU OS 3_2_1 like Mac OS X; en-us) ' \
+                   'AppleWebKit/531.21.10 (KHTML, like Gecko) Mobile/7B405"},"url":null,"method":null},' \
+                   '"properties":{"prop2":true,"prop1":"CUSTOM_PARAM_VALUE","prop3":3}}'
+
+    stub_request(:post, 'https://api.securenative-stg.com/collector/api/v1/track')
+      .with(body: JSON.parse(expected)).to_return(status: 200)
+    event_manager = EventManager.new(options)
+    event_manager.start_event_persist
+    api_manager = ApiManager.new(event_manager, options)
+
+    begin
+      api_manager.track(:event_options)
+    ensure
+      event_manager.stop_event_persist
+    end
+  end
+
+  it 'uses invalid options' do
+    options = ConfigurationBuilder(api_key: 'YOUR_API_KEY', auto_send: true, interval: 10, api_url: 'https://api.securenative-stg.com/collector/api/v1')
+
+    properties = {}
+    (0..12).each do |i|
+      properties[i] = i
+    end
+
+    stub_request(:post, 'https://api.securenative-stg.com/collector/api/v1/track').to_return(status: 200)
+    event_manager = EventManager.new(options)
+    event_manager.start_event_persist
+    api_manager = ApiManager.new(event_manager, options)
+
+    begin
+      expect { api_manager.track(EventOptions(event_type: EventTypes.LOG_IN, properties: properties).build) }
+        .to raise_error(SecureNativeInvalidOptionsError)
+    ensure
+      event_manager.stop_event_persist
+    end
+  end
+
+  it 'verifies an event' do
+    options = ConfigurationBuilder(api_key: 'YOUR_API_KEY', api_url: 'https://api.securenative-stg.com/collector/api/v1')
+
+    stub_request(:post, 'https://api.securenative-stg.com/collector/api/v1/track')
+      .with(body: { riskLevel: 'medium', score: 0.32, triggers: ['New IP', 'New City'] }).to_return(status: 200)
+    verify_result = VerifyResult.new(RiskLevel.LOW, 0, nil)
+
+    event_manager = EventManager.new(options)
+    event_manager.start_event_persist
+    api_manager = ApiManager.new(event_manager, options)
+
+    result = api_manager.verify(:event_options)
+
+    expect(result).not_to be_nil
+    expect(result.risk_level).to eq(verify_result.risk_level)
+    expect(result.score).to eq(verify_result.score)
+    expect(result.triggers).to eq(verify_result.triggers)
+  end
+end

