Class: Stytch::Fraud::Rules

Inherits:
Object
  • Object
show all
Includes:
RequestHelper
Defined in:
lib/stytch/fraud.rb

Instance Method Summary collapse

Methods included from RequestHelper

#delete_request, #get_request, #post_request, #put_request, #request_with_query_params

Constructor Details

#initialize(connection) ⇒ Rules

Returns a new instance of Rules.



100
101
102
 
# File 'lib/stytch/fraud.rb', line 100

def initialize(connection)
  @connection = connection
end

Instance Method Details

#list(cursor: nil, limit: nil) ⇒ Object

Get all rules that have been set for your project.

Parameters:

cursor

The ‘cursor` field allows you to paginate through your results. Each result array is limited to 100 results. If your query returns more than 100 results, you will need to paginate the responses using the `cursor`. If you receive a response that includes a non-null `next_cursor`, repeat the request with the `next_cursor` value set to the `cursor` field to retrieve the next page of results. Continue to make requests until the `next_cursor` in the response is null. The type of this field is nilable String.

limit

The number of results to return per page. The default limit is 10. A maximum of 100 results can be returned by a single get request. If the total size of your result set is greater than one page size, you must paginate the response. See the ‘cursor` field. The type of this field is nilable Integer.

Returns:

An object with the following fields:

request_id

Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue. The type of this field is String.

next_cursor

The ‘next_cursor` string is returned when your result contains more than one page of results. This value is passed into your next request in the `cursor` field. The type of this field is String.

rules

A list of rules for the project The type of this field is list of Rule (object).

status_code

The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors. The type of this field is Integer.



250
251
252
253
254
255
256
257
258
259
260
 
# File 'lib/stytch/fraud.rb', line 250

def list(
  cursor: nil,
  limit: nil
)
  headers = {}
  request = {}
  request[:cursor] = cursor unless cursor.nil?
  request[:limit] = limit unless limit.nil?

  post_request('/v1/rules/list', request, headers)
end

#set(action:, visitor_id: nil, browser_id: nil, visitor_fingerprint: nil, browser_fingerprint: nil, hardware_fingerprint: nil, network_fingerprint: nil, expires_in_minutes: nil, description: nil, cidr_block: nil, country_code: nil, asn: nil) ⇒ Object

Set a rule for a particular ‘visitor_id`, `browser_id`, `visitor_fingerprint`, `browser_fingerprint`, `hardware_fingerprint`, `network_fingerprint`, `cidr_block`, `asn`, or `country_code`. This is helpful in cases where you want to allow or block a specific user or fingerprint. You should be careful when setting rules for `browser_fingerprint`, `hardware_fingerprint`, or `network_fingerprint` as they can be shared across multiple users, and you could affect more users than intended.

You may not set an ‘ALLOW` rule for a `country_code`.

Rules are applied in the order specified above. For example, if an end user has an ‘ALLOW` rule set for their `visitor_id` but a `BLOCK` rule set for their `hardware_fingerprint`, they will receive an `ALLOW` verdict because the `visitor_id` rule takes precedence.

If there are conflicts between multiple ‘cidr_block` rules (for example, if the `ip_address` of the end user overlaps with multiple CIDR blocks that have rules set), the conflicts are resolved as follows:

  • The smallest block size takes precedence. For example, if an ‘ip_address` overlaps with a `cidr_block` rule of `ALLOW` for a block with a prefix of `/32` and a `cidr_block` rule of `BLOCK` with a prefix of `/24`, the rule match verdict will be `ALLOW`.

  • Among equivalent size blocks, ‘BLOCK` takes precedence over `CHALLENGE`, which takes precedence over `ALLOW`. For example, if an `ip_address` overlaps with two `cidr_block` rules with blocks of the same size that return `CHALLENGE` and `ALLOW`, the rule match verdict will be `CHALLENGE`.

