securenative 0.1.23 → 0.1.24
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile.lock +3 -5
- data/README.md +36 -36
- data/lib/securenative/api_manager.rb +41 -0
- data/lib/securenative/config/configuration_builder.rb +29 -0
- data/lib/securenative/config/configuration_manager.rb +58 -0
- data/lib/securenative/config/securenative_options.rb +25 -0
- data/lib/securenative/context/hanami_context.rb +44 -0
- data/lib/securenative/context/rails_context.rb +46 -0
- data/lib/securenative/context/securenative_context.rb +69 -0
- data/lib/securenative/context/sinatra_context.rb +44 -0
- data/lib/securenative/enums/api_route.rb +8 -0
- data/lib/securenative/enums/event_types.rb +25 -0
- data/lib/securenative/enums/failover_strategy.rb +8 -0
- data/lib/securenative/enums/risk_level.rb +9 -0
- data/lib/securenative/errors/securenative_config_error.rb +6 -0
- data/lib/securenative/errors/securenative_http_error.rb +6 -0
- data/lib/securenative/errors/securenative_invalid_options_error.rb +6 -0
- data/lib/securenative/errors/securenative_invalid_uri_error.rb +6 -0
- data/lib/securenative/errors/securenative_parse_error.rb +6 -0
- data/lib/securenative/errors/securenative_sdk_Illegal_state_error.rb +6 -0
- data/lib/securenative/errors/securenative_sdk_error.rb +6 -0
- data/lib/securenative/event_manager.rb +159 -0
- data/lib/securenative/http/secure_native_http_response.rb +14 -0
- data/lib/securenative/http/securenative_http_client.rb +52 -0
- data/lib/securenative/models/client_token.rb +14 -0
- data/lib/securenative/models/device.rb +12 -0
- data/lib/securenative/models/event_options.rb +39 -0
- data/lib/securenative/models/request_context.rb +20 -0
- data/lib/securenative/models/request_options.rb +14 -0
- data/lib/securenative/models/sdk_event.rb +51 -0
- data/lib/securenative/models/user_traits.rb +15 -0
- data/lib/securenative/models/verify_result.rb +18 -0
- data/lib/securenative/sdk.rb +85 -0
- data/lib/securenative/utils/date_utils.rb +11 -0
- data/lib/securenative/utils/encryption_utils.rb +51 -0
- data/lib/securenative/utils/ip_utils.rb +25 -0
- data/lib/securenative/utils/request_utils.rb +71 -0
- data/lib/securenative/utils/secure_native_logger.rb +46 -0
- data/lib/securenative/utils/signature_utils.rb +18 -0
- data/lib/securenative/utils/utils.rb +11 -0
- data/lib/securenative/utils/version_utils.rb +13 -0
- data/securenative.gemspec +16 -14
- metadata +40 -40
- data/lib/api_manager.rb +0 -39
- data/lib/config/configuration_builder.rb +0 -27
- data/lib/config/configuration_manager.rb +0 -56
- data/lib/config/securenative_options.rb +0 -23
- data/lib/context/hanami_context.rb +0 -42
- data/lib/context/rails_context.rb +0 -44
- data/lib/context/securenative_context.rb +0 -67
