Module: TCellAgent::SensorEvents::Util

Defined in:

lib/tcell_agent/sensor_events/util/utils.rb,
lib/tcell_agent/sensor_events/util/sanitizer_utilities.rb

Class Method Summary

• .calculate_route_id(method, path) ⇒ Object
• .clean_header_keys(request_env_or_header_keys) ⇒ Object
• .get_hmac_key ⇒ Object
• .hmac(data) ⇒ Object
• .jhash(str) ⇒ Object
• .request_sanitized_json(request) ⇒ Object
• .response_sanitized_json(response) ⇒ Object
• .sanitize_query_string(query) ⇒ Object
• .sanitize_uri(uri_string) ⇒ Object
• .santize_request_cookie_string(request_cookie_string) ⇒ Object
• .santize_response_cookie_string(response_cookie_string_value) ⇒ Object
• .strip_uri_values(uri_string) ⇒ Object
• .strip_values_query_string(query) ⇒ Object

Class Method Details

.calculate_route_id(method, path) ⇒ Object

# File 'lib/tcell_agent/sensor_events/util/utils.rb', line 17

def self.calculate_route_id(method, path)
  route_id = jhash("#{(method || '').downcase}|#{path}")
  route_id = route_id.to_s if route_id
  route_id
end

.clean_header_keys(request_env_or_header_keys) ⇒ Object

# File 'lib/tcell_agent/sensor_events/util/sanitizer_utilities.rb', line 141

def self.clean_header_keys(request_env_or_header_keys)
  if request_env_or_header_keys.is_a?(Hash)
    request_env_or_header_keys.select { |k, _v| k.start_with? 'HTTP_' }.collect { |k, _v| k.sub(/^HTTP_/, '') }
  else
    request_env_or_header_keys.map { |k| k.sub(/^HTTP_/, '') }
  end
end

.get_hmac_key ⇒ Object

# File 'lib/tcell_agent/sensor_events/util/sanitizer_utilities.rb', line 134

def self.get_hmac_key
  return TCellAgent.configuration.hmac_key if TCellAgent.configuration.hmac_key
  return TCellAgent.configuration.app_id if TCellAgent.configuration.app_id

  'tcell_hmac_key'
end

.hmac(data) ⇒ Object

# File 'lib/tcell_agent/sensor_events/util/sanitizer_utilities.rb', line 11

def self.hmac(data)
  hmac_key = Util.get_hmac_key

  h = OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'), hmac_key.to_s, data)

  h[0...h.length / 2]
end

.jhash(str) ⇒ Object

# File 'lib/tcell_agent/sensor_events/util/utils.rb', line 11

def self.jhash(str)
  str.each_char.reduce(0) do |result, char|
    [((result << 5) - result) + char.ord].pack('L').unpack('l').first
  end
end

.request_sanitized_json(request) ⇒ Object

# File 'lib/tcell_agent/sensor_events/util/sanitizer_utilities.rb', line 19

def self.request_sanitized_json(request)
  sanitized_headers = {}
  headers = request.headers.select { |k, _v| k.start_with? 'HTTP_' }
                   .collect { |pair| [pair[0].sub(/^HTTP_/, ''), pair[1]] }
                   .sort
  headers.each do |header_name, header_value|
    lower_header_name = header_name.downcase
    sanitized_headers[header_name] = if lower_header_name == 'cookie'
                                       [santize_request_cookie_string(header_value)]
                                     elsif %w[content_type content_length user_agent csp].include?(lower_header_name)
                                       [header_value]
                                     else
                                       []
                                     end
  end
  new_request = { 'method' => request.request_method,
                  'uri' => sanitize_uri(request.fullpath),
                  'headers' => sanitized_headers }
  request_body = request.body.read
  if request_body
    new_request['post_data'] = sanitize_query_string(request_body)
  end
  new_request
end

