RubyGems - authsignal-ruby - Versions diffs - 5.1.0 → 5.2.0 - Mend

authsignal-ruby 5.1.0 → 5.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

checksums.yaml +4 -4
data/Gemfile.lock +1 -1
data/README.md +34 -37
data/lib/authsignal/client.rb +1 -1
data/lib/authsignal/invalid_signature_error.rb +7 -0
data/lib/authsignal/version.rb +1 -1
data/lib/authsignal/webhook.rb +83 -0
data/lib/authsignal.rb +7 -1
metadata +5 -3

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 83967ef0e6e635ee8073707bd26080c9349a0a15ad7352baa99e8d0097aebdcd
-  data.tar.gz: 9bd1c701d4d60705ba92b90335bb8a5dafb889ac4298eb5935df6ce0a1dab963
+  metadata.gz: 233b8ce1fffe587695f60a898cbd6ca8172e2ed4fcd4e290bd1bbf2c31f35e69
+  data.tar.gz: 884eae4802fa843c90110be96614d5ed39a115ff466a498462945bb468da3288
 SHA512:
-  metadata.gz: f5ae54c8f9ebcf44efea16e05815b0320dac64909f8306decd8abe35b2ba33913b00471f0b6b5ecdfa9131f239dc08ae070ea18e28a5129506a09ce625c461c4
-  data.tar.gz: 9689b2cb484837bac9ee107a55688abdd9ca9ba80f2d1a3a8668433edce69f74523c168afca7f660cfb788f1714d525a386ae5288f32ed8833d05a743bf89e1a
+  metadata.gz: af223d4b81a5c0457b8e4a530d7be4fab23d16bdbe72908ffd47533b69ff5a764a716cfc7e6c58f02beff55c93de452ae11996bd10e0f0912e43383b5dc0113f
+  data.tar.gz: 56fe2d42bf6e63a09d0daeb452f380369885d26cb70481ae0da3018a10806583d2a72cfdf69f4e408b8b94cc0799d00a44c47917c8ba2c0f3163e500ecd692cd

data/Gemfile.lock CHANGED Viewed

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    authsignal-ruby (5.1.0)
+    authsignal-ruby (5.2.0)
       faraday (>= 2.0.1)
       faraday-retry (~> 2.2)