- data/lib/context/sinatra_context.rb +0 -42
- data/lib/enums/api_route.rb +0 -6
- data/lib/enums/event_types.rb +0 -23
- data/lib/enums/failover_strategy.rb +0 -6
- data/lib/enums/risk_level.rb +0 -7
- data/lib/errors/securenative_config_error.rb +0 -4
- data/lib/errors/securenative_http_error.rb +0 -4
- data/lib/errors/securenative_invalid_options_error.rb +0 -4
- data/lib/errors/securenative_invalid_uri_error.rb +0 -4
- data/lib/errors/securenative_parse_error.rb +0 -4
- data/lib/errors/securenative_sdk_Illegal_state_error.rb +0 -4
- data/lib/errors/securenative_sdk_error.rb +0 -4
- data/lib/event_manager.rb +0 -157
- data/lib/http/secure_native_http_response.rb +0 -12
- data/lib/http/securenative_http_client.rb +0 -50
- data/lib/models/client_token.rb +0 -12
- data/lib/models/device.rb +0 -10
- data/lib/models/event_options.rb +0 -37
- data/lib/models/request_context.rb +0 -18
- data/lib/models/request_options.rb +0 -12
- data/lib/models/sdk_event.rb +0 -49
- data/lib/models/user_traits.rb +0 -13
- data/lib/models/verify_result.rb +0 -16
- data/lib/securenative.rb +0 -83
- data/lib/utils/date_utils.rb +0 -9
- data/lib/utils/encryption_utils.rb +0 -49
- data/lib/utils/ip_utils.rb +0 -23
- data/lib/utils/request_utils.rb +0 -69
- data/lib/utils/secure_native_logger.rb +0 -44
- data/lib/utils/signature_utils.rb +0 -16
- data/lib/utils/utils.rb +0 -9
- data/lib/utils/version_utils.rb +0 -11
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: d106e0702046e45250d4005ee93dc1baa17d5fa31cf393f3993a5667e3d14703
|
4
|
+
data.tar.gz: caba785bb61b1c517d98669d59f9ef1ae6e357f49ef2dbfbd6f41eeb0c96f0da
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: ab405d8068d865533569350a378853d5b864ad3933f7d394c8fb81e3d08365bfffff6f1fdf9bd5da6e8ca25adb9355ca1cd473ce68aed723318fa86171834d9c
|
7
|
+
data.tar.gz: 2b0f71f461ac6c9ec58f9c7d3cc75ac6cde418ee70da7f2df73102e56ddf4a3a0d22d883f124efe95e807c2cd07ba969f860561eccc8d460a45e775aab324bf0
|
data/Gemfile.lock
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
PATH
|
2
2
|
remote: .
|
3
3
|
specs:
|
4
|
-
securenative (0.1.
|
4
|
+
securenative (0.1.24)
|
5
5
|
|
6
6
|
GEM
|
7
7
|
remote: https://rubygems.org/
|
@@ -68,8 +68,7 @@ GEM
|
|
68
68
|
json
|
69
69
|
simplecov
|
70
70
|
concurrent-ruby (1.1.7)
|
71
|
-
crack (0.4.
|
72
|
-
safe_yaml (~> 1.0.0)
|
71
|
+
crack (0.4.4)
|
73
72
|
crass (1.0.6)
|
74
73
|
diff-lcs (1.4.4)
|
75
74
|
docile (1.3.2)
|
@@ -219,11 +218,10 @@ GEM
|
|
219
218
|
rspec-support (~> 3.9.0)
|
220
219
|
rspec-support (3.9.3)
|
221
220
|
ruby2_keywords (0.0.2)
|
222
|
-
safe_yaml (1.0.5)
|
223
221
|
simplecov (0.19.0)
|
224
222
|
docile (~> 1.1)
|
225
223
|
simplecov-html (~> 0.11)
|
226
|
-
simplecov-html (0.12.
