Glossary
- Authentication
The act of proving the identity of a computer system user. Authentication in the context of web applications is usually performed by submitting a username or ID and a piece of private information (factor) such as a password.
In Raider the authentication process can be defined by a series of Flow objects interlinked with each other. FlowGrahps are used for that, which contains a pointer to the start Flow, and an optional pointer to a test Flow.
Those are extracted by reading variables from the hyfiles and stored in a
FlowStore
object.- Factor
A factor can be something the user knows (passwords, security questions, etc…), something they have (bank card, USB security key, etc…), something they are (fingerprint, eye iris, etc..) or somewhere they are (GPS location, known WiFi connection, etc…).
- Finite state machine
A mathematical model of computation abstracting a process that can be only in one of a finite number of States at any given time. Check the Wikipedia article for more information.
- State/Stateful
A system is described as stateful, if it is designed to remember preceding events or user interactions, and the remembered information is called the State of the system.
- Flow
A Raider class implementing the server-client information exchange. It comprises one Request with inputs, one Response with outputs, arbitrary actions to do on response, and conditional links to other Flows. To create a
Flow
object, you need to give it a aRequest
object, and optionally outputs and operations. Check the Flow configuration page for more information.- FlowGraph
A Raider class implementing the a stateful HTTP process. It’s basically a pointer to one starting Flow from where Raider should start running and follow the Next links.
To create a
FlowGraph
object, you need to give it a startFlow
object, and optionally a testFlow
. When you run a FlowGraph instead of a Flow, Raider will follow all the Next operations until the end, or when Success or Failure operation is encountered. The FlowGraph’s:completed
attribute will be set to True if it exited after an Success operation, and will stay as False if Failure is encountered or if the chain of Flows ended without any further Next links. Check the FlowGraph configuration page for more information.- hyfiles
The documentation uses the term hyfiles to refer to any
*.hy
file inside the project’s configuration directory. Each will be evaluated in alphabetical order by Raider.The objects created in previous files are all available in the next file, since all the
locals()
get preserved and loaded again when reading the next file. A common practice is to prepend the file names with two digits and an underscore, for example03_authentication.hy
and09_users.hy
.- Multi-factor authentication (MFA)
An authentication method in which the user is granted access only after successfully presenting two or more pieces of evidence (factors).
- Operation
A piece of code that will be run after the HTTP response is received. All Operations inherit from
Operation
class.All defined Operations inside the Flow object will stop running when the first
Next
Operation is encountered.Raider comes with some standard operations, but it also gives the user the flexibility to write their own Operations easily.
- Plugin
A piece of code that can be used to generate inputs for outgoing HTTP Requests, and/or extract outputs from incoming Responses. All plugins inherit from
Plugin
class.When used inside a Request, Plugins acts as input and replace themselves with the actual value.
When used inside the Flow’s
:output
parameter, Plugins act as outputs from the HTTP response, and store the extracted value for later use.Raider comes with some standard plugins, but it also gives the user the flexibility to write their own Plugins easily.
- Project
Raider uses the term Project to refer to an application, with existing hyfiles. Those are stored in
~/.config/raider/projects/
directory.- Request
A HTTP request with the defined inputs. In Raider it’s implemented as a separate class
Request
. This however is not used directly most of the times, but as an argument when creating the Flow object in hyfiles.When used inside a Request, a Plugin will replace itself with its actual value during runtime.
- Response
A HTTP response from which the outputs are extracted and stored inside the Plugins.
When the Flow object containing this response is received and processed, the Operations are executed.