smyte 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: e49d6787f785de76ce55f896fea08e2cfbc98ed2
+  data.tar.gz: 187e626f692fc20205f284fe398be27408d3f25e
+SHA512:
+  metadata.gz: ecf2767e5f099f9ffc8e4a9f70f443bd9709c58347457230c6097a2ba5f7f37bbeedd2617d3d44786fd890622b099b5f3c003ba71d98ab5ecd5c55b07fef4102
+  data.tar.gz: 848e86930a5c87cdcaba635d86992524d75e08efc56775c734bfe7606f1e2619258ca6c1c3be5128af4147c44491908fb50eb8065e57ebda756d42e7b36883e2

data/.gitignore

@@ -0,0 +1,10 @@
+/.bundle/
+/.yardoc
+/Gemfile.lock
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/
+*.gem

data/.rspec

@@ -0,0 +1,2 @@
+--color
+--require spec_helper

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in smyte.gemspec
+gemspec

data/LICENSE.txt

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2016 Brian Leonard
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md

@@ -0,0 +1,77 @@
+# Smyte
+
+[Smyte](https://www.smyte.com) is a fraud-checking service. This gem makes it a bit easier to work with their [API](https://docs.smyte.com/).
+
+## Setup
+
+`gem install smyte`
+
+```ruby
+require 'smyte'
+
+Smyte.enabled    = true
+Smyte.api_key    = '123456789'
+Smyte.api_secret = 'qwertyuiopasdfghjkl'
+Smyte.webhook_secret = 'zxcvbnmpoiuytrewq'
+```
+
+## Sending data to Smyte
+
+Uses this [API](https://docs.smyte.com/docs/sending-data-to-smyte).
+
+```ruby
+payload = {
+  data: {
+    custom_id: 1
+  },
+  http_request: {
+    headers: {
+      "X-Real-IP" => "5.6.7.8"
+    },
+    path: "/login"
+  },
+  session: {
+    id: 'sessionguid',
+    action: {
+      user_id: 2
+    }
+  },
+  timestamp: Time.now
+}
+
+Smyte.action('my_event', payload)
+
+```
+
+## Receiving classification results
+
+Uses this [API](https://docs.smyte.com/docs/receiving-classification-results).
+
+```ruby
+# payload same as before (or other, of course)
+classification = Smyte.classify('my_event', payload)
+
+puts classification.action # will be :block, :review, or :allow
+puts classification.label_report # for example on block ["exp:high_fail_rate_payment", "cc_country_mismatch"]
+
+```
+
+## Webhooks
+
+Uses this [API](https://docs.smyte.com/docs/webhooks).
+Smyte does a POST to your endpoint
+
+```ruby
+# for example in a Rails controller action
+secret = request.headers["X-Smyte-Signature"]
+notification = ::Smyte.webhook(secret, params)
+notification.items.each do |item|
+  puts item.action # will be :block, :review, or :allow
+  puts item.type # for example "user"
+  puts item.id   # user id
+  puts item.label_report #  for example on block  ["bad_user"]
+end
+
+```
+
+

data/Rakefile

@@ -0,0 +1 @@
+require "bundler/gem_tasks"

data/lib/smyte.rb

@@ -0,0 +1,45 @@
+require "smyte/version"
+require "forwardable"
+
+module Smyte
+
+  autoload :Classification, 'smyte/classification'
+  autoload :Client,         'smyte/client'
+  autoload :Config,         'smyte/config'
+  autoload :LabelReporter,  'smyte/label_reporter'
+  autoload :Notification,   'smyte/notification'
+
+  class << self
+    extend Forwardable
+
+    def_delegators :config, :logger=, :logger,
+                            :enabled=, :enabled, :enabled?,
+                            :api_key=, :api_key,
+                            :api_secret=, :api_secret,
+                            :webhook_secret=, :webhook_secret
+
+    def_delegators :client, :action, :classify
+
+
+    def webhook(secret, response)
+      ::Smyte::Notification.parse(secret, response)
+    end
+
+    protected
+
+    def reset
+      # used by tests
+      @config = nil
+    end
+
+    def config
+      @config ||= ::Smyte::Config.new
+    end
+
+    def client
+      ::Smyte::Client.new
+    end
+
+  end
+
+end

