sensitive_data_filter 0.1.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: 6e5a914234df291b0800d47279ad6dfe4b9405f7
4
+ data.tar.gz: 3450359e5f85f765783e4e142b6e2c4671a28765
5
+ SHA512:
6
+ metadata.gz: 8f155d08c7c6904f1bb5b9a683a3c528fd6e1b61377bf4edd96cc0b02b147b4342957e9f36ae95a0e489ff4358e05f5b142f72492a5c20a9172c8d12ee3d424c
7
+ data.tar.gz: 80262f7b96eb96c7564791459049c3e4d5a8a6508a85b1767004f6eaf0cb23e9c7709f7b52eb72d54cf4c331d5957951fb80fe106f4d2e672509afd7c5ffb697
data/.gitignore ADDED
@@ -0,0 +1,31 @@
1
+ ## Common files
2
+ *.gem
3
+ *.rbc
4
+ /.config
5
+ /coverage/
6
+ /InstalledFiles
7
+ /pkg/
8
+ /spec/reports/
9
+ /spec/examples.txt
10
+ /test/tmp/
11
+ /test/version_tmp/
12
+ /tmp/
13
+
14
+ ## Documentation cache and generated files:
15
+ /.yardoc/
16
+ /_yardoc/
17
+ /doc/
18
+ /rdoc/
19
+
20
+ ## Environment normalization:
21
+ /.bundle/
22
+ /vendor/
23
+ /lib/bundler/man/
24
+ /Gemfile.lock
25
+
26
+ ## Project files
27
+ /.idea/
28
+
29
+ ## System files
30
+ /.env
31
+ /.DS_Store
data/.rspec ADDED
@@ -0,0 +1,2 @@
1
+ --format documentation
2
+ --color
data/.rubocop.yml ADDED
@@ -0,0 +1,21 @@
1
+ Metrics/LineLength:
2
+ Max: 100
3
+
4
+ Documentation:
5
+ Enabled: false
6
+
7
+ Style/BlockDelimiters:
8
+ EnforcedStyle: semantic
9
+
10
+ Style/TrivialAccessors:
11
+ AllowPredicates: true
12
+
13
+ Style/SignalException:
14
+ EnforcedStyle: semantic
15
+
16
+ Style/SafeNavigation:
17
+ Enabled: false
18
+
19
+ Style/FileName:
20
+ Exclude:
21
+ - gemfiles/Gemfile.*.rb
data/.ruby-version ADDED
@@ -0,0 +1 @@
1
+ 2.3.3
data/.travis.yml ADDED
@@ -0,0 +1,14 @@
1
+ sudo: false
2
+ language: ruby
3
+ rvm:
4
+ - 2.3.0 # The version of RVM installed on Travis doesn't yet recognise 2.3 as an alias of 2.3.0
5
+ matrix:
6
+ include:
7
+ - rvm: 2.1
8
+ gemfile: gemfiles/Gemfile.ruby-2.1.rb
9
+ - rvm: 2.2
10
+ gemfile: gemfiles/Gemfile.ruby-2.2.rb
11
+ before_install: gem install bundler -v 1.13.6
12
+ notifications:
13
+ email:
14
+ - support@travellink.com.au
data/CHANGELOG.md ADDED
@@ -0,0 +1,9 @@
1
+ # Change Log
2
+ All notable changes to this project will be documented in this file.
3
+ This project adheres to [Semantic Versioning](http://semver.org/).
4
+ This changelog adheres to [Keep a CHANGELOG](http://keepachangelog.com/).
5
+
6
+ ## [0.1.0] - 2016-12-09
7
+ ### Added
8
+ - Whitelisting of matches
9
+ - Initial release
@@ -0,0 +1,74 @@
1
+ # Contributor Covenant Code of Conduct
2
+
3
+ ## Our Pledge
4
+
5
+ In the interest of fostering an open and welcoming environment, we as
6
+ contributors and maintainers pledge to making participation in our project and
7
+ our community a harassment-free experience for everyone, regardless of age, body
8
+ size, disability, ethnicity, gender identity and expression, level of experience,
9
+ nationality, personal appearance, race, religion, or sexual identity and
10
+ orientation.
