sqreen 1.17.2.beta2-java → 1.17.2.beta3-java

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 01c3c821c21de60612d7bea58944b0d350e97c31bc2506200c712f366b866285
4
- data.tar.gz: be7c642d80bb226edb19e54d478ee3835eb1c1e61dd704b966d42bc7b12ae831
3
+ metadata.gz: 91a18a8bc48b07279910e5ad56ac12876450b700c4d051aa5f14e9d3e8a23c17
4
+ data.tar.gz: 80a83f307076cb929eb555788bb6427933b57ccca697e911e5f7f62a22bdd2cf
5
5
  SHA512:
6
- metadata.gz: 3c5f2ea96cf758cd23628213ffae12c0183eba93106e59f0fbc40ee2237c2801ee635db7bf8448459644d7a70a1e6d7f7bcebdf7401583c7b7b8e534e62f6a29
7
- data.tar.gz: 74c1989008d6b3053e15168c36e468e64af87ef088d91680538a47af3782ccf7925eb2da8d4aec96c4aaf72f2eadc21da26e4227993520d132f34c254d4b3be7
6
+ metadata.gz: 802cbeb428254e321641df1bb53474b0f7f77f0868a42a588ce275fc1d3b03f8404f080b7ff24a28d38f6594f6a3fbc4b36854c2f64ad6dbc49ef45b8eef814c
7
+ data.tar.gz: 39dbd0f66e2f642ebd80af3d2bd38b9df070fb0c34b35084128bb94d1977be74669331b5c12aa50fcfc8305b2ff8cf3e39a3043cee4c1fbc2fd53bf483d41fe8
data/CHANGELOG.md CHANGED
@@ -1,3 +1,9 @@
1
+ ## 1.17.2.beta3
2
+
3
+ * Improve performance of user tracking
4
+ * Improve reliability of user tracking against performance budget
5
+ * Restore compatibility with Ruby 1.9.3, 2.0, and 2.1 and JRuby 9.2
6
+
1
7
  ## 1.17.2.beta2
2
8
 
3
9
  * Important note: this beta release supports Ruby 2.2 or above only
@@ -0,0 +1,4 @@
1
+ module Sqreen
2
+ module Backport
3
+ end
4
+ end
@@ -0,0 +1,83 @@
1
+ module Sqreen
2
+ module Backport
3
+ module OriginalName
4
+ HAS_UNBOUND_METHOD_ORIGINAL_NAME = ::UnboundMethod.instance_methods(false).include?(:original_name)
5
+ HAS_METHOD_ORIGINAL_NAME = ::Method.instance_methods(false).include?(:original_name)
6
+
7
+ def original_name
8
+ self.class.get_original_name(owner, original_name_key) || self.original_name = name
9
+ end
10
+
11
+ private
12
+
13
+ def original_name=(name)
14
+ self.class.set_original_name(owner, original_name_key, name)
15
+ end
16
+
17
+ def original_name_key
18
+ return hash if is_a?(::UnboundMethod)
19
+
20
+ owner.instance_method(name).hash
21
+ end
22
+
23
+ class << self
24
+ def supported?
25
+ !::Kernel.const_defined?(:JRUBY_VERSION) && HAS_UNBOUND_METHOD_ORIGINAL_NAME && HAS_METHOD_ORIGINAL_NAME
26
+ end
27
+
28
+ def included(klass)
29
+ klass.extend(ClassMethods)
30
+ end
31
+
32
+ def prepended(klass)
33
+ klass.extend(ClassMethods)
34
+ end
35
+ end
36
+
37
+ class Store < ::Hash; end
38
+
39
+ module ClassMethods
40
+ def original_names(owner)
41
+ owner.instance_eval { @__sqreen_backport_original_names ||= Store.new }
42
+ end
43
+
44
+ def get_original_name(owner, key)
45
+ original_names(owner)[key]
46
+ end
47
+
48
+ def set_original_name(owner, key, name)
49
+ original_names(owner)[key] ||= name
50
+ end
51
+ end
52
+ end
53
+ end
54
+ end
55
+
56
+ class UnboundMethod
57
+ if Sqreen::Backport::OriginalName::HAS_UNBOUND_METHOD_ORIGINAL_NAME
58
+ prepend Sqreen::Backport::OriginalName
59
+ else
60
+ include Sqreen::Backport::OriginalName
61
+ end
62
+ end unless Sqreen::Backport::OriginalName.supported?
63
+
64
+ class Method
65
+ if Sqreen::Backport::OriginalName::HAS_METHOD_ORIGINAL_NAME
66
+ prepend Sqreen::Backport::OriginalName
67
+ else
68
+ include Sqreen::Backport::OriginalName
69
+ end
70
+ end unless Sqreen::Backport::OriginalName.supported?
71
+
72
+ class Module
73
+ alias_method(:alias_method_without_original_name, :alias_method)
74
+
75
+ def alias_method_with_original_name(newname, oldname)
76
+ alias_method_without_original_name(newname, oldname).tap do
77
+ instance_method(newname).send(:original_name=, :"#{oldname}")
78
+ end
79
+ end
80
+
81
+ alias_method_with_original_name(:alias_method_without_original_name, :alias_method)
82
+ alias_method_with_original_name(:alias_method, :alias_method_with_original_name)
83
+ end unless Sqreen::Backport::OriginalName.supported?
@@ -2,6 +2,7 @@
2
2
  # Please refer to our terms for more information: https://www.sqreen.io/terms.html
3
3
 
