authsignal-ruby 0.1.3 → 0.1.5
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile.lock +6 -8
- data/README.md +18 -85
- data/Rakefile +1 -1
- data/RakefileRelease +16 -0
- data/lib/authsignal/version.rb +1 -1
- data/lib/authsignal.rb +31 -0
- metadata +6 -5
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: f77d1646d619436a3c5e25b76be690252c3f4bf2dcb7588ea09cae4c11283017
|
4
|
+
data.tar.gz: 67ad78b10cb51e07b2f2726a4a8ad74ba094eacd37b0acd6436a4e89f9b7d306
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: a02302caa711e51e25877b73e2b83c074ebd868e9f43eec42d0b29046f0f62a99ec07a930e73eb4204cffab72992831395e36b8f6d6a6a01e010536e2c550286
|
7
|
+
data.tar.gz: 5791b35e320bc81ca7f7137f736f847f7b2eae79073afe9eed0c91376e557dd63c2e0d952bf42d2d15dd04eac3c6827e003283e63e0f95f3cb681d4d3714ee3e
|
data/Gemfile.lock
CHANGED
@@ -1,8 +1,8 @@
|
|
1
1
|
PATH
|
2
2
|
remote: .
|
3
3
|
specs:
|
4
|
-
authsignal-ruby (0.1.
|
5
|
-
httparty (~> 0.
|
4
|
+
authsignal-ruby (0.1.5)
|
5
|
+
httparty (~> 0.21.0)
|
6
6
|
|
7
7
|
GEM
|
8
8
|
remote: https://rubygems.org/
|
@@ -13,12 +13,10 @@ GEM
|
|
13
13
|
rexml
|
14
14
|
diff-lcs (1.5.0)
|
15
15
|
hashdiff (1.0.1)
|
16
|
-
httparty (0.
|
17
|
-
|
16
|
+
httparty (0.21.0)
|
17
|
+
mini_mime (>= 1.0.0)
|
18
18
|
multi_xml (>= 0.5.2)
|
19
|
-
|
20
|
-
mime-types-data (~> 3.2015)
|
21
|
-
mime-types-data (3.2022.0105)
|
19
|
+
mini_mime (1.1.5)
|
22
20
|
multi_xml (0.6.0)
|
23
21
|
public_suffix (4.0.7)
|
24
22
|
rake (13.0.6)
|
@@ -51,4 +49,4 @@ DEPENDENCIES
|
|
51
49
|
webmock (~> 3.14.0)
|
52
50
|
|
53
51
|
BUNDLED WITH
|
54
|
-
2.
|
52
|
+
2.3.21
|
data/README.md
CHANGED
@@ -1,6 +1,6 @@
|
|
1
1
|
# Authsignal Server Ruby SDK
|
2
2
|
|
3
|
-
[
|
3
|
+
Check out our [official Ruby SDK documentation](https://docs.authsignal.com/sdks/server/ruby), and [Ruby on Rails Quickstart Guide](https://docs.authsignal.com/quickstarts/ruby-on-rails).
|
4
4
|
|
5
5
|
## Installation
|
6
6
|
|
@@ -18,7 +18,8 @@ Or install it yourself as:
|
|
18
18
|
|
19
19
|
$ gem install authsignal-ruby
|
20
20
|
|
21
|
-
##
|
21
|
+
## Initialization
|
22
|
+
|
22
23
|
Initialize the Authsignal Ruby SDK, ensuring you do not hard code the Authsignal Secret Key, always keep this safe.
|
23
24
|
|
24
25
|
In Ruby on Rails, you would typically place this code block in a file like `config/initializers/authsignal.rb`
|
@@ -29,100 +30,32 @@ Authsignal.setup do |config|
|
|
29
30
|
end
|
30
31
|
```
|
31
32
|
|
32
|
-
|
33
|
-
|
34
|
-
Authsignal's server side signal API has four main calls `track_action`, `get_action`, `get_user`, `identify`
|
33
|
+
You can find your `api_secret_key` in the [Authsignal Portal](https://portal.authsignal.com/organisations/tenants/api).
|
35
34
|
|
36
|
-
|
35
|
+
You must specify the correct `baseUrl` for your tenant's region.
