securenative 0.1.5 → 0.1.21

data/out/test/securenative-ruby/spec_signature_utils.rb

@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+
+require 'utils/signature_utils'
+require 'rspec'
+
+RSpec.describe SignatureUtils do
+  it 'verifies request payload' do
+    signature = 'c4574c1748064735513697750c6223ff36b03ae3b85b160ce8788557d01e1d9d1c9cd942074323ee0061d3dcc8c94359c5acfa6eee8e2da095b3967b1a88ab73'
+    payload = '{"id":"4a9157ffbd18cfbd73a57298","type":"security-action","flow":{"id":"62298c73a9bb433fbd1f75984a9157fd","name":"Block user that violates geo velocity"},"userId":"73a9bb433fbd1f75984a9157","userTraits":{"name":"John Doe","email":"john.doe@gmail.com"},"request":{"ip":"10.0.0.0","fp":"9bb433fb984a9157d1f7598"},"action":"block","properties":{"type":"customer"},"timestamp":"2020-02-23T22:28:55.387Z"}'
+    secret_key = 'B00C42DAD33EAC6F6572DA756EA4915349C0A4F6'
+
+    expect(SignatureUtils.valid_signature?(secret_key, payload, signature)).to be_truthy
+  end
+
+  it 'verifies request empty signature' do
+    expect(SignatureUtils.valid_signature?('', '', 'B00C42DAD33EAC6F6572DA756EA4915349C0A4F6')).to be_falsey
+  end
+end

data/securenative.gemspec

@@ -1,14 +1,14 @@
 lib = File.expand_path("lib", __dir__)
 $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
-require "securenative/config"
+require_relative "lib/utils/version_utils"
 
 Gem::Specification.new do |spec|
   spec.name          = "securenative"
-  spec.version       = Config::SDK_VERSION
+  spec.version       = "0.1.21"
   spec.authors       = ["SecureNative"]
   spec.email         = ["support@securenative.com"]
 
-  spec.summary       = %q{SecureNative SDK for ruby}
+  spec.summary       = %q{SecureNative SDK for Ruby}
   spec.homepage      = "https://www.securenative.com"
   spec.license       = "MIT"
 
@@ -24,5 +24,5 @@ Gem::Specification.new do |spec|
   spec.require_paths = ["lib"]
 
