securenative 0.1.23 → 0.1.24

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 7ba285b1ac9a68c9cb1143ab595a4c052636e47b8d4cc39e16821e0582e06a62
-  data.tar.gz: c6295e963d7440c4dc8be4046077cafb4af96311f500fa2220717bf726b0ffba
+  metadata.gz: d106e0702046e45250d4005ee93dc1baa17d5fa31cf393f3993a5667e3d14703
+  data.tar.gz: caba785bb61b1c517d98669d59f9ef1ae6e357f49ef2dbfbd6f41eeb0c96f0da
 SHA512:
-  metadata.gz: 7f78c7385e543d75dd106611eb77f71004fcb12d10702ae99a02af27cf3273bd45fcb2d5c7725a7001f143973f1cf2d70c19b3d57e3222d0b7965a40ec343f2c
-  data.tar.gz: fada20df309348b5e74a8886fb5855d51aed1ad4ba2245dd23df60f409b1fd6e3bc11efd829b4b21a2b0fa9cf2dac45c08628f088e49879a09a45853aee52ef7
+  metadata.gz: ab405d8068d865533569350a378853d5b864ad3933f7d394c8fb81e3d08365bfffff6f1fdf9bd5da6e8ca25adb9355ca1cd473ce68aed723318fa86171834d9c
+  data.tar.gz: 2b0f71f461ac6c9ec58f9c7d3cc75ac6cde418ee70da7f2df73102e56ddf4a3a0d22d883f124efe95e807c2cd07ba969f860561eccc8d460a45e775aab324bf0

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    securenative (0.1.23)
+    securenative (0.1.24)
 
 GEM
   remote: https://rubygems.org/
@@ -68,8 +68,7 @@ GEM
       json
       simplecov
     concurrent-ruby (1.1.7)
-    crack (0.4.3)
-      safe_yaml (~> 1.0.0)
+    crack (0.4.4)
     crass (1.0.6)
     diff-lcs (1.4.4)
     docile (1.3.2)
@@ -219,11 +218,10 @@ GEM
       rspec-support (~> 3.9.0)
     rspec-support (3.9.3)
     ruby2_keywords (0.0.2)
-    safe_yaml (1.0.5)
     simplecov (0.19.0)
       docile (~> 1.1)
       simplecov-html (~> 0.11)
-    simplecov-html (0.12.2)
+    simplecov-html (0.12.3)
     sinatra (2.1.0)
       mustermann (~> 1.0)
       rack (~> 2.2)

data/README.md

@@ -50,36 +50,36 @@ To get your *API KEY*, login to your SecureNative account and go to project sett
 SecureNative can automatically load your config from *securenative.yml* file or from the file that is specified in your *SECURENATIVE_CONFIG_FILE* env variable:
 
 ```ruby
-require 'securenative'
+require 'securenative/securenative'
 
 
-secureative =  SecureNative.init
+secureative =  SecureNative::SecureNative.init
 ```
 ### Option 2: Initialize via API Key
 
 ```ruby
-require 'securenative'
+require 'securenative/sdk'
 
 
-securenative =  SecureNative.init_with_api_key('YOUR_API_KEY')
+securenative =  SecureNative::SecureNative.init_with_api_key('YOUR_API_KEY')
 ```
 
 ### Option 3: Initialize via ConfigurationBuilder
 ```ruby
-require 'securenative'
+require 'securenative/sdk'
 
 
-options = ConfigurationBuilder.new(api_key: 'API_KEY', max_events: 10, log_level: 'ERROR')
-SecureNative.init_with_options(options)                                 
+options = SecureNative::ConfigurationBuilder.new(api_key: 'API_KEY', max_events: 10, log_level: 'ERROR')
+SecureNative::SecureNative.init_with_options(options)                                 
 ```
 
 ## Getting SecureNative instance
 Once initialized, sdk will create a singleton instance which you can get: 
 ```ruby
-require 'securenative'
+require 'securenative/sdk'
 
 
-secureNative = SecureNative.instance
+secureNative = SecureNative::SecureNative.instance
 ```
 