|
37
36
|
|
38
|
-
|
39
|
-
|
37
|
+
| Region | Base URL |
|
38
|
+
| ----------- | ----------------------------------- |
|
39
|
+
| US (Oregon) | https://signal.authsignal.com/v1 |
|
40
|
+
| AU (Sydney) | https://au.signal.authsignal.com/v1 |
|
41
|
+
| EU (Dublin) | https://eu.signal.authsignal.com/v1 |
|
40
42
|
|
41
|
-
|
43
|
+
For example, to set the base URL to use our AU region:
|
42
44
|
|
43
|
-
```ruby
|
44
|
-
# OPTIONAL: The Authsignal cookie available when using the authsignal browser Javascript SDK
|
45
|
-
# you could you use own device/session/fingerprinting identifiers.
|
46
|
-
authsignal_cookie = request.cookies["__as_aid"]
|
47
|
-
|
48
|
-
# OPTIONAL: The idempotencyKey is a unique identifier per track action
|
49
|
-
# this could be for a unique object associated to your application
|
50
|
-
# like a shopping cart check out id
|
51
|
-
# If ommitted, Authsignal will generate the idempotencyKey and return in the response
|
52
|
-
idempotency_key = SecureRandom.uuid
|
53
|
-
|
54
|
-
# OPTIONAL: If you're using a redirect flow, set the redirect URL, this is the url authsignal will redirect to after a Challenge is completed.
|
55
|
-
redirect_url = "https://www.yourapp.com/back_to_your_app"
|
56
|
-
|
57
|
-
response = Authsignal.track_action({
|
58
|
-
action_code: "signIn",
|
59
|
-
idempotency_key: idempotency_key,
|
60
|
-
redirect_url: redirect_url,
|
61
|
-
user_id: current_user.id,
|
62
|
-
email: current_user.email,
|
63
|
-
device_id: authsignal_cookie,
|
64
|
-
user_agent: request.user_agent,
|
65
|
-
ip_address: request.ip,
|
66
|
-
custom: {
|
67
|
-
it_could_be_a_bool: true,
|
68
|
-
it_could_be_a_string: "test",
|
69
|
-
it_could_be_a_number: 400.00
|
70
|
-
}
|
71
|
-
}
|
72
|
-
)
|
73
45
|
```
|
74
|
-
|
75
|
-
```ruby
|
76
|
-
response = Authsignal.track_action({..})
|
77
|
-
case response[:state]
|
78
|
-
when "ALLOW"
|
79
|
-
# Carry on with your operation/business logic
|
80
|
-
when "BLOCK"
|
81
|
-
# Stop your operations
|
82
|
-
when "CHALLENGE_REQUIRED"
|
83
|
-
# Step up authentication required, redirect or pass the challengeUrl to the front end
|
84
|
-
response[:challenge_url]
|
85
|
-
end
|
86
|
-
```
|
87
|
-
|
88
|
-
### Get Action
|
89
|
-
Call get action after a challenge is completed by the user, after a redirect or a succesful browser challenge pop-up flow, and if the state of the action is `CHALLENGE_SUCCEEDED` you can proceed with completing the business logic.
|
46
|
+
require 'authsignal'
|
90
47
|
|
91
|
-
|
92
|
-
|
93
|
-
|
94
|
-
action_code: "testAction",
|
95
|
-
idempotency_key: "15cac140-f639-48c5-92db-835ec8d3d144")
|
96
|
-
|
97
|
-
if(response[:state] === "CHALLENGE_SUCCEEDED")
|
98
|
-
# The user has successfully completed the challenge, and you should proceed with
|
99
|
-
# the business logic
|
48
|
+
Authsignal.setup do |config|
|
49
|
+
config.api_secret_key = ENV["AUTHSIGNAL_SECRET_KEY"]
|
50
|
+
config.base_uri = "https://au.signal.authsignal.com/v1"
|
100
51
|
end
|
101
52
|
```
|
102
53
|
|
103
|
-
|
104
|
-
Get user retrieves the current enrolment state of the user, use this call to redirect users to the enrolment or management flows so that the user can do self service management of their authenticator factors. User the `url` in the response to either redirect or initiate the pop up client side flow.
|
105
|
-
|
106
|
-
```ruby
|
107
|
-
response = Authsignal.get_user(user_id: current_user.id, redirect_url: "http://www.yourapp.com/path-back")
|
108
|
-
|
109
|
-
is_enrolled = response[:is_enrolled]
|
110
|
-
url = response[:url]
|
111
|
-
```
|
112
|
-
|
113
|
-
### Identify
|
114
|
-
Get identify to link and update additional user indetifiers (like email) to the primary record.