|
224
|
+
simplecov-html (0.12.3)
|
227
225
|
sinatra (2.1.0)
|
228
226
|
mustermann (~> 1.0)
|
229
227
|
rack (~> 2.2)
|
data/README.md
CHANGED
@@ -50,36 +50,36 @@ To get your *API KEY*, login to your SecureNative account and go to project sett
|
|
50
50
|
SecureNative can automatically load your config from *securenative.yml* file or from the file that is specified in your *SECURENATIVE_CONFIG_FILE* env variable:
|
51
51
|
|
52
52
|
```ruby
|
53
|
-
require 'securenative'
|
53
|
+
require 'securenative/securenative'
|
54
54
|
|
55
55
|
|
56
|
-
secureative = SecureNative.init
|
56
|
+
secureative = SecureNative::SecureNative.init
|
57
57
|
```
|
58
58
|
### Option 2: Initialize via API Key
|
59
59
|
|
60
60
|
```ruby
|
61
|
-
require 'securenative'
|
61
|
+
require 'securenative/sdk'
|
62
62
|
|
63
63
|
|
64
|
-
securenative = SecureNative.init_with_api_key('YOUR_API_KEY')
|
64
|
+
securenative = SecureNative::SecureNative.init_with_api_key('YOUR_API_KEY')
|
65
65
|
```
|
66
66
|
|
67
67
|
### Option 3: Initialize via ConfigurationBuilder
|
68
68
|
```ruby
|
69
|
-
require 'securenative'
|
69
|
+
require 'securenative/sdk'
|
70
70
|
|
71
71
|
|
72
|
-
options = ConfigurationBuilder.new(api_key: 'API_KEY', max_events: 10, log_level: 'ERROR')
|
73
|
-
SecureNative.init_with_options(options)
|
72
|
+
options = SecureNative::ConfigurationBuilder.new(api_key: 'API_KEY', max_events: 10, log_level: 'ERROR')
|
73
|
+
SecureNative::SecureNative.init_with_options(options)
|
74
74
|
```
|
75
75
|
|
76
76
|
## Getting SecureNative instance
|
77
77
|
Once initialized, sdk will create a singleton instance which you can get:
|
78
78
|
```ruby
|
79
|
-
require 'securenative'
|
79
|
+
require 'securenative/sdk'
|
80
80
|
|
81
81
|
|
82
|
-
secureNative = SecureNative.instance
|
82
|
+
secureNative = SecureNative::SecureNative.instance
|
83
83
|
```
|
84
84
|
|
85
85
|
## Tracking events
|
@@ -88,19 +88,19 @@ Once the SDK has been initialized, tracking requests sent through the SDK
|
|
88
88
|
instance. Make sure you build event with the EventBuilder:
|
89
89
|
|
90
90
|
```ruby
|
91
|
-
require 'securenative'
|
92
|
-
require 'models/event_options'
|
93
|
-
require 'enums/event_types'
|
94
|
-
require 'models/user_traits'
|
91
|
+
require 'securenative/sdk'
|
92
|
+
require 'securenative/models/event_options'
|
93
|
+
require 'securenative/enums/event_types'
|
94
|
+
require 'securenative/models/user_traits'
|
95
95
|
|
96
96
|
|
97
97
|
def track
|
98
|
-
securenative = SecureNative.instance
|
99
|
-
context = SecureNativeContext.new(client_token: 'SECURED_CLIENT_TOKEN', ip: '127.0.0.1',
|
98
|
+
securenative = SecureNative::SecureNative.instance
|
99
|
+
context = SecureNative::SecureNativeContext.new(client_token: 'SECURED_CLIENT_TOKEN', ip: '127.0.0.1',
|
100
100
|
headers: { 'user-agent' => 'Mozilla: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:47.0) Gecko/20100101 Firefox/47.3 Mozilla/5.0 (Macintosh; Intel Mac OS X x.y; rv:42.0) Gecko/20100101 Firefox/43.4' })
|
101
101
|
|
102
|
-
event_options = EventOptions.new(event: EventTypes::LOG_IN, user_id: '1234', context: context,
|
103
|
-
user_traits: UserTraits.new(name: 'Your Name', email: 'name@gmail.com', phone: '+1234567890'),
|
102
|
+
event_options = SecureNative::EventOptions.new(event: SecureNative::EventTypes::LOG_IN, user_id: '1234', context: context,
|
103
|
+
user_traits: SecureNative::UserTraits.new(name: 'Your Name', email: 'name@gmail.com', phone: '+1234567890'),
|
