Merge pull request #42 from securenative/dev

SN-1938 Validate user id

Author: inbaltako

README.md

@@ -64,9 +64,12 @@ securenative = SecureNative.init_with_api_key("YOUR_API_KEY")
 ### Option 3: Initialize via ConfigurationBuilder
 ```python
 from securenative.securenative import SecureNative
+from securenative.config.securenative_options import SecureNativeOptions
 
 
-securenative = SecureNative.init_with_options(SecureNative.config_builder().with_api_key("API_KEY").with_max_events(10).with_log_level("ERROR").build())
+options = SecureNativeOptions(api_key="YOUR_API_KEY", auto_send=True, interval=10,
+                                      api_url="https://api.securenative-stg.com/collector/api/v1")
+securenative = SecureNative.init_with_options(options)
 ```
 
 ## Getting SecureNative instance
@@ -75,7 +78,7 @@ Once initialized, sdk will create a singleton instance which you can get:
 from securenative.securenative import SecureNative
 
 
-secureNative = SecureNative.get_instance()
+securenative = SecureNative.get_instance()
 ```
 
 ## Tracking events
@@ -85,15 +88,22 @@ instance. Make sure you build event with the EventBuilder:
 
  ```python
 from securenative.securenative import SecureNative
-from securenative.event_options_builder import EventOptionsBuilder
+from securenative.context.securenative_context import SecureNativeContext
+from securenative.models.event_options import EventOptions
 from securenative.enums.event_types import EventTypes
 from securenative.models.user_traits import UserTraits
 
 
 securenative = SecureNative.get_instance()
 
-context = SecureNative.context_builder().with_ip("127.0.0.1").with_client_token("SECURED_CLIENT_TOKEN").with_headers({"user-agent": "Mozilla/5.0 (iPad; U; CPU OS 3_2_1 like Mac OS X; en-us) AppleWebKit/531.21.10 (KHTML, like Gecko) Mobile/7B405"}).build()
-event_options = EventOptionsBuilder(EventTypes.LOG_IN).with_user_id("1234").with_user_traits(UserTraits("Your Name", "[email protected]", "+1234567890")).with_context(context).with_properties({"prop1": "CUSTOM_PARAM_VALUE", "prop2": True, "prop3": 3}).build()
+context = SecureNativeContext(client_token="SECURE_CLIENT_TOKEN",
+                                ip="127.0.0.1", 
+                                headers={"user-agent": "Mozilla/5.0 (iPad; U; CPU OS 3_2_1 like Mac OS X; en-us) AppleWebKit/531.21.10 (KHTML, like Gecko) Mobile/7B405"})
+event_options = EventOptions(event=EventTypes.LOG_IN,
+                                user_id="1234",
+                                user_traits=UserTraits("Your Name", "[email protected]", "+1234567890"),
+                                context=context,
+                                properties={"custom_param1": "CUSTOM_PARAM_VALUE", "custom_param2": True, "custom_param3": 3})
 
 securenative.track(event_options)
  ```
@@ -102,16 +112,21 @@ You can also create request context from requests:
 
 ```python
 from securenative.securenative import SecureNative
-from securenative.event_options_builder import EventOptionsBuilder
+from securenative.context.securenative_context import SecureNativeContext
+from securenative.models.event_options import EventOptions
 from securenative.enums.event_types import EventTypes
 from securenative.models.user_traits import UserTraits
 
 
 def track(request):
     securenative = SecureNative.get_instance()
 
-    context = SecureNative.context_builder().from_http_request(request).build()
-    event_options = EventOptionsBuilder(EventTypes.LOG_IN).with_user_id("1234").with_user_traits(UserTraits("Your Name", "[email protected]", "+1234567890")).with_context(context).with_properties({"prop1": "CUSTOM_PARAM_VALUE", "prop2": True, "prop3": 3}).build()
+    context = SecureNativeContext.from_http_request(request)
+    event_options = EventOptions(event=EventTypes.LOG_IN,
+                                user_id="1234",
+                                user_traits=UserTraits("Your Name", "[email protected]", "+1234567890"),
+                                context=context,
+                                properties={"custom_param1": "CUSTOM_PARAM_VALUE", "custom_param2": True, "custom_param3": 3})
 
     securenative.track(event_options)
 ```
@@ -122,16 +137,21 @@ def track(request):
 
 ```python
 from securenative.securenative import SecureNative
-from securenative.event_options_builder import EventOptionsBuilder
+from securenative.models.event_options import EventOptions
+from securenative.context.securenative_context import SecureNativeContext
 from securenative.enums.event_types import EventTypes
 from securenative.models.user_traits import UserTraits
 
 
 def track(request):
     securenative = SecureNative.get_instance()
-    context = SecureNative.context_builder().from_http_request(request).build()
 
-    event_options = EventOptionsBuilder(EventTypes.LOG_IN).with_user_id("1234").with_user_traits(UserTraits("Your Name", "[email protected]", "+1234567890")).with_context(context).with_properties({"prop1": "CUSTOM_PARAM_VALUE", "prop2": True, "prop3": 3}).build()
+    context = SecureNativeContext.from_http_request(request)
+    event_options = EventOptions(event=EventTypes.LOG_IN,
+                                user_id="1234",
+                                user_traits=UserTraits("Your Name", "[email protected]", "+1234567890"),
+                                context=context,
+                                properties={"custom_param1": "CUSTOM_PARAM_VALUE", "custom_param2": True, "custom_param3": 3})
 
     verify_result = securenative.verify(event_options)
     verify_result.risk_level  # Low, Medium, High

