tcell_agent 1.1.12 → 2.2.0

data/lib/tcell_agent/utils/headers.rb

@@ -0,0 +1,14 @@
+
+module TCellAgent
+  module Utils
+    module Headers
+      def self.clean_keys(request_env_or_header_keys)
+        if request_env_or_header_keys.is_a?(Hash)
+          request_env_or_header_keys.select { |k, _v| k.start_with? 'HTTP_' }.collect { |k, _v| k.sub(/^HTTP_/, '') }
+        else
+          request_env_or_header_keys.map { |k| k.sub(/^HTTP_/, '') }
+        end
+      end
+    end
+  end
+end

data/lib/tcell_agent/version.rb

@@ -1,5 +1,5 @@
 # See the file "LICENSE" for the full license governing this code.
 
 module TCellAgent
-  VERSION = '1.1.12'.freeze
+  VERSION = '2.2.0'.freeze
 end

data/spec/lib/tcell_agent/configuration_spec.rb

@@ -2,364 +2,73 @@ require 'spec_helper'
 
 module TCellAgent
   describe Configuration do
-    describe '#agent_home_dir' do
-      context 'no TCELL_AGENT_HOME defined' do
-        it 'should set cache file, config, and log file to defaults' do
-          configuration = Configuration.new
+    describe 'should_instrument?' do
+      context 'with the agent disabled' do
+        it 'should return false' do
+          config = Configuration.new
+          config.enabled = false
 