104
104
|
properties: { custom_param1: 'CUSTOM_PARAM_VALUE', custom_param2: true, custom_param3: 3 })
|
105
105
|
|
106
106
|
securenative.track(event_options)
|
@@ -109,21 +109,21 @@ def track
|
|
109
109
|
end
|
110
110
|
```
|
111
111
|
|
112
|
-
You can also create request context from requests:
|
112
|
+
You can also create request securenative.context from requests:
|
113
113
|
|
114
114
|
```ruby
|
115
|
-
require 'securenative'
|
116
|
-
require 'models/event_options'
|
117
|
-
require 'enums/event_types'
|
118
|
-
require 'models/user_traits'
|
115
|
+
require 'securenative/sdk'
|
116
|
+
require 'securenative/models/event_options'
|
117
|
+
require 'securenative/enums/event_types'
|
118
|
+
require 'securenative/models/user_traits'
|
119
119
|
|
120
120
|
|
121
121
|
def track(request)
|
122
|
-
securenative = SecureNative.instance
|
123
|
-
context = SecureNativeContext.from_http_request(request)
|
122
|
+
securenative = SecureNative::SecureNative.instance
|
123
|
+
context = SecureNative::SecureNativeContext.from_http_request(request)
|
124
124
|
|
125
|
-
event_options = EventOptions.new(event: EventTypes::LOG_IN, user_id: '1234', context: context,
|
126
|
-
user_traits: UserTraits.new(name: 'Your Name', email: 'name@gmail.com', phone: '+1234567890'),
|
125
|
+
event_options = SecureNative::EventOptions.new(event: SecureNative::EventTypes::LOG_IN, user_id: '1234', context: context,
|
126
|
+
user_traits: SecureNative::UserTraits.new(name: 'Your Name', email: 'name@gmail.com', phone: '+1234567890'),
|
127
127
|
properties: { custom_param1: 'CUSTOM_PARAM_VALUE', custom_param2: true, custom_param3: 3 })
|
128
128
|
|
129
129
|
securenative.track(event_options)
|
@@ -137,18 +137,18 @@ end
|
|
137
137
|
**Example**
|
138
138
|
|
139
139
|
```ruby
|
140
|
-
require 'securenative'
|
141
|
-
require 'models/event_options'
|
142
|
-
require 'enums/event_types'
|
143
|
-
require 'models/user_traits'
|
140
|
+
require 'securenative/sdk'
|
141
|
+
require 'securenative/models/event_options'
|
142
|
+
require 'securenative/enums/event_types'
|
143
|
+
require 'securenative/models/user_traits'
|
144
144
|
|
145
145
|
|
146
146
|
def verify(request)
|
147
|
-
securenative = SecureNative.instance
|
148
|
-
context = SecureNativeContext.from_http_request(request)
|
147
|
+
securenative = SecureNative::SecureNative.instance
|
148
|
+
context = SecureNative::SecureNativeContext.from_http_request(request)
|
149
149
|
|
150
|
-
event_options = EventOptions.new(event: EventTypes::LOG_IN, user_id: '1234', context: context,
|
151
|
-
user_traits: UserTraits.new(name: 'Your Name', email: 'name@gmail.com', phone: '+1234567890'),
|
150
|
+
event_options = SecureNative::EventOptions.new(event: SecureNative::EventTypes::LOG_IN, user_id: '1234', context: context,
|
151
|
+
user_traits: SecureNative::UserTraits.new(name: 'Your Name', email: 'name@gmail.com', phone: '+1234567890'),
|
152
152
|
properties: { custom_param1: 'CUSTOM_PARAM_VALUE', custom_param2: true, custom_param3: 3 })
|
153
153
|
|
154
154
|
verify_result = securenative.verify(event_options)
|
@@ -163,11 +163,11 @@ end
|
|
163
163
|
Apply our filter to verify the request is from us, for example:
|
164
164
|
|
165
165
|
```ruby
|
166
|
-
require 'securenative'
|
166
|
+
require 'securenative/sdk'
|
167
167
|
|
168
168
|
|
169
169
|
def webhook_endpoint(request)
|
170
|
-
securenative = SecureNative.instance
|
170
|
+
securenative = SecureNative::SecureNative.instance
|
171
171
|
|
