stytch 10.5.0 → 10.7.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/stytch/b2b_sso.rb +5 -0
- data/lib/stytch/fraud.rb +45 -15
- data/lib/stytch/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 8907a22413a9c5c7107cf8ebe750c26a38e0fb43dd3bdd96d88abc750672e998
|
|
4
|
+
data.tar.gz: 0017fb8bca695695315101419004a5120276b5f6e5e8dfea82a3f6292c1f167f
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 90635adebb9d100237fec64cbd43e90d28afcf20111974d0a2bf3b7adb3babc8ce6a8ae0b83a97ac2e2b5e70e104caf86b20653079519fc88e35eab438b43bfc
|
|
7
|
+
data.tar.gz: d7bad5b88717a8efd3616fbfc122d8bbff0da879fc7ece3dcd3f810dbca9b9189625e12f51563072f99610bf668dba8563ede54679cd2e17e4a7f7823d12513f
|
data/lib/stytch/b2b_sso.rb
CHANGED
|
@@ -633,6 +633,9 @@ module StytchB2B
|
|
|
633
633
|
#
|
|
634
634
|
# Specifying a known provider allows Stytch to handle any provider-specific logic.
|
|
635
635
|
# The type of this field is nilable +UpdateConnectionRequestIdentityProvider+ (string enum).
|
|
636
|
+
# signing_private_key::
|
|
637
|
+
# A PKCS1 format RSA private key used for signing SAML requests. Only PKCS1 format (starting with "-----BEGIN RSA PRIVATE KEY-----") is supported. When provided, Stytch will generate a new x509 certificate from this key and return it in the signing_certificates array.
|
|
638
|
+
# The type of this field is nilable +String+.
|
|
636
639
|
#
|
|
637
640
|
# == Returns:
|
|
638
641
|
# An object with the following fields:
|
|
@@ -660,6 +663,7 @@ module StytchB2B
|
|
|
660
663
|
saml_group_implicit_role_assignments: nil,
|
|
661
664
|
alternative_audience_uri: nil,
|
|
662
665
|
identity_provider: nil,
|
|
666
|
+
signing_private_key: nil,
|
|
663
667
|
method_options: nil
|
|
664
668
|
)
|
|
665
669
|
headers = {}
|
|
@@ -674,6 +678,7 @@ module StytchB2B
|
|
|
674
678
|
request[:saml_group_implicit_role_assignments] = saml_group_implicit_role_assignments unless saml_group_implicit_role_assignments.nil?
|
|
675
679
|
request[:alternative_audience_uri] = alternative_audience_uri unless alternative_audience_uri.nil?
|
|
676
680
|
request[:identity_provider] = identity_provider unless identity_provider.nil?
|
|
681
|
+
request[:signing_private_key] = signing_private_key unless signing_private_key.nil?
|
|
677
682
|
|
|
678
683
|
put_request("/v1/b2b/sso/saml/#{organization_id}/connections/#{connection_id}", request, headers)
|
|
679
684
|
end
|
data/lib/stytch/fraud.rb
CHANGED
|
@@ -94,31 +94,37 @@ module Stytch
|
|
|
94
94
|
@connection = connection
|
|
95
95
|
end
|
|
96
96
|
|
|
97
|
-
# Set a rule for a particular `visitor_id`, `browser_id`, `visitor_fingerprint`, `browser_fingerprint`, `hardware_fingerprint`, or `
|
|
97
|
+
# Set a rule for a particular `visitor_id`, `browser_id`, `visitor_fingerprint`, `browser_fingerprint`, `hardware_fingerprint`, `network_fingerprint`, `cidr_block`, `asn`, or `country_code`. This is helpful in cases where you want to allow or block a specific user or fingerprint. You should be careful when setting rules for `browser_fingerprint`, `hardware_fingerprint`, or `network_fingerprint` as they can be shared across multiple users, and you could affect more users than intended.
|
|
98
|
+
#
|
|
99
|
+
# You may not set an `ALLOW` rule for a `country_code`.
|
|
98
100
|
#
|
|
99
101
|
# Rules are applied in the order specified above. For example, if an end user has an `ALLOW` rule set for their `visitor_id` but a `BLOCK` rule set for their `hardware_fingerprint`, they will receive an `ALLOW` verdict because the `visitor_id` rule takes precedence.
