Merge pull request #1 from securenative/dev

Dev

Author: matang28

securenative/__init__.py

@@ -0,0 +1,39 @@
+from securenative.event_options import Event
+from securenative.sdk_options import SecureNativeOptions
+from securenative.securenative import SecureNative
+import securenative.event_types
+
+_sn_sdk: SecureNative = None
+
+
+def init(api_key, options=SecureNativeOptions()):
+    global _sn_sdk
+    if _sn_sdk is None:
+        _sn_sdk = SecureNative(api_key, options)
+
+
+def track(event: Event):
+    sdk = _get_or_throw()
+    sdk.track(event)
+
+
+def verify(event: Event):
+    sdk = _get_or_throw()
+    return sdk.verify(event)
+
+
+def verify_webhook(hmac_header: str, body: str):
+    sdk = _get_or_throw()
+    sdk.verify_webhook(hmac_header=hmac_header, body=body)
+
+
+def flush():
+    sdk = _get_or_throw()
+    sdk.flush()
+
+
+def _get_or_throw():
+    if _sn_sdk is None:
+        raise ValueError(
+            u'You should call securenative.init(api_key, options) before making any other sdk function call.')
+    return _sn_sdk

securenative/config.py

@@ -0,0 +1,2 @@
+sdk_version = '0.1'
+_max_allowed_params = 6

securenative/errors.py

@@ -0,0 +1,2 @@
+class MissingApiKeyError(ValueError):
+    pass

securenative/event_manager.py

@@ -0,0 +1,58 @@
+import json
+import threading
+import copy
+
+from securenative.errors import MissingApiKeyError
+from securenative.http_client import HttpClient
+from securenative.sdk_options import SecureNativeOptions
+
+
+class QueueItem:
+    def __init__(self, url, body):
+        self.url = url
+        self.body = body
+
+
+class EventManager:
+    def __init__(self, api_key, options=SecureNativeOptions(), http_client=HttpClient()):
+        if api_key is None:
+            raise MissingApiKeyError()
+
+        self.http_client = http_client
+        self.api_key = api_key
+        self.options = options
+        self.queue = list()
+
+        if self.options.auto_send:
+            interval_seconds = max(options.interval // 1000, 1)
+            threading.Timer(interval_seconds, self.flush).start()
+
+    def send_async(self, event, resource_path):
+        item = QueueItem(
+            self._build_url(resource_path),
+            json.dumps(event.as_dict())
+        )
+
+        self.queue.insert(0, item)
+        if self._is_queue_full():
+            self.queue = self.queue[:len(self.queue - 1)]
+
+    def flush(self):
+        queue_copy = copy.copy(self.queue)
+        self.queue = list()
+
+        for item in queue_copy:
+            self.http_client.post(item.url, self.api_key, item.body)
+
+    def send_sync(self, event, resources_path):
+        return self.http_client.post(
+            self._build_url(resources_path),
+            self.api_key,
+            json.dumps(event.as_dict())
+        )
+
+    def _build_url(self, resource_path):
+        return self.options.api_url + "/" + resource_path
+
+    def _is_queue_full(self):
+        return len(self.queue) > self.options.max_events

securenative/event_options.py

@@ -0,0 +1,66 @@
+import uuid
+import time
+
+from securenative.utils import _parse_cookie
+
+
+class User:
+    def __init__(self, user_id=u'', user_email=u'', user_name=u''):
+        self.user_id = user_id
+        self.user_name = user_name
+        self.user_email = user_email
+
+
+class Event:
+    def __init__(self, event_type, user=User(), ip=u'127.0.0.1', remote_ip=u'127.0.0.1', user_agent=u'unknown',
+                 sn_cookie_value=None, params=None):
+        self.event_type = event_type
+        self.user = user
+        self.remote_ip = remote_ip
+        self.ip = ip
+        self.user_agent = user_agent
+        self.params = params
+        self.cid = ''
+        self.fp = ''
+        self.params = list()
+
+        if params is not None:
+            if not isinstance(params, list):
+                raise ValueError(
+                    'custom params should be a list of CustomParams, i.e: [CustomParams(key, value), ...])')
+            if len(params) > 0 and not isinstance(params[0], CustomParam):
+                raise ValueError(
+                    'custom params should be a list of CustomParams, i.e: [CustomParams(key, value), ...])')
+
+        self.params = params
+
+        if sn_cookie_value is not None:
+            self.cid, self.fp = _parse_cookie(sn_cookie_value)
+
+        self.vid = str(uuid.uuid4())
+        self.ts = int(time.time())*1000
+
+    def as_dict(self):
+        return {
+            "eventType": self.event_type,
+            "user": {
+                "id": self.user.user_id,
+                "email": self.user.user_email,
+                "name": self.user.user_name
+            },
+            "remoteIP": self.remote_ip,
+            "ip": self.ip,
+            "cid": self.cid,
+            "fp": self.fp,
+            "ts": self.ts,
+            "vid": self.vid,
+            "userAgent": self.user_agent,
+            "device": {},
+            "params": [{p.key: p.value} for p in self.params]
+        }
+
+
+class CustomParam:
+    def __init__(self, key, value):
+        self.key = key
+        self.value = value