172
172
|
# Checks if request is verified
|
173
173
|
is_verified = securenative.verify_request_payload(request)
|
@@ -0,0 +1,41 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'securenative/models/sdk_event'
|
4
|
+
require 'securenative/enums/failover_strategy'
|
5
|
+
require 'securenative/enums/risk_level'
|
6
|
+
require 'securenative/enums/api_route'
|
7
|
+
require 'securenative/models/verify_result'
|
8
|
+
require 'json'
|
9
|
+
|
10
|
+
module SecureNative
|
11
|
+
class ApiManager
|
12
|
+
def initialize(event_manager, securenative_options)
|
13
|
+
@event_manager = event_manager
|
14
|
+
@options = securenative_options
|
15
|
+
end
|
16
|
+
|
17
|
+
def track(event_options)
|
18
|
+
SecureNativeLogger.debug('Track event call')
|
19
|
+
event = SDKEvent.new(event_options, @options)
|
20
|
+
@event_manager.send_async(event, ApiRoute::TRACK)
|
21
|
+
end
|
22
|
+
|
23
|
+
def verify(event_options)
|
24
|
+
SecureNativeLogger.debug('Verify event call')
|
25
|
+
event = SDKEvent.new(event_options, @options)
|
26
|
+
|
27
|
+
begin
|
28
|
+
res = @event_manager.send_sync(event, ApiRoute::VERIFY, false)
|
29
|
+
ver_result = JSON.parse(res.body)
|
30
|
+
return VerifyResult.new(risk_level: ver_result['riskLevel'], score: ver_result['score'], triggers: ver_result['triggers'])
|
31
|
+
rescue StandardError => e
|
32
|
+
SecureNativeLogger.debug("Failed to call verify; #{e}")
|
33
|
+
end
|
34
|
+
if @options.fail_over_strategy == FailOverStrategy::FAIL_OPEN
|
35
|
+
return VerifyResult.new(risk_level: RiskLevel::LOW, score: 0, triggers: nil)
|
36
|
+
end
|
37
|
+
|
38
|
+
VerifyResult.new(risk_level: RiskLevel::HIGH, score: 1, triggers: nil)
|
39
|
+
end
|
40
|
+
end
|
41
|
+
end
|
@@ -0,0 +1,29 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'securenative/enums/failover_strategy'
|
4
|
+
|
5
|
+
module SecureNative
|
6
|
+
class ConfigurationBuilder
|
7
|
+
attr_reader :api_key, :api_url, :interval, :max_events, :timeout, :auto_send, :disable, :log_level, :fail_over_strategy, :proxy_headers
|
8
|
+
attr_writer :api_key, :api_url, :interval, :max_events, :timeout, :auto_send, :disable, :log_level, :fail_over_strategy, :proxy_headers
|
9
|
+
|
10
|
+
def initialize(api_key: nil, api_url: 'https://api.securenative.com/collector/api/v1', interval: 1000,
|
11
|
+
max_events: 1000, timeout: 1500, auto_send: true, disable: false, log_level: 'FATAL',
|
12
|
+
fail_over_strategy: FailOverStrategy::FAIL_OPEN, proxy_headers: nil)
|
13
|
+
@api_key = api_key
|
14
|
+
@api_url = api_url
|
15
|
+
@interval = interval
|
16
|
+
@max_events = max_events
|
17
|
+
@timeout = timeout
|
18
|
+
@auto_send = auto_send
|
19
|
+
@disable = disable
|
20
|
+
@log_level = log_level
|
21
|
+
@fail_over_strategy = fail_over_strategy
|
22
|
+
@proxy_headers = proxy_headers
|
23
|
+
end
|
24
|
+
|
25
|
+
def self.default_securenative_options
|
26
|
+
SecureNativeOptions.new
|
27
|
+
end
|
28
|
+
end
|
29
|
+
end
|
@@ -0,0 +1,58 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'yaml'
|
4
|
+
require 'securenative/config/configuration_builder'
|
5
|
+
|
6
|
+
module SecureNative
|
7
|
+
class ConfigurationManager
|
8
|
+
DEFAULT_CONFIG_FILE = 'securenative.yml'
|
9
|
+
CUSTOM_CONFIG_FILE_ENV_NAME = 'SECURENATIVE_CONFIG_FILE'
|
10
|
+
@config = nil
|
11
|
+
|
12
|
+
def self.read_resource_file(resource_path)
|
13
|
+
properties = {}
|
14
|
+
begin
|
15
|
+
@config = YAML.load_file(resource_path)
|
16
|
+
properties = @config unless @config.nil?