 ## Tracking events
@@ -88,19 +88,19 @@ Once the SDK has been initialized, tracking requests sent through the SDK
 instance. Make sure you build event with the EventBuilder:
 
  ```ruby
-require 'securenative'
-require 'models/event_options'
-require 'enums/event_types'
-require 'models/user_traits'
+require 'securenative/sdk'
+require 'securenative/models/event_options'
+require 'securenative/enums/event_types'
+require 'securenative/models/user_traits'
 
 
 def track
-    securenative = SecureNative.instance
-    context = SecureNativeContext.new(client_token: 'SECURED_CLIENT_TOKEN', ip: '127.0.0.1',
+    securenative = SecureNative::SecureNative.instance
+    context = SecureNative::SecureNativeContext.new(client_token: 'SECURED_CLIENT_TOKEN', ip: '127.0.0.1',
                                        headers: { 'user-agent' => 'Mozilla: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:47.0) Gecko/20100101 Firefox/47.3 Mozilla/5.0 (Macintosh; Intel Mac OS X x.y; rv:42.0) Gecko/20100101 Firefox/43.4' })
     
-    event_options = EventOptions.new(event: EventTypes::LOG_IN, user_id: '1234', context: context,
-                                     user_traits: UserTraits.new(name: 'Your Name', email: 'name@gmail.com', phone: '+1234567890'),
+    event_options = SecureNative::EventOptions.new(event: SecureNative::EventTypes::LOG_IN, user_id: '1234', context: context,
+                                     user_traits: SecureNative::UserTraits.new(name: 'Your Name', email: 'name@gmail.com', phone: '+1234567890'),
                                      properties: { custom_param1: 'CUSTOM_PARAM_VALUE', custom_param2: true, custom_param3: 3 })
     
     securenative.track(event_options)
@@ -109,21 +109,21 @@ def track
 end
  ```
 
-You can also create request context from requests:
+You can also create request securenative.context from requests:
 
 ```ruby
-require 'securenative'
-require 'models/event_options'
-require 'enums/event_types'
-require 'models/user_traits'
+require 'securenative/sdk'
+require 'securenative/models/event_options'
+require 'securenative/enums/event_types'
+require 'securenative/models/user_traits'
 
 
 def track(request)
-    securenative = SecureNative.instance
-    context = SecureNativeContext.from_http_request(request)
+    securenative = SecureNative::SecureNative.instance
+    context = SecureNative::SecureNativeContext.from_http_request(request)
     
-    event_options = EventOptions.new(event: EventTypes::LOG_IN, user_id: '1234', context: context,
-                                     user_traits: UserTraits.new(name: 'Your Name', email: 'name@gmail.com', phone: '+1234567890'),
+    event_options = SecureNative::EventOptions.new(event: SecureNative::EventTypes::LOG_IN, user_id: '1234', context: context,
+                                     user_traits: SecureNative::UserTraits.new(name: 'Your Name', email: 'name@gmail.com', phone: '+1234567890'),
                                      properties: { custom_param1: 'CUSTOM_PARAM_VALUE', custom_param2: true, custom_param3: 3 })
     
     securenative.track(event_options)
@@ -137,18 +137,18 @@ end
 **Example**
 
 ```ruby
-require 'securenative'
-require 'models/event_options'
-require 'enums/event_types'
-require 'models/user_traits'
+require 'securenative/sdk'
+require 'securenative/models/event_options'
+require 'securenative/enums/event_types'
+require 'securenative/models/user_traits'
 
 
 def verify(request)
-    securenative = SecureNative.instance
-    context = SecureNativeContext.from_http_request(request)
+    securenative = SecureNative::SecureNative.instance
+    context = SecureNative::SecureNativeContext.from_http_request(request)
 