11
+
12
+ ## Our Standards
13
+
14
+ Examples of behavior that contributes to creating a positive environment
15
+ include:
16
+
17
+ * Using welcoming and inclusive language
18
+ * Being respectful of differing viewpoints and experiences
19
+ * Gracefully accepting constructive criticism
20
+ * Focusing on what is best for the community
21
+ * Showing empathy towards other community members
22
+
23
+ Examples of unacceptable behavior by participants include:
24
+
25
+ * The use of sexualized language or imagery and unwelcome sexual attention or
26
+ advances
27
+ * Trolling, insulting/derogatory comments, and personal or political attacks
28
+ * Public or private harassment
29
+ * Publishing others' private information, such as a physical or electronic
30
+ address, without explicit permission
31
+ * Other conduct which could reasonably be considered inappropriate in a
32
+ professional setting
33
+
34
+ ## Our Responsibilities
35
+
36
+ Project maintainers are responsible for clarifying the standards of acceptable
37
+ behavior and are expected to take appropriate and fair corrective action in
38
+ response to any instances of unacceptable behavior.
39
+
40
+ Project maintainers have the right and responsibility to remove, edit, or
41
+ reject comments, commits, code, wiki edits, issues, and other contributions
42
+ that are not aligned to this Code of Conduct, or to ban temporarily or
43
+ permanently any contributor for other behaviors that they deem inappropriate,
44
+ threatening, offensive, or harmful.
45
+
46
+ ## Scope
47
+
48
+ This Code of Conduct applies both within project spaces and in public spaces
49
+ when an individual is representing the project or its community. Examples of
50
+ representing a project or community include using an official project e-mail
51
+ address, posting via an official social media account, or acting as an appointed
52
+ representative at an online or offline event. Representation of a project may be
53
+ further defined and clarified by project maintainers.
54
+
55
+ ## Enforcement
56
+
57
+ Instances of abusive, harassing, or otherwise unacceptable behavior may be
58
+ reported by contacting the project team at berardialessandro@gmail.com. All
59
+ complaints will be reviewed and investigated and will result in a response that
60
+ is deemed necessary and appropriate to the circumstances. The project team is
61
+ obligated to maintain confidentiality with regard to the reporter of an incident.
62
+ Further details of specific enforcement policies may be posted separately.
63
+
64
+ Project maintainers who do not follow or enforce the Code of Conduct in good
65
+ faith may face temporary or permanent repercussions as determined by other
66
+ members of the project's leadership.
67
+
68
+ ## Attribution
69
+
70
+ This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4,
71
+ available at [http://contributor-covenant.org/version/1/4][version]
72
+
73
+ [homepage]: http://contributor-covenant.org
74
+ [version]: http://contributor-covenant.org/version/1/4/
data/Gemfile ADDED
@@ -0,0 +1,5 @@
1
+ # frozen_string_literal: true
2
+ source 'https://rubygems.org'
3
+
4
+ # Specify your gem's dependencies in sensitive_data_filter.gemspec
5
+ gemspec
data/LICENSE ADDED
@@ -0,0 +1,21 @@
1
+ MIT License
2
+
3
+ Copyright (c) 2016 SeaLink
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining a copy
6
+ of this software and associated documentation files (the "Software"), to deal
7
+ in the Software without restriction, including without limitation the rights
8
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9
+ copies of the Software, and to permit persons to whom the Software is
10
+ furnished to do so, subject to the following conditions:
11
+
12
+ The above copyright notice and this permission notice shall be included in all
13
+ copies or substantial portions of the Software.
14
+
15
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21
+ SOFTWARE.
data/README.md ADDED
@@ -0,0 +1,89 @@
1
+ # SensitiveDataFilter
2
+
3
+ [![Gem Version](https://badge.fury.io/rb/sensitive_data_filter.svg)](http://badge.fury.io/rb/sensitive_data_filter)
4
+ [![Build Status](https://travis-ci.org/sealink/sensitive_data_filter.svg?branch=master)](https://travis-ci.org/sealink/sensitive_data_filter)
5
+ [![Coverage Status](https://coveralls.io/repos/sealink/sensitive_data_filter/badge.svg)](https://coveralls.io/r/sealink/sensitive_data_filter)
6
+ [![Dependency Status](https://gemnasium.com/sealink/sensitive_data_filter.svg)](https://gemnasium.com/sealink/sensitive_data_filter)
7
+ [![Code Climate](https://codeclimate.com/github/sealink/sensitive_data_filter/badges/gpa.svg)](https://codeclimate.com/github/sealink/sensitive_data_filter)
8
+
9
+ A Rack Middleware filter for sensitive data
10
+
11
+ ## Installation
12
+
13
+ Add this line to your application's Gemfile:
14
+
15
+ ```ruby
16
+ gem 'sensitive_data_filter'
17
+ ```
18
+
19
+ And then execute:
20
+
21
+ $ bundle
22
+
23
+ Or install it yourself as:
24
+
25
+ $ gem install sensitive_data_filter
26
+
27
+ ## Usage
28
+
29
+ ### Enable the middleware
30
+
31
+ E.g. for Rails, add the following in application.rb
32
+
33
+ ```ruby
34
+ # --- Sensitive Data Filtering ---
35
+ config.middleware.use SensitiveDataFilter::Middleware::Filter
36
+ ```
37
+
38
+ ### Configuration
39
+
40
+ ```ruby
41
+ SensitiveDataFilter.config do |config|
42
+ config.enable_types :credit_card # Already defaults to :credit_card if not specified
43
+ config.on_occurrence do |occurrence|
44
+ # Report occurrence
45
+ end
46
+ config.whitelist pattern1, pattern2 # Allows specifying patterns to whitelist matches
47
+ end
48
+ ```
49
+
50
+ An occurrence object has the following properties:
51
+
52
+ * origin_ip: the IP address that originated the request
53
+ * request_method: the HTTP method for the request (GET, POST, etc.)