|
17
|
+
rescue StandardError => e
|
18
|
+
SecureNativeLogger.error("Could not parse securenative.config file #{resource_path}; #{e}")
|
19
|
+
end
|
20
|
+
properties
|
21
|
+
end
|
22
|
+
|
23
|
+
def self._get_resource_path(env_name)
|
24
|
+
Env.fetch(env_name, ENV[DEFAULT_CONFIG_FILE])
|
25
|
+
end
|
26
|
+
|
27
|
+
def self.config_builder
|
28
|
+
ConfigurationBuilder.new
|
29
|
+
end
|
30
|
+
|
31
|
+
def self._get_env_or_default(properties, key, default)
|
32
|
+
return ENV[key] if ENV[key]
|
33
|
+
return properties[key] if properties[key]
|
34
|
+
|
35
|
+
default
|
36
|
+
end
|
37
|
+
|
38
|
+
def self.load_config
|
39
|
+
options = ConfigurationBuilder.default_securenative_options
|
40
|
+
|
41
|
+
resource_path = DEFAULT_CONFIG_FILE
|
42
|
+
resource_path = ENV[CUSTOM_CONFIG_FILE_ENV_NAME] unless ENV[CUSTOM_CONFIG_FILE_ENV_NAME].nil?
|
43
|
+
|
44
|
+
properties = read_resource_file(resource_path)
|
45
|
+
|
46
|
+
ConfigurationBuilder.new(api_key: _get_env_or_default(properties, 'SECURENATIVE_API_KEY', options.api_key),
|
47
|
+
api_url: _get_env_or_default(properties, 'SECURENATIVE_API_URL', options.api_url),
|
48
|
+
interval: _get_env_or_default(properties, 'SECURENATIVE_INTERVAL', options.interval),
|
49
|
+
max_events: _get_env_or_default(properties, 'SECURENATIVE_MAX_EVENTS', options.max_events),
|
50
|
+
timeout: _get_env_or_default(properties, 'SECURENATIVE_TIMEOUT', options.timeout),
|
51
|
+
auto_send: _get_env_or_default(properties, 'SECURENATIVE_AUTO_SEND', options.auto_send),
|
52
|
+
disable: _get_env_or_default(properties, 'SECURENATIVE_DISABLE', options.disable),
|
53
|
+
log_level: _get_env_or_default(properties, 'SECURENATIVE_LOG_LEVEL', options.log_level),
|
54
|
+
fail_over_strategy: _get_env_or_default(properties, 'SECURENATIVE_FAILOVER_STRATEGY', options.fail_over_strategy),
|
55
|
+
proxy_headers: _get_env_or_default(properties, 'SECURENATIVE_PROXY_HEADERS', options.proxy_headers))
|
56
|
+
end
|
57
|
+
end
|
58
|
+
end
|
@@ -0,0 +1,25 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'securenative/enums/failover_strategy'
|
4
|
+
|
5
|
+
module SecureNative
|
6
|
+
class SecureNativeOptions
|
7
|
+
attr_reader :api_key, :api_url, :interval, :max_events, :timeout, :auto_send, :disable, :log_level, :fail_over_strategy, :proxy_headers
|
8
|
+
