securenative
diff --git a/‎.gitignore‎
Lines changed: 1 addition & 0 deletions b/‎.gitignore‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎README.md‎
Lines changed: 144 additions & 73 deletions b/‎README.md‎
Lines changed: 144 additions & 73 deletions
diff --git a/‎requirements.txt‎
Lines changed: 3 additions & 2 deletions b/‎requirements.txt‎
Lines changed: 3 additions & 2 deletions
diff --git a/‎securenative/__init__.py‎
Lines changed: 0 additions & 5 deletions b/‎securenative/__init__.py‎
Lines changed: 0 additions & 5 deletions
diff --git a/‎securenative/api_manager.py‎
Lines changed: 29 additions & 0 deletions b/‎securenative/api_manager.py‎
Lines changed: 29 additions & 0 deletions
diff --git a/‎securenative/config.py‎
Lines changed: 0 additions & 2 deletions b/‎securenative/config.py‎
Lines changed: 0 additions & 2 deletions
diff --git a/‎securenative/config/__init__.py‎ b/‎securenative/config/__init__.py‎
diff --git a/‎securenative/config/configuration_builder.py‎
Lines changed: 64 additions & 0 deletions b/‎securenative/config/configuration_builder.py‎
Lines changed: 64 additions & 0 deletions
@@ -261,6 +261,7 @@ ehthumbs_vista.db
 # Recycle Bin used on file shares
 $RECYCLE.BIN/
 
+*.ini
 # Windows Installer files
 *.cab
 *.msi
 
@@ -1,98 +1,169 @@
-# Python SDK for Secure Native
+<p align="center">
+  <a href="https://www.securenative.com"><img src="https://user-images.githubusercontent.com/45174009/77826512-f023ed80-7120-11ea-80e0-58aacde0a84e.png" alt="SecureNative Logo"/></a>
+</p>
 
-## How to get it?
-the python SDK is published to PyPi so you can just use `pip` to install it:
+<p align="center">
+  <b>A Cloud-Native Security Monitoring and Protection for Modern Applications</b>
+</p>
+<p align="center">
+  <a href="https://github.com/securenative/securenative-python">
+    <img alt="Github Actions" src="https://github.com/securenative/securenative-java/workflows/CI/badge.svg">
+  </a>
+</p>
+<p align="center">
+  <a href="https://docs.securenative.com">Documentation</a> |
+  <a href="https://docs.securenative.com/quick-start">Quick Start</a> |
+  <a href="https://blog.securenative.com">Blog</a> |
+  <a href="">Chat with us on Slack!</a>
+</p>
+<hr/>
+
+
+[SecureNative](https://www.securenative.com/) performs user monitoring by analyzing user interactions with your application and various factors such as network, devices, locations and access patterns to stop and prevent account takeover attacks.
+
+
+## Install the SDK
+
+When using PyPi, run the following:
 ```bash
 pip install securenative
 ```
 
 ## Initialize the SDK
-Go to the settings page of your SecureNative account and find your API key, afterwards add this line on your application main module.
+
+To get your *API KEY*, login to your SecureNative account and go to project settings page:
+
+### Option 1: Initialize via Config file
+SecureNative can automatically load your config from *securenative.ini* file or from the file that is specified in your *SECURENATIVE_CONFIG_FILE* env variable:
+
 ```python
-import securenative
+from securenative.securenative import SecureNative
 
-# Many lines of code ...
 
-if __name__=='__main__':
-    # Your bootstrap code
-    securenative.init('API_KEY') # Should be called before any other call to secure native
+secureative =  SecureNative.init()
 ```
+### Option 2: Initialize via API Key
 
-## Tracking Events (async)
-Once the SDK has been initialized, you can start sending new events with the `track` function:
 ```python
-import securenative
-from securenative.event_options import Event, User
+from securenative.securenative import SecureNative
 
-def my_login_function():
-    # Many lines of code ...
-    
-    event = Event( # Build the event from the request's context
-        event_type=securenative.event_types.login,
-        ip='35.199.23.1',
-        remote_ip='35.199.23.2',
-        user_agent='Mozilla/5.0 (Linux; U; Android 4.4.2; zh-cn; GT-I9500 Build/KOT49H) AppleWebKit/537.36 (KHTML, like Gecko)Version/4.0 MQQBrowser/5.0 QQ-URL-Manager Mobile Safari/537.36',
-        sn_cookie_value='eyJjaWQiOiJkYzgyYjdhZS00ODFkLTQyODItYTMyZC0xZTU1Njk2ZjNmZTQiLCJmcCI6Ijk5NGYzZjVjZTRiYWUwODQzMTRhOTFkNzgyN2I1MWYuMjQ3MDBmOWYxOTg2ODAwYWI0ZmNjODgwNTMwZGQwZWQifQ',
-        user=User(
-            user_id='1',
-            user_email='1@example.com',
-            user_name='example example'
-        )
-    )
-    
-    # Track it:
-    securenative.track(event)
-    
-    # Many lines of code ...
 
+securenative =  SecureNative.init_with_api_key("YOUR_API_KEY")
 ```
 