   spec.add_development_dependency "bundler", "~> 2.0"
-  spec.add_development_dependency "rake", "~> 10.0"
+  spec.add_development_dependency "rake", "~> 12.3.3"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: securenative
 version: !ruby/object:Gem::Version
-  version: 0.1.5
+  version: 0.1.21
 platform: ruby
 authors:
 - SecureNative
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2019-08-14 00:00:00.000000000 Z
+date: 2020-08-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -30,14 +30,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '10.0'
+        version: 12.3.3
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '10.0'
+        version: 12.3.3
 description: 
 email:
 - support@securenative.com
@@ -45,7 +45,12 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- ".github/workflows/ci.yml"
+- ".github/workflows/publish.yml"
+- ".github/workflows/test.yml"
 - ".gitignore"
+- ".rakeTasks"
+- ".rspec"
 - Gemfile
 - Gemfile.lock
 - LICENSE
@@ -53,16 +58,92 @@ files:
 - Rakefile
 - bin/console
 - bin/setup
+- lib/api_manager.rb
+- lib/config/configuration_builder.rb
+- lib/config/configuration_manager.rb
+- lib/config/securenative_options.rb
+- lib/context/hanami_context.rb
+- lib/context/rails_context.rb
+- lib/context/securenative_context.rb
+- lib/context/sinatra_context.rb
+- lib/enums/api_route.rb
+- lib/enums/event_types.rb
+- lib/enums/failover_strategy.rb
+- lib/enums/risk_level.rb
+- lib/errors/securenative_config_error.rb
+- lib/errors/securenative_http_error.rb
+- lib/errors/securenative_invalid_options_error.rb
+- lib/errors/securenative_invalid_uri_error.rb
+- lib/errors/securenative_parse_error.rb
+- lib/errors/securenative_sdk_Illegal_state_error.rb
+- lib/errors/securenative_sdk_error.rb
+- lib/event_manager.rb
+- lib/http/secure_native_http_response.rb
+- lib/http/securenative_http_client.rb
+- lib/models/client_token.rb
+- lib/models/device.rb
+- lib/models/event_options.rb
+- lib/models/request_context.rb
+- lib/models/request_options.rb
+- lib/models/sdk_event.rb
+- lib/models/user_traits.rb
+- lib/models/verify_result.rb
 - lib/securenative.rb
-- lib/securenative/config.rb
-- lib/securenative/event_manager.rb
-- lib/securenative/event_options.rb
-- lib/securenative/event_type.rb
-- lib/securenative/http_client.rb
-- lib/securenative/secure_native_sdk.rb
-- lib/securenative/securenative_options.rb
-- lib/securenative/sn_exception.rb
-- lib/securenative/utils.rb
+- lib/utils/date_utils.rb
+- lib/utils/encryption_utils.rb
+- lib/utils/ip_utils.rb
+- lib/utils/request_utils.rb
+- lib/utils/secure_native_logger.rb
+- lib/utils/signature_utils.rb
+- lib/utils/utils.rb
+- lib/utils/version_utils.rb
+- out/production/securenative-ruby/api_manager.rb
+- out/production/securenative-ruby/config/configuration_builder.rb
+- out/production/securenative-ruby/config/configuration_manager.rb
+- out/production/securenative-ruby/config/securenative_options.rb
+- out/production/securenative-ruby/context/securenative_context.rb
+- out/production/securenative-ruby/enums/api_route.rb
+- out/production/securenative-ruby/enums/event_types.rb
+- out/production/securenative-ruby/enums/failover_strategy.rb
+- out/production/securenative-ruby/enums/risk_level.rb
+- out/production/securenative-ruby/errors/securenative_config_error.rb
+- out/production/securenative-ruby/errors/securenative_http_error.rb
+- out/production/securenative-ruby/errors/securenative_invalid_options_error.rb
+- out/production/securenative-ruby/errors/securenative_invalid_uri_error.rb
+- out/production/securenative-ruby/errors/securenative_parse_error.rb
+- out/production/securenative-ruby/errors/securenative_sdk_Illegal_state_error.rb
+- out/production/securenative-ruby/errors/securenative_sdk_error.rb
+- out/production/securenative-ruby/event_manager.rb
+- out/production/securenative-ruby/event_options.rb
+- out/production/securenative-ruby/http/http_response.rb
+- out/production/securenative-ruby/http/securenative_http_client.rb
+- out/production/securenative-ruby/models/client_token.rb
+- out/production/securenative-ruby/models/device.rb
+- out/production/securenative-ruby/models/event_options.rb
+- out/production/securenative-ruby/models/request_context.rb
+- out/production/securenative-ruby/models/request_options.rb
+- out/production/securenative-ruby/models/sdk_event.rb
+- out/production/securenative-ruby/models/user_traits.rb
+- out/production/securenative-ruby/models/verify_result.rb
+- out/production/securenative-ruby/securenative.rb
+- out/production/securenative-ruby/utils/date_utils.rb
+- out/production/securenative-ruby/utils/encryption_utils.rb
+- out/production/securenative-ruby/utils/ip_utils.rb
+- out/production/securenative-ruby/utils/request_utils.rb
+- out/production/securenative-ruby/utils/secure_native_logger.rb
+- out/production/securenative-ruby/utils/signature_utils.rb
+- out/production/securenative-ruby/utils/utils.rb
+- out/production/securenative-ruby/utils/version_utils.rb
+- out/test/securenative-ruby/spec_api_manager.rb
+- out/test/securenative-ruby/spec_context_builder.rb
+- out/test/securenative-ruby/spec_date_utils.rb
+- out/test/securenative-ruby/spec_encryption_utils.rb
+- out/test/securenative-ruby/spec_event_manager.rb
+- out/test/securenative-ruby/spec_helper.rb
+- out/test/securenative-ruby/spec_ip_utils.rb
+- out/test/securenative-ruby/spec_securenative.rb
+- out/test/securenative-ruby/spec_securenative_http_client.rb
+- out/test/securenative-ruby/spec_signature_utils.rb
 - securenative.gemspec
 homepage: https://www.securenative.com
 licenses:
@@ -84,8 +165,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.4
+rubygems_version: 3.0.3
 signing_key: 
 specification_version: 4
-summary: SecureNative SDK for ruby
+summary: SecureNative SDK for Ruby
 test_files: []