54
+ * url: the URL of the request
55
+ * original_params: the parameters sent with the request
56
+ * filtered_params: the parameters sent with the request, with sensitive data filtered
57
+ * session: the session properties for the request
58
+ * matches: the matched sensitive data
59
+ * matches_count: the number of matches per data type, e.g. { 'CreditCard' => 1 }
60
+
61
+ It also exposes `to_h` and `to_s` methods for hash and string representation respectively.
62
+ Please note that these representations omit sensitive data, i.e. `original_params` and `matches` are not included.
63
+
64
+ #### Important Note
65
+
66
+ You might want to filter sensitive parameters (e.g: passwords).
67
+ In Rails you can do something like:
68
+
69
+ ```ruby
70
+ filters = Rails.application.config.filter_parameters
71
+ filter = ActionDispatch::Http::ParameterFilter.new filters
72
+ filter.filter @occurrence.filtered_params
73
+ ```
74
+
75
+ ## Development
76
+
77
+ After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
78
+
79
+ To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
80
+
81
+ ## Contributing
82
+
83
+ Bug reports and pull requests are welcome on GitHub at https://github.com/sealink/sensitive_data_filter. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [Contributor Covenant](http://contributor-covenant.org) code of conduct.
84
+
85
+
86
+ ## License
87
+
88
+ The gem is available as open source under the terms of the [MIT License](http://opensource.org/licenses/MIT).
89
+
data/Rakefile ADDED
@@ -0,0 +1,7 @@
1
+ # frozen_string_literal: true
2
+ require 'bundler/gem_tasks'
3
+ require 'rspec/core/rake_task'
4
+
5
+ RSpec::Core::RakeTask.new(:spec)
6
+
7
+ task default: :spec
data/bin/console ADDED
@@ -0,0 +1,15 @@
1
+ #!/usr/bin/env ruby
2
+ # frozen_string_literal: true
3
+
4
+ require 'bundler/setup'
5
+ require 'sensitive_data_filter'
6
+
7
+ # You can add fixtures and/or initialization code here to make experimenting
8
+ # with your gem easier. You can also use a different console, if you like.
9
+
10
+ # (If you use this, don't forget to add pry to your Gemfile!)
11
+ # require "pry"
12
+ # Pry.start
13
+
14
+ require 'irb'
15
+ IRB.start
data/bin/setup ADDED
@@ -0,0 +1,8 @@
1
+ #!/usr/bin/env bash
2
+ set -euo pipefail
3
+ IFS=$'\n\t'
4
+ set -vx
5
+
6
+ bundle install
7
+
8
+ # Do any other automated setup that you need to do here
@@ -0,0 +1,8 @@
1
+ # frozen_string_literal: true
2
+ source 'https://rubygems.org'
3
+
4
+ # ruby-2.1 compatible gems
5
+ gem 'rack', '~> 1.4'
6
+
7
+ # Specify your gem's dependencies in sensitive_data_filter.gemspec
8
+ gemspec path: '../'
@@ -0,0 +1,8 @@
1
+ # frozen_string_literal: true
2
+ source 'https://rubygems.org'
3
+
4
+ # ruby-2.2 compatible gems
5
+ gem 'rack', '~> 1.4'
6
+
7
+ # Specify your gem's dependencies in sensitive_data_filter.gemspec
8
+ gemspec path: '../'
@@ -0,0 +1,48 @@
1
+ # frozen_string_literal: true
2
+ require 'facets/string/modulize'
3
+
4
+ module SensitiveDataFilter
5
+ def self.config
6
+ yield @config = Config.new if block_given?
