Update readme and fix minor bugs

Inbal Tako · Inbal Tako · commit 1c5405d88088 · 2020-05-27T08:24:55.000+03:00
diff --git a/.gitignore b/.gitignore
@@ -261,6 +261,7 @@ ehthumbs_vista.db
 # Recycle Bin used on file shares
 $RECYCLE.BIN/
 
+*.ini
 # Windows Installer files
 *.cab
 *.msi
diff --git a/README.md b/README.md
@@ -96,3 +96,181 @@ def sn_webhook_handler(headers, body):
         pass
     
 ```
+
+<p align="center">
+  <a href="https://www.securenative.com"><img src="https://user-images.githubusercontent.com/45174009/77826512-f023ed80-7120-11ea-80e0-58aacde0a84e.png" alt="SecureNative Logo"/></a>
+</p>
+
+<p align="center">
+  <b>A Cloud-Native Security Monitoring and Protection for Modern Applications</b>
+</p>
+<p align="center">
+  <a href="https://github.com/securenative/securenative-python">
+    <img alt="Github Actions" src="https://github.com/securenative/securenative-java/workflows/CI/badge.svg">
+  </a>
+  <a href="https://codecov.io/gh/securenative/securenative-python">
+    <img src="https://codecov.io/gh/securenative/securenative-java/branch/master/graph/badge.svg" />
+  </a>
+</p>
+<p align="center">
+  <a href="https://docs.securenative.com">Documentation</a> |
+  <a href="https://docs.securenative.com/quick-start">Quick Start</a> |
+  <a href="https://blog.securenative.com">Blog</a> |
+  <a href="">Chat with us on Slack!</a>
+</p>
+<hr/>
+
+
+[SecureNative](https://www.securenative.com/) performs user monitoring by analyzing user interactions with your application and various factors such as network, devices, locations and access patterns to stop and prevent account takeover attacks.
+
+## Install the SDK
+
+When using Maven, add the following dependency to your `pom.xml` file:
+```xml
+<dependency>
+    <groupId>com.securenative.java</groupId>
+    <artifactId>sdk-base</artifactId>
+    <version>LATEST</version>
+</dependency>
+```
+
+When using Gradle, add the following dependency to your `build.gradle` file:
+```gradle
+compile group: 'com.securenative.java', name: 'sdk-parent', version: '0.3.1', ext: 'pom'
+```
+
+When using SBT, add the following dependency to your `build.sbt` file:
+```sbt
+libraryDependencies += "com.securenative.java" % "sdk-parent" % "0.3.1" pomOnly()
+```
+
+## Initialize the SDK
+
+To get your *API KEY*, login to your SecureNative account and go to project settings page:
+
+### Option 1: Initialize via Config file
+SecureNative can automatically load your config from *securenative.properties* file or from the file that is specified in your *SECURENATIVE_CONFIG_FILE* env variable:
+
+```java
+SecureNative secureNative =  SecureNative.init();
+```
+### Option 2: Initialize via API Key
+
+```java
+SecureNative secureNative =  SecureNative.init("YOUR_API_KEY");
+```
+
+### Option 3: Initialize via ConfigurationBuilder
+```java
+SecureNative secureNative = SecureNative.init(SecureNative.configBuilder()
+                                        .withApiKey("API_KEY")
+                                        .withMaxEvents(10)
+                                        .withLogLevel("error")
+                                        .build()); 
+```
+
+## Getting SecureNative instance
+Once initialized, sdk will create a singleton instance which you can get: 
+```java
+SecureNative secureNative = SecureNative.getInstance();
+```
+
+## Tracking events
+
+Once the SDK has been initialized, tracking requests sent through the SDK
+instance. Make sure you build event with the EventBuilder:
+
+ ```java
+SecureNative secureNative = SecureNative.getInstance();
+
+SecureNativeContext context = SecureNative.contextBuilder()
+        .withIp("127.0.0.1")
+        .withClientToken("SECURED_CLIENT_TOKEN")
+        .withHeaders(Maps.defaultBuilder()
+                    .put("user-agent", "Mozilla/5.0 (iPad; U; CPU OS 3_2_1 like Mac OS X; en-us) AppleWebKit/531.21.10 (KHTML, like Gecko) Mobile/7B405")
+                    .build())
+        .build();
+