-          expect(configuration.cache_filename_with_app_id).to match(
-            %r{/tcell/cache/tcell_agent.cache}
-          )
-          expect(configuration.log_filename).to eq(
-            File.join(Dir.getwd, 'tcell/logs/tcell_agent.log')
-          )
-          expect(configuration.config_filename).to eq(
-            File.join(Dir.getwd, 'config/tcell_agent.config')
-          )
+          expect(config.should_instrument?).to be_falsey
         end
       end
-
-      context 'TCELL_AGENT_HOME defined' do
-        it 'should set config filename to default, cache file and log file are updated' do
-          old_tcell_agent_home = ENV['TCELL_AGENT_HOME']
-
-          ENV['TCELL_AGENT_HOME'] = 'spec_tcell_home'
-
-          configuration = Configuration.new
-
-          expect(configuration.cache_filename_with_app_id).to match(
-            %r{spec_tcell_home/cache/tcell_agent.cache}
-          )
-          expect(configuration.log_filename).to eq(
-            'spec_tcell_home/logs/tcell_agent.log'
-          )
-          expect(configuration.config_filename).to eq(
-            File.join(Dir.getwd, 'config/tcell_agent.config')
-          )
-
-          ENV['TCELL_AGENT_HOME'] = old_tcell_agent_home
-        end
-      end
-
-      context 'TCELL_AGENT_HOME and TCELL_AGENT_LOG_DIR defined' do
-        it 'should set config filename to default, cache file and log file are updated' do
-          old_tcell_agent_home = ENV['TCELL_AGENT_HOME']
-          old_tcell_agent_log_dir = ENV['TCELL_AGENT_LOG_DIR']
-
-          ENV['TCELL_AGENT_HOME'] = 'spec_tcell_home'
-          ENV['TCELL_AGENT_LOG_DIR'] = 'spec_tcell_log_dir'
-
-          configuration = Configuration.new
-
-          expect(configuration.cache_filename_with_app_id).to match(
-            %r{spec_tcell_home/cache/tcell_agent.cache}
-          )
-          expect(configuration.log_filename).to eq(
-            'spec_tcell_log_dir/tcell_agent.log'
-          )
-          expect(configuration.config_filename).to eq(
-            File.join(Dir.getwd, 'config/tcell_agent.config')
-          )
-
-          ENV['TCELL_AGENT_HOME'] = old_tcell_agent_home
-          ENV['TCELL_AGENT_LOG_DIR'] = old_tcell_agent_log_dir
-        end
-      end
-
-      context 'TCELL_AGENT_HOME, TCELL_AGENT_LOG_DIR, and TCELL_AGENT_CONFIG defined ' do
-        it 'should update config filename, cache file, and log file' do
-          old_tcell_agent_home = ENV['TCELL_AGENT_HOME']
-          old_tcell_agent_log_dir = ENV['TCELL_AGENT_LOG_DIR']
-          old_config_filename = ENV['TCELL_AGENT_CONFIG']
-
-          ENV['TCELL_AGENT_HOME'] = 'spec_tcell_home'
-          ENV['TCELL_AGENT_LOG_DIR'] = 'spec_tcell_log_dir'
-          ENV['TCELL_AGENT_CONFIG'] = 'spec_config/tcell_agent.config'
-
-          configuration = Configuration.new
-
-          expect(configuration.cache_filename_with_app_id).to match(
-            %r{spec_tcell_home/cache/tcell_agent.cache}
-          )
-          expect(configuration.log_filename).to eq(
-            'spec_tcell_log_dir/tcell_agent.log'
-          )
-          expect(configuration.config_filename).to eq(
-            'spec_config/tcell_agent.config'
-          )
-
-          ENV['TCELL_AGENT_HOME'] = old_tcell_agent_home
-          ENV['TCELL_AGENT_LOG_DIR'] = old_tcell_agent_log_dir
-          ENV['TCELL_AGENT_CONFIG'] = old_config_filename
-        end
-      end
-    end
-
-    describe '#data_exposure' do
-      context 'no data_exposure defined' do
-        it 'should set max_data_ex_db_records_per_request to default' do
-          no_data_ex = double(
-            'no_data_ex',
-            :read => {
-              :version => 1,
-              :applications => [
-                :app_id => 'app_id',
-                :name => 'test',
-                :api_key => 'api_key'
-              ]
-            }.to_json
-          )
-          expect(File).to receive(:file?).with(
-            File.join(Dir.getwd, 'no_data_ex.config')
-          ).and_return(true)
-          expect(File).to receive(:open).with(
-            File.join(Dir.getwd, 'no_data_ex.config')
-          ).and_return(no_data_ex)
-          configuration = Configuration.new('no_data_ex.config')
-
-          expect(configuration.max_data_ex_db_records_per_request).to eq(1000)
-        end
-      end
-
-      context 'data_exposure is empty' do
-        it 'should set max_data_ex_db_records_per_request to default' do
-          no_data_ex = double(
-            'no_data_ex',
-            :read => {
-              :version => 1,
-              :applications => [
-                :app_id => 'app_id',
-                :name => 'test',
-                :api_key => 'api_key',
-                :data_exposure => {}
-              ]
-            }.to_json
-          )
-          expect(File).to receive(:file?).with(
-            File.join(Dir.getwd, 'no_data_ex.config')
-          ).and_return(true)
-          expect(File).to receive(:open).with(
-            File.join(Dir.getwd, 'no_data_ex.config')
-          ).and_return(no_data_ex)
-          configuration = Configuration.new('no_data_ex.config')
-
-          expect(configuration.max_data_ex_db_records_per_request).to eq(1000)
-        end
-      end
-
-      context 'data_exposure contains an override' do
-        it 'should set max_data_ex_db_records_per_request to override' do
-          no_data_ex = double(
-            'no_data_ex',
-            :read => {
-              :version => 1,
-              :applications => [
-                :app_id => 'app_id',
-                :name => 'test',
-                :api_key => 'api_key',
-                :data_exposure => {
-                  :max_data_ex_db_records_per_request => 5000
-                }
-              ]
-            }.to_json
-          )
-          expect(File).to receive(:file?).with(
-            File.join(Dir.getwd, 'no_data_ex.config')
-          ).and_return(true)
-          expect(File).to receive(:open).with(
-            File.join(Dir.getwd, 'no_data_ex.config')
-          ).and_return(no_data_ex)
-          configuration = Configuration.new('no_data_ex.config')
-
-          expect(configuration.max_data_ex_db_records_per_request).to eq(5000)
-        end
-      end
-    end
-
-    describe '#allow_payloads' do
-      context 'setting it via config' do
-        context 'using allow_unencrypted_appsensor_payloads' do
-          it 'should be false' do
-            allow_unencrypted_appfirewall_payloads_enabled = double(
-              'no_data_ex',
-              :read => {
-                :version => 1,
-                :applications => [
-                  :app_id => 'app_id',
-                  :api_key => 'api_key',
-                  :allow_unencrypted_appsensor_payloads => false
-                ]
-              }.to_json
-            )
-            expect(File).to receive(:file?).with(
-              File.join(Dir.getwd, 'config/tcell_agent.config')
-            ).and_return(true)
-            expect(File).to receive(:open).with(
-              File.join(Dir.getwd, 'config/tcell_agent.config')
-            ).and_return(allow_unencrypted_appfirewall_payloads_enabled)
-
-            configuration = Configuration.new
-
-            expect(configuration.allow_payloads).to eq(false)
+      context 'with the agent enabled' do
+        context 'with all instrumentation enabled' do
+          context 'with no parameters' do
+            it 'should return true' do
+              config = Configuration.new
+
+              expect(config.should_instrument?).to be_truthy
+            end
           end
-        end
+          context 'with parameters' do
+            it 'should return true' do
+              config = Configuration.new
 