Parameters:

action

The action that should be returned by a fingerprint lookup for that identifier with a ‘RULE_MATCH` reason. The following values are valid: `ALLOW`, `BLOCK`, `CHALLENGE`, or `NONE`. For country codes, `ALLOW` actions are not allowed. If a `NONE` action is specified, it will clear the stored rule. The type of this field is RuleAction (string enum).

visitor_id

The visitor ID we want to set a rule for. Only one identifier can be specified in the request. The type of this field is nilable String.

browser_id

The browser ID we want to set a rule for. Only one identifier can be specified in the request. The type of this field is nilable String.

visitor_fingerprint

The visitor fingerprint we want to set a rule for. Only one identifier can be specified in the request. The type of this field is nilable String.

browser_fingerprint

The browser fingerprint we want to set a rule for. Only one identifier can be specified in the request. The type of this field is nilable String.

hardware_fingerprint

The hardware fingerprint we want to set a rule for. Only one identifier can be specified in the request. The type of this field is nilable String.

network_fingerprint

The network fingerprint we want to set a rule for. Only one identifier can be specified in the request. The type of this field is nilable String.

expires_in_minutes

The number of minutes until this rule expires. If no ‘expires_in_minutes` is specified, then the rule is kept permanently. The type of this field is nilable Integer.

description

An optional description for the rule. The type of this field is nilable String.

cidr_block

The CIDR block we want to set a rule for. You may pass either an IP address or a CIDR block. The CIDR block prefix must be between 16 and 32, inclusive. If an end user’s IP address is within this CIDR block, this rule will be applied. Only one identifier can be specified in the request. The type of this field is nilable String.

country_code

The country code we want to set a rule for. The country code must be a valid ISO 3166-1 alpha-2 code. You may not set ‘ALLOW` rules for country codes. Only one identifier can be specified in the request. The type of this field is nilable String.

asn

The ASN we want to set a rule for. The ASN must be the string representation of an integer between 0 and 4294967295, inclusive. Only one identifier can be specified in the request. The type of this field is nilable String.

Returns:

An object with the following fields:

request_id

Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue. The type of this field is String.

action

The action that will be returned for the specified identifier. The type of this field is RuleAction (string enum).

status_code

The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors. The type of this field is Integer.

visitor_id

The visitor ID that a rule was set for. The type of this field is nilable String.

browser_id

The browser ID that a rule was set for. The type of this field is nilable String.

visitor_fingerprint

The visitor fingerprint that a rule was set for. The type of this field is nilable String.

browser_fingerprint

The browser fingerprint that a rule was set for. The type of this field is nilable String.

hardware_fingerprint

The hardware fingerprint that a rule was set for. The type of this field is nilable String.

network_fingerprint

The network fingerprint that a rule was set for. The type of this field is nilable String.

expires_at

The timestamp when the rule expires. Values conform to the RFC 3339 standard and are expressed in UTC, e.g. ‘2021-12-29T12:33:09Z`. The type of this field is nilable String.

cidr_block

The CIDR block that a rule was set for. If an end user’s IP address is within this CIDR block, this rule will be applied. The type of this field is nilable String.

country_code

The country code that a rule was set for. The type of this field is nilable String.

asn

The ASN that a rule was set for. The type of this field is nilable String.



193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
 
# File 'lib/stytch/fraud.rb', line 193

def set(
  action:,
  visitor_id: nil,
  browser_id: nil,
  visitor_fingerprint: nil,
  browser_fingerprint: nil,
  hardware_fingerprint: nil,
  network_fingerprint: nil,
  expires_in_minutes: nil,
  description: nil,
  cidr_block: nil,
  country_code: nil,
  asn: nil
)
  headers = {}
  request = {
    action: action
  }
  request[:visitor_id] = visitor_id unless visitor_id.nil?
  request[:browser_id] = browser_id unless browser_id.nil?
  request[:visitor_fingerprint] = visitor_fingerprint unless visitor_fingerprint.nil?
  request[:browser_fingerprint] = browser_fingerprint unless browser_fingerprint.nil?
  request[:hardware_fingerprint] = hardware_fingerprint unless hardware_fingerprint.nil?
  request[:network_fingerprint] = network_fingerprint unless network_fingerprint.nil?
  request[:expires_in_minutes] = expires_in_minutes unless expires_in_minutes.nil?
  request[:description] = description unless description.nil?
  request[:cidr_block] = cidr_block unless cidr_block.nil?
  request[:country_code] = country_code unless country_code.nil?
  request[:asn] = asn unless asn.nil?

  post_request('/v1/rules/set', request, headers)
end