data/out/test/securenative-ruby/spec_context_builder.rb

@@ -0,0 +1,69 @@
+# frozen_string_literal: true
+
+require 'context/securenative_context'
+require 'webmock/rspec'
+require 'rspec'
+
+RSpec.describe SecureNativeContext do
+  it 'creates context from request' do
+    stub_request(:any, 'www.example.com')
+      .to_return(body: nil, status: 200,
+                 headers: { 'x-securenative': '71532c1fad2c7f56118f7969e401f3cf080239140d208e7934e6a530818c37e544a0c2330a487bcc6fe4f662a57f265a3ed9f37871e80529128a5e4f2ca02db0fb975ded401398f698f19bb0cafd68a239c6caff99f6f105286ab695eaf3477365bdef524f5d70d9be1d1d474506b433aed05d7ed9a435eeca357de57817b37c638b6bb417ffb101eaf856987615a77a' },
+                 remote_ip: '', uri: 'www.securenative.com', http_method: 'Post', ip: '51.68.201.122',
+                 client_token: '71532c1fad2c7f56118f7969e401f3cf080239140d208e7934e6a530818c37e544a0c2330a487bcc6fe4f662a57f265a3ed9f37871e80529128a5e4f2ca02db0fb975ded401398f698f19bb0cafd68a239c6caff99f6f105286ab695eaf3477365bdef524f5d70d9be1d1d474506b433aed05d7ed9a435eeca357de57817b37c638b6bb417ffb101eaf856987615a77a')
+
+    request = Net::HTTP.get('www.example.com', '/')
+    context = SecureNativeContext.from_http_request(request)
+
+    expect(context.client_token).to eq('71532c1fad2c7f56118f7969e401f3cf080239140d208e7934e6a530818c37e544a0c2330a487bcc6fe4f662a57f265a3ed9f37871e80529128a5e4f2ca02db0fb975ded401398f698f19bb0cafd68a239c6caff99f6f105286ab695eaf3477365bdef524f5d70d9be1d1d474506b433aed05d7ed9a435eeca357de57817b37c638b6bb417ffb101eaf856987615a77a')
+    expect(context.ip).to eq('51.68.201.122')
+    expect(context.http_method).to eq('Post')
+    expect(context.uri).to eq('www.securenative.com')
+    expect(context.remote_ip).to eq('')
+    expect(context.headers).to eq({ 'x-securenative': '71532c1fad2c7f56118f7969e401f3cf080239140d208e7934e6a530818c37e544a0c2330a487bcc6fe4f662a57f265a3ed9f37871e80529128a5e4f2ca02db0fb975ded401398f698f19bb0cafd68a239c6caff99f6f105286ab695eaf3477365bdef524f5d70d9be1d1d474506b433aed05d7ed9a435eeca357de57817b37c638b6bb417ffb101eaf856987615a77a' })
+    expect(context.body).to be_nil
+  end
+
+  it 'creates context from request with cookie' do
+    stub_request(:any, 'www.example.com')
+      .to_return(body: nil, status: 200,
+                 cookies: { '_sn': '71532c1fad2c7f56118f7969e401f3cf080239140d208e7934e6a530818c37e544a0c2330a487bcc6fe4f662a57f265a3ed9f37871e80529128a5e4f2ca02db0fb975ded401398f698f19bb0cafd68a239c6caff99f6f105286ab695eaf3477365bdef524f5d70d9be1d1d474506b433aed05d7ed9a435eeca357de57817b37c638b6bb417ffb101eaf856987615a77a' },
+                 remote_ip: '', uri: 'www.securenative.com', http_method: 'Post', ip: '51.68.201.122',
+                 client_token: '71532c1fad2c7f56118f7969e401f3cf080239140d208e7934e6a530818c37e544a0c2330a487bcc6fe4f662a57f265a3ed9f37871e80529128a5e4f2ca02db0fb975ded401398f698f19bb0cafd68a239c6caff99f6f105286ab695eaf3477365bdef524f5d70d9be1d1d474506b433aed05d7ed9a435eeca357de57817b37c638b6bb417ffb101eaf856987615a77a')
+
+    request = Net::HTTP.get('www.example.com', '/')
+    con = SecureNativeContext.from_http_request(request)
+
+    expect(con.context.client_token).to eq('71532c1fad2c7f56118f7969e401f3cf080239140d208e7934e6a530818c37e544a0c2330a487bcc6fe4f662a57f265a3ed9f37871e80529128a5e4f2ca02db0fb975ded401398f698f19bb0cafd68a239c6caff99f6f105286ab695eaf3477365bdef524f5d70d9be1d1d474506b433aed05d7ed9a435eeca357de57817b37c638b6bb417ffb101eaf856987615a77a')
+    expect(con.context.ip).to eq('51.68.201.122')
+    expect(con.context.http_method).to eq('Post')
+    expect(con.context.uri).to eq('www.securenative.com')
+    expect(con.context.remote_ip).to eq('')
+    expect(con.context.body).to be_nil
+  end
+
+  it 'creates default context builder' do
+    context = SecureNativeContext.default_context_builder
+
+    expect(context.client_token).to be_nil
+    expect(context.ip).to be_nil
+    expect(context.http_method).to be_nil
+    expect(context.url).to be_nil
+    expect(context.remote_ip).to be_nil
+    expect(context.headers).to be_nil
+    expect(context.body).to be_nil
+  end
+
+  it 'creates custom context with context builder' do
+    context = SecureNativeContext.new('SECRET_TOKEN', '10.0.0.0', '10.0.0.0',
+                                      { 'header' => 'value1' }, '/some-url', 'Get', nil)
+
+    expect(context.url).to eq('/some-url')
+    expect(context.client_token).to eq('SECRET_TOKEN')
+    expect(context.ip).to eq('10.0.0.0')
+    expect(context.body).to be_nil
+    expect(context.http_method).to eq('Get')
+    expect(context.remote_ip).to eq('10.0.0.0')
+    expect(context.headers).to eq({ 'header' => 'value1' })
+  end
+end