-    event_options = EventOptions.new(event: EventTypes::LOG_IN, user_id: '1234', context: context,
-                                         user_traits: UserTraits.new(name: 'Your Name', email: 'name@gmail.com', phone: '+1234567890'),
+    event_options = SecureNative::EventOptions.new(event: SecureNative::EventTypes::LOG_IN, user_id: '1234', context: context,
+                                         user_traits: SecureNative::UserTraits.new(name: 'Your Name', email: 'name@gmail.com', phone: '+1234567890'),
                                          properties: { custom_param1: 'CUSTOM_PARAM_VALUE', custom_param2: true, custom_param3: 3 })
     
     verify_result = securenative.verify(event_options)
@@ -163,11 +163,11 @@ end
 Apply our filter to verify the request is from us, for example:
 
 ```ruby
-require 'securenative'
+require 'securenative/sdk'
 
 
 def webhook_endpoint(request)
-    securenative = SecureNative.instance
+    securenative = SecureNative::SecureNative.instance
     
     # Checks if request is verified
     is_verified = securenative.verify_request_payload(request)

data/lib/securenative/api_manager.rb

@@ -0,0 +1,41 @@
+# frozen_string_literal: true
+
+require 'securenative/models/sdk_event'
+require 'securenative/enums/failover_strategy'
+require 'securenative/enums/risk_level'
+require 'securenative/enums/api_route'
+require 'securenative/models/verify_result'
+require 'json'
+
+module SecureNative
+  class ApiManager
+    def initialize(event_manager, securenative_options)
+      @event_manager = event_manager
+      @options = securenative_options
+    end
+
+    def track(event_options)
+      SecureNativeLogger.debug('Track event call')
+      event = SDKEvent.new(event_options, @options)
+      @event_manager.send_async(event, ApiRoute::TRACK)
+    end
+
+    def verify(event_options)
+      SecureNativeLogger.debug('Verify event call')
+      event = SDKEvent.new(event_options, @options)
+
+      begin
+        res = @event_manager.send_sync(event, ApiRoute::VERIFY, false)
+        ver_result = JSON.parse(res.body)
+        return VerifyResult.new(risk_level: ver_result['riskLevel'], score: ver_result['score'], triggers: ver_result['triggers'])
+      rescue StandardError => e
+        SecureNativeLogger.debug("Failed to call verify; #{e}")
+      end
+      if @options.fail_over_strategy == FailOverStrategy::FAIL_OPEN
+        return VerifyResult.new(risk_level: RiskLevel::LOW, score: 0, triggers: nil)
+      end
+
+      VerifyResult.new(risk_level: RiskLevel::HIGH, score: 1, triggers: nil)
+    end
+  end
+end

data/lib/securenative/config/configuration_builder.rb

@@ -0,0 +1,29 @@
+# frozen_string_literal: true
+
+require 'securenative/enums/failover_strategy'
+
+module SecureNative
+  class ConfigurationBuilder
+    attr_reader :api_key, :api_url, :interval, :max_events, :timeout, :auto_send, :disable, :log_level, :fail_over_strategy, :proxy_headers
+    attr_writer :api_key, :api_url, :interval, :max_events, :timeout, :auto_send, :disable, :log_level, :fail_over_strategy, :proxy_headers
+
+    def initialize(api_key: nil, api_url: 'https://api.securenative.com/collector/api/v1', interval: 1000,
+                   max_events: 1000, timeout: 1500, auto_send: true, disable: false, log_level: 'FATAL',
+                   fail_over_strategy: FailOverStrategy::FAIL_OPEN, proxy_headers: nil)
+      @api_key = api_key
+      @api_url = api_url
+      @interval = interval
+      @max_events = max_events
+      @timeout = timeout
+      @auto_send = auto_send
+      @disable = disable
+      @log_level = log_level
+      @fail_over_strategy = fail_over_strategy
+      @proxy_headers = proxy_headers
+    end
+
+    def self.default_securenative_options
+      SecureNativeOptions.new
+    end
+  end
+end

data/lib/securenative/config/configuration_manager.rb

@@ -0,0 +1,58 @@
+# frozen_string_literal: true
+
+require 'yaml'
+require 'securenative/config/configuration_builder'
+
+module SecureNative
+  class ConfigurationManager
+    DEFAULT_CONFIG_FILE = 'securenative.yml'
