Class: Enzoic::Enzoic

Inherits:
Object
  • Object
show all
Defined in:
lib/enzoic.rb

Overview

This is the main entry point for accessing Enzoic.

Create this class with your API Key and Secret and then call the desired methods on the class to access the Enzoic API.

Instance Method Summary collapse

Constructor Details

#initialize(options = {}) ⇒ Enzoic

Returns a new instance of Enzoic.

Raises:



17
18
19
20
21
22
23
24
 
# File 'lib/enzoic.rb', line 17

def initialize(options = {})
  @apiKey = options[:apiKey] || '';
  raise EnzoicFail, "No API key provided" if @apiKey == ''
  @secret = options[:secret] || '';
  raise EnzoicFail, "No Secret provided" if @secret == ''
  @baseURL = options[:baseURL] || "https://api.enzoic.com/v1"
  @authString = calc_auth_string(@apiKey, @secret)
end

Instance Method Details

#check_credentials(username, password) ⇒ Object

Raises:



26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
 
# File 'lib/enzoic.rb', line 26

def check_credentials(username, password)
  raise EnzoicFail, "API key/Secret not set" if !@authString || @authString == ''

  response = make_rest_call(@baseURL + Constants::ACCOUNTS_API_PATH + "?username=" + Hashing.sha256(username), "GET", nil)

  if (response == "404")
    return false
  end

   = JSON.parse(response)
  hashes_required = ["passwordHashesRequired"]

  bcrypt_count = 0
  query_string = ""

  for i in 0..hashes_required.length - 1 do
    hash_spec = hashes_required[i]

    # bcrypt gets far too expensive for good response time if there are many of them to calculate.
    # some mostly garbage accounts have accumulated a number of them in our DB and if we happen to hit one it
    # kills performance, so short circuit out after at most 2 BCrypt hashes
    if (hash_spec["hashType"] != PasswordType::BCrypt || bcrypt_count <= 2)
      if (hash_spec["hashType"] == PasswordType::BCrypt)
        bcrypt_count = bcrypt_count + 1
      end

      if (hash_spec["hashType"] != nil)
        credential_hash = calc_credential_hash(username, password, ["salt"], hash_spec);

        if (credential_hash != nil)
          if (query_string.length == 0)
            query_string = query_string + "?hashes=" + CGI.escape(credential_hash);
          else
            query_string = query_string + "&hashes=" + CGI.escape(credential_hash);
          end
        end
      end
    end
  end

  if (query_string.length > 0)
    creds_response = make_rest_call(
            @baseURL + Constants::CREDENTIALS_API_PATH + query_string, "GET", nil)
    return creds_response != "404"
  end

  return false
end

#check_password(password) ⇒ Object 



75
76
77
78
79
80
81
82
83
84
 
# File 'lib/enzoic.rb', line 75

def check_password(password)
  response = make_rest_call(
          @baseURL + Constants::PASSWORDS_API_PATH +
              "?md5=" + Hashing.md5(password) +
              "&sha1=" + Hashing.sha1(password) +
              "&sha256=" + Hashing.sha256(password),
          "GET", nil)

  return response != "404"
end

#get_exposure_details(exposure_id) ⇒ Object 



99
100
101
102
103
104
105
106
107
108
109
 
# File 'lib/enzoic.rb', line 99

def get_exposure_details(exposure_id)
  response = make_rest_call(@baseURL + Constants::EXPOSURES_API_PATH + "?id=" + CGI.escape(exposure_id),
    "GET", nil)

  if (response != "404")
    # deserialize response
    return JSON.parse(response, object_class: OpenStruct)
  else
    return nil
  end
end

#get_exposures_for_user(username) ⇒ Object 



86
87
88
89
90
91
92
93
94
95
96
97
 
# File 'lib/enzoic.rb', line 86

def get_exposures_for_user(username)
  response = make_rest_call(@baseURL + Constants::EXPOSURES_API_PATH + "?username=" + Hashing.sha256(username),
    "GET", nil)

  if (response == "404")
    # don't have this email in the DB - return empty response
    return JSON.parse('{ "count": 0, "exposures": [] }', object_class: OpenStruct)
  else
    # deserialize response
    return JSON.parse(response, object_class: OpenStruct)
  end
end