authsignal-ruby 0.1.3 → 0.1.5

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: d563b12a80a89c807b644c531b09401fc38844d479581ca14f6fb58507cdc601
4
- data.tar.gz: 436573b2924b8862b0332ce6fc07353a2cfe66fa4be8c801106f6b55e2546f49
3
+ metadata.gz: f77d1646d619436a3c5e25b76be690252c3f4bf2dcb7588ea09cae4c11283017
4
+ data.tar.gz: 67ad78b10cb51e07b2f2726a4a8ad74ba094eacd37b0acd6436a4e89f9b7d306
5
5
  SHA512:
6
- metadata.gz: d5790f1d540710c6341185342d7e26e165d08d2db070abb83696a3701ec3c8db95a0c7ae89b275176c59af86c5f54f99139f1e1155d98fdb92c8179c8d128e95
7
- data.tar.gz: 650b7ceea94f65580a14c53cd1091e672034ebc1352e17e9ff198e03e7745fe901b0eefbdc2bd9e0d636befc63bba2da63e2f3df89aa38c6d479e55b1d97f56d
6
+ metadata.gz: a02302caa711e51e25877b73e2b83c074ebd868e9f43eec42d0b29046f0f62a99ec07a930e73eb4204cffab72992831395e36b8f6d6a6a01e010536e2c550286
7
+ data.tar.gz: 5791b35e320bc81ca7f7137f736f847f7b2eae79073afe9eed0c91376e557dd63c2e0d952bf42d2d15dd04eac3c6827e003283e63e0f95f3cb681d4d3714ee3e
data/Gemfile.lock CHANGED
@@ -1,8 +1,8 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- authsignal-ruby (0.1.2)
5
- httparty (~> 0.20.0)
4
+ authsignal-ruby (0.1.5)
5
+ httparty (~> 0.21.0)
6
6
 
7
7
  GEM
8
8
  remote: https://rubygems.org/
@@ -13,12 +13,10 @@ GEM
13
13
  rexml
14
14
  diff-lcs (1.5.0)
15
15
  hashdiff (1.0.1)
16
- httparty (0.20.0)
17
- mime-types (~> 3.0)
16
+ httparty (0.21.0)
17
+ mini_mime (>= 1.0.0)
18
18
  multi_xml (>= 0.5.2)
19
- mime-types (3.4.1)
20
- mime-types-data (~> 3.2015)
21
- mime-types-data (3.2022.0105)
19
+ mini_mime (1.1.5)
22
20
  multi_xml (0.6.0)
23
21
  public_suffix (4.0.7)
24
22
  rake (13.0.6)
@@ -51,4 +49,4 @@ DEPENDENCIES
51
49
  webmock (~> 3.14.0)
52
50
 
53
51
  BUNDLED WITH
54
- 2.2.32
52
+ 2.3.21
data/README.md CHANGED
@@ -1,6 +1,6 @@
1
1
  # Authsignal Server Ruby SDK
2
2
 
3
- [Authsignal](https://www.authsignal.com/?utm_source=github&utm_medium=ruby_sdk) provides passwordless step up authentication (Multi-factor Authentication - MFA) that can be placed anywhere within your application. Authsignal also provides a no-code fraud risk rules engine to manage when step up challenges are triggered.
3
+ Check out our [official Ruby SDK documentation](https://docs.authsignal.com/sdks/server/ruby), and [Ruby on Rails Quickstart Guide](https://docs.authsignal.com/quickstarts/ruby-on-rails).
4
4
 
5
5
  ## Installation
6
6
 
@@ -18,7 +18,8 @@ Or install it yourself as:
18
18
 
19
19
  $ gem install authsignal-ruby
20
20
 
21
- ## Configuration
21
+ ## Initialization
22
+
22
23
  Initialize the Authsignal Ruby SDK, ensuring you do not hard code the Authsignal Secret Key, always keep this safe.
23
24
 