+    CUSTOM_CONFIG_FILE_ENV_NAME = 'SECURENATIVE_CONFIG_FILE'
+    @config = nil
+
+    def self.read_resource_file(resource_path)
+      properties = {}
+      begin
+        @config = YAML.load_file(resource_path)
+        properties = @config unless @config.nil?
+      rescue StandardError => e
+        SecureNativeLogger.error("Could not parse securenative.config file #{resource_path}; #{e}")
+      end
+      properties
+    end
+
+    def self._get_resource_path(env_name)
+      Env.fetch(env_name, ENV[DEFAULT_CONFIG_FILE])
+    end
+
+    def self.config_builder
+      ConfigurationBuilder.new
+    end
+
+    def self._get_env_or_default(properties, key, default)
+      return ENV[key] if ENV[key]
+      return properties[key] if properties[key]
+
+      default
+    end
+
+    def self.load_config
+      options = ConfigurationBuilder.default_securenative_options
+
+      resource_path = DEFAULT_CONFIG_FILE
+      resource_path = ENV[CUSTOM_CONFIG_FILE_ENV_NAME] unless ENV[CUSTOM_CONFIG_FILE_ENV_NAME].nil?
+
+      properties = read_resource_file(resource_path)
+
+      ConfigurationBuilder.new(api_key: _get_env_or_default(properties, 'SECURENATIVE_API_KEY', options.api_key),
+                               api_url: _get_env_or_default(properties, 'SECURENATIVE_API_URL', options.api_url),
+                               interval: _get_env_or_default(properties, 'SECURENATIVE_INTERVAL', options.interval),
+                               max_events: _get_env_or_default(properties, 'SECURENATIVE_MAX_EVENTS', options.max_events),
+                               timeout: _get_env_or_default(properties, 'SECURENATIVE_TIMEOUT', options.timeout),
+                               auto_send: _get_env_or_default(properties, 'SECURENATIVE_AUTO_SEND', options.auto_send),
+                               disable: _get_env_or_default(properties, 'SECURENATIVE_DISABLE', options.disable),
+                               log_level: _get_env_or_default(properties, 'SECURENATIVE_LOG_LEVEL', options.log_level),
+                               fail_over_strategy: _get_env_or_default(properties, 'SECURENATIVE_FAILOVER_STRATEGY', options.fail_over_strategy),
+                               proxy_headers: _get_env_or_default(properties, 'SECURENATIVE_PROXY_HEADERS', options.proxy_headers))
+    end
+  end
+end

data/lib/securenative/config/securenative_options.rb

@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+
+require 'securenative/enums/failover_strategy'
+
+module SecureNative
+  class SecureNativeOptions
+    attr_reader :api_key, :api_url, :interval, :max_events, :timeout, :auto_send, :disable, :log_level, :fail_over_strategy, :proxy_headers
+    attr_writer :api_key, :api_url, :interval, :max_events, :timeout, :auto_send, :disable, :log_level, :fail_over_strategy, :proxy_headers
+
+    def initialize(api_key: nil, api_url: "https://api.securenative.com/collector/api/v1", interval: 1000,
+                   max_events: 1000, timeout: 1500, auto_send: true, disable: false, log_level: "FATAL",
+                   fail_over_strategy: FailOverStrategy::FAIL_OPEN, proxy_headers: nil)
+      @api_key = api_key
+      @api_url = api_url
+      @interval = interval
+      @max_events = max_events
+      @timeout = timeout
+      @auto_send = auto_send
+      @disable = disable
+      @log_level = log_level
+      @fail_over_strategy = fail_over_strategy
+      @proxy_headers = proxy_headers
+    end
+  end
+end

data/lib/securenative/context/hanami_context.rb

@@ -0,0 +1,44 @@
+# frozen_string_literal: true
+
+module SecureNative
+  class HanamiContext
+    SECURENATIVE_COOKIE = '_sn'
+
+    def self.get_client_token(request)
+      begin
+        request.env[SECURENATIVE_COOKIE]
+      rescue StandardError
+        begin
+          request.cookies[SECURENATIVE_COOKIE]
+        rescue StandardError
+          nil
+        end
+      end
+    end
+
+    def self.get_url(request)
+      begin
+        request.env['REQUEST_PATH']
+      rescue StandardError
+        nil