attr_writer :api_key, :api_url, :interval, :max_events, :timeout, :auto_send, :disable, :log_level, :fail_over_strategy, :proxy_headers
|
9
|
+
|
10
|
+
def initialize(api_key: nil, api_url: "https://api.securenative.com/collector/api/v1", interval: 1000,
|
11
|
+
max_events: 1000, timeout: 1500, auto_send: true, disable: false, log_level: "FATAL",
|
12
|
+
fail_over_strategy: FailOverStrategy::FAIL_OPEN, proxy_headers: nil)
|
13
|
+
@api_key = api_key
|
14
|
+
@api_url = api_url
|
15
|
+
@interval = interval
|
16
|
+
@max_events = max_events
|
17
|
+
@timeout = timeout
|
18
|
+
@auto_send = auto_send
|
19
|
+
@disable = disable
|
20
|
+
@log_level = log_level
|
21
|
+
@fail_over_strategy = fail_over_strategy
|
22
|
+
@proxy_headers = proxy_headers
|
23
|
+
end
|
24
|
+
end
|
25
|
+
end
|
@@ -0,0 +1,44 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module SecureNative
|
4
|
+
class HanamiContext
|
5
|
+
SECURENATIVE_COOKIE = '_sn'
|
6
|
+
|
7
|
+
def self.get_client_token(request)
|
8
|
+
begin
|
9
|
+
request.env[SECURENATIVE_COOKIE]
|
10
|
+
rescue StandardError
|
11
|
+
begin
|
12
|
+
request.cookies[SECURENATIVE_COOKIE]
|
13
|
+
rescue StandardError
|
14
|
+
nil
|
15
|
+
end
|
16
|
+
end
|
17
|
+
end
|
18
|
+
|
19
|
+
def self.get_url(request)
|
20
|
+
begin
|
21
|
+
request.env['REQUEST_PATH']
|
22
|
+
rescue StandardError
|
23
|
+
nil
|
24
|
+
end
|
25
|
+
end
|
26
|
+
|
27
|
+
def self.get_method(request)
|
28
|
+
begin
|
29
|
+
request.request_method
|
30
|
+
rescue StandardError
|
31
|
+
nil
|
32
|
+
end
|
33
|
+
end
|
34
|
+
|
35
|
+
def self.get_headers(request)
|
36
|
+
begin
|
37
|
+
# Note: At the moment we're filtering out everything but user-agent since ruby's payload is way too big
|
38
|
+
{ 'user-agent' => request.env['HTTP_USER_AGENT'] }
|
39
|
+
rescue StandardError
|
40
|
+
nil
|
41
|
+
end
|
42
|
+
end
|
43
|
+
end
|
44
|
+
end
|
@@ -0,0 +1,46 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module SecureNative
|
4
|
+
class RailsContext
|
5
|
+
SECURENATIVE_COOKIE = '_sn'
|
6
|
+
|
7
|
+
def self.get_client_token(request)
|
8
|
+
begin
|
9
|
+
request.cookies[SECURENATIVE_COOKIE]
|
10
|
+
rescue StandardError
|
11
|
+
nil
|
12
|
+
end
|
13
|
+
end
|
14
|
+
|
15
|
+
def self.get_url(request)
|
16
|
+
begin
|
17
|
+
# Rails >= 3.x
|
18
|
+
request.fullpath
|
19
|
+
rescue StandardError
|
20
|
+
begin
|
21
|
+
# Rails < 3.x & Sinatra
|
22
|
+
request.url if url.nil?