-## Verification Events (sync)
-Once the SDK has been initialized, you can protect sensitive operation by calling the `verify` function, this function will return the risk analysis of the current user.
+### Option 3: Initialize via ConfigurationBuilder
+```python
+from securenative.securenative import SecureNative
+
+
+securenative = SecureNative.init_with_options(SecureNative.config_builder()
+                                        .with_api_key("API_KEY")
+                                        .with_max_events(10)
+                                        .with_log_level("ERROR")
+                                        .build())
+```
 
+## Getting SecureNative instance
+Once initialized, sdk will create a singleton instance which you can get: 
 ```python
-import securenative
-from securenative.event_options import Event, User
+from securenative.securenative import SecureNative
+
+
+secureNative = SecureNative.get_instance()
+```
+
+## Tracking events
+
+Once the SDK has been initialized, tracking requests sent through the SDK
+instance. Make sure you build event with the EventBuilder:
+
+ ```python
+from securenative.securenative import SecureNative
+from securenative.event_options_builder import EventOptionsBuilder
+from securenative.enums.event_types import EventTypes
+from securenative.models.user_traits import UserTraits
+
 
-def my_change_password_function():
-    # Many lines of code...
+securenative = SecureNative.get_instance()
+
+context = SecureNative.context_builder().\
+        with_ip("127.0.0.1").\
+        with_client_token("SECURED_CLIENT_TOKEN").\
+        with_headers({"user-agent", "Mozilla/5.0 (iPad; U; CPU OS 3_2_1 like Mac OS X; en-us) AppleWebKit/531.21.10 (KHTML, like Gecko) Mobile/7B405"}).\
+        build()
+
+event_options = EventOptionsBuilder(EventTypes.LOG_IN).\
+with_user_id("USER_ID").\
+        with_user_traits(UserTraits("USER_NAME", "USER_EMAIL")).\
+        with_context(context).\
+        with_properties({"prop1": "CUSTOM_PARAM_VALUE", "prop2": True, "prop3": 3}).\
+        build()
+
+securenative.track(event_options)
+ ```
+
+You can also create request context from requests:
+
+```python
+from securenative.securenative import SecureNative
+from securenative.event_options_builder import EventOptionsBuilder
+from securenative.enums.event_types import EventTypes
+from securenative.models.user_traits import UserTraits
+
+
+def track(request):
+    securenative = SecureNative.get_instance()
+    context = SecureNative.context_builder().from_http_request(request).build()
+
+    event_options = EventOptionsBuilder(EventTypes.LOG_IN).\
+        with_user_id("USER_ID").\
+        with_user_traits(UserTraits("USER_NAME", "USER_EMAIL")).\
+        with_context(context).\
+        with_properties({"prop1": "CUSTOM_PARAM_VALUE", "prop2": True, "prop3": 3}).\
+        build()
 
-    event = Event( # Build the event from the request's context
-            event_type=securenative.event_types.verify,
-            ip='35.199.23.1',
-            remote_ip='35.199.23.2',
-            user_agent='Mozilla/5.0 (Linux; U; Android 4.4.2; zh-cn; GT-I9500 Build/KOT49H) AppleWebKit/537.36 (KHTML, like Gecko)Version/4.0 MQQBrowser/5.0 QQ-URL-Manager Mobile Safari/537.36',
-            sn_cookie_value='eyJjaWQiOiJkYzgyYjdhZS00ODFkLTQyODItYTMyZC0xZTU1Njk2ZjNmZTQiLCJmcCI6Ijk5NGYzZjVjZTRiYWUwODQzMTRhOTFkNzgyN2I1MWYuMjQ3MDBmOWYxOTg2ODAwYWI0ZmNjODgwNTMwZGQwZWQifQ',
-            user=User(
-                user_id='1',
-                user_email='1@example.com',
-                user_name='example example'
-            )
-        )
-     
-    result = securenative.verify(event)
-    if result['riskLevel'] == 'high':
-        return 'Cannot change password'
-    elif result['riskLevel'] == 'medium':
-        return 'MFA'
-     
-     # Many lines of code...
+    securenative.track(event_options)
 ```
 