securenative/event_types.py

@@ -0,0 +1,18 @@
+login = "sn.user.login"
+login_challenge = "sn.user.login.challenge"
+login_failure = "sn.user.login.failure"
+log_out = "sn.user.logout"
+sign_up = "sn.user.signup"
+auth_challenge = "sn.user.auth.challange"
+auth_challenge_success = "sn.user.auth.challange.success"
+auth_challenge_failure = "sn.user.auth.challange.failure"
+two_factor_disable = "sn.user.2fa.disable"
+email_update = "sn.user.email.update"
+password_reset = "sn.user.password.reset"
+password_reset_success = "sn.user.password.reset.success"
+password_update = "sn.user.password.update"
+password_reset_failure = "sn.user.password.reset.failure"
+user_invite = "sn.user.invite"
+role_update = "sn.user.role.update"
+profile_update = "sn.user.profile.update"
+page_view = "sn.user.page.view"

securenative/http_client.py

@@ -0,0 +1,16 @@
+import requests
+
+from securenative.config import sdk_version
+
+
+class HttpClient:
+    def _headers(self, api_key):
+        return {
+            'Content-Type': 'application/json',
+            'User-Agent': 'SecureNative-python',
+            'Sn-Version': sdk_version,
+            'Authorization': api_key
+        }
+
+    def post(self, url, api_key, body):
+        return requests.post(url=url, data=body, headers=self._headers(api_key))

securenative/sdk_options.py

@@ -0,0 +1,12 @@
+_securenative_prod = u"https://api.securenative.com"
+_securenative_stg = u"https://api.securenative-stg.com"
+
+
+class SecureNativeOptions:
+    def __init__(self, api_url=_securenative_prod, interval=1000, max_events=1000, timeout=1500, auto_send=True):
+        super().__init__()
+        self.timeout = timeout
+        self.max_events = max_events
+        self.api_url = api_url
+        self.interval = interval
+        self.auto_send = auto_send

securenative/securenative.py

@@ -0,0 +1,41 @@
+import json
+
+from securenative.config import _max_allowed_params
+from securenative.errors import MissingApiKeyError
+from securenative.event_manager import EventManager
+from securenative.sdk_options import SecureNativeOptions
+from securenative.utils import verify_signature
+
+
+class SecureNative:
+    def __init__(self, api_key, options=SecureNativeOptions()):
+        if api_key is None:
+            raise MissingApiKeyError()
+
+        self._api_key = api_key
+        self._options = options
+        self._event_manager = EventManager(self._api_key, self._options)
+
+    def track(self, event):
+        _validate_event(event)
+        self._event_manager.send_async(event, 'collector/api/v1/track')
+
+    def verify(self, event):
+        _validate_event(event)
+        response = self._event_manager.send_sync(event, 'collector/api/v1/verify')
+        if response.status_code == 200:
+            json_result = json.loads(response.text)
+            return json_result
+        else:
+            return None
+
+    def verify_webhook(self, hmac_header, body):
+        return verify_signature(self._api_key, body, hmac_header)
+
+    def flush(self):
+        self._event_manager.flush()
+
+
+def _validate_event(event):
+    if len(event.params) > _max_allowed_params:
+        event.params = event.params[:_max_allowed_params]

securenative/utils.py

@@ -0,0 +1,39 @@
+import base64
+import json
+import hmac
+import hashlib
+
+
+def _parse_cookie(cookie_value=None):
+    fp = u''
+    cid = u''
+
+    if cookie_value is None:
+        return cid, fp
+
+    try:
+        base64_decoded = base64.b64decode(cookie_value)
+        if base64_decoded is None:
+            base64_decoded = u'{}'
+
+        json_obj = json.loads(base64_decoded)
+
+        if u'fp' in json_obj:
+            fp = json_obj['fp']
+
+        if u'cid' in json_obj:
+            cid = json_obj['cid']
+    except Exception as ex:
+        pass
+
+    return cid, fp
+
+
+def verify_signature(secret, text_body, header_signature):
+    try:
+        key = secret.encode('utf-8')
+        body = text_body.encode('utf-8')
+        comparison_signature = hmac.new(key, body, hashlib.sha512).hexdigest()
+        return hmac.compare_digest(comparison_signature, header_signature)
+    except Exception as ex:
+        return False