4
4
  require 'sqreen/dependency'
5
+ require 'sqreen/backport/original_name'
5
6
 
6
7
  module Sqreen
7
8
  module Dependency
@@ -25,5 +25,7 @@ require 'sqreen/rules_callbacks/binding_accessor_metrics'
25
25
  require 'sqreen/rules_callbacks/binding_accessor_matcher'
26
26
  require 'sqreen/rules_callbacks/count_http_codes'
27
27
  require 'sqreen/rules_callbacks/crawler_user_agent_matches_metrics'
28
+ require 'sqreen/rules_callbacks/sdk_auth_track'
29
+ require 'sqreen/rules_callbacks/devise_auth_track'
28
30
 
29
31
  require 'sqreen/rules_callbacks/custom_error'
@@ -0,0 +1,33 @@
1
+ require 'sqreen/rule_attributes'
2
+ require 'sqreen/rule_callback'
3
+ require 'sqreen/safe_json'
4
+
5
+ module Sqreen
6
+ module Rules
7
+ class DeviseAuthTrackCB < RuleCB
8
+ def initialize(*args)
9
+ super(*args)
10
+ @overtimeable = false
11
+ end
12
+
13
+ def post(_rv, instance, _args, _budget)
14
+ status = instance.instance_variable_get(:@result).to_s
15
+ data = instance.authentication_hash
16
+ keys = instance.send(:authentication_keys)
17
+ ip = framework.client_ip
18
+ category = status == 'failure' ? 'auto-login-fail' : 'auto-login-success'
19
+ data = data.select { |k, _| keys.include?(k) }
20
+
21
+ if data.empty?
22
+ Sqreen.log.debug { "#{category} from #{ip} but keys empty" }
23
+ return
24
+ end
25
+
26
+ payload = { keys: data.to_a, ip: ip }
27
+
28
+ record_observation(category, JSON.dump(payload), 1)
29
+ advise_action(nil)
30
+ end
31
+ end
32
+ end
33
+ end
@@ -0,0 +1,32 @@
1
+ require 'sqreen/rule_attributes'
2
+ require 'sqreen/rule_callback'
3
+ require 'sqreen/safe_json'
4
+
5
+ module Sqreen
6
+ module Rules
7
+ class DeviseSignupTrackCB < RuleCB
8
+ def initialize(*args)
9
+ super(*args)
10
+ @overtimeable = false
11
+ end
12
+
13
+ def pre(_instance, args, _budget)
14
+ data = args[1].attributes
15
+ keys = args[1].class.authentication_keys
16
+ ip = framework.client_ip
17
+ category = 'auto-signup'
18
+ data = data.select { |k, _| keys.include?(k) }
19
+
20
+ if data.empty?
21
+ Sqreen.log.debug { "#{category} from #{ip} but keys empty" }
22
+ return
23
+ end
24
+
25
+ payload = { keys: data.to_a, ip: ip }
26
+
27
+ record_observation(category, JSON.dump(payload), 1)
28
+ advise_action(nil)
29
+ end
30
+ end
31
+ end
32
+ end
@@ -0,0 +1,30 @@
1
+ require 'sqreen/rule_attributes'
2
+ require 'sqreen/rule_callback'
3
+ require 'sqreen/safe_json'
4
+
5
+ module Sqreen
6
+ module Rules
7
+ class AuthTrackCB < RuleCB
8
+ def initialize(*args)
9
+ super(*args)
10
+ @overtimeable = false
11
+ end
12
+
13
+ def pre(_instance, args, _budget)
14
+ success, authentication_keys = args
15
+ ip = framework.client_ip
16
+ category = success ? 'sdk-login-success' : 'sdk-login-fail'
17
+
18
+ if authentication_keys.empty?
19
+ Sqreen.log.debug { "#{category} from #{ip} but keys empty" }
20
+ return
21
+ end
22
+
23
+ payload = { keys: authentication_keys.to_a, ip: ip }
24
+
25
+ record_observation(category, JSON.dump(payload), 1)
26
+ advise_action(nil)
27