|
23
|
+
rescue StandardError
|
24
|
+
nil
|
25
|
+
end
|
26
|
+
end
|
27
|
+
end
|
28
|
+
|
29
|
+
def self.get_method(request)
|
30
|
+
begin
|
31
|
+
request.method
|
32
|
+
rescue StandardError
|
33
|
+
nil
|
34
|
+
end
|
35
|
+
end
|
36
|
+
|
37
|
+
def self.get_headers(request)
|
38
|
+
begin
|
39
|
+
# Note: At the moment we're filtering out everything but user-agent since ruby's payload is way too big
|
40
|
+
{'user-agent' => request.env['HTTP_USER_AGENT']}
|
41
|
+
rescue StandardError
|
42
|
+
nil
|
43
|
+
end
|
44
|
+
end
|
45
|
+
end
|
46
|
+
end
|
@@ -0,0 +1,69 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'securenative/utils/request_utils'
|
4
|
+
require 'securenative/utils/utils'
|
5
|
+
require 'securenative/context/rails_context'
|
6
|
+
require 'securenative/context/hanami_context'
|
7
|
+
require 'securenative/context/sinatra_context'
|
8
|
+
|
9
|
+
module SecureNative
|
10
|
+
class SecureNativeContext
|
11
|
+
attr_reader :client_token, :ip, :remote_ip, :headers, :url, :http_method, :body
|
12
|
+
attr_writer :client_token, :ip, :remote_ip, :headers, :url, :http_method, :body
|
13
|
+
|
14
|
+
SECURENATIVE_COOKIE = '_sn'
|
15
|
+
|
16
|
+
def initialize(client_token: '', ip: '', remote_ip: '', headers: nil, url: '', http_method: '', body: '')
|
17
|
+
@client_token = client_token
|
18
|
+
@ip = ip
|
19
|
+
@remote_ip = remote_ip
|
20
|
+
@headers = headers
|
21
|
+
@url = url
|
22
|
+
@http_method = http_method
|
23
|
+
@body = body
|
24
|
+
end
|
25
|
+
|
26
|
+
def self.default_context_builder
|
27
|
+
SecureNativeContext.new
|
28
|
+
end
|
29
|
+
|
30
|
+
def self.from_http_request(request)
|
31
|
+
client_token = RailsContext.get_client_token(request)
|
32
|
+
client_token = SinatraContext.get_client_token(request) if client_token.nil?
|
33
|
+
client_token = HanamiContext.get_client_token(request) if client_token.nil?
|
34
|
+
|
35
|
+
begin
|
36
|
+
headers = RailsContext.get_headers(request)
|
37
|
+
headers = SinatraContext.get_headers(request) if headers.nil?
|
38
|
+
headers = HanamiContext.get_headers(request) if headers.nil?
|
39
|
+
|
40
|
+
# Standard Ruby request
|
41
|
+
headers = request.header.to_hash if headers.nil?
|
42
|
+
rescue StandardError
|
43
|
+
headers = []
|
44
|
+
end
|
45
|
+
|
46
|
+
url = RailsContext.get_url(request)
|
47
|
+
url = SinatraContext.get_url(request) if url.nil?
|
48
|
+
url = HanamiContext.get_url(request) if url.nil?
|
49
|
+
url = '' if url.nil?
|
50
|
+
|
51
|
+
method = RailsContext.get_method(request)
|
52
|
+
method = SinatraContext.get_method(request) if method.nil?
|
53
|
+
method = HanamiContext.get_method(request) if method.nil?
|
54
|
+
method = '' if method.nil?
|
55
|
+
|
56
|
+
begin
|
57
|
+
body = request.body.to_s
|
58
|
+
rescue StandardError
|
59
|
+
body = ''
|
60
|
+
end
|
61
|
+
|
62
|
+
client_token = RequestUtils.get_secure_header_from_request(headers) if Utils.null_or_empty?(client_token)
|
63
|
+
|
64
|
+
SecureNativeContext.new(client_token: client_token, ip: RequestUtils.get_client_ip_from_request(request),
|
65
|
+
remote_ip: RequestUtils.get_remote_ip_from_request(request),
|
66
|
+
headers: headers, url: url, http_method: method || '', body: body)
|
67
|
+
end
|
68
|
+
end
|
69
|
+
end
|