securenative-sdk

SecureNative Java SDK

License	License The MIT License
Categories	Categories Java Languages Native Development Tools
GroupId	GroupId com.securenative.java
ArtifactId	ArtifactId sdk-parent
Last Version	Last Version 0.3.1
Release Date	Release Date Apr 26, 2020
Type	Type jar
Description	Description securenative-sdk SecureNative Java SDK
Project URL	Project URL https://github.com/securenative/securenative-java
Source Code Management	Source Code Management http://github.com/securenative/securenative-java/tree/master

Download sdk-parent

Filename	Size
sdk-parent-0.3.1.pom	6 KB
sdk-parent-0.3.1-jar-with-dependencies.jar	504 KB
Browse

How to add to project

Apache Maven

<!-- https://jarcasting.com/artifacts/com.securenative.java/sdk-parent/ -->
<dependency>
    <groupId>com.securenative.java</groupId>
    <artifactId>sdk-parent</artifactId>
    <version>0.3.1</version>
</dependency>

Gradle Groovy

// https://jarcasting.com/artifacts/com.securenative.java/sdk-parent/
implementation 'com.securenative.java:sdk-parent:0.3.1'

Gradle Kotlin

// https://jarcasting.com/artifacts/com.securenative.java/sdk-parent/
implementation ("com.securenative.java:sdk-parent:0.3.1")

Apache Buildr

'com.securenative.java:sdk-parent:jar:0.3.1'

Apache Ivy

<dependency org="com.securenative.java" name="sdk-parent" rev="0.3.1">
  <artifact name="sdk-parent" type="jar" />
</dependency>

Groovy Grape

@Grapes(
@Grab(group='com.securenative.java', module='sdk-parent', version='0.3.1')
)

Scala SBT

libraryDependencies += "com.securenative.java" % "sdk-parent" % "0.3.1"

Leiningen

[com.securenative.java/sdk-parent "0.3.1"]

Dependencies

compile (2)

Group / Artifact	Type	Version
org.slf4j : slf4j-api	jar	1.7.5
org.slf4j : slf4j-log4j12	jar	1.7.5

Project Modules

There are no modules declared in this project.

A Cloud-Native Security Monitoring and Protection for Modern Applications

Documentation | Quick Start | Blog | Chat with us on Slack!

SecureNative performs user monitoring by analyzing user interactions with your application and various factors such as network, devices, locations and access patterns to stop and prevent account takeover attacks.

Install the SDK

When using Maven, add the following dependency to your pom.xml file:

<dependency>
    <groupId>com.securenative.java</groupId>
    <artifactId>securenative-java</artifactId>
    <version>LATEST</version>
</dependency>

When using Gradle, add the following dependency to your build.gradle file:

compile group: 'com.securenative.java', name: 'sdk-parent', version: '0.3.1', ext: 'pom'

When using SBT, add the following dependency to your build.sbt file:

libraryDependencies += "com.securenative.java" % "sdk-parent" % "0.3.1" pomOnly()

Initialize the SDK

To get your API KEY, login to your SecureNative account and go to project settings page:

Option 1: Initialize via Config file

SecureNative can automatically load your config from securenative.properties file or from the file that is specified in your SECURENATIVE_CONFIG_FILE env variable:

// Options 1: Use default config file path
try {
    SecureNative securenative =  SecureNative.init();
} catch (SecureNativeSDKException | SecureNativeConfigException e) {
    e.printStackTrace();
}

// Options 2: Use specific config file path
Path path = Paths.get("/path/to/securenative.properties");
try {
    SecureNative.init(path);
} catch (SecureNativeSDKException | SecureNativeConfigException e) {
    System.err.printf("Could not initialize SecureNative sdk; %s%n", e);
}

Option 2: Initialize via API Key

try {
   SecureNative securenative =  SecureNative.init("YOUR_API_KEY");
} catch (SecureNativeSDKException | SecureNativeConfigException e) {
   e.printStackTrace();
}

Option 3: Initialize via ConfigurationBuilder

try {
    securenative = SecureNative.init(SecureNative.configBuilder()
        .withApiKey("API_KEY")
        .withMaxEvents(10)
        .withLogLevel("error")
        .build());
} catch (SecureNativeSDKException e) {
    e.printStackTrace();
}

Getting SecureNative instance

Once initialized, sdk will create a singleton instance which you can get:

SecureNative securenative = null;
try {
    securenative = SecureNative.getInstance();
} catch (SecureNativeSDKIllegalStateException e) {
    System.err.printf("Could not get SecureNative instance; %s%n", e);
}

Tracking events

Once the SDK has been initialized, tracking requests sent through the SDK instance. Make sure you build event with the EventBuilder:

@RequestMapping("/track")
public void track() {
   SecureNative securenative = null;
   try {
       securenative = SecureNative.getInstance();
   } catch (SecureNativeSDKIllegalStateException e) {
       System.err.printf("Could not get SecureNative instance; %s%n", e);
   }
   
   SecureNativeContext context = SecureNative.contextBuilder()
           .withIp("37.86.255.94")
           .withClientToken("SECURENATIVE_CLIENT_TOKEN")
           .withHeaders(Maps.defaultBuilder()
                   .put("user-agent", "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36")
                   .build())
           .build();
   
   EventOptions eventOptions = null;
   try {
       eventOptions = EventOptionsBuilder.builder(EventTypes.LOG_IN)
               .userId("1234")
               .userTraits("Your Name", "[email protected]", "+1234567890")
               .context(context)
               .properties(Maps.builder()
                       .put("prop1", "CUSTOM_PARAM_VALUE")
                       .put("prop2", true)
                       .put("prop3", 3)
                       .build())
               .timestamp(new Date())
               .build();
   } catch (SecureNativeInvalidOptionsException e) {
       e.printStackTrace();
   }
   
   try {
       securenative.track(eventOptions);
   } catch (SecureNativeInvalidOptionsException e) {
       e.printStackTrace();
   }
}

You can also create request context from HttpServletRequest:

@RequestMapping("/track")
public void track(HttpServletRequest request, HttpServletResponse response) {
    SecureNative securenative = null;
    try {
        securenative = SecureNative.getInstance();
    } catch (SecureNativeSDKIllegalStateException e) {
        System.err.printf("Could not get SecureNative instance; %s%n", e);
    }

    SecureNativeContext context = securenative.fromHttpServletRequest(request).build();

    EventOptions eventOptions = null;
    try {
        eventOptions = EventOptionsBuilder.builder(EventTypes.LOG_IN)
                .userId("1234")
                .userTraits("Your Name", "[email protected]", "+1234567890")
                .context(context)
                .properties(Maps.builder()
                        .put("prop1", "CUSTOM_PARAM_VALUE")
                        .put("prop2", true)
                        .put("prop3", 3)
                        .build())
                .timestamp(new Date())
                .build();
    } catch (SecureNativeInvalidOptionsException e) {
        e.printStackTrace();
    }

    try {
        securenative.track(eventOptions);
    } catch (SecureNativeInvalidOptionsException e) {
        e.printStackTrace();
    }
}

Verify events

Example

@RequestMapping("/verify")
public void verify(HttpServletRequest request, HttpServletResponse response) {
SecureNative securenative = null;
    try {
        securenative = SecureNative.getInstance();
    } catch (SecureNativeSDKIllegalStateException e) {
        System.err.printf("Could not get SecureNative instance; %s%n", e);
    }

    SecureNativeContext context = securenative.fromHttpServletRequest(request).build();
    
    EventOptions eventOptions = null;
    try {
        eventOptions = EventOptionsBuilder.builder(EventTypes.LOG_IN)
                .userId("1234")
                .userTraits("Your Name", "[email protected]", "+1234567890")
                .context(context)
                .properties(Maps.builder()
                        .put("prop1", "CUSTOM_PARAM_VALUE")
                        .put("prop2", true)
                        .put("prop3", 3)
                        .build())
                .timestamp(new Date())
                .build();
    } catch (SecureNativeInvalidOptionsException e) {
        e.printStackTrace();
    }

    VerifyResult verifyResult = null;
    try {
        verifyResult = securenative.verify(eventOptions);
    } catch (SecureNativeInvalidOptionsException e) {
        e.printStackTrace();
    }    

    verifyResult.getRiskLevel(); // Low, Medium, High
    verifyResult.getScore(); // Risk score: 0 -1 (0 - Very Low, 1 - Very High)
    verifyResult.getTriggers(); // ["TOR", "New IP", "New City"]
}

Webhook signature verification

Apply our filter to verify the request is from us, example in spring:

@RequestMapping("/webhook")
public void webhookEndpoint(HttpServletRequest request, HttpServletResponse response) {
    SecureNative securenative = null;
    try {
        securenative = SecureNative.getInstance();
    } catch (SecureNativeSDKIllegalStateException e) {
        System.err.printf("Could not get SecureNative instance; %s%n", e);
    }
    
    // Checks if request is verified
    Boolean isVerified = securenative.verifyRequestPayload(request);
}

SecureNative

A Cloud-Native Security Monitoring and Protection Platform

Versions

Version
0.3.1 Apr 26, 2020

securenative-sdk

License

Categories

GroupId

ArtifactId

Last Version

Release Date

Type

Description

Project URL

Source Code Management