data/README.md CHANGED Viewed

@@ -2,7 +2,10 @@
 # Authsignal Ruby SDK
-The Authsignal Ruby library for server-side applications.
+[![Gem Version](https://img.shields.io/gem/v/authsignal-ruby.svg)](https://rubygems.org/gems/authsignal-ruby)
+[![License](https://img.shields.io/github/license/authsignal/authsignal-ruby.svg)](https://github.com/authsignal/authsignal-ruby/blob/main/LICENSE.txt)
+The official Authsignal Ruby library for server-side applications. Use this SDK to easily integrate Authsignal's multi-factor authentication (MFA) and passwordless features into your Ruby backend.
 ## Installation
@@ -12,48 +15,42 @@ Add this line to your application's Gemfile:
 gem "authsignal-ruby"
 ```
-## Documentation
-Refer to our [SDK documentation](https://docs.authsignal.com/sdks/server/overview) for information on how to use this SDK.
-Or check out our [Ruby on Rails Quickstart Guide](https://docs.authsignal.com/integrations/ruby-on-rails).
+And then execute:
+```bash
+bundle install
+```
-### Response & Error handling
+Or install it yourself as:
+```bash
+gem install authsignal-ruby
+```
-The Authsignal SDK offers two response formats. By default, its methods return the payload in hash format.
+## Getting started
-Example:
+Initialize the Authsignal client with your secret key from the [Authsignal Portal](https://portal.authsignal.com/) and the API URL for your region.
 ```ruby
-Authsignal.enroll_verified_authenticator(
-  user_id: 'AS_001',
-  attributes: {
-    verification_method: 'INVALID',
-    email: 'hamish@authsignal.com'
-  }
-)
-# returns:
-{
-  "error": "invalid_request",
-  "errorCode": "invalid_request",
-  "errorDescription": "body.verificationMethod must be equal to one of the allowed values - allowedValues: AUTHENTICATOR_APP,EMAIL_MAGIC_LINK,EMAIL_OTP,SMS"
-}
+require 'authsignal'
+# Initialize the client
+Authsignal.setup do |config|
+  config.api_secret_key = ENV['AUTHSIGNAL_SECRET_KEY']
+  config.api_url = ENV['AUTHSIGNAL_API_URL'] # Use region-specific URL
+end
 ```
-All methods have a bang (!) counterpart that raises an Authsignal::ApiError if the request fails.
+### API URLs by region
-Example:
+| Region      | API URL                          |
+| ----------- | -------------------------------- |
+| US (Oregon) | https://api.authsignal.com/v1    |
+| AU (Sydney) | https://au.api.authsignal.com/v1 |
+| EU (Dublin) | https://eu.api.authsignal.com/v1 |
-```ruby
-Authsignal.enroll_verified_authenticator!(
-  user_id: 'AS_001',
-  attributes: {
-    verification_method: 'INVALID',
-    email: 'hamish@authsignal.com'
-  }
-)
-# raise:
-<Authsignal::ApiError: AuthsignalError: 400 - body.verificationMethod must be equal to one of the allowed values - allowedValues: AUTHENTICATOR_APP,EMAIL_MAGIC_LINK,EMAIL_OTP,SMS.
-```
+## License
+This SDK is licensed under the [MIT License](LICENSE.txt).
+## Documentation
+For more information and advanced usage examples, refer to the official [Authsignal server-Side SDK documentation](https://docs.authsignal.com/sdks/server/overview).

data/lib/authsignal/client.rb CHANGED Viewed

@@ -2,7 +2,7 @@ require 'erb'
 module Authsignal
     class Client
-        USER_AGENT = "Authsignal Ruby v#{Authsignal::VERSION}"
+        USER_AGENT = "authsignal-ruby"
         NO_API_KEY_MESSAGE  = "No Authsignal API Secret Key Set"
         RETRY_OPTIONS = {

data/lib/authsignal/invalid_signature_error.rb ADDED Viewed

@@ -0,0 +1,7 @@
+module Authsignal
+  class InvalidSignatureError < StandardError
+    def initialize(message)
+      super(message)
+    end
+  end
+end

data/lib/authsignal/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module Authsignal
-  VERSION = "5.1.0"
+  VERSION = "5.2.0"
 end

data/lib/authsignal/webhook.rb ADDED Viewed

@@ -0,0 +1,83 @@
+require 'openssl'
+require 'json'
+require 'base64'
+module Authsignal
+  DEFAULT_TOLERANCE = 5
+  class Webhook
+    VERSION = "v2"
+    attr_reader :api_secret_key
+    def initialize(api_secret_key)
+      @api_secret_key = api_secret_key
+    end
+    def construct_event(payload, signature, tolerance = DEFAULT_TOLERANCE)
+      parsed_signature = parse_signature(signature)
+      seconds_since_epoch = Time.now.to_i
+      if tolerance > 0 && parsed_signature[:timestamp] < seconds_since_epoch - (tolerance * 60)
+        raise InvalidSignatureError, "Timestamp is outside the tolerance zone."
+      end
+      hmac_content = "#{parsed_signature[:timestamp]}.#{payload}"
+      computed_signature = OpenSSL::HMAC.digest(
+        OpenSSL::Digest.new('sha256'),
+        @api_secret_key,
+        hmac_content
+      )
+      computed_signature_base64 = Base64.strict_encode64(computed_signature).delete('=')
+      match = false
+      parsed_signature[:signatures].each do |sig|
+        if sig == computed_signature_base64
+          match = true
+          break
+        end
+      end
+      unless match
+        raise InvalidSignatureError, "Signature mismatch."
+      end
+      JSON.parse(payload, symbolize_names: true)
+    end
+    def parse_signature(value)
+      result = {
+        timestamp: -1,
+        signatures: []
+      }
+      return handle_invalid_signature unless value
+      value.split(',').each do |item|
+        kv = item.split('=')
+        next unless kv.length == 2
+        if kv[0] == 't'
+          result[:timestamp] = kv[1].to_i
+        elsif kv[0] == VERSION
+          result[:signatures] << kv[1]
+        end
+      end
+      if result[:timestamp] == -1 || result[:signatures].empty?
+        handle_invalid_signature
+      end
+      result
+    end
+    private
+    def handle_invalid_signature
+      raise InvalidSignatureError, "Signature format is invalid."
+    end
+  end
+end

data/lib/authsignal.rb CHANGED Viewed

@@ -4,11 +4,13 @@ require "authsignal/version"
 require "authsignal/client"
 require "authsignal/configuration"
 require "authsignal/api_error"
+require "authsignal/invalid_signature_error"
+require "authsignal/webhook"
 require "authsignal/middleware/json_response"
 require "authsignal/middleware/json_request"
 module Authsignal
-    NON_API_METHODS = [:setup, :configuration, :default_configuration]
+    NON_API_METHODS = [:setup, :configuration, :default_configuration, :webhook]
     class << self
         attr_writer :configuration
@@ -25,6 +27,10 @@ module Authsignal
             configuration.defaults
         end
+        def webhook
+            @webhook ||= Webhook.new(configuration.api_secret_key)
+        end
         def get_user(user_id:)
             response = Client.new.get_user(user_id: user_id)

metadata CHANGED Viewed

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification
 name: authsignal-ruby
 version: !ruby/object:Gem::Version
-  version: 5.1.0
+  version: 5.2.0
 platform: ruby
 authors:
 - justinsoong
 bindir: exe
 cert_chain: []
-date: 2025-03-25 00:00:00.000000000 Z
+date: 1980-01-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: faraday
@@ -102,9 +102,11 @@ files:
 - lib/authsignal/api_error.rb
 - lib/authsignal/client.rb
 - lib/authsignal/configuration.rb
+- lib/authsignal/invalid_signature_error.rb
 - lib/authsignal/middleware/json_request.rb
 - lib/authsignal/middleware/json_response.rb
 - lib/authsignal/version.rb
+- lib/authsignal/webhook.rb
 homepage: https://github.com/authsignal/authsignal-ruby
 licenses:
 - MIT
@@ -125,7 +127,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.6.2
+rubygems_version: 3.6.9
 specification_version: 4
 summary: The Authsignal ruby server side signal API.
 test_files: []