-## Verifying Incoming Webhooks
-You can use the SDK to verify incoming webhooks from Secure Native, just call the `veriy_webhook` function which return a boolean which indicates if the webhook came from Secure Native servers.
+## Verify events
+
+**Example**
+
 ```python
-import securenative
-
-@post('/sn/webhook')
-def sn_webhook_handler(headers, body):
-    sig_header = headers["X-SecureNative"]
-    if securenative.verify_webhook(sig_header, body):
-        # Handle the webhook
-        level = body['riskLevel']
-        pass
-    else:
-        # This reqeust wasn't sent from Secure Native servers, you can dismiss/investigate it
-        pass
+from securenative.securenative import SecureNative
+from securenative.event_options_builder import EventOptionsBuilder
+from securenative.enums.event_types import EventTypes
+from securenative.models.user_traits import UserTraits
+
+
+def track(request):
+    securenative = SecureNative.get_instance()
+    context = SecureNative.context_builder().from_http_request(request).build()
+
+    event_options = EventOptionsBuilder(EventTypes.LOG_IN).\
+        with_user_id("USER_ID").\
+        with_user_traits(UserTraits("USER_NAME", "USER_EMAIL")).\
+        with_context(context).\
+        with_properties({"prop1": "CUSTOM_PARAM_VALUE", "prop2": True, "prop3": 3}).\
+        build()
 
+    verify_result = securenative.verify(event_options)
+    verify_result.risk_level  # Low, Medium, High
+    verify_result.score  # Risk score: 0 -1 (0 - Very Low, 1 - Very High)
+    verify_result.triggers  # ["TOR", "New IP", "New City"]
 ```
+
+## Webhook signature verification
+
+Apply our filter to verify the request is from us, for example:
+
+```python
+from securenative.securenative import SecureNative
+
+
+def webhook_endpoint(request):
+    securenative = SecureNative.get_instance()
+    
+    # Checks if request is verified
+    is_verified = securenative.verify_request_payload(request)
+ ```
@@ -1,2 +1,3 @@
-requests~=2.22.0
-pycrypto~=2.6.1
+requests~=2.23.0
+pycrypto~=2.6.1
+crypto==1.4.1
@@ -1,5 +0,0 @@
-from securenative.config import sdk_version
-import securenative.event_types
-from securenative.sdk import SecureNative, SecureNativeOptions
-from securenative.event_options import Event, User
-from securenative.singleton import init, flush, track, verify_webhook, verify
@@ -0,0 +1,29 @@
+from securenative.enums.api_route import ApiRoute
+from securenative.enums.failover_strategy import FailOverStrategy
+from securenative.enums.risk_level import RiskLevel
+from securenative.logger import Logger
+from securenative.models.sdk_event import SDKEvent
+from securenative.models.verify_result import VerifyResult
+
+
+class ApiManager(object):
+
+    def __init__(self, event_manager, securenative_options):
+        self.event_manager = event_manager
+        self.options = securenative_options
+
+    def track(self, event_options):
+        Logger.debug("Track event call")
+        event = SDKEvent(event_options, self.options)
+        return self.event_manager.send_async(event, ApiRoute.TRACK.value)
+
+    def verify(self, event_options):
+        Logger.debug("Verify event call")
+        event = SDKEvent(event_options, self.options)
+        try:
+            self.event_manager.send_sync(event, ApiRoute.VERIFY.value, False)
+        except Exception as e:
+            Logger.debug("Failed to call verify; {}".format(e))
+            if self.options.fail_over_strategy is FailOverStrategy.FAIL_OPEN.value:
+                return VerifyResult(RiskLevel.LOW.value, 0, None)
+            return VerifyResult(RiskLevel.HIGH.value, 1, None)
@@ -0,0 +1,64 @@
+from securenative.config.securenative_options import SecureNativeOptions
+from securenative.enums.failover_strategy import FailOverStrategy
+
+
+class ConfigurationBuilder(object):
+
+    def __init__(self):
+        self.api_key = None
+        self.api_url = "https://api.securenative.com/collector/api/v1"
+        self.interval = 1000
+        self.max_events = 1000
+        self.timeout = 1500
+        self.auto_send = True
+        self.disable = False
+        self.log_level = "CRITICAL"
+        self.fail_over_strategy = FailOverStrategy.FAIL_OPEN.value
+
+    @staticmethod
+    def default_config_builder():
+        return ConfigurationBuilder()
+
+    def with_api_key(self, api_key):
+        self.api_key = api_key
+        return self
+
+    def with_api_url(self, api_url):
+        self.api_url = api_url
+        return self
+
+    def with_interval(self, interval):
+        self.interval = interval
+        return self
+
+    def with_max_events(self, max_events):
+        self.max_events = max_events
+        return self
+
+    def with_timeout(self, timeout):
+        self.timeout = timeout
+        return self
+
+    def with_auto_send(self, auto_send):
+        self.auto_send = auto_send
+        return self
+
+    def with_disable(self, disable):
+        self.disable = disable
+        return self
+
+    def with_log_level(self, log_level):
+        self.log_level = log_level
+        return self
+
+    def with_fail_over_strategy(self, fail_over_strategy):
+        if fail_over_strategy != FailOverStrategy.FAIL_OPEN.value and \
+                fail_over_strategy != FailOverStrategy.FAIL_CLOSED.value:
+            self.fail_over_strategy = FailOverStrategy.FAIL_OPEN.value
+            return self
+        self.fail_over_strategy = fail_over_strategy
+        return self
+
+    @staticmethod
+    def get_default_securenative_options():
+        return SecureNativeOptions()