7
+ @config ||= Config.new
8
+ end
9
+
10
+ def self.enabled_types
11
+ config.enabled_types
12
+ end
13
+
14
+ def self.handle_occurrence(occurrence)
15
+ handler = config.occurrence_handler
16
+ handler.call(occurrence) if handler
17
+ end
18
+
19
+ def self.whitelisted?(value)
20
+ config.whitelist_patterns.any? { |pattern| value.match pattern }
21
+ end
22
+
23
+ class Config
24
+ DEFAULT_TYPES = %i(credit_card).freeze
25
+
26
+ attr_reader :occurrence_handler
27
+
28
+ def enable_types(*types)
29
+ @enabled_types = types.map { |type| SensitiveDataFilter::Types.const_get type.to_s.modulize }
30
+ end
31
+
32
+ def enabled_types
33
+ @enabled_types || enable_types(*DEFAULT_TYPES)
34
+ end
35
+
36
+ def on_occurrence(&block)
37
+ @occurrence_handler = block
38
+ end
39
+
40
+ def whitelist(*patterns)
41
+ @whitelist_patterns = patterns
42
+ end
43
+
44
+ def whitelist_patterns
45
+ @whitelist_patterns ||= []
46
+ end
47
+ end
48
+ end
@@ -0,0 +1,14 @@
1
+ # frozen_string_literal: true
2
+ module SensitiveDataFilter
3
+ module Mask
4
+ module_function def mask(value)
5
+ SensitiveDataFilter.enabled_types.inject(value) { |acc, elem| elem.mask acc }
6
+ end
7
+
8
+ module_function def mask_hash(hash)
9
+ hash.map.with_object({}) { |(key, value), result|
10
+ result[key] = mask(value)
11
+ }
12
+ end
13
+ end
14
+ end
@@ -0,0 +1,33 @@
1
+ # frozen_string_literal: true
2
+ require 'facets/kernel/present'
3
+
4
+ module SensitiveDataFilter
5
+ module Middleware
6
+ class EnvFilter
7
+ attr_reader :occurrence
8
+
9
+ def initialize(env)
10
+ @original_env_parser = EnvParser.new(env)
11
+ @filtered_env_parser = @original_env_parser.copy
12
+ @scanner = ParameterScanner.new(@original_env_parser)
13
+ @filtered_env_parser.mask! if @scanner.sensitive_data?
14
+ @occurrence = build_occurrence
15
+ end
16
+
17
+ def filtered_env
18
+ @filtered_env_parser.env
19
+ end
20
+
21
+ def occurrence?
22
+ @occurrence.present?
23
+ end
24
+
25
+ private
26
+
27
+ def build_occurrence
28
+ return nil unless @scanner.sensitive_data?
29
+ Occurrence.new(@original_env_parser, @filtered_env_parser, @scanner.matches)
30
+ end
31
+ end
32
+ end
33
+ end
@@ -0,0 +1,44 @@
1
+ # frozen_string_literal: true
2
+ module SensitiveDataFilter
3
+ module Middleware
4
+ class EnvParser
5
+ extend Forwardable
6
+
7
+ attr_reader :env
8
+
9
+ def initialize(env)
10
+ @env = env
11
+ @request = Rack::Request.new(@env)
12
+ end
13
+
14
+ def query_params
15
+ Rack::Utils.parse_query(@request.query_string)
16
+ end
17
+
18
+ def body_params
19
+ body = @request.body.read
20
+ @request.body.rewind
21
+ Rack::Utils.parse_query(body)
22
+ end
23
+
24
+ def query_params=(new_params)
25
+ @env['QUERY_STRING'] = Rack::Utils.build_query(new_params)
26
+ end
27
+
28
+ def body_params=(new_params)
29
+ @env['rack.input'] = StringIO.new Rack::Utils.build_query(new_params)
30
+ end
31
+
32
+ def copy
33
+ self.class.new(@env.clone)
34
+ end
35
+
36
+ def mask!
37
+ self.query_params = SensitiveDataFilter::Mask.mask_hash(query_params)
38
+ self.body_params = SensitiveDataFilter::Mask.mask_hash(body_params)
39
+ end
40
+
41
+ def_delegators :@request, :ip, :request_method, :url, :params, :session
42
+ end
43
+ end
44
+ end
@@ -0,0 +1,23 @@
1
+ # frozen_string_literal: true
2
+ module SensitiveDataFilter
3
+ module Middleware
4
+ class Filter
5
+ def initialize(app)
6
+ @app = app
7
+ end
8
+
9
+ def call(env)
10
+ env_filter = EnvFilter.new env
11
+ handle_occurrence env_filter
12
+ @app.call env_filter.filtered_env
13
+ end
14
+
15
+ private
16
+
17
+ def handle_occurrence(env_filter)
18
+ return unless env_filter.occurrence?