data/out/test/securenative-ruby/spec_date_utils.rb

@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+require 'utils/date_utils'
+require 'rspec'
+
+RSpec.describe DateUtils do
+  it 'converts to timestamp' do
+    iso_8601_date = '2020-05-20T15:07:13Z'
+    result = DateUtils.to_timestamp(iso_8601_date)
+
+    expect(result).to eq(iso_8601_date)
+  end
+end

data/out/test/securenative-ruby/spec_encryption_utils.rb

@@ -0,0 +1,26 @@
+# frozen_string_literal: true
+
+require 'utils/encryption_utils'
+require 'rspec'
+
+RSpec.describe EncryptionUtils do
+  let(:SECRET_KEY) { 'B00C42DAD33EAC6F6572DA756EA4915349C0A4F6' }
+  let(:PAYLOAD) { '{"cid":"198a41ff-a10f-4cda-a2f3-a9ca80c0703b","vi":"148a42ff-b40f-4cda-a2f3-a8ca80c0703b","fp":"6d8cabd95987f8318b1fe01593d5c2a5.24700f9f1986800ab4fcc880530dd0ed"}' }
+  let(:CID) { '198a41ff-a10f-4cda-a2f3-a9ca80c0703b' }
+  let(:FP) { '6d8cabd95987f8318b1fe01593d5c2a5.24700f9f1986800ab4fcc880530dd0ed' }
+
+  it 'decrypts' do
+    result = EncryptionUtils.encrypt(:PAYLOAD, :SECRET_KEY)
+
+    expect(result).not_to be_nil
+    expect(result.length).to eq(:PAYLOAD.length)
+  end
+
+  it 'encrypts' do
+    encrypted_payload = '5208ae703cc2fa0851347f55d3b76d3fd6035ee081d71a401e8bc92ebdc25d42440f62310bda60628537744ac03f200d78da9e61f1019ce02087b7ce6c976e7b2d8ad6aa978c532cea8f3e744cc6a5cafedc4ae6cd1b08a4ef75d6e37aa3c0c76954d16d57750be2980c2c91ac7ef0bbd0722abd59bf6be22493ea9b9759c3ff4d17f17ab670b0b6fc320e6de982313f1c4e74c0897f9f5a32d58e3e53050ae8fdbebba9009d0d1250fe34dcde1ebb42acbc22834a02f53889076140f0eb8db1'
+    result = EncryptionUtils.decrypt(encrypted_payload, :SECRET_KEY)
+
+    expect(result.cid).to eq(:CID)
+    expect(result.fp).to eq(:FP)
+  end
+end