+      end
+    end
+
+    def self.get_method(request)
+      begin
+        request.request_method
+      rescue StandardError
+        nil
+      end
+    end
+
+    def self.get_headers(request)
+      begin
+        # Note: At the moment we're filtering out everything but user-agent since ruby's payload is way too big
+        { 'user-agent' => request.env['HTTP_USER_AGENT'] }
+      rescue StandardError
+        nil
+      end
+    end
+  end
+end

data/lib/securenative/context/rails_context.rb

@@ -0,0 +1,46 @@
+# frozen_string_literal: true
+
+module SecureNative
+  class RailsContext
+    SECURENATIVE_COOKIE = '_sn'
+
+    def self.get_client_token(request)
+      begin
+        request.cookies[SECURENATIVE_COOKIE]
+      rescue StandardError
+        nil
+      end
+    end
+
+    def self.get_url(request)
+      begin
+        # Rails >= 3.x
+        request.fullpath
+      rescue StandardError
+        begin
+          # Rails < 3.x & Sinatra
+          request.url if url.nil?
+        rescue StandardError
+          nil
+        end
+      end
+    end
+
+    def self.get_method(request)
+      begin
+        request.method
+      rescue StandardError
+        nil
+      end
+    end
+
+    def self.get_headers(request)
+      begin
+        # Note: At the moment we're filtering out everything but user-agent since ruby's payload is way too big
+        {'user-agent' => request.env['HTTP_USER_AGENT']}
+      rescue StandardError
+        nil
+      end
+    end
+  end
+end

data/lib/securenative/context/securenative_context.rb

@@ -0,0 +1,69 @@
+# frozen_string_literal: true
+
+require 'securenative/utils/request_utils'
+require 'securenative/utils/utils'
+require 'securenative/context/rails_context'
+require 'securenative/context/hanami_context'
+require 'securenative/context/sinatra_context'
+
+module SecureNative
+  class SecureNativeContext
+    attr_reader :client_token, :ip, :remote_ip, :headers, :url, :http_method, :body
+    attr_writer :client_token, :ip, :remote_ip, :headers, :url, :http_method, :body
+
+    SECURENATIVE_COOKIE = '_sn'
+
+    def initialize(client_token: '', ip: '', remote_ip: '', headers: nil, url: '', http_method: '', body: '')
+      @client_token = client_token
+      @ip = ip
+      @remote_ip = remote_ip
+      @headers = headers
+      @url = url
+      @http_method = http_method
+      @body = body
+    end
+
+    def self.default_context_builder
+      SecureNativeContext.new
+    end
+
+    def self.from_http_request(request)
+      client_token = RailsContext.get_client_token(request)
+      client_token = SinatraContext.get_client_token(request) if client_token.nil?
+      client_token = HanamiContext.get_client_token(request) if client_token.nil?
+
+      begin
+        headers = RailsContext.get_headers(request)
+        headers = SinatraContext.get_headers(request) if headers.nil?
+        headers = HanamiContext.get_headers(request) if headers.nil?
+
+        # Standard Ruby request
+        headers = request.header.to_hash if headers.nil?
+      rescue StandardError
+        headers = []
+      end
+
+      url = RailsContext.get_url(request)
+      url = SinatraContext.get_url(request) if url.nil?
+      url = HanamiContext.get_url(request) if url.nil?
+      url = '' if url.nil?
+
+      method = RailsContext.get_method(request)
+      method = SinatraContext.get_method(request) if method.nil?
+      method = HanamiContext.get_method(request) if method.nil?
+      method = '' if method.nil?
+
+      begin
+        body = request.body.to_s
+      rescue StandardError
+        body = ''
+      end
+
+      client_token = RequestUtils.get_secure_header_from_request(headers) if Utils.null_or_empty?(client_token)
+
+      SecureNativeContext.new(client_token: client_token, ip: RequestUtils.get_client_ip_from_request(request),
+                              remote_ip: RequestUtils.get_remote_ip_from_request(request),
+                              headers: headers, url: url, http_method: method || '', body: body)
+    end
+  end
+end