|
115
|
-
|
116
|
-
```ruby
|
117
|
-
Authsignal.identify(user_id: current_user.id, user: { email: "newemail@email.com" })
|
118
|
-
```
|
54
|
+
## Usage
|
119
55
|
|
120
|
-
|
121
|
-
If your application already has a valid authenticator like a validated phone number for your customer, you can enrol the authenticator on behalf of the user using this function
|
56
|
+
Authsignal's server side signal API has four main api calls `track_action`, `get_action`, `get_user`, `enrol_authenticator`.
|
122
57
|
|
123
|
-
|
124
|
-
Authsignal.enrol_authenticator(user_id: current_user.id, authenticator:{ oob_channel: "SMS", phone_number: "+64270000000" })
|
125
|
-
```
|
58
|
+
For more details on these api calls, refer to our [official Ruby SDK docs](https://docs.authsignal.com/sdks/server/ruby#track_action).
|
126
59
|
|
127
60
|
## Development
|
128
61
|
|
data/Rakefile
CHANGED
data/RakefileRelease
ADDED
@@ -0,0 +1,16 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require "bundler/gem_tasks"
|
4
|
+
require "rspec/core/rake_task"
|
5
|
+
require_relative 'lib/authsignal/version'
|
6
|
+
|
7
|
+
task default: :build_and_push_gem
|
8
|
+
|
9
|
+
RSpec::Core::RakeTask.new(:build_and_push_gem) do |task|
|
10
|
+
version = Authsignal::VERSION
|
11
|
+
puts "Building gem..."
|
12
|
+
sh "gem build authsignal-ruby.gemspec"
|
13
|
+
puts "Pushing authsignal-ruby-#{version} gem..."
|
14
|
+
sh "gem push authsignal-ruby-#{version}.gem"
|
15
|
+
puts "Gem authsignal-ruby-#{version} has been pushed."
|
16
|
+
end
|
data/lib/authsignal/version.rb
CHANGED
data/lib/authsignal.rb
CHANGED
@@ -69,6 +69,37 @@ module Authsignal
|
|
69
69
|
false
|
70
70
|
end
|
71
71
|
|
72
|
+
def validate_challenge(request)
|
73
|
+
token = request[:token]
|
74
|
+
|
75
|
+
begin
|
76
|
+
decoded_token = JWT.decode(token, Authsignal.configuration.api_secret_key)[0]
|
77
|
+
rescue JWT::DecodeError
|
78
|
+
puts 'Token verification failed'
|
79
|
+
end
|
80
|
+
|
81
|
+
user_id = decoded_token["other"]["userId"]
|
82
|
+
action_code = decoded_token["other"]["actionCode"]
|
83
|
+
idempotency_key = decoded_token["other"]["idempotencyKey"]
|
84
|
+
|
85
|
+
if request[:userId] && request[:userId] != user_id
|
86
|
+
return { user_id: user_id, success: false, state: nil }
|
87
|
+
end
|
88
|
+
|
89
|
+
if action_code && idempotency_key
|
90
|
+
action_result = get_action(user_id: user_id, action_code: action_code, idempotency_key: idempotency_key)
|
91
|
+
|
92
|
+
if action_result
|
93
|
+
state = action_result[:state]
|
94
|
+
success = state == "CHALLENGE_SUCCEEDED"
|
95
|
+
|
96
|
+
return { user_id: user_id, success: success, state: state, action: action_code }
|
97
|
+
end
|
98
|
+
end
|
99
|
+
|
100
|
+
{ user_id: user_id, success: false, state: nil }
|
101
|
+
end
|
102
|
+
|
72
103
|
private
|
73
104
|
def underscore(string)
|
74
105
|
string.gsub(/::/, '/').
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: authsignal-ruby
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.1.
|
4
|
+
version: 0.1.5
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- justinsoong
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2023-08-24 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: httparty
|
@@ -16,14 +16,14 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - "~>"
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 0.
|
19
|
+
version: 0.21.0
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - "~>"
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 0.
|
26
|
+
version: 0.21.0
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: rspec
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
@@ -81,6 +81,7 @@ files:
|
|
81
81
|
- LICENSE.txt
|
82
82
|
- README.md
|
83
83
|
- Rakefile
|
84
|
+
- RakefileRelease
|
84
85
|
- bin/console
|
85
86
|
- bin/setup
|
86
87
|
- lib/authsignal.rb
|
@@ -108,7 +109,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
108
109
|
- !ruby/object:Gem::Version
|
109
110
|
version: '0'
|
110
111
|
requirements: []
|
111
|
-
rubygems_version: 3.
|
112
|
+
rubygems_version: 3.4.10
|
112
113
|
signing_key:
|
113
114
|
specification_version: 4
|
114
115
|
summary: The Authsignal ruby server side signal API.
|