-        context 'using allow_unencrypted_appfirewall_payloads' do
-          it 'should be false' do
-            allow_unencrypted_appfirewall_payloads_enabled = double(
-              'no_data_ex',
-              :read => {
-                :version => 1,
-                :applications => [
-                  :app_id => 'app_id',
-                  :api_key => 'api_key',
-                  :allow_unencrypted_appfirewall_payloads => false
-                ]
-              }.to_json
-            )
-            expect(File).to receive(:file?).with(
-              File.join(Dir.getwd, 'config/tcell_agent.config')
-            ).and_return(true)
-            expect(File).to receive(:open).with(
-              File.join(Dir.getwd, 'config/tcell_agent.config')
-            ).and_return(allow_unencrypted_appfirewall_payloads_enabled)
-
-            configuration = Configuration.new
-
-            expect(configuration.allow_payloads).to eq(false)
+              expect(config.should_instrument?('devise')).to be_truthy
+            end
           end
         end
+        context 'with auth frameworks disabled' do
+          it 'should return false' do
+            config = Configuration.new
+            config.disabled_instrumentation = Set.new(%w[authlogic devise doorkeeper])
 
-        context 'using allow_payloads' do
-          it 'should be false' do
-            allow_unencrypted_appfirewall_payloads_enabled = double(
-              'no_data_ex',
-              :read => {
-                :version => 1,
-                :applications => [
-                  :app_id => 'app_id',
-                  :api_key => 'api_key',
-                  :allow_payloads => false
-                ]
-              }.to_json
-            )
-            expect(File).to receive(:file?).with(
-              File.join(Dir.getwd, 'config/tcell_agent.config')
-            ).and_return(true)
-            expect(File).to receive(:open).with(
-              File.join(Dir.getwd, 'config/tcell_agent.config')
-            ).and_return(allow_unencrypted_appfirewall_payloads_enabled)
-
-            configuration = Configuration.new
-
-            expect(configuration.allow_payloads).to eq(false)
+            expect(config.should_instrument?('devise')).to be_falsey
           end
         end
       end
-
-      context 'setting it via env var' do
-        context 'TCELL_AGENT_ALLOW_UNENCRYPTED_APPSENSOR_PAYLOADS overrides config file' do
-          it 'should be false' do
-            old_allow_unencrypted_appsensor_payloads = ENV['TCELL_AGENT_ALLOW_UNENCRYPTED_APPSENSOR_PAYLOADS']
-
-            ENV['TCELL_AGENT_ALLOW_UNENCRYPTED_APPSENSOR_PAYLOADS'] = 'false'
-
-            allow_unencrypted_appfirewall_payloads_enabled = double(
-              'no_data_ex',
-              :read => {
-                :version => 1,
-                :applications => [
-                  :app_id => 'app_id',
-                  :api_key => 'api_key',
-                  :allow_unencrypted_appsensor_payloads => true
-                ]
-              }.to_json
-            )
-            expect(File).to receive(:file?).with(
-              File.join(Dir.getwd, 'config/tcell_agent.config')
-            ).and_return(true)
-            expect(File).to receive(:open).with(
-              File.join(Dir.getwd, 'config/tcell_agent.config')
-            ).and_return(allow_unencrypted_appfirewall_payloads_enabled)
-
-            configuration = Configuration.new
-
-            ENV['TCELL_AGENT_ALLOW_UNENCRYPTED_APPSENSOR_PAYLOADS'] = old_allow_unencrypted_appsensor_payloads
-
-            expect(configuration.allow_payloads).to eq(false)
-          end
-        end
-
-        context 'TCELL_AGENT_ALLOW_UNENCRYPTED_APPFIREWALL_PAYLOADS overrides config file' do
-          it 'should be false' do
-            old_allow_unencrypted_appfirewall_payloads = ENV['TCELL_AGENT_ALLOW_UNENCRYPTED_APPFIREWALL_PAYLOADS']
-
-            ENV['TCELL_AGENT_ALLOW_UNENCRYPTED_APPFIREWALL_PAYLOADS'] = 'false'
-
-            allow_unencrypted_appfirewall_payloads_enabled = double(
-              'no_data_ex',
-              :read => {
-                :version => 1,
-                :applications => [
-                  :app_id => 'app_id',
-                  :api_key => 'api_key',
-                  :allow_unencrypted_appfirewall_payloads => true
-                ]
-              }.to_json
-            )
-            expect(File).to receive(:file?).with(
-              File.join(Dir.getwd, 'config/tcell_agent.config')