19
+ SensitiveDataFilter.handle_occurrence env_filter.occurrence
20
+ end
21
+ end
22
+ end
23
+ end
@@ -0,0 +1,52 @@
1
+ # frozen_string_literal: true
2
+ require 'facets/string/titlecase'
3
+
4
+ module SensitiveDataFilter
5
+ module Middleware
6
+ class Occurrence
7
+ extend Forwardable
8
+
9
+ attr_reader :matches
10
+
11
+ def initialize(original_env_parser, filtered_env_parser, matches)
12
+ @original_env_parser = original_env_parser
13
+ @filtered_env_parser = filtered_env_parser
14
+ @matches = matches
15
+ end
16
+
17
+ def origin_ip
18
+ @original_env_parser.ip
19
+ end
20
+
21
+ def original_params
22
+ @original_env_parser.params
23
+ end
24
+
25
+ def filtered_params
26
+ @filtered_env_parser.params
27
+ end
28
+
29
+ def_delegators :@original_env_parser, :request_method, :url, :session
30
+
31
+ def matches_count
32
+ @matches.map { |type, matches| [type, matches.count] }.to_h
33
+ end
34
+
35
+ def to_h
36
+ {
37
+ origin_ip: origin_ip,
38
+ request_method: request_method,
39
+ url: url,
40
+ filtered_params: filtered_params,
41
+ session: session,
42
+ matches_count: matches_count
43
+ }
44
+ end
45
+
46
+ def to_s
47
+ "[SensitiveDataFilter] Sensitive Data detected and masked:\n" +
48
+ to_h.map { |attribute, value| "#{attribute.to_s.titlecase}: #{value}" }.join("\n")
49
+ end
50
+ end
51
+ end
52
+ end
@@ -0,0 +1,22 @@
1
+ # frozen_string_literal: true
2
+ require 'facets/hash/collate'
3
+
4
+ module SensitiveDataFilter
5
+ module Middleware
6
+ class ParameterScanner
7
+ def initialize(env_parser)
8
+ @env_parser = env_parser
9
+ @params = @env_parser.query_params.values + @env_parser.body_params.values
10
+ @scans = @params.map { |value| SensitiveDataFilter::Scan.new(value) }
11
+ end
12
+
13
+ def matches
14
+ @scans.map(&:matches).inject(:collate)
15
+ end
16
+
17
+ def sensitive_data?
18
+ @scans.any?(&:matches?)
19
+ end
20
+ end
21
+ end
22
+ end
@@ -0,0 +1,11 @@
1
+ # frozen_string_literal: true
2
+ module SensitiveDataFilter
3
+ module Middleware
4
+ end
5
+ end
6
+
7
+ require 'sensitive_data_filter/middleware/env_parser'
8
+ require 'sensitive_data_filter/middleware/parameter_scanner'
9
+ require 'sensitive_data_filter/middleware/occurrence'
10
+ require 'sensitive_data_filter/middleware/env_filter'
11
+ require 'sensitive_data_filter/middleware/filter'
@@ -0,0 +1,26 @@
1
+ # frozen_string_literal: true
2
+ require 'facets/kernel/present'
3
+
4
+ module SensitiveDataFilter
5
+ class Scan
6
+ def initialize(value)
7
+ @value = value
8
+ end
9
+
10
+ def matches
11
+ @matches ||= SensitiveDataFilter.enabled_types.map.with_object({}) { |scanner, matches|
12
+ matches[scanner.name.split('::').last] = whitelist scanner.scan(@value)
13
+ }
14
+ end
15
+
16
+ def matches?
17
+ matches.values.any?(&:present?)