data/out/test/securenative-ruby/spec_event_manager.rb

@@ -0,0 +1,59 @@
+# frozen_string_literal: true
+
+require 'event_manager'
+require 'config/configuration_builder'
+require 'rspec'
+require 'webmock/rspec'
+
+class SampleEvent
+  attr_reader :event_type, :timestamp, :rid, :user_id, :user_traits, :request, :properties
+
+  def initialize
+    @event_type = 'custom-event'
+    @timestamp = Time.now.strftime('%Y-%m-%dT%H:%M:%S.%L%Z')
+    @rid = '432532'
+    @user_id = '1'
+    @user_traits = UserTraits('some user', 'email@securenative.com', '+1234567890')
+    @request = RequestContext()
+    @properties = []
+  end
+end
+
+RSpec.describe EventManager do
+  let(:event) { SampleEvent() }
+
+  it 'successfully sends sync event with status code 200' do
+    options = ConfigurationBuilder.new(api_key: 'YOUR_API_KEY', api_url: 'https://api.securenative-stg.com/collector/api/v1')
+
+    res_body = '{"data": true}'
+    stub_request(:post, 'https://api.securenative-stg.com/collector/api/v1/some-path/to-api')
+      .with(body: JSON.parse(res_body)).to_return(status: 200)
+    event_manager = EventManager.new(options)
+
+    event_manager.start_event_persist
+    data = event_manager.send_sync(:event, 'some-path/to-api', false)
+    event_manager.stop_event_persist
+
+    expect(res_body).to eq(data.text)
+  end
+
+  it 'fails when send sync event status code is 401' do
+    options = ConfigurationBuilder.new(api_key: 'YOUR_API_KEY', api_url: 'https://api.securenative-stg.com/collector/api/v1')
+
+    stub_request(:post, 'https://api.securenative-stg.com/collector/api/v1/some-path/to-api').to_return(status: 401)
+    event_manager = EventManager.new(options)
+    res = event_manager.send_sync(:event, 'some-path/to-api', false)
+
+    expect(res.status_code).to eq(401)
+  end
+
+  it 'fails when send sync event status code is 500' do
+    options = ConfigurationBuilder.new(api_key: 'YOUR_API_KEY', api_url: 'https://api.securenative-stg.com/collector/api/v1')
+
+    stub_request(:post, 'https://api.securenative-stg.com/collector/api/v1/some-path/to-api').to_return(status: 500)
+    event_manager = EventManager.new(options)
+    res = event_manager.send_sync(:event, 'some-path/to-api', false)
+
+    expect(res.status_code).to eq(500)
+  end
+end

data/out/test/securenative-ruby/spec_helper.rb

@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+
+require 'bundler/setup'
+require 'simplecov'
+require 'codecov'
+
+SimpleCov.start
+SimpleCov.formatter = SimpleCov::Formatter::Codecov
+
+RSpec.configure do |config|
+  # Enable flags like --only-failures and --next-failure
+  config.example_status_persistence_file_path = '.rspec_status'
+
+  # Disable RSpec exposing methods globally on `Module` and `main`
+  config.disable_monkey_patching!
+
+  config.expect_with :rspec do |c|
+    c.syntax = :expect
+  end
+end

data/out/test/securenative-ruby/spec_ip_utils.rb

@@ -0,0 +1,41 @@
+# frozen_string_literal: true
+
+require 'utils/ip_utils'
+require 'rspec'
+
+RSpec.describe IpUtils do
+  it 'checks if ip address valid ipv4' do
+    valid_ipv4 = '172.16.254.1'
+    expect(IpUtils.ip_address?(valid_ipv4)).to be_truthy
+  end
+
+  it 'checks if ip address valid ipv6' do
+    valid_ipv6 = '2001:db8:1234:0000:0000:0000:0000:0000'
+    expect(IpUtils.ip_address?(valid_ipv6)).to be_truthy
+  end
+
+  it 'checks if ip address invalid ipv4' do
+    invalid_ipv4 = '172.16.2541'
+    expect(IpUtils.ip_address?(invalid_ipv4)).to be_falsey
+  end
+
+  it 'checks if ip address invalid ipv6' do
+    invalid_ipv6 = '2001:db8:1234:0000'
+    expect(IpUtils.ip_address?(invalid_ipv6)).to be_falsey
+  end
+
+  it 'checks if valid public ip' do
+    ip = '64.71.222.37'
+    expect(IpUtils.valid_public_ip?(ip)).to be_truthy
+  end
+
+  it 'checks if not valid public ip' do
+    ip = '10.0.0.0'
+    expect(IpUtils.valid_public_ip?(ip)).to be_falsey
+  end
+
+  it 'checks if valid loopback ip' do
+    ip = '127.0.0.1'
+    expect(IpUtils.loop_back?(ip)).to be_truthy
+  end
+end