-            ).and_return(true)
-            expect(File).to receive(:open).with(
-              File.join(Dir.getwd, 'config/tcell_agent.config')
-            ).and_return(allow_unencrypted_appfirewall_payloads_enabled)
-
-            configuration = Configuration.new
-
-            ENV['TCELL_AGENT_ALLOW_UNENCRYPTED_APPFIREWALL_PAYLOADS'] = old_allow_unencrypted_appfirewall_payloads
-
-            expect(configuration.allow_payloads).to eq(false)
-          end
+    end
+    describe 'populate_configuration' do
+      context 'with a poor native_agent_config_response' do
+        it 'should not throw an error' do
+          native_agent_config_response = {}
+
+          config = Configuration.new
+          expect do
+            config.populate_configuration(native_agent_config_response)
+          end.not_to raise_error
         end
-
-        context 'TCELL_AGENT_ALLOW_PAYLOADS overrides everything else' do
-          it 'should be false' do
-            old_allow_unencrypted_appsensor_payloads = ENV['TCELL_AGENT_ALLOW_UNENCRYPTED_APPSENSOR_PAYLOADS']
-            old_allow_unencrypted_appfirewall_payloads = ENV['TCELL_AGENT_ALLOW_UNENCRYPTED_APPFIREWALL_PAYLOADS']
-            old_tcell_agent_allow_payloads = ENV['TCELL_AGENT_ALLOW_PAYLOADS']
-
-            ENV['TCELL_AGENT_ALLOW_UNENCRYPTED_APPSENSOR_PAYLOADS'] = 'true'
-            ENV['TCELL_AGENT_ALLOW_UNENCRYPTED_APPFIREWALL_PAYLOADS'] = 'true'
-            ENV['TCELL_AGENT_ALLOW_PAYLOADS'] = 'false'
-
-            allow_unencrypted_appfirewall_payloads_enabled = double(
-              'no_data_ex',
-              :read => {
-                :version => 1,
-                :applications => [
-                  :app_id => 'app_id',
-                  :api_key => 'api_key',
-                  :allow_unencrypted_appsensor_payloads => true,
-                  :allow_unencrypted_appfirewall_payloads => true,
-                  :allow_payloads => true
-                ]
-              }.to_json
-            )
-            expect(File).to receive(:file?).with(
-              File.join(Dir.getwd, 'config/tcell_agent.config')
-            ).and_return(true)
-            expect(File).to receive(:open).with(
-              File.join(Dir.getwd, 'config/tcell_agent.config')
-            ).and_return(allow_unencrypted_appfirewall_payloads_enabled)
-
-            configuration = Configuration.new
-
-            ENV['TCELL_AGENT_ALLOW_UNENCRYPTED_APPSENSOR_PAYLOADS'] = old_allow_unencrypted_appsensor_payloads
-            ENV['TCELL_AGENT_ALLOW_UNENCRYPTED_APPFIREWALL_PAYLOADS'] = old_allow_unencrypted_appfirewall_payloads
-            ENV['TCELL_AGENT_ALLOW_PAYLOADS'] = old_tcell_agent_allow_payloads
-
-            expect(configuration.allow_payloads).to eq(false)
-          end
+      end
+      context 'with an elaborate native_agent_config_response' do
+        it 'should set all the correct configurations' do
+          native_agent_config_response = { 'enabled' => true,
+                                           'disabled_instrumentation' => %w[devise doorkeeper],
+                                           'update_policy' => 'true',
+                                           'applications' => { 'first' => { 'app_id' => 'app_id_placeholder',
+                                                                            'api_key' => 'api_key_paceholder',
+                                                                            'hmac_key' => 'hmac_key_placeholder',
+                                                                            'password_hmac_key' => 'password_hmac_key_placeholder',
+                                                                            'proxy_config' => { 'reverse_proxy' => true,
+                                                                                                'reverse_proxy_ip_address_header' => 'X-Forwarded-For' } } },
+                                           'endpoint_config' => { 'api_url' => 'https://us.agent.tcell.insight.rapid7.com/api/v1' },
+                                           'ruby_config' => { 'enable_policy_polling' => true } }
+
+          config = Configuration.new
+          config.populate_configuration(native_agent_config_response)
+
+          expect(config.disabled_instrumentation).to be_a(Set)
+          expect(config.disabled_instrumentation).to include('devise', 'doorkeeper')
+          expect(config.enable_intercept_requests).to be_truthy
         end
       end
     end