.response_sanitized_json(response) ⇒ Object

# File 'lib/tcell_agent/sensor_events/util/sanitizer_utilities.rb', line 44

def self.response_sanitized_json(response)
  status, headers, _body = *response
  sanitized_headers = {}
  content_type = 'unknown'
  headers.each do |header_name, header_value|
    lower_header_name = header_name.downcase
    if lower_header_name == 'set-cookie'
      sanitized_headers[header_name] = [santize_response_cookie_string(header_value)]
    else
      content_type = header_value if lower_header_name == 'content-type'
      sanitized_headers[header_name] = if ['content-type', 'content-length'].include?(lower_header_name)
                                         [header_value]
                                       else
                                         []
                                       end
    end
  end

  { 'status' => status,
    'headers' => sanitized_headers }
end

.sanitize_query_string(query) ⇒ Object

# File 'lib/tcell_agent/sensor_events/util/sanitizer_utilities.rb', line 90

def self.sanitize_query_string(query)
  params = CGI.parse(query)
  params.each do |param_name, param_values|
    next if param_values.nil? || param_values.empty?
    if param_name.match(/password/i) ||
       param_name.match(/passwd/i) ||
       param_name.match(/token/i) ||
       param_name.match(/sessionid/i)
      params[param_name] = ['?']
      next
    end
    new_param_values = []
    param_values.each do |param_value|
      h = Util.hmac(param_value)
      new_param_values.push << h
    end
    params[param_name] = new_param_values
  end
  params.map { |k, v| "#{k}=#{v.join(',')}" }.join('&')
end

.sanitize_uri(uri_string) ⇒ Object

# File 'lib/tcell_agent/sensor_events/util/sanitizer_utilities.rb', line 120

def self.sanitize_uri(uri_string)
  uri = URI(uri_string)
  query = uri.query
  uri.query = sanitize_query_string(query) if query
  uri.to_s
end

.santize_request_cookie_string(request_cookie_string) ⇒ Object

# File 'lib/tcell_agent/sensor_events/util/sanitizer_utilities.rb', line 66

def self.santize_request_cookie_string(request_cookie_string)
  sanitized_cookies = {}
  cookies = CGI::Cookie.parse(request_cookie_string)
  cookies.each do |cookie_name, cookie_value|
    next if cookie_value.length != 1
    sanitized_cookies[cookie_name] = Util.hmac(cookie_value[0])
  end
  sanitized_cookies.map { |k, v| "#{k}=#{v}" }.join(';')
end

.santize_response_cookie_string(response_cookie_string_value) ⇒ Object

# File 'lib/tcell_agent/sensor_events/util/sanitizer_utilities.rb', line 76

def self.santize_response_cookie_string(response_cookie_string_value)
  cookie_parts = response_cookie_string_value.split('; ')
  cookie_string = cookie_parts[0]
  cookies = CGI::Cookie.parse(cookie_string)
  return '[COOKIEMALFORMED]' if cookies.length != 1
  cookie_name = cookies.keys.first
  cookie_values = cookies.values.first
  return '[COOKIEHADTOOMANYVALUES]' if cookie_values.length != 1
  h = Util.hmac(cookie_values[0])
  new_cookie_string = "#{cookie_name}=#{h}"
  cookie_parts[0] = new_cookie_string
  cookie_parts.map { |k, v| "#{k}=#{v}" }.join('; ')
end

.strip_uri_values(uri_string) ⇒ Object

# File 'lib/tcell_agent/sensor_events/util/sanitizer_utilities.rb', line 127

def self.strip_uri_values(uri_string)
  uri = URI(uri_string)
  query = uri.query
  uri.query = strip_values_query_string(query) if query
  uri.to_s
end

.strip_values_query_string(query) ⇒ Object

# File 'lib/tcell_agent/sensor_events/util/sanitizer_utilities.rb', line 111

def self.strip_values_query_string(query)
  params = CGI.parse(query)
  params.each do |param_name, param_values|
    next if param_values.nil? || param_values.empty?
    params[param_name] = ['']
  end
  params.map { |k, v| "#{k}=#{v.join(',')}" }.join('&')
end