VERSION

@@ -1 +1 @@
-0.3.0
+0.3.1

securenative/config/configuration_builder.py

@@ -1,7 +1,7 @@
 import os
 from configparser import ConfigParser
 
-from securenative.config.configuration_builder import ConfigurationBuilder
+from securenative.config.securenative_options import SecureNativeOptions
 from securenative.exceptions.securenative_config_exception import SecureNativeConfigException
 
 
@@ -32,10 +32,6 @@ def _get_resource_path(cls, env_name):
 
         return os.environ.get(cls.DEFAULT_CONFIG_FILE)
 
-    @staticmethod
-    def config_builder():
-        return ConfigurationBuilder.default_config_builder()
-
     @classmethod
     def _get_env_or_default(cls, properties, key, default):
         if os.environ.get(key):
@@ -46,21 +42,25 @@ def _get_env_or_default(cls, properties, key, default):
 
     @classmethod
     def load_config(cls, resource_path):
-        options = ConfigurationBuilder().get_default_securenative_options()
+        options = SecureNativeOptions()
 
         if not resource_path:
             resource_path = os.environ.get(cls.CUSTOM_CONFIG_FILE_ENV_NAME)
 
         properties = cls.read_resource_file(resource_path)
 
-        return ConfigurationBuilder(). \
-            with_api_key(cls._get_env_or_default(properties, "SECURENATIVE_API_KEY", options.api_key)). \
-            with_api_url(cls._get_env_or_default(properties, "SECURENATIVE_API_URL", options.api_url)). \
-            with_interval(cls._get_env_or_default(properties, "SECURENATIVE_INTERVAL", options.interval)). \
-            with_max_events(cls._get_env_or_default(properties, "SECURENATIVE_MAX_EVENTS", options.max_events)). \
-            with_timeout(cls._get_env_or_default(properties, "SECURENATIVE_TIMEOUT", options.timeout)). \
-            with_auto_send(cls._get_env_or_default(properties, "SECURENATIVE_AUTO_SEND", options.auto_send)). \
-            with_disable(cls._get_env_or_default(properties, "SECURENATIVE_DISABLE", options.disable)). \
-            with_log_level(cls._get_env_or_default(properties, "SECURENATIVE_LOG_LEVEL", options.log_level)). \
-            with_fail_over_strategy(cls._get_env_or_default(
-                properties, "SECURENATIVE_FAILOVER_STRATEGY", options.fail_over_strategy))
+        return SecureNativeOptions(api_key=cls._get_env_or_default(properties, "SECURENATIVE_API_KEY", options.api_key),
+                                   api_url=cls._get_env_or_default(properties, "SECURENATIVE_API_URL", options.api_url),
+                                   interval=cls._get_env_or_default(properties, "SECURENATIVE_INTERVAL",
+                                                                    options.interval),
+                                   max_events=cls._get_env_or_default(properties, "SECURENATIVE_MAX_EVENTS",
+                                                                      options.max_events),
+                                   timeout=cls._get_env_or_default(properties, "SECURENATIVE_TIMEOUT", options.timeout),
+                                   auto_send=cls._get_env_or_default(properties, "SECURENATIVE_AUTO_SEND",
+                                                                     options.auto_send),
+                                   disable=cls._get_env_or_default(properties, "SECURENATIVE_DISABLE", options.disable),
+                                   log_level=cls._get_env_or_default(properties, "SECURENATIVE_LOG_LEVEL",
+                                                                     options.log_level),
+                                   fail_over_strategy=cls._get_env_or_default(properties,
+                                                                              "SECURENATIVE_FAILOVER_STRATEGY",
+                                                                              options.fail_over_strategy))

securenative/config/configuration_manager.py

@@ -6,6 +6,13 @@ class SecureNativeOptions(object):
     def __init__(self, api_key=None, api_url="https://api.securenative.com/collector/api/v1", interval=1000,
                  max_events=1000, timeout=1500, auto_send=True, disable=False, log_level="CRITICAL",
                  fail_over_strategy=FailOverStrategy.FAIL_OPEN.value):
+
+        if fail_over_strategy != FailOverStrategy.FAIL_OPEN.value and \
+                fail_over_strategy != FailOverStrategy.FAIL_CLOSED.value:
+            self.fail_over_strategy = FailOverStrategy.FAIL_OPEN.value
+        else:
+            self.fail_over_strategy = fail_over_strategy
+
         self.api_key = api_key
         self.api_url = api_url
         self.interval = interval
@@ -14,4 +21,3 @@ def __init__(self, api_key=None, api_url="https://api.securenative.com/collector
         self.auto_send = auto_send
         self.disable = disable
         self.log_level = log_level
-        self.fail_over_strategy = fail_over_strategy

securenative/config/securenative_options.py

@@ -1,3 +1,7 @@
+from securenative.utils.request_utils import RequestUtils
+from securenative.utils.utils import Utils
+
+
 class SecureNativeContext(object):
 
     def __init__(self, client_token=None, ip=None, remote_ip=None, headers=None, url=None, method=None, body=None):
@@ -8,3 +12,22 @@ def __init__(self, client_token=None, ip=None, remote_ip=None, headers=None, url
         self.url = url
         self.method = method
         self.body = body
+
+    @staticmethod
+    def from_http_request(request):
+        try:
+            client_token = request.cookies[RequestUtils.SECURENATIVE_COOKIE]
+        except Exception:
+            client_token = None
+
+        try:
+            headers = dict(request.headers)
+        except Exception:
+            headers = None
+
+        if Utils.is_null_or_empty(client_token):
+            client_token = RequestUtils.get_secure_header_from_request(headers)
+
+        return SecureNativeContext(client_token, RequestUtils.get_client_ip_from_request(request),
+                                   RequestUtils.get_remote_ip_from_request(request), headers, request.url,
+                                   request.method, None)