+EventOptions eventOptions = EventOptionsBuilder.builder(EventTypes.LOG_IN)
+        .userId("USER_ID")
+        .userTraits("USER_NAME", "USER_EMAIL")
+        .context(context)
+        .properties(Maps.builder()
+                .put("prop1", "CUSTOM_PARAM_VALUE")
+                .put("prop2", true)
+                .put("prop3", 3)
+                .build())
+        .timestamp(new Date())
+        .build();
+
+secureNative.track(eventOptions);
+ ```
+
+You can also create request context from HttpServletRequest:
+
+```java
+@RequestMapping("/track")
+public void track(HttpServletRequest request, HttpServletResponse response) {
+    SecureNativeContext context = SecureNative.contextBuilder()
+                                              .fromHttpServletRequest(request)
+                                              .build();
+
+    EventOptions eventOptions = EventOptionsBuilder.builder(EventTypes.LOG_IN)
+            .userId("USER_ID")
+            .userTraits("USER_NAME", "USER_EMAIL")
+            .context(context)
+            .properties(Maps.builder()
+                    .put("prop1", "CUSTOM_PARAM_VALUE")
+                    .put("prop2", true)
+                    .put("prop3", 3)
+                    .build())
+            .timestamp(new Date())
+            .build();
+    
+    secureNative.track(eventOptions);
+}
+```
+
+## Verify events
+
+**Example**
+
+```java
+@RequestMapping("/track")
+public void track(HttpServletRequest request, HttpServletResponse response) {
+    SecureNativeContext context = SecureNative.contextBuilder()
+                                              .fromHttpServletRequest(request)
+                                              .build();
+
+    EventOptions eventOptions = EventOptionsBuilder.builder(EventTypes.LOG_IN)
+            .userId("USER_ID")
+            .userTraits("USER_NAME", "USER_EMAIL")
+            .context(context)
+            .properties(Maps.builder()
+                    .put("prop1", "CUSTOM_PARAM_VALUE")
+                    .put("prop2", true)
+                    .put("prop3", 3)
+                    .build())
+            .timestamp(new Date())
+            .build();
+    
+    VerifyResult verifyResult = secureNative.verify(eventOptions);
+    verifyResult.getRiskLevel() // Low, Medium, High
+    verifyResult.score() // Risk score: 0 -1 (0 - Very Low, 1 - Very High)
+    verifyResult.getTriggers() // ["TOR", "New IP", "New City"]
+}
+```
+
+## Webhook signature verification
+
+Apply our filter to verify the request is from us, example in spring:
+
+```java
+@RequestMapping("/webhook")
+public void webhookEndpoint(HttpServletRequest request, HttpServletResponse response) {
+    SecureNative secureNative = SecureNative.getInstance();
+    
+    // Checks if request is verified
+    Boolean isVerified = secureNative.verifyRequestPayload(request);
+}
+ ```
diff --git a/requirements.txt b/requirements.txt
diff --git a/securenative/api_manager.py b/securenative/api_manager.py
@@ -15,7 +15,7 @@ def __init__(self, event_manager, securenative_options):
     def track(self, event_options):
         Logger.debug("Track event call")
         event = SDKEvent(event_options, self.options)
-        self.event_manager.send_async(event, ApiRoute.TRACK.value)
+        return self.event_manager.send_async(event, ApiRoute.TRACK.value)
 
     def verify(self, event_options):
         Logger.debug("Verify event call")
diff --git a/securenative/config/configuration_builder.py b/securenative/config/configuration_builder.py
@@ -52,6 +52,10 @@ def with_log_level(self, log_level):
         return self
 
     def with_fail_over_strategy(self, fail_over_strategy):
+        if fail_over_strategy != FailOverStrategy.FAIL_OPEN.value and \
+                fail_over_strategy != FailOverStrategy.FAIL_CLOSED.value:
+            self.fail_over_strategy = FailOverStrategy.FAIL_OPEN.value
+            return self
         self.fail_over_strategy = fail_over_strategy
         return self
 