data/spec/lib/tcell_agent/hooks/login_fraud_spec.rb

@@ -26,56 +26,30 @@ module TCellAgent
 
   describe 'manually requiring auth hooks' do
     before(:all) do
-      require 'tcell_agent/hooks/login_fraud'
+      load 'lib/tcell_agent/hooks/login_fraud.rb'
+      load 'spec/support/force_logger_mocking.rb'
     end
 
     describe 'Using generic interface' do
       context 'with a login failure' do
         context 'with login_failed_enabled set to true' do
           it 'should report the login failure' do
-            login_fraud = double('login_fraud', :enabled => true, :login_failed_enabled => true)
-
-            expect(TCellAgent).to receive(:policy).with(TCellAgent::PolicyTypes::LOGINFRAUD).and_return(
-              login_fraud
-            )
-            expect(TCellAgent).to receive(:send_event).with(
-              {
-                'event_type' => 'login',
-                'header_keys' => %w[USER_AGENT X_FORWARDED_FOR],
-                'user_agent' => 'user_agent',
-                'referrer' => 'http://tcell.tcell.io/?utm_campaign=',
-                'remote_addr' => '1.1.1.1',
-                'user_id' => 'user_id',
-                'document_uri' => 'http://tcell.tcell.io/login?param_name=',
-                'session' => '48c0ce7961d8d5d4bd57bd77976b3d38',
-                'event_name' => 'login-failure'
-              }
-            )
-
+            login_fraud = double('login_fraud', :login_failed_enabled => true)
             status = Hooks::V1::Login::LOGIN_FAILURE
             header_keys = %w[HTTP_USER_AGENT HTTP_X_FORWARDED_FOR]
             document_uri = 'http://tcell.tcell.io/login?param_name=param_value'
             referrer = 'http://tcell.tcell.io/?utm_campaign=some-source'
 
-            Hooks::V1::Login.register_login_event(
-              status, 'session_id', 'user_agent', referrer, '1.1.1.1', header_keys, 'user_id', document_uri
-            )
-          end
-        end
-
-        context 'with login_failed_enabled set to false' do
-          it 'should NOT report the login failure' do
-            login_fraud = double('login_fraud', :enabled => true, :login_failed_enabled => false)
-
-            expect(TCellAgent).to receive(:policy).with(TCellAgent::PolicyTypes::LOGINFRAUD).and_return(
-              login_fraud
+            expect(TCellAgent).to receive(:policy).with(
+              TCellAgent::PolicyTypes::LOGINFRAUD
+            ).and_return(login_fraud)
+            expect(login_fraud).to receive(:report_login_failure).with(
+              'user_id',
+              nil,
+              header_keys,
+              nil,
+              anything
             )
-            expect(TCellAgent).to_not receive(:send_event)
-
-            status = Hooks::V1::Login::LOGIN_FAILURE
-            header_keys = %w[HTTP_USER_AGENT HTTP_X_FORWARDED_FOR]
-            document_uri = 'http://tcell.tcell.io/login?param_name=param_value'
-            referrer = 'http://tcell.tcell.io/?utm_campaign=some-source'
 