data/lib/smyte/classification.rb

@@ -0,0 +1,63 @@
+module Smyte
+  class Classification
+    include ::Smyte::LabelReporter
+
+    def self.allowed
+      new('verdict' => "ALLOW", 'labels' => {})
+    end
+
+    attr_reader :response
+
+    def initialize(response)
+      @response = response
+    end
+
+    protected
+
+    def parse_labels
+      out = []
+      labels = response["labels"] || {}
+      labels.each do |name, attributes|
+        out << Smyte::Classification::Label.new(name, attributes)
+      end
+      out
+    end
+
+    def parse_allow?
+      response["verdict"] == "ALLOW"
+    end
+
+    class Label
+      attr_reader :name, :response
+      def initialize(name, response)
+        @name = name
+        @response = response
+      end
+
+      # returns :block, :review, :allow, :unknown
+      def action
+        @action ||= calculate_action
+      end
+
+      def experimental?
+        !response["enabled"]
+      end
+
+      protected
+
+      def calculate_action
+        return :allow if response["verdict"] == "ALLOW"
+
+        if response["verdict"] == "BLOCK"
+          if experimental?
+            return :review
+          else
+            return :block
+          end
+        end
+
+        return :unknown
+      end
+    end
+  end
+end

data/lib/smyte/client.rb

@@ -0,0 +1,80 @@
+require 'faraday'
+require 'json'
+require 'logger'
+
+module Smyte
+  class Client
+    attr_reader :api_key, :api_secret, :logger, :enabled
+
+    def initialize(options=nil)
+      options ||= {}
+      [:api_key, :api_secret, :logger, :enabled].each do |key|
+        if options.has_key?(key)
+          value = options[key]
+        else
+          value = Smyte.send(key)
+        end
+        instance_variable_set("@#{key}", value)
+      end
+    end
+
+    def action(event_name, payload)
+      return true if !enabled
+
+      process(event_name, payload, "/v2/action")
+      true # any success is just true - nothing else to know
+    end
+
+    def classify(event_name, payload)
+      return Smyte::Classification.allowed if !enabled
+
+      response = process(event_name, payload, "/v2/action/classify")
+      Smyte::Classification.new(response)
+    end
+
+    protected
+
+    def connection
+      return @connection if @connection
+      options = {
+        url: 'https://api.smyte.com',
+        headers: {
+          'Content-Type'  => 'application/json'
+        }
+      }
+      @connection = Faraday.new(options) do |faraday|
+        # faraday.response :logger                # log requests to STDOUT
+        faraday.adapter  Faraday.default_adapter
+      end
+      @connection.basic_auth(api_key, api_secret)
+      @connection
+    end
+
+    def process(event_name, payload, path)
+      payload ||= {}
+      if payload.has_key?('name')
+        payload['name'] = event_name
+      else
+        payload[:name] = event_name
+      end
+
+      response = connection.post do |req|
+        req.url path
+        req.body = payload.to_json
+      end
+      
+      if response.success?
+        return JSON.parse(response.body)
+      else
+        hash = JSON.parse(response.body) rescue nil
+        error = "Smyte Error (#{response.status})"
+        if hash && hash["message"]
+          error << ": "
+          error << hash["message"]
+          error << "\n"
+        end
+        raise error
+      end
+    end
+  end
+end

data/lib/smyte/config.rb

@@ -0,0 +1,34 @@
+module Smyte
+  class Config
+    attr_accessor :logger
+    attr_writer :api_key, :api_secret, :webhook_secret
+
+    def api_key
+      return @api_key if @api_key
+      raise "Smyte api_key not set"
+    end
+
+    def api_secret
+      return @api_secret if @api_secret
+      raise "Smyte api_secret not set"
+    end
+
+    def webhook_secret
+      return @webhook_secret if @webhook_secret
+      raise "Smyte webhook_secret not set"
+    end
+
+    def enabled=input
+      @enabled = !!(input.to_s =~ /^(t|1|y|ok)/)
+    end
+
+    def enabled
+      return true if @enabled.nil?
+      @enabled
+    end
+
+    def enabled?
+      enabled
+    end
+  end
+end

data/lib/smyte/label_reporter.rb

@@ -0,0 +1,60 @@
+module Smyte
+  module LabelReporter
+    # class needs to define parse_labels and parse_allow?
+    # which returns objects that have an action
+
+    # returns :block, :review, :allow, :unknown
+    def action
+      @action ||= calculate_action
+    end
+
+    def labels
+      @labels ||= parse_labels
+    end
+
+    def label_actions
+      return @label_actions if @label_actions
+      found = Hash.new { |hash, key| hash[key] = [] }
+      labels.each do |label|
+        found[label.action] << label
+      end
+
+      @label_actions = found
+    end
+
+    def label_report
+      return @label_report if @label_report
+      out = []
+
+      labels.each do |label|
+        case label.action
+        when :block, :review
+          out << label.name
+        end
+      end
+
+      @label_report = out
+    end
+
+    def reset_labels
+      remove_instance_variable(:@label_report)  if defined?(@label_report)
+      remove_instance_variable(:@label_actions) if defined?(@label_actions)
+      remove_instance_variable(:@labels)        if defined?(@labels)
+      remove_instance_variable(:@action)        if defined?(@action)
+    end
+
+    protected
+
+    def calculate_action
+      return :allow if respond_to?(:parse_allow?, true) && parse_allow?
+
+      if label_actions[:block].size > 0
+        return :block
+      elsif label_actions[:review].size > 0
+        return :review
+      else
+        return :unknown
+      end
+    end
+  end
+end