diff --git a/securenative/config/configuration_manager.py b/securenative/config/configuration_manager.py
@@ -12,16 +12,10 @@ class ConfigurationManager(object):
     @classmethod
     def read_resource_file(cls, resource_path):
         cls.config.read(resource_path)
-        sections = cls.config.sections()
 
         properties = {}
-        for section in sections:
-            options = cls.config.options(section)
-            for option in options:
-                try:
-                    properties[option] = cls.config.get(section, option)
-                except NoSectionError:
-                    properties[option] = None
+        for key, value in cls.config.defaults().items():
+            properties[key.upper()] = value
 
         return properties
 
@@ -40,24 +34,30 @@ def config_builder():
 
     @classmethod
     def _get_env_or_default(cls, properties, key, default):
-        if properties[key]:
-            return properties[key]
+        if os.environ.get(key):
+            return os.environ.get(key)
+        if properties.get(key):
+            return properties.get(key)
         return default
 
     @classmethod
     def load_config(cls):
-        builder = ConfigurationBuilder()
-        options = builder.get_default_securenative_options()
-        resource_path = cls._get_env_or_default(cls.DEFAULT_CONFIG_FILE, cls.CUSTOM_CONFIG_FILE_ENV_NAME)
+        options = ConfigurationBuilder().get_default_securenative_options()
+
+        resource_path = cls.DEFAULT_CONFIG_FILE
+        if os.environ.get(cls.CUSTOM_CONFIG_FILE_ENV_NAME):
+            resource_path = os.environ.get(cls.CUSTOM_CONFIG_FILE_ENV_NAME)
+
         properties = cls.read_resource_file(resource_path)
 
-        builder.\
-            with_api_key(cls._get_env_or_default(properties, "SECURENATIVE_API_KEY", options.api)).\
-            with_api_url(cls._get_env_or_default(properties, "SECURENATIVE_API_URL", options.api_url)).\
-            with_interval(cls._get_env_or_default(properties, "SECURENATIVE_INTERVAL", options.interval)).\
-            with_max_events(cls._get_env_or_default(properties, "SECURENATIVE_MAX_EVENTS", options.max_events)).\
-            with_timeout(cls._get_env_or_default(properties, "SECURENATIVE_TIMEOUT", options.timeout)).\
-            with_auto_send(cls._get_env_or_default(properties, "SECURENATIVE_AUTO_SEND", options.auto_send)).\
-            with_disable(cls._get_env_or_default(properties, "SECURENATIVE_DISABLE", options.disable)).\
-            with_log_level(cls._get_env_or_default(properties, "SECURENATIVE_LOG_LEVEL", options.log_level)).\
-            with_fail_over_strategy(cls._get_env_or_default(properties, "SECURENATIVE_FAILOVER_STRATEGY", options))
+        return ConfigurationBuilder(). \
+            with_api_key(cls._get_env_or_default(properties, "SECURENATIVE_API_KEY", options.api_key)). \
+            with_api_url(cls._get_env_or_default(properties, "SECURENATIVE_API_URL", options.api_url)). \
+            with_interval(cls._get_env_or_default(properties, "SECURENATIVE_INTERVAL", options.interval)). \
+            with_max_events(cls._get_env_or_default(properties, "SECURENATIVE_MAX_EVENTS", options.max_events)). \
+            with_timeout(cls._get_env_or_default(properties, "SECURENATIVE_TIMEOUT", options.timeout)). \
+            with_auto_send(cls._get_env_or_default(properties, "SECURENATIVE_AUTO_SEND", options.auto_send)). \
+            with_disable(cls._get_env_or_default(properties, "SECURENATIVE_DISABLE", options.disable)). \
+            with_log_level(cls._get_env_or_default(properties, "SECURENATIVE_LOG_LEVEL", options.log_level)). \
+            with_fail_over_strategy(cls._get_env_or_default(
+                properties, "SECURENATIVE_FAILOVER_STRATEGY", options.fail_over_strategy))
diff --git a/securenative/config/securenative_options.py b/securenative/config/securenative_options.py
@@ -3,8 +3,9 @@
 
 class SecureNativeOptions(object):
 