18
+ end
19
+
20
+ private
21
+
22
+ def whitelist(matches)
23
+ matches.reject { |match| SensitiveDataFilter.whitelisted? match }
24
+ end
25
+ end
26
+ end
@@ -0,0 +1,72 @@
1
+ # frozen_string_literal: true
2
+ module SensitiveDataFilter
3
+ module Types
4
+ module CreditCard
5
+ SEPARATORS = /[ -]/
6
+ SEPRS = SEPARATORS.source + '*'
7
+ CARD_16_DIGITS = /\d{4} #{SEPRS} \d{4} #{SEPRS} \d{4} #{SEPRS} \d{4}/
8
+ CARD_13_DIGITS = /\d{3} #{SEPRS} \d{3} #{SEPRS} \d{3} #{SEPRS} \d #{SEPRS} \d{3}/
9
+ CARD_14_DIGITS = /\d{4} #{SEPRS} \d{6} #{SEPRS} \d{4}/
10
+ CARD_15_DIGITS = /\d{4} #{SEPRS} \d{6} #{SEPRS} \d{5}/
11
+ CARD = /
12
+ (?<!\d)(?:
13
+ #{CARD_16_DIGITS.source}
14
+ | #{CARD_13_DIGITS.source}
15
+ | #{CARD_14_DIGITS.source}
16
+ | #{CARD_15_DIGITS.source}
17
+ )(?!\d)
18
+ /x
19
+ FILTERED = '[FILTERED]'
20
+
21
+ module_function def valid?(number)
22
+ return false unless number.is_a? String
23
+ return false unless number.match CARD
24
+ Luhn.new(number.gsub(SEPARATORS, '')).valid?
25
+ end
26
+
27
+ module_function def scan(value)
28
+ return [] unless value.is_a? String
29
+ value.scan(CARD).select { |card| valid?(card) }
30
+ end
31
+
32
+ module_function def mask(value)
33
+ return value unless value.is_a? String
34
+ scan(value).inject(value) { |acc, elem| acc.gsub(elem, FILTERED) }
35
+ end
36
+
37
+ # Adapted from https://github.com/rolfb/luhn-ruby/blob/master/lib/luhn.rb
38
+ class Luhn
39
+ def initialize(number)
40
+ @number = number
41
+ end
42
+
43
+ def valid?
44
+ numbers = split_digits(@number)
45
+ numbers.last == checksum(numbers[0..-2].join)
46
+ end
47
+
48
+ private
49
+
50
+ def checksum(number)
51
+ products = luhn_doubled(number)
52
+ sum = products.inject(0) { |acc, elem| acc + sum_of(elem) }
53
+ checksum = 10 - (sum % 10)
54
+ checksum == 10 ? 0 : checksum
55
+ end
56
+
57
+ def luhn_doubled(number)
58
+ numbers = split_digits(number).reverse
59
+ numbers.map.with_index { |n, i| i.even? ? n * 2 : n * 1 }.reverse
60
+ end
61
+
62
+ def sum_of(number)
63
+ split_digits(number).inject(:+)
64
+ end
65
+
66
+ def split_digits(number)
67
+ number.to_s.split(//).map(&:to_i)
68
+ end
69
+ end
70
+ end
71
+ end
72
+ end
@@ -0,0 +1,7 @@
1
+ # frozen_string_literal: true
2
+ module SensitiveDataFilter
3
+ module Types
4
+ end
5
+ end
6
+
7
+ require 'sensitive_data_filter/types/credit_card'
@@ -0,0 +1,4 @@
1
+ # frozen_string_literal: true
2
+ module SensitiveDataFilter
3
+ VERSION = '0.1.0'
4
+ end
@@ -0,0 +1,11 @@
1
+ # frozen_string_literal: true
2
+ require 'sensitive_data_filter/version'
3
+
4
+ module SensitiveDataFilter
5
+ end
6
+
7
+ require 'sensitive_data_filter/config'
8
+ require 'sensitive_data_filter/mask'
9
+ require 'sensitive_data_filter/scan'
10
+ require 'sensitive_data_filter/types'
11
+ require 'sensitive_data_filter/middleware'
@@ -0,0 +1,37 @@
1
+ # coding: utf-8
2
+ # frozen_string_literal: true
3
+ lib = File.expand_path('../lib', __FILE__)
4
+ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
5
+ require 'sensitive_data_filter/version'
6
+
7
+ Gem::Specification.new do |spec|
8
+ spec.name = 'sensitive_data_filter'
9
+ spec.version = SensitiveDataFilter::VERSION
10
+ spec.authors = ['Alessandro Berardi', 'SeaLink ']
11
+ spec.email = %w(berardialessandro@gmail.com support@travellink.com.au)
12
+
13
+ spec.summary = 'Rack Middleware filter for sensitive data'
14
+ spec.description = 'A Rack Middleware level filter for sensitive data'
15
+ spec.homepage = 'https://github.com/sealink/sensitive_data_filter'