data/lib/securenative/config.rb

@@ -1,9 +0,0 @@
-module Config
-    SDK_VERSION = '0.1.5'
-    MAX_ALLOWED_PARAMS = 6
-    API_URL_PROD = "https://api.securenative.com/collector/api/v1"
-    API_URL_STG = "https://api.securenative-stg.com/collector/api/v1"
-    TRACK_EVENT = "/track"
-    VERIFY_EVENT = "/verify"
-    FLOW_EVENT = "/flow"
-end

data/lib/securenative/event_manager.rb

@@ -1,88 +0,0 @@
-require_relative 'securenative_options'
-require_relative 'http_client'
-require_relative 'sn_exception'
-require 'json'
-require 'thread'
-
-class QueueItem
-  def initialize(url, body)
-    @url = url
-    @body = body
-  end
-
-  attr_reader :url
-  attr_reader :body
-end
-
-class EventManager
-  def initialize(api_key, options: SecureNativeOptions.new, http_client: HttpClient.new)
-    if api_key == nil
-      raise SecureNativeSDKException.new
-    end
-
-    @api_key = api_key
-    @options = options
-    @http_client = http_client
-    @queue = Queue.new
-
-    if @options.auto_send
-      interval_seconds = [(@options.interval / 1000).floor, 1].max
-      Thread.new do
-        loop do
-          flush
-          sleep(interval_seconds)
-        end
-      end
-    end
-  end
-
-  def send_async(event, path)
-    q_item = QueueItem.new(build_url(path), event)
-    @queue.push(q_item)
-  end
-
-  def send_sync(event, path)
-    @http_client.post(
-        build_url(path),
-        @api_key,
-        event.to_hash.to_json
-    )
-  end
-
-  def flush
-    if is_queue_full
-      i = @options.max_events - 1
-      while i >= 0
-        item = @queue.pop
-        @http_client.post(
-            build_url(item.url),
-            @api_key,
-            item.body.to_hash.to_json
-        )
-      end
-    else
-      q = Array.new(@queue.size) {@queue.pop}
-      q.each do |item|
-        @http_client.post(
-            build_url(item.url),
-            @api_key,
-            item.body
-        )
-        @queue = Queue.new
-      end
-    end
-  end
-
-  private
-
-  def build_url(path)
-    @options.api_url + path
-  end
-
-  private
-
-  def is_queue_full
-    @queue.length > @options.max_events
-  end
-
-end

data/lib/securenative/event_options.rb

@@ -1,86 +0,0 @@
-require 'securerandom'
-
-class User
-  def initialize(user_id: "", user_email: "", user_name: "")
-    @user_id = user_id
-    @user_email = user_email
-    @user_name = user_name
-  end
-
-  attr_reader :user_id
-  attr_reader :user_email
-  attr_reader :user_name
-end
-
-class Event
-  def initialize(event_type, user: User(), ip: "127.0.0.1", remote_ip: "127.0.0.1", user_agent: "unknown", sn_cookie: nil, params: nil)
-    @event_type = event_type
-    @user = user
-    @ip = ip
-    @remote_ip = remote_ip
-    @user_agent = user_agent
-    @cid = ""
-    @fp = ""
-
-    if params
-      unless params.length > 0 && params[0].instance_of?(CustomParam)
-        raise ArgumentError("custom params should be a list of CustomParams")
-      end
-    end
-    @params = params
-
-    if sn_cookie
-      @cid, @cid = Utils.parse_cookie(sn_cookie)
-    end
-    @vid = SecureRandom.uuid
-    @ts = Time.now.getutc.to_i
-  end
-
-  def to_hash
-    p = Array.new
-    if @params
-      @params.each do |param|
-        p << {:key => param.key, :value => param.value}
-      end
-    end
-
-    {
-        :eventType => @event_type,
-        :user => {
-            :id => @user.user_id,
-            :email => @user.user_email,
-            :name => @user.user_name
-        },
-        :remoteIP => @remote_ip,
-        :ip => @ip,
-        :cid => @cid,
-        :fp => @fp,
-        :ts => @ts,
-        :vid => @vid,
-        :userAgent => @user_agent,
-        :device => Hash.new,
-        :params => p
-    }
-  end
-
-  attr_reader :cid
-  attr_reader :params
-  attr_reader :user_agent
-  attr_reader :user
-  attr_reader :remote_ip
-  attr_reader :event_type
-  attr_reader :fp
-  attr_reader :ip
-  attr_reader :ts
-  attr_reader :vid
-end
-
-class CustomParam
-  def initialize(key, value)
-    @key = key
-    @value = value
-  end
-
-  attr_reader :key
-  attr_reader :value
-end