-    def __init__(self, api_key=None, api_url=None, interval=1000, max_events=1000, timeout=1500, auto_send=True,
-                 disable=False, log_level="CRITICAL", fail_over_strategy=FailOverStrategy.FAIL_OPEN.value):
+    def __init__(self, api_key=None, api_url="https://api.securenative.com/collector/api/v1", interval=1000,
+                 max_events=1000, timeout=1500, auto_send=True, disable=False, log_level="CRITICAL",
+                 fail_over_strategy=FailOverStrategy.FAIL_OPEN.value):
         self.api_key = api_key
         self.api_url = api_url
         self.interval = interval
diff --git a/securenative/event_manager.py b/securenative/event_manager.py
@@ -19,7 +19,7 @@ def __init__(self, url, body, retry):
 
 class EventManager:
     def __init__(self, options=SecureNativeOptions(), http_client=None):
-        if options.api_url is None:
+        if options.api_key is None:
             raise ValueError('API key cannot be None, please get your API key from SecureNative console.')
 
         if not http_client:
@@ -82,6 +82,7 @@ def send_sync(self, event, resource_path, retry):
             self.queue.insert(0, item)
             if self._is_queue_full():
                 self.queue = self.queue[:len(self.queue - 1)]
+        return res
 
     def _is_queue_full(self):
         return len(self.queue) > self.options.max_events
@@ -98,6 +99,7 @@ def _send_events(self):
 
                     Logger.debug("Event successfully sent; {}".format(item.body))
                     self.queue.remove(item)
+                    return res
                 except Exception as e:
                     Logger.error("Failed to send event; {}".format(e))
                     if item.retry:
@@ -117,23 +119,23 @@ def start_event_persist(self):
         if self.options.auto_send or self.send_enabled:
             self.send_enabled = True
             try:
-
                 self.scheduler = sched.scheduler(time.time, time.sleep)
                 self.scheduler.enter(self.options.interval, 1, self._send_events)
                 self.thread = threading.Thread(target=self.scheduler.run).start()
-            except Exception:
-                pass
+            except Exception as e:
+                Logger.error("Could not start event scheduler; {}".format(e))
         else:
             Logger.debug("Automatic event persistence is disabled, you should persist events manually")
 
     def stop_event_persist(self):
         if self.send_enabled:
             Logger.debug("Attempting to stop automatic event persistence")
             try:
-                self.thread.stop()
+                if self.thread:
+                    self.thread.stop()
                 self.scheduler.cancel(self._send_events)
-            except ValueError:
-                pass
+            except ValueError as e:
+                Logger.error("Could not stop event scheduler; {}".format(e))
 
             Logger.debug("Stopped event persistence")
 
diff --git a/securenative/utils/date_utils.py b/securenative/utils/date_utils.py
@@ -6,5 +6,5 @@ class DateUtils(object):
     @staticmethod
     def to_timestamp(date):
         if not date:
-            return datetime.now().strftime("%Y-%m-%dT%H:%M:%SZ")
-        return datetime.strptime(date, "%Y-%m-%dT%H:%M:%S%z")
+            return datetime.now().strftime("%Y-%d-%dT%H:%M:%S.%fZ")
+        return datetime.strptime(date, "%Y-%m-%dT%H:%M:%S.%f%z")
diff --git a/securenative/utils/ip_utils.py b/securenative/utils/ip_utils.py
@@ -24,11 +24,10 @@ def is_valid_public_ip(ip_address):
 
         ip = ipaddress.IPv4Address(ip_address)
         if ip.is_loopback \
-                or ip.is_global \
+                or not ip.is_global \
                 or ip.is_private \
                 or ip.is_link_local \
                 or ip.is_multicast \
-                or ip.is_multicast \
                 or ip.is_reserved \
                 or ip.is_unspecified:
             return False