|
|
100
102
|
#
|
|
103
|
+
# If there are conflicts between multiple `cidr_block` rules (for example, if the `ip_address` of the end user overlaps with multiple CIDR blocks that have rules set), the conflicts are resolved as follows:
|
|
104
|
+
# - The smallest block size takes precedence. For example, if an `ip_address` overlaps with a `cidr_block` rule of `ALLOW` for a block with a prefix of `/32` and a `cidr_block` rule of `BLOCK` with a prefix of `/24`, the rule match verdict will be `ALLOW`.
|
|
105
|
+
# - Among equivalent size blocks, `BLOCK` takes precedence over `CHALLENGE`, which takes precedence over `ALLOW`. For example, if an `ip_address` overlaps with two `cidr_block` rules with blocks of the same size that return `CHALLENGE` and `ALLOW`, the rule match verdict will be `CHALLENGE`.
|
|
106
|
+
#
|
|
101
107
|
# == Parameters:
|
|
102
108
|
# action::
|
|
103
|
-
# The action that should be returned by a fingerprint lookup for that
|
|
109
|
+
# The action that should be returned by a fingerprint lookup for that identifier with a `RULE_MATCH` reason. The following values are valid: `ALLOW`, `BLOCK`, `CHALLENGE`, or `NONE`. For country codes, `ALLOW` actions are not allowed. If a `NONE` action is specified, it will clear the stored rule.
|
|
104
110
|
# The type of this field is +RuleAction+ (string enum).
|
|
105
111
|
# visitor_id::
|
|
106
|
-
# The visitor ID we want to set a rule for. Only one
|
|
112
|
+
# The visitor ID we want to set a rule for. Only one identifier can be specified in the request.
|
|
107
113
|
# The type of this field is nilable +String+.
|
|
108
114
|
# browser_id::
|
|
109
|
-
# The browser ID we want to set a rule for. Only one
|
|
115
|
+
# The browser ID we want to set a rule for. Only one identifier can be specified in the request.
|
|
110
116
|
# The type of this field is nilable +String+.
|
|
111
117
|
# visitor_fingerprint::
|
|
112
|
-
# The visitor fingerprint we want to set a rule for. Only one
|
|
118
|
+
# The visitor fingerprint we want to set a rule for. Only one identifier can be specified in the request.
|
|
113
119
|
# The type of this field is nilable +String+.
|
|
114
120
|
# browser_fingerprint::
|
|
115
|
-
# The browser fingerprint we want to set a rule for. Only one
|
|
121
|
+
# The browser fingerprint we want to set a rule for. Only one identifier can be specified in the request.
|
|
116
122
|
# The type of this field is nilable +String+.
|
|
117
123
|
# hardware_fingerprint::
|
|
118
|
-
# The hardware fingerprint we want to set a rule for. Only one
|
|
124
|
+
# The hardware fingerprint we want to set a rule for. Only one identifier can be specified in the request.
|
|
119
125
|
# The type of this field is nilable +String+.
|
|
120
126
|
# network_fingerprint::
|
|
121
|
-
# The network fingerprint we want to set a rule for. Only one
|
|
127
|
+
# The network fingerprint we want to set a rule for. Only one identifier can be specified in the request.
|
|
122
128
|
# The type of this field is nilable +String+.
|
|
123
129
|
# expires_in_minutes::
|
|
124
130
|
# The number of minutes until this rule expires. If no `expires_in_minutes` is specified, then the rule is kept permanently.
|
|
@@ -126,6 +132,15 @@ module Stytch
|
|
|
126
132
|
# description::
|
|
127
133
|
# An optional description for the rule.
|
|
128
134
|
# The type of this field is nilable +String+.
|
|
135
|
+
# cidr_block::
|
|
136
|
+
# The CIDR block we want to set a rule for. You may pass either an IP address or a CIDR block. The CIDR block prefix must be between 16 and 32, inclusive. If an end user's IP address is within this CIDR block, this rule will be applied. Only one identifier can be specified in the request.
|
|
137
|
+
# The type of this field is nilable +String+.
|
|
138
|
+
# country_code::
|
|
139
|
+
# The country code we want to set a rule for. The country code must be a valid ISO 3166-1 alpha-2 code. You may not set `ALLOW` rules for country codes. Only one identifier can be specified in the request.