data/out/test/securenative-ruby/spec_securenative.rb

@@ -0,0 +1,65 @@
+# frozen_string_literal: true
+
+require 'securenative'
+require 'config/configuration_manager'
+require 'errors/securenative_sdk_error'
+require 'errors/securenative_sdk_Illegal_state_error'
+require 'errors/securenative_config_error'
+require 'rspec'
+
+RSpec.describe SecureNative do
+  it 'gets sdk instance without init throws' do
+    expect { SecureNative.instance }.to raise_error(SecureNativeSDKIllegalStateError)
+  end
+
+  it 'inits sdk without api key and throws' do
+    expect { SecureNative.init_with_options(ConfigurationManager.config_builder) }.to raise_error(SecureNativeSDKError)
+  end
+
+  it 'inits sdk with empty api key and throws' do
+    expect { SecureNative.init_with_api_key('') }.to raise_error(SecureNativeConfigError)
+  end
+
+  # TODO: fix event manager
+  # it 'inits sdk with api key and defaults' do
+  #   SecureNative._flush
+  #   api_key = 'API_KEY'
+  #   securenative = SecureNative.init_with_api_key(api_key)
+  #   options = securenative.options
+  #
+  #   expect(options.api_key).to eq(api_key)
+  #   expect(options.api_url).to eq('https://api.securenative.com/collector/api/v1')
+  #   expect(options.interval).to eq(1000)
+  #   expect(options.timeout).to eq(1500)
+  #   expect(options.max_events).to eq(100)
+  #   expect(options.auto_send).to eq(true)
+  #   expect(options.disable).to eq(false)
+  #   expect(options.log_level).to eq('FATAL')
+  #   expect(options.fail_over_strategy).to eq(FailOverStrategy::FAIL_OPEN)
+  # end
+
+  # TODO: fix event manager
+  # it 'inits sdk twice and throws' do
+  #   expect { SecureNative.init_with_api_key('API_KEY') }.to raise_error(SecureNativeSDKError)
+  # end
+
+  # TODO: fix event manager
+  # it 'inits sdk with api key and gets instance' do
+  #   SecureNative._flush
+  #   api_key = 'API_KEY'
+  #   securenative = SecureNative.init_with_api_key(api_key)
+  #
+  #   expect(securenative).to eq(SecureNative.instance)
+  # end
+
+  # TODO: fix event manager
+  # it 'inits sdk with builder' do
+  #   SecureNative._flush
+  #   securenative = SecureNative.init_with_options(SecureNative.config_builder(api_key: 'API_KEY', max_events: 10, log_level: 'ERROR'))
+  #   options = securenative.options
+  #
+  #   expect(options.api_key).to eq('API_KEY')
+  #   expect(options.max_events).to eq(10)
+  #   expect(options.log_level).to eq('ERROR')
+  # end
+end

data/out/test/securenative-ruby/spec_securenative_http_client.rb

@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+require 'http/securenative_http_client'
+require 'config/configuration_builder'
+require 'webmock/rspec'
+require 'rspec'
+
+RSpec.describe SecureNativeHttpClient do
+  it 'makes a simple post call' do
+    options = ConfigurationBuilder.new(api_key: 'YOUR_API_KEY', api_url: 'https://api.securenative-stg.com/collector/api/v1')
+
+    stub_request(:post, 'https://api.securenative-stg.com/collector/api/v1/track')
+      .with(body: { event: 'SOME_EVENT_NAME' }).to_return(status: 200)
+    client = SecureNativeHttpClient.new(options)
+    payload = '{"event": "SOME_EVENT_NAME"}'
+
+    res = client.post('track', payload)
+
+    expect(res.ok).to eq(true)
+    expect(res.status_code).to eq(200)
+    expect(res.text).to eq(payload)
+  end
+end