data/lib/smyte/notification.rb

@@ -0,0 +1,109 @@
+module Smyte
+  class Notification
+    def self.parse(webhook_secret, response)
+      if webhook_secret != Smyte.webhook_secret
+        raise "invalid webhook_secret: #{webhook_secret}"
+      end
+      Smyte::Notification.new(response)
+    end
+
+    attr_reader :response
+
+    def initialize(response)
+      @response = response
+    end
+
+    def items
+      @items ||= parse_items
+    end
+
+    protected
+
+    def parse_items
+      out = {}
+      items = response["items"] || []
+      items.each do |hash|
+        key = hash["item"]
+        next unless key
+        if out[key]
+          out[key].send(:add_response, hash)
+        else
+          out[key] = Smyte::Notification::Item.new(hash)
+        end
+      end
+
+      out.values
+    end
+
+    class Item
+      include ::Smyte::LabelReporter
+
+      attr_reader :responses
+
+      def initialize(first_response)
+        @responses = [first_response]
+      end
+
+      def key
+        @item ||= responses.first["item"]
+      end
+
+      def type
+        @type ||= key.split("/").first
+      end
+
+      def id
+        @id ||= key.split("/").last
+      end
+
+      protected
+
+      def add_response(response)
+        reset_labels
+        responses << response
+        responses
+      end
+
+      def parse_labels
+        out = []
+        responses.each do |hash|
+          out << Smyte::Notification::Label.new(hash)
+        end
+        out
+      end
+    end
+
+    class Label
+      attr_reader :name, :response
+      def initialize(response)
+        @name = response["labelName"]
+        @response = response
+      end
+
+      # returns :block, :review, :allow, :unknown
+      def action
+        @action ||= calculate_action
+      end
+
+      def experimental?
+        response["labelType"] == "PENDING"
+      end
+
+      protected
+
+      def calculate_action
+        case response["labelType"]
+        when "ALLOW"
+          return :allow
+        when "PENDING"
+          return :review
+        when "ADDED", "BLOCK"
+          return :block
+        else
+          return :unknown
+        end
+      end
+    end
+
+  end
+end

data/lib/smyte/version.rb

@@ -0,0 +1,3 @@
+module Smyte
+  VERSION = "0.1.0"
+end

data/smyte.gemspec

@@ -0,0 +1,30 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'smyte/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = "smyte"
+  spec.version       = Smyte::VERSION
+  spec.authors       = ["Brian Leonard"]
+  spec.email         = ["brian@bleonard.com"]
+
+  spec.summary       = %q{Talk to Smyte service}
+  spec.description   = %q{Smyte does fraud detection}
+  spec.homepage      = "https://www.taskrabbit.com"
+  spec.license       = "MIT"
+
+  spec.files         = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
+  spec.bindir        = "exe"
+  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
+  spec.require_paths = ["lib"]
+
+  spec.add_dependency "faraday"
+
+  spec.add_development_dependency "bundler", "~> 1.10"
+  spec.add_development_dependency "rake", "~> 10.0"
+  spec.add_development_dependency "rspec", "~> 3.4"
+  spec.add_development_dependency "byebug", "~> 3.5.1"
+  spec.add_development_dependency "vcr", "~> 3.0.1"
+  spec.add_development_dependency "webmock", "~> 1.24.3"
+end

metadata

@@ -0,0 +1,157 @@
+--- !ruby/object:Gem::Specification
+name: smyte
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Brian Leonard
+autorequire: 
+bindir: exe
+cert_chain: []
+date: 2016-04-26 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: faraday
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.10'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.10'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.4'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.4'
+- !ruby/object:Gem::Dependency
+  name: byebug
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 3.5.1
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 3.5.1
+- !ruby/object:Gem::Dependency
+  name: vcr
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 3.0.1
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 3.0.1
+- !ruby/object:Gem::Dependency
+  name: webmock
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.24.3
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.24.3
+description: Smyte does fraud detection
+email:
+- brian@bleonard.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- ".rspec"
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- lib/smyte.rb
+- lib/smyte/classification.rb
+- lib/smyte/client.rb
+- lib/smyte/config.rb
+- lib/smyte/label_reporter.rb
+- lib/smyte/notification.rb
+- lib/smyte/version.rb
+- smyte.gemspec
+homepage: https://www.taskrabbit.com
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.2.3
+signing_key: 
+specification_version: 4
+summary: Talk to Smyte service
+test_files: []
+has_rdoc: