Merge 64ddaae into b25dfe3

.gitignore

@@ -42,9 +42,11 @@ build-iPhoneSimulator/
 
 # for a library or gem, you might want to ignore these files since the code is
 # intended to run in multiple environments; otherwise, check them in:
-# Gemfile.lock
-# .ruby-version
-# .ruby-gemset
+Gemfile.lock
+.ruby-version
+.ruby-gemset
 
 # unless supporting rvm < 1.11.0 or doing something fancy, ignore this:
 .rvmrc
+
+.rspec_status

.rspec

@@ -0,0 +1,3 @@
+--format documentation
+--color
+--require spec_helper

.travis.yml

@@ -0,0 +1,7 @@
+---
+sudo: false
+language: ruby
+cache: bundler
+rvm:
+  - 2.6.1
+before_install: gem install bundler -v 2.0.1

Gemfile

@@ -0,0 +1,4 @@
+source "https://rubygems.org"
+
+# Specify your gem's dependencies in urlhaus.gemspec
+gemspec

README.md

@@ -1,2 +1,35 @@
 # urlhaus
-URLHaus API wrapper for Ruby
+
+[![Build Status](https://travis-ci.org/ninoseki/urlhaus.svg?branch=master)](https://travis-ci.org/ninoseki/urlhaus)
+[![Coverage Status](https://coveralls.io/repos/github/ninoseki/urlhaus/badge.svg?branch=master)](https://coveralls.io/github/ninoseki/urlhaus?branch=master)
+
+[URLHaus](https://urlhaus.abuse.ch/) query API wrapper for Ruby.
+
+## Installation
+
+```bash
+gem install urlhaus
+```
+
+## Usage
+
+```ruby
+require "urlhaus"
+
+api = URLhaus::API.new
+
+# Query URL information
+api.url("http://sskymedia.com/VMYB-ht_JAQo-gi/INV/99401FORPO/20673114777/US/Outstanding-Invoices/")
+# Query host information
+api.host("vektorex.com")
+# Query payload information
+api.payload("12c8aec5766ac3e6f26f2505e2f4a8f2")
+# Query tag information
+api.tag("Retefe")
+# Query signature information
+api.signature("Gozi")
+```
+
+## License
+
+The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).

Rakefile

@@ -0,0 +1,6 @@
+require "bundler/gem_tasks"
+require "rspec/core/rake_task"
+
+RSpec::Core::RakeTask.new(:spec)
+
+task :default => :spec

bin/console

@@ -0,0 +1,14 @@
+#!/usr/bin/env ruby
+
+require "bundler/setup"
+require "urlhaus"
+
+# You can add fixtures and/or initialization code here to make experimenting
+# with your gem easier. You can also use a different console, if you like.
+
+# (If you use this, don't forget to add pry to your Gemfile!)
+# require "pry"
+# Pry.start
+
+require "irb"
+IRB.start(__FILE__)

bin/setup

@@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+set -euo pipefail
+IFS=$'\n\t'
+set -vx
+
+bundle install
+
+# Do any other automated setup that you need to do here

lib/urlhaus.rb

@@ -0,0 +1,8 @@
+# frozen_string_literal: true
+
+require "urlhaus/api"
+require "urlhaus/version"
+
+module URLhaus
+  class Error < StandardError; end
+end

lib/urlhaus/api.rb

@@ -0,0 +1,101 @@
+# frozen_string_literal: true
+
+require "json"
+require "net/https"
+require "uri"
+
+module URLhaus
+  class API
+    # The path to the REST API endpoint.
+    HOST = "urlhaus-api.abuse.ch"
+    VERSION = "v1"
+    BASE_URL = "https://#{HOST}/#{VERSION}"
+
+    def url(url)
+      post("/url/", url: url)
+    end
+
+    def host(host)
+      post("/host/", host: host)
+    end
+
+    def payload(hash)
+      len = hash.length
+      case len
+      when 32
+        params = { md5_hash: hash }
+      when 64
+        params = { sha256_hash: hash }
+      else
+        raise ArgumentError("Hash should be MD5 or SHA256")
+      end
+
+      post("/payload/", params)
+    end
+
+    def tag(tag)
+      post("/tag/", tag: tag)
+    end
+
+    def signature(signature)
+      post("/signature/", signature: signature)
+    end
+
+    def download(sha256)
+      get("/download/#{sha256}")
+    end
+
+    private
+
+    def _host
+      self.class::HOST
+    end
+
+    def base_url
+      self.class::BASE_URL
+    end
+
+    def request(req)
+      Net::HTTP.start(_host, 443, https_options) do |http|
+        response = http.request(req)
+
+        if response.code.to_i != 200
+          raise Error, "#{response.code}: #{response.body}"
+        end
+
+        JSON.parse response.body
+      end
+    end
+
+    # Perform a direct GET HTTP request to the REST API.
+    def get(path, **params)
+      uri = URI("#{base_url}#{path}")
+      uri.query = URI.encode_www_form(params) if params
+      req = Net::HTTP::Get.new(uri)
+      request req
+    end
+
+    # Perform a direct POST HTTP request to the REST API.
+    def post(path, **params)
+      uri = URI("#{base_url}#{path}")
+      req = Net::HTTP::Post.new(uri)
+      req.set_form_data(params) if params
+
+      request req
+    end
+
+    def https_options
+      if proxy = ENV["HTTPS_PROXY"] || ENV["https_proxy"]
+        uri = URI(proxy)
+        {
+          proxy_address: uri.hostname,
+          proxy_port: uri.port,
+          proxy_from_env: false,
+          use_ssl: true,
+        }
+      else
+        { use_ssl: true }
+      end
+    end
+  end
+end

lib/urlhaus/version.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+module URLhaus
+  VERSION = "0.1.0"
+end

spec/api_spec.rb

@@ -0,0 +1,56 @@
+# frozen_string_literal: true
+
+RSpec.describe URLhaus::API, :vcr do
+  subject { described_class.new }
+
+  describe "#url" do
+    let(:url) { "http://sskymedia.com/VMYB-ht_JAQo-gi/INV/99401FORPO/20673114777/US/Outstanding-Invoices/" }
+
+    it do
+      res = subject.url(url)
+      expect(res.dig("url")).to eq(url)
+    end
+  end
+
+  describe "#host" do
+    let(:host) { "vektorex.com" }
+
+    it do
+      res = subject.host(host)
+      expect(res.dig("host")).to eq(host)
+    end
+  end
+
+  describe "#payload" do
+    let(:md5_hash) { "12c8aec5766ac3e6f26f2505e2f4a8f2" }
+    let(:sha256_hash) { "01fa56184fcaa42b6ee1882787a34098c79898c182814774fd81dc18a6af0b00" }
+
+    it do
+      res = subject.payload(md5_hash)
+      expect(res.dig("md5_hash")).to eq(md5_hash)
+    end
+
+    it do
+      res = subject.payload(sha256_hash)
+      expect(res.dig("sha256_hash")).to eq(sha256_hash)
+    end
+  end
+
+  describe "#tag" do
+    let(:tag) { "Retefe" }
+
+    it do
+      res = subject.tag(tag)
+      expect(res.dig("query_status")).to eq("ok")
+    end
+  end
+
+  describe "#signature" do
+    let(:signature) { "Gozi" }
+
+    it do
+      res = subject.signature(signature)
+      expect(res.dig("query_status")).to eq("ok")
+    end
+  end
+end