data/lib/securenative/event_type.rb

@@ -1,21 +0,0 @@
-module EventType
-  LOG_IN = "sn.user.login"
-  LOG_IN_CHALLENGE = "sn.user.login.challenge"
-  LOG_IN_FAILURE = "sn.user.login.failure"
-  LOG_OUT = "sn.user.logout"
-  SIGN_UP = "sn.user.signup"
-  AUTH_CHALLENGE = "sn.user.auth.challenge"
-  AUTH_CHALLENGE_SUCCESS = "sn.user.auth.challenge.success"
-  AUTH_CHALLENGE_FAILURE = "sn.user.auth.challenge.failure"
-  TWO_FACTOR_DISABLE = "sn.user.2fa.disable"
-  EMAIL_UPDATE = "sn.user.email.update"
-  PASSWORD_RESET = "sn.user.password.reset"
-  PASSWORD_RESET_SUCCESS = "sn.user.password.reset.success"
-  PASSWORD_UPDATE = "sn.user.password.update"
-  PASSWORD_RESET_FAILURE = "sn.user.password.reset.failure"
-  USER_INVITE = "sn.user.invite"
-  ROLE_UPDATE = "sn.user.role.update"
-  PROFILE_UPDATE = "sn.user.profile.update"
-  PAGE_VIEW = "sn.user.page.view"
-  VERIFY = "sn.verify"
-end

data/lib/securenative/http_client.rb

@@ -1,20 +0,0 @@
-require 'httpclient'
-
-class HttpClient
-  def initialize
-    @client = HTTPClient.new
-  end
-
-  def headers(api_key)
-    {
-        "Content-Type" => 'application/json',
-        "User-Agent" => 'SecureNative-ruby',
-        "Sn-Version" => Config::SDK_VERSION,
-        "Authorization" => api_key
-    }
-  end
-
-  def post(url, api_key, body)
-    @client.post(url, body, self.headers(api_key))
-  end
-end

data/lib/securenative/secure_native_sdk.rb

@@ -1,62 +0,0 @@
-require_relative 'event_manager'
-require_relative 'config'
-require_relative 'sn_exception'
-require_relative 'utils'
-require 'json'
-
-class SecureNativeSDK
-  def initialize(api_key, options: SecureNativeOptions.new)
-    if api_key == nil
-      raise SecureNativeSDKException.new
-    end
-
-    @api_key = api_key
-    @options = options
-    @event_manager = EventManager.new(@api_key, options: @options)
-  end
-
-  def api_key
-    @api_key
-  end
-
-  def version
-    Config::SDK_VERSION
-  end
-
-  def track(event)
-    validate_event(event)
-    @event_manager.send_async(event, Config::TRACK_EVENT)
-  end
-
-  def verify(event)
-    validate_event(event)
-    res = @event_manager.send_sync(event, Config::VERIFY_EVENT)
-    if res.status_code == 200
-      return JSON.parse(res.body)
-    end
-    nil
-  end
-
-  def flow(event) # Note: For future purposes
-    validate_event(event)
-    @event_manager.send_async(event, Config::FLOW_EVENT)
-  end
-
-  def verify_webhook(hmac_header, body)
-    Utils.verify_signature(@api_key, body, hmac_header)
-  end
-
-  def flush
-    @event_manager.flush
-  end
-
-  private
-
-  def validate_event(event)
-    unless event.params.nil?
-      if event.params.length > Config::MAX_ALLOWED_PARAMS
-        event.params = event.params[0, Config::MAX_ALLOWED_PARAMS]
-      end
-    end
-  end
-end