16
+ spec.license = 'MIT'
17
+
18
+ spec.files = `git ls-files -z`.split("\x0")
19
+ .reject { |f| f.match(%r{^(test|spec|features)/}) }
20
+ spec.bindir = 'exe'
21
+ spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
22
+ spec.require_paths = ['lib']
23
+
24
+ spec.required_ruby_version = '>= 2.1'
25
+
26
+ spec.add_dependency 'rack', '>= 1.4'
27
+ spec.add_dependency 'facets', '~> 3.1'
28
+
29
+ spec.add_development_dependency 'bundler', '~> 1.13'
30
+ spec.add_development_dependency 'rake', '~> 10.0'
31
+ spec.add_development_dependency 'rspec', '~> 3.5'
32
+ spec.add_development_dependency 'coverage-kit', '~> 0.1'
33
+ spec.add_development_dependency 'simplecov-rcov', '~> 0.2'
34
+ spec.add_development_dependency 'coveralls', '~> 0.8'
35
+ spec.add_development_dependency 'rubocop', '~> 0.46'
36
+ spec.add_development_dependency 'travis', '~> 1.8'
37
+ end
metadata ADDED
@@ -0,0 +1,215 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: sensitive_data_filter
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.1.0
5
+ platform: ruby
6
+ authors:
7
+ - Alessandro Berardi
8
+ - 'SeaLink '
9
+ autorequire:
10
+ bindir: exe
11
+ cert_chain: []
12
+ date: 2016-12-09 00:00:00.000000000 Z
13
+ dependencies:
14
+ - !ruby/object:Gem::Dependency
15
+ name: rack
16
+ requirement: !ruby/object:Gem::Requirement
17
+ requirements:
18
+ - - ">="
19
+ - !ruby/object:Gem::Version
20
+ version: '1.4'
21
+ type: :runtime
22
+ prerelease: false
23
+ version_requirements: !ruby/object:Gem::Requirement
24
+ requirements:
25
+ - - ">="
26
+ - !ruby/object:Gem::Version
27
+ version: '1.4'
28
+ - !ruby/object:Gem::Dependency
29
+ name: facets
30
+ requirement: !ruby/object:Gem::Requirement
31
+ requirements:
32
+ - - "~>"
33
+ - !ruby/object:Gem::Version
34
+ version: '3.1'
35
+ type: :runtime
36
+ prerelease: false
37
+ version_requirements: !ruby/object:Gem::Requirement
38
+ requirements:
39
+ - - "~>"
40
+ - !ruby/object:Gem::Version
41
+ version: '3.1'
42
+ - !ruby/object:Gem::Dependency
43
+ name: bundler
44
+ requirement: !ruby/object:Gem::Requirement
45
+ requirements:
46
+ - - "~>"
47
+ - !ruby/object:Gem::Version
48
+ version: '1.13'
49
+ type: :development
50
+ prerelease: false
51
+ version_requirements: !ruby/object:Gem::Requirement
52
+ requirements:
53
+ - - "~>"
54
+ - !ruby/object:Gem::Version
55
+ version: '1.13'
56
+ - !ruby/object:Gem::Dependency
57
+ name: rake
58
+ requirement: !ruby/object:Gem::Requirement
59
+ requirements:
60
+ - - "~>"
61
+ - !ruby/object:Gem::Version
62
+ version: '10.0'
63
+ type: :development
64
+ prerelease: false
65
+ version_requirements: !ruby/object:Gem::Requirement
66
+ requirements:
67
+ - - "~>"
68
+ - !ruby/object:Gem::Version
69
+ version: '10.0'
70
+ - !ruby/object:Gem::Dependency
71
+ name: rspec
72
+ requirement: !ruby/object:Gem::Requirement
73
+ requirements:
74
+ - - "~>"
75
+ - !ruby/object:Gem::Version
76
+ version: '3.5'
77
+ type: :development
78
+ prerelease: false
79
+ version_requirements: !ruby/object:Gem::Requirement
80
+ requirements:
81
+ - - "~>"
82
+ - !ruby/object:Gem::Version
83
+ version: '3.5'
84
+ - !ruby/object:Gem::Dependency
85
+ name: coverage-kit
86
+ requirement: !ruby/object:Gem::Requirement
87
+ requirements:
88
+ - - "~>"
89
+ - !ruby/object:Gem::Version
90
+ version: '0.1'
91
+ type: :development
92
+ prerelease: false
93
+ version_requirements: !ruby/object:Gem::Requirement
94
+ requirements:
95
+ - - "~>"
96
+ - !ruby/object:Gem::Version
97
+ version: '0.1'
98
+ - !ruby/object:Gem::Dependency