24
25
  In Ruby on Rails, you would typically place this code block in a file like `config/initializers/authsignal.rb`
@@ -29,100 +30,32 @@ Authsignal.setup do |config|
29
30
  end
30
31
  ```
31
32
 
32
- ## Usage
33
-
34
- Authsignal's server side signal API has four main calls `track_action`, `get_action`, `get_user`, `identify`
33
+ You can find your `api_secret_key` in the [Authsignal Portal](https://portal.authsignal.com/organisations/tenants/api).
35
34
 
36
- These examples assume that the SDK is being called from a Ruby on Rails app, adapt depending on your server framework.
35
+ You must specify the correct `baseUrl` for your tenant's region.
37
36
 
38
- ### Track Action
39
- The track action call is the main api call to send actions to authsignal, the default decision is to `ALLOW` actions, this allows you to call track action as a means to keep an audit trail of your user activity.
37
+ | Region | Base URL |
38
+ | ----------- | ----------------------------------- |
39
+ | US (Oregon) | https://signal.authsignal.com/v1 |
40
+ | AU (Sydney) | https://au.signal.authsignal.com/v1 |
41
+ | EU (Dublin) | https://eu.signal.authsignal.com/v1 |
40
42
 
41
- Add to the rules in the admin portal or the change default decision to influence the flows for your end users. If a user is not enrolled with authenticators, the default decision is to `ALLOW`.
43
+ For example, to set the base URL to use our AU region:
42
44
 
43
- ```ruby
44
- # OPTIONAL: The Authsignal cookie available when using the authsignal browser Javascript SDK
45
- # you could you use own device/session/fingerprinting identifiers.
46
- authsignal_cookie = request.cookies["__as_aid"]
47
-
48
- # OPTIONAL: The idempotencyKey is a unique identifier per track action
49
- # this could be for a unique object associated to your application
50
- # like a shopping cart check out id
51
- # If ommitted, Authsignal will generate the idempotencyKey and return in the response
52
- idempotency_key = SecureRandom.uuid
53
-
54
- # OPTIONAL: If you're using a redirect flow, set the redirect URL, this is the url authsignal will redirect to after a Challenge is completed.
55
- redirect_url = "https://www.yourapp.com/back_to_your_app"
56
-
57
- response = Authsignal.track_action({
58
- action_code: "signIn",
59
- idempotency_key: idempotency_key,
60
- redirect_url: redirect_url,
61
- user_id: current_user.id,
62
- email: current_user.email,
63
- device_id: authsignal_cookie,
64
- user_agent: request.user_agent,
65
- ip_address: request.ip,
66
- custom: {
67
- it_could_be_a_bool: true,
68
- it_could_be_a_string: "test",
69
- it_could_be_a_number: 400.00
70
- }
71
- }
72
- )
73
45
  ```
74
- *Response*
75
- ```ruby
76
- response = Authsignal.track_action({..})
77
- case response[:state]
78
- when "ALLOW"
79
- # Carry on with your operation/business logic
80
- when "BLOCK"
81
- # Stop your operations
82
- when "CHALLENGE_REQUIRED"
83
- # Step up authentication required, redirect or pass the challengeUrl to the front end
84
- response[:challenge_url]
85
- end
86
- ```
87
-
88
- ### Get Action
89
- Call get action after a challenge is completed by the user, after a redirect or a succesful browser challenge pop-up flow, and if the state of the action is `CHALLENGE_SUCCEEDED` you can proceed with completing the business logic.
46
+ require 'authsignal'
90
47
 
91
- ```ruby
92
- response = Authsignal.get_action(
93
- user_id: current_user.id,
94
- action_code: "testAction",
95
- idempotency_key: "15cac140-f639-48c5-92db-835ec8d3d144")
96
-
97
- if(response[:state] === "CHALLENGE_SUCCEEDED")
98
- # The user has successfully completed the challenge, and you should proceed with
99
- # the business logic
48
+ Authsignal.setup do |config|
49
+ config.api_secret_key = ENV["AUTHSIGNAL_SECRET_KEY"]
50
+ config.base_uri = "https://au.signal.authsignal.com/v1"
100
51
  end
101
52
  ```
102
53
 
103
- ### Get User
104
- Get user retrieves the current enrolment state of the user, use this call to redirect users to the enrolment or management flows so that the user can do self service management of their authenticator factors. User the `url` in the response to either redirect or initiate the pop up client side flow.
105
-
106
- ```ruby
107
- response = Authsignal.get_user(user_id: current_user.id, redirect_url: "http://www.yourapp.com/path-back")
108
-