             Hooks::V1::Login.register_login_event(
               status, 'session_id', 'user_agent', referrer, '1.1.1.1', header_keys, 'user_id', document_uri
@@ -87,49 +61,20 @@ module TCellAgent
       context 'with a login success' do
         context 'with login_success_enabled set to true' do
           it 'should report the login success' do
-            login_fraud = double('login_fraud', :enabled => true, :login_success_enabled => true)
-
-            expect(TCellAgent).to receive(:policy).with(TCellAgent::PolicyTypes::LOGINFRAUD).and_return(
-              login_fraud
-            )
-            expect(TCellAgent).to receive(:send_event).with(
-              {
-                'event_type' => 'login',
-                'header_keys' => %w[USER_AGENT X_FORWARDED_FOR],
-                'user_agent' => 'user_agent',
-                'referrer' => 'http://tcell.tcell.io/?utm_campaign=',
-                'remote_addr' => '1.1.1.1',
-                'user_id' => 'user_id',
-                'document_uri' => 'http://tcell.tcell.io/login?param_name=',
-                'session' => '48c0ce7961d8d5d4bd57bd77976b3d38',
-                'event_name' => 'login-success'
-              }
-            )
-
+            login_fraud = double('login_fraud', :login_success_enabled => true)
             status = Hooks::V1::Login::LOGIN_SUCCESS
             header_keys = %w[HTTP_USER_AGENT HTTP_X_FORWARDED_FOR]
             document_uri = 'http://tcell.tcell.io/login?param_name=param_value'
             referrer = 'http://tcell.tcell.io/?utm_campaign=some-source'
 
-            Hooks::V1::Login.register_login_event(
-              status, 'session_id', 'user_agent', referrer, '1.1.1.1', header_keys, 'user_id', document_uri
-            )
-          end
-        end
-
-        context 'with login_success_enabled set to false' do
-          it 'should NOT report the login success' do
-            login_fraud = double('login_fraud', :enabled => true, :login_success_enabled => false)
-
             expect(TCellAgent).to receive(:policy).with(TCellAgent::PolicyTypes::LOGINFRAUD).and_return(
               login_fraud
             )
-            expect(TCellAgent).to_not receive(:send_event)
-
-            status = Hooks::V1::Login::LOGIN_SUCCESS
-            header_keys = %w[HTTP_USER_AGENT HTTP_X_FORWARDED_FOR]
-            document_uri = 'http://tcell.tcell.io/login?param_name=param_value'
-            referrer = 'http://tcell.tcell.io/?utm_campaign=some-source'
+            expect(login_fraud).to receive(:report_login_success).with(
+              'user_id',
+              header_keys,
+              anything
+            )
 
             Hooks::V1::Login.register_login_event(
               status, 'session_id', 'user_agent', referrer, '1.1.1.1', header_keys, 'user_id', document_uri
@@ -140,15 +85,17 @@ module TCellAgent
 
       context 'with an unknown status' do
         it 'should log the error' do
-          login_fraud = double('login_fraud', :enabled => true)
+          login_fraud = double('login_fraud')
           logger = double('logger')
 
-          expect(TCellAgent).to receive(:policy).with(TCellAgent::PolicyTypes::LOGINFRAUD).and_return(
-            login_fraud
-          )
+          expect(TCellAgent).to receive(:policy).with(
+            TCellAgent::PolicyTypes::LOGINFRAUD
+          ).and_return(login_fraud)
           expect(TCellAgent).to_not receive(:send_event)
-          expect(TCellAgent).to receive(:logger).and_return(logger)
-          expect(logger).to receive(:error).with('Unkown login status: mumbo-jumbo')
+          expect(TCellAgent::Hooks::LoginFraud).to receive(:get_logger).and_return(logger)
+          expect(logger).to receive(:error).with(
+            'Unkown login status: mumbo-jumbo'
+          )
 