+ end
28
+ end
29
+ end
30
+ end
@@ -0,0 +1,30 @@
1
+ require 'sqreen/rule_attributes'
2
+ require 'sqreen/rule_callback'
3
+ require 'sqreen/safe_json'
4
+
5
+ module Sqreen
6
+ module Rules
7
+ class SignupTrackCB < RuleCB
8
+ def initialize(*args)
9
+ super(*args)
10
+ @overtimeable = false
11
+ end
12
+
13
+ def pre(_instance, args, _budget)
14
+ authentication_keys = args.first
15
+ ip = framework.client_ip
16
+ category = 'sdk-signup'
17
+
18
+ if authentication_keys.empty?
19
+ Sqreen.log.debug { "#{category} from #{ip} but keys empty" }
20
+ return
21
+ end
22
+
23
+ payload = { keys: authentication_keys.to_a, ip: ip }
24
+
25
+ record_observation(category, JSON.dump(payload), 1)
26
+ advise_action(nil)
27
+ end
28
+ end
29
+ end
30
+ end
@@ -1,5 +1,5 @@
1
1
  # Copyright (c) 2015 Sqreen. All Rights Reserved.
2
2
  # Please refer to our terms for more information: https://www.sqreen.io/terms.html
3
3
  module Sqreen
4
- VERSION = '1.17.2.beta2'.freeze
4
+ VERSION = '1.17.2.beta3'.freeze
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: sqreen
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.17.2.beta2
4
+ version: 1.17.2.beta3
5
5
  platform: java
6
6
  authors:
7
7
  - Sqreen
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2019-07-23 00:00:00.000000000 Z
11
+ date: 2019-08-09 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  requirement: !ruby/object:Gem::Requirement
@@ -54,6 +54,8 @@ files:
54
54
  - lib/sqreen/actions.rb
55
55
  - lib/sqreen/agent.rb
56
56
  - lib/sqreen/attack_detected.html
57
+ - lib/sqreen/backport.rb
58
+ - lib/sqreen/backport/original_name.rb
57
59
  - lib/sqreen/binding_accessor.rb
58
60
  - lib/sqreen/ca.crt
59
61
  - lib/sqreen/call_countable.rb
@@ -121,6 +123,8 @@ files:
121
123
  - lib/sqreen/rules_callbacks/crawler_user_agent_matches.rb
122
124
  - lib/sqreen/rules_callbacks/crawler_user_agent_matches_metrics.rb
123
125
  - lib/sqreen/rules_callbacks/custom_error.rb
126
+ - lib/sqreen/rules_callbacks/devise_auth_track.rb
127
+ - lib/sqreen/rules_callbacks/devise_signup_track.rb
124
128
  - lib/sqreen/rules_callbacks/execjs.rb
125
129
  - lib/sqreen/rules_callbacks/headers_insert.rb
126
130
  - lib/sqreen/rules_callbacks/inspect_rule.rb
@@ -131,6 +135,8 @@ files:
131
135
  - lib/sqreen/rules_callbacks/regexp_rule.rb
132
136
  - lib/sqreen/rules_callbacks/run_req_start_actions.rb
133
137
  - lib/sqreen/rules_callbacks/run_user_actions.rb
138
+ - lib/sqreen/rules_callbacks/sdk_auth_track.rb
139
+ - lib/sqreen/rules_callbacks/sdk_signup_track.rb
134
140
  - lib/sqreen/rules_callbacks/shell_env.rb
135
141
  - lib/sqreen/rules_callbacks/url_matches.rb
136
142
  - lib/sqreen/rules_callbacks/user_agent_matches.rb
@@ -167,7 +173,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
167
173
  requirements:
168
174
  - - ">="
169
175
  - !ruby/object:Gem::Version
170
- version: '2.2'
176
+ version: 1.9.3
171
177
  required_rubygems_version: !ruby/object:Gem::Requirement
172
178
  requirements:
173
179
  - - ">"