109
- is_enrolled = response[:is_enrolled]
110
- url = response[:url]
111
- ```
112
-
113
- ### Identify
114
- Get identify to link and update additional user indetifiers (like email) to the primary record.
115
-
116
- ```ruby
117
- Authsignal.identify(user_id: current_user.id, user: { email: "newemail@email.com" })
118
- ```
54
+ ## Usage
119
55
 
120
- ### Enrol Authenticator
121
- If your application already has a valid authenticator like a validated phone number for your customer, you can enrol the authenticator on behalf of the user using this function
56
+ Authsignal's server side signal API has four main api calls `track_action`, `get_action`, `get_user`, `enrol_authenticator`.
122
57
 
123
- ```ruby
124
- Authsignal.enrol_authenticator(user_id: current_user.id, authenticator:{ oob_channel: "SMS", phone_number: "+64270000000" })
125
- ```
58
+ For more details on these api calls, refer to our [official Ruby SDK docs](https://docs.authsignal.com/sdks/server/ruby#track_action).
126
59
 
127
60
  ## Development
128
61
 
data/Rakefile CHANGED
@@ -5,4 +5,4 @@ require "rspec/core/rake_task"
5
5
 
6
6
  RSpec::Core::RakeTask.new(:spec)
7
7
 
8
- task default: :spec
8
+ task default: :spec
data/RakefileRelease ADDED
@@ -0,0 +1,16 @@
1
+ # frozen_string_literal: true
2
+
3
+ require "bundler/gem_tasks"
4
+ require "rspec/core/rake_task"
5
+ require_relative 'lib/authsignal/version'
6
+
7
+ task default: :build_and_push_gem
8
+
9
+ RSpec::Core::RakeTask.new(:build_and_push_gem) do |task|
10
+ version = Authsignal::VERSION
11
+ puts "Building gem..."
12
+ sh "gem build authsignal-ruby.gemspec"
13
+ puts "Pushing authsignal-ruby-#{version} gem..."
14
+ sh "gem push authsignal-ruby-#{version}.gem"
15
+ puts "Gem authsignal-ruby-#{version} has been pushed."
16
+ end
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Authsignal
4
- VERSION = "0.1.3"
4
+ VERSION = "0.1.5"
5
5
  end
data/lib/authsignal.rb CHANGED
@@ -69,6 +69,37 @@ module Authsignal
69
69
  false
70
70
  end
71
71
 
72
+ def validate_challenge(request)
73
+ token = request[:token]
74
+
75
+ begin
76
+ decoded_token = JWT.decode(token, Authsignal.configuration.api_secret_key)[0]
77
+ rescue JWT::DecodeError
78
+ puts 'Token verification failed'
79
+ end
80
+
81
+ user_id = decoded_token["other"]["userId"]
82
+ action_code = decoded_token["other"]["actionCode"]
83
+ idempotency_key = decoded_token["other"]["idempotencyKey"]
84
+
85
+ if request[:userId] && request[:userId] != user_id
86
+ return { user_id: user_id, success: false, state: nil }
87
+ end
88
+
89
+ if action_code && idempotency_key
90
+ action_result = get_action(user_id: user_id, action_code: action_code, idempotency_key: idempotency_key)
91
+
92
+ if action_result
93
+ state = action_result[:state]
94
+ success = state == "CHALLENGE_SUCCEEDED"
95
+
96
+ return { user_id: user_id, success: success, state: state, action: action_code }
97
+ end
98
+ end
99
+
100
+ { user_id: user_id, success: false, state: nil }
101
+ end
102
+
72
103
  private
73
104
  def underscore(string)
74
105
  string.gsub(/::/, '/').
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: authsignal-ruby
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.3
4
+ version: 0.1.5
5
5
  platform: ruby
6
6
  authors:
7
7
  - justinsoong
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2022-09-23 00:00:00.000000000 Z
11
+ date: 2023-08-24 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: httparty
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - "~>"
18
18
  - !ruby/object:Gem::Version
19
- version: 0.20.0
19
+ version: 0.21.0
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - "~>"
25
25
  - !ruby/object:Gem::Version
26
- version: 0.20.0
26
+ version: 0.21.0
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: rspec
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -81,6 +81,7 @@ files:
81
81
  - LICENSE.txt
82
82
  - README.md
83
83
  - Rakefile
84
+ - RakefileRelease
84
85
  - bin/console
85
86
  - bin/setup
86
87
  - lib/authsignal.rb
@@ -108,7 +109,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
108
109
  - !ruby/object:Gem::Version
109
110
  version: '0'
110
111
  requirements: []
111
- rubygems_version: 3.2.32
112
+ rubygems_version: 3.4.10
112
113
  signing_key:
113
114
  specification_version: 4
114
115
  summary: The Authsignal ruby server side signal API.