           status = 'mumbo-jumbo'
           header_keys = %w[HTTP_USER_AGENT HTTP_X_FORWARDED_FOR]
@@ -166,12 +113,12 @@ module TCellAgent
       context 'with a login failure' do
         context 'with login_failed_enabled set to true' do
           it 'should report the login failure' do
-            login_fraud = double('login_fraud', :enabled => true, :login_failed_enabled => true)
+            login_fraud = double('login_fraud', :login_failed_enabled => true)
             rails_request = double('rails_request')
             tcell_data = TCellAgent::Instrumentation::TCellData.new
             tcell_data.user_agent = 'user_agent'
             tcell_data.referrer = 'http://tcell.tcell.io/?utm_campaign=some-source'
-            tcell_data.ip_address = '1.1.1.1'
+            tcell_data.remote_address = '1.1.1.1'
             tcell_data.path = 'http://tcell.tcell.io/login?param_name=param_value'
             tcell_data.hmac_session_id = TCellAgent::SensorEvents::Util.hmac('session_id')
             request_env = {
@@ -185,18 +132,12 @@ module TCellAgent
             )
             expect(rails_request).to receive(:env).and_return(request_env)
             expect(rails_request).to receive(:env).and_return(request_env)
-            expect(TCellAgent).to receive(:send_event).with(
-              {
-                'event_type' => 'login',
-                'header_keys' => %w[USER_AGENT X_FORWARDED_FOR],
-                'user_agent' => 'user_agent',
-                'referrer' => 'http://tcell.tcell.io/?utm_campaign=',
-                'remote_addr' => '1.1.1.1',
-                'user_id' => 'user_id',
-                'document_uri' => 'http://tcell.tcell.io/login?param_name=',
-                'session' => '48c0ce7961d8d5d4bd57bd77976b3d38',
-                'event_name' => 'login-failure'
-              }
+            expect(login_fraud).to receive(:report_login_failure).with(
+              'user_id',
+              nil,
+              request_env,
+              nil,
+              anything
             )
 
             status = Hooks::V1::Login::LOGIN_FAILURE
@@ -206,48 +147,17 @@ module TCellAgent
             )
           end
         end
-
-        context 'with login_failed_enabled set to false' do
-          it 'should NOT report the login failure' do
-            login_fraud = double('login_fraud', :enabled => true, :login_failed_enabled => false)
-            rails_request = double('rails_request')
-            tcell_data = TCellAgent::Instrumentation::TCellData.new
-            tcell_data.user_agent = 'user_agent'
-            tcell_data.referrer = 'http://tcell.tcell.io/?utm_campaign='
-            tcell_data.ip_address = '1.1.1.1'
-            tcell_data.path = 'http://tcell.tcell.io/login?param_name=param_value'
-            tcell_data.hmac_session_id = TCellAgent::SensorEvents::Util.hmac('session_id')
-            request_env = {
-              TCellAgent::Instrumentation::TCELL_ID => tcell_data,
-              'HTTP_USER_AGENT' => true,
-              'HTTP_X_FORWARDED_FOR' => true
-            }
-
-            expect(TCellAgent).to receive(:policy).with(TCellAgent::PolicyTypes::LOGINFRAUD).and_return(
-              login_fraud
-            )
-            expect(rails_request).to receive(:env).and_return(request_env)
-            expect(rails_request).to receive(:env).and_return(request_env)
-            expect(TCellAgent).to_not receive(:send_event)
-
-            status = Hooks::V1::Login::LOGIN_FAILURE
-
-            Hooks::V1::Frameworks::Rails::Login.register_login_event(
-              status, rails_request, 'user_id'
-            )
-          end
-        end
       end
 