99
+ name: simplecov-rcov
100
+ requirement: !ruby/object:Gem::Requirement
101
+ requirements:
102
+ - - "~>"
103
+ - !ruby/object:Gem::Version
104
+ version: '0.2'
105
+ type: :development
106
+ prerelease: false
107
+ version_requirements: !ruby/object:Gem::Requirement
108
+ requirements:
109
+ - - "~>"
110
+ - !ruby/object:Gem::Version
111
+ version: '0.2'
112
+ - !ruby/object:Gem::Dependency
113
+ name: coveralls
114
+ requirement: !ruby/object:Gem::Requirement
115
+ requirements:
116
+ - - "~>"
117
+ - !ruby/object:Gem::Version
118
+ version: '0.8'
119
+ type: :development
120
+ prerelease: false
121
+ version_requirements: !ruby/object:Gem::Requirement
122
+ requirements:
123
+ - - "~>"
124
+ - !ruby/object:Gem::Version
125
+ version: '0.8'
126
+ - !ruby/object:Gem::Dependency
127
+ name: rubocop
128
+ requirement: !ruby/object:Gem::Requirement
129
+ requirements:
130
+ - - "~>"
131
+ - !ruby/object:Gem::Version
132
+ version: '0.46'
133
+ type: :development
134
+ prerelease: false
135
+ version_requirements: !ruby/object:Gem::Requirement
136
+ requirements:
137
+ - - "~>"
138
+ - !ruby/object:Gem::Version
139
+ version: '0.46'
140
+ - !ruby/object:Gem::Dependency
141
+ name: travis
142
+ requirement: !ruby/object:Gem::Requirement
143
+ requirements:
144
+ - - "~>"
145
+ - !ruby/object:Gem::Version
146
+ version: '1.8'
147
+ type: :development
148
+ prerelease: false
149
+ version_requirements: !ruby/object:Gem::Requirement
150
+ requirements:
151
+ - - "~>"
152
+ - !ruby/object:Gem::Version
153
+ version: '1.8'
154
+ description: A Rack Middleware level filter for sensitive data
155
+ email:
156
+ - berardialessandro@gmail.com
157
+ - support@travellink.com.au
158
+ executables: []
159
+ extensions: []
160
+ extra_rdoc_files: []
161
+ files:
162
+ - ".gitignore"
163
+ - ".rspec"
164
+ - ".rubocop.yml"
165
+ - ".ruby-version"
166
+ - ".travis.yml"
167
+ - CHANGELOG.md
168
+ - CODE_OF_CONDUCT.md
169
+ - Gemfile
170
+ - LICENSE
171
+ - README.md
172
+ - Rakefile
173
+ - bin/console
174
+ - bin/setup
175
+ - gemfiles/Gemfile.ruby-2.1.rb
176
+ - gemfiles/Gemfile.ruby-2.2.rb
177
+ - lib/sensitive_data_filter.rb
178
+ - lib/sensitive_data_filter/config.rb
179
+ - lib/sensitive_data_filter/mask.rb
180
+ - lib/sensitive_data_filter/middleware.rb
181
+ - lib/sensitive_data_filter/middleware/env_filter.rb
182
+ - lib/sensitive_data_filter/middleware/env_parser.rb
183
+ - lib/sensitive_data_filter/middleware/filter.rb
184
+ - lib/sensitive_data_filter/middleware/occurrence.rb
185
+ - lib/sensitive_data_filter/middleware/parameter_scanner.rb
186
+ - lib/sensitive_data_filter/scan.rb
187
+ - lib/sensitive_data_filter/types.rb
188
+ - lib/sensitive_data_filter/types/credit_card.rb
189
+ - lib/sensitive_data_filter/version.rb
190
+ - sensitive_data_filter.gemspec
191
+ homepage: https://github.com/sealink/sensitive_data_filter
192
+ licenses:
193
+ - MIT
194
+ metadata: {}
195
+ post_install_message:
196
+ rdoc_options: []
197
+ require_paths:
198
+ - lib
199
+ required_ruby_version: !ruby/object:Gem::Requirement
200
+ requirements:
201
+ - - ">="
202
+ - !ruby/object:Gem::Version
203
+ version: '2.1'
204
+ required_rubygems_version: !ruby/object:Gem::Requirement
205
+ requirements:
206
+ - - ">="
207
+ - !ruby/object:Gem::Version
208
+ version: '0'
209
+ requirements: []
210
+ rubyforge_project:
211
+ rubygems_version: 2.5.2
212
+ signing_key:
213
+ specification_version: 4
214
+ summary: Rack Middleware filter for sensitive data
215
+ test_files: []