|
|
140
|
+
# The type of this field is nilable +String+.
|
|
141
|
+
# asn::
|
|
142
|
+
# The ASN we want to set a rule for. The ASN must be the string representation of an integer between 0 and 4294967295, inclusive. Only one identifier can be specified in the request.
|
|
143
|
+
# The type of this field is nilable +String+.
|
|
129
144
|
#
|
|
130
145
|
# == Returns:
|
|
131
146
|
# An object with the following fields:
|
|
@@ -139,26 +154,35 @@ module Stytch
|
|
|
139
154
|
# The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors.
|
|
140
155
|
# The type of this field is +Integer+.
|
|
141
156
|
# visitor_id::
|
|
142
|
-
# The
|
|
157
|
+
# The visitor ID that a rule was set for.
|
|
143
158
|
# The type of this field is nilable +String+.
|
|
144
159
|
# browser_id::
|
|
145
|
-
#
|
|
160
|
+
# The browser ID that a rule was set for.
|
|
146
161
|
# The type of this field is nilable +String+.
|
|
147
162
|
# visitor_fingerprint::
|
|
148
|
-
#
|
|
163
|
+
# The visitor fingerprint that a rule was set for.
|
|
149
164
|
# The type of this field is nilable +String+.
|
|
150
165
|
# browser_fingerprint::
|
|
151
|
-
#
|
|
166
|
+
# The browser fingerprint that a rule was set for.
|
|
152
167
|
# The type of this field is nilable +String+.
|
|
153
168
|
# hardware_fingerprint::
|
|
154
|
-
#
|
|
169
|
+
# The hardware fingerprint that a rule was set for.
|
|
155
170
|
# The type of this field is nilable +String+.
|
|
156
171
|
# network_fingerprint::
|
|
157
|
-
#
|
|
172
|
+
# The network fingerprint that a rule was set for.
|
|
158
173
|
# The type of this field is nilable +String+.
|
|
159
174
|
# expires_at::
|
|
160
175
|
# The timestamp when the rule expires. Values conform to the RFC 3339 standard and are expressed in UTC, e.g. `2021-12-29T12:33:09Z`.
|
|
161
176
|
# The type of this field is nilable +String+.
|
|
177
|
+
# cidr_block::
|
|
178
|
+
# The CIDR block that a rule was set for. If an end user's IP address is within this CIDR block, this rule will be applied.
|
|
179
|
+
# The type of this field is nilable +String+.
|
|
180
|
+
# country_code::
|
|
181
|
+
# The country code that a rule was set for.
|
|
182
|
+
# The type of this field is nilable +String+.
|
|
183
|
+
# asn::
|
|
184
|
+
# The ASN that a rule was set for.
|
|
185
|
+
# The type of this field is nilable +String+.
|
|
162
186
|
def set(
|
|
163
187
|
action:,
|
|
164
188
|
visitor_id: nil,
|
|
@@ -168,7 +192,10 @@ module Stytch
|
|
|
168
192
|
hardware_fingerprint: nil,
|
|
169
193
|
network_fingerprint: nil,
|
|
170
194
|
expires_in_minutes: nil,
|
|
171
|
-
description: nil
|
|
195
|
+
description: nil,
|
|
196
|
+
cidr_block: nil,
|
|
197
|
+
country_code: nil,
|
|
198
|
+
asn: nil
|
|
172
199
|
)
|
|
173
200
|
headers = {}
|
|
174
201
|
request = {
|
|
@@ -182,6 +209,9 @@ module Stytch
|
|
|
182
209
|
request[:network_fingerprint] = network_fingerprint unless network_fingerprint.nil?
|
|
183
210
|
request[:expires_in_minutes] = expires_in_minutes unless expires_in_minutes.nil?
|
|
184
211
|
request[:description] = description unless description.nil?
|
|
212
|
+
request[:cidr_block] = cidr_block unless cidr_block.nil?
|
|
213
|
+
request[:country_code] = country_code unless country_code.nil?
|
|
214
|
+
request[:asn] = asn unless asn.nil?
|
|
185
215
|
|
|
186
216
|
post_request('/v1/rules/set', request, headers)
|
|
187
217
|
end
|
data/lib/stytch/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: stytch
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 10.
|
|
4
|
+
version: 10.7.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- stytch
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2025-02-
|
|
11
|
+
date: 2025-02-20 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: faraday
|