       context 'with a login success' do
         context 'with login_success_enabled set to true' do
           it 'should report the login success' do
-            login_fraud = double('login_fraud', :enabled => true, :login_success_enabled => true)
+            login_fraud = double('login_fraud', :login_success_enabled => true)
             rails_request = double('rails_request')
             tcell_data = TCellAgent::Instrumentation::TCellData.new
             tcell_data.user_agent = 'user_agent'
             tcell_data.referrer = 'http://tcell.tcell.io/?utm_campaign=some-source'
-            tcell_data.ip_address = '1.1.1.1'
+            tcell_data.remote_address = '1.1.1.1'
             tcell_data.path = 'http://tcell.tcell.io/login?param_name=param_value'
             tcell_data.hmac_session_id = TCellAgent::SensorEvents::Util.hmac('session_id')
             request_env = {
@@ -261,18 +171,10 @@ module TCellAgent
             )
             expect(rails_request).to receive(:env).and_return(request_env)
             expect(rails_request).to receive(:env).and_return(request_env)
-            expect(TCellAgent).to receive(:send_event).with(
-              {
-                'event_type' => 'login',
-                'header_keys' => %w[USER_AGENT X_FORWARDED_FOR],
-                'user_agent' => 'user_agent',
-                'referrer' => 'http://tcell.tcell.io/?utm_campaign=',
-                'remote_addr' => '1.1.1.1',
-                'user_id' => 'user_id',
-                'document_uri' => 'http://tcell.tcell.io/login?param_name=',
-                'session' => '48c0ce7961d8d5d4bd57bd77976b3d38',
-                'event_name' => 'login-success'
-              }
+            expect(login_fraud).to receive(:report_login_success).with(
+              'user_id',
+              request_env,
+              anything
             )
 
             status = Hooks::V1::Login::LOGIN_SUCCESS
@@ -282,48 +184,17 @@ module TCellAgent
             )
           end
         end
-
-        context 'with login_success_enabled set to false' do
-          it 'should NOT report the login success' do
-            login_fraud = double('login_fraud', :enabled => true, :login_success_enabled => false)
-            rails_request = double('rails_request')
-            tcell_data = TCellAgent::Instrumentation::TCellData.new
-            tcell_data.user_agent = 'user_agent'
-            tcell_data.referrer = 'http://tcell.tcell.io/?utm_campaign=some-source'
-            tcell_data.ip_address = '1.1.1.1'
-            tcell_data.path = 'http://tcell.tcell.io/login?param_name=param_value'
-            tcell_data.hmac_session_id = TCellAgent::SensorEvents::Util.hmac('session_id')
-            request_env = {
-              TCellAgent::Instrumentation::TCELL_ID => tcell_data,
-              'HTTP_USER_AGENT' => true,
-              'HTTP_X_FORWARDED_FOR' => true
-            }
-
-            expect(TCellAgent).to receive(:policy).with(TCellAgent::PolicyTypes::LOGINFRAUD).and_return(
-              login_fraud
-            )
-            expect(rails_request).to receive(:env).and_return(request_env)
-            expect(rails_request).to receive(:env).and_return(request_env)
-            expect(TCellAgent).to_not receive(:send_event)
-
-            status = Hooks::V1::Login::LOGIN_SUCCESS
-
-            Hooks::V1::Frameworks::Rails::Login.register_login_event(
-              status, rails_request, 'user_id'
-            )
-          end
-        end
       end
 
       context 'with an unknown status' do
         it 'should log the error' do
-          login_fraud = double('login_fraud', :enabled => true, :login_failed_enabled => true)
+          login_fraud = double('login_fraud', :login_failed_enabled => true)
           logger = double('logger')
           rails_request = double('rails_request')
           tcell_data = TCellAgent::Instrumentation::TCellData.new
           tcell_data.user_agent = 'user_agent'
           tcell_data.referrer = 'http://tcell.tcell.io/?utm_campaign=some-source'
-          tcell_data.ip_address = '1.1.1.1'
+          tcell_data.remote_address = '1.1.1.1'
           tcell_data.path = 'http://tcell.tcell.io/login?param_name=param_value'
           tcell_data.hmac_session_id = TCellAgent::SensorEvents::Util.hmac('session_id')
           request_env = {
@@ -338,8 +209,10 @@ module TCellAgent
           expect(rails_request).to receive(:env).and_return(request_env)
           expect(rails_request).to receive(:env).and_return(request_env)
           expect(TCellAgent).to_not receive(:send_event)
-          expect(TCellAgent).to receive(:logger).and_return(logger)
-          expect(logger).to receive(:error).with('Unkown login status: mumbo-jumbo')
+          expect(TCellAgent::Hooks::LoginFraud).to receive(:get_logger).and_return(logger)
+          expect(logger).to receive(:error).with(
+            'Unkown login status: mumbo-jumbo'
+          )
 
           status = 'mumbo-jumbo'