authsignal-ruby 0.1.3 → 0.1.4

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: d563b12a80a89c807b644c531b09401fc38844d479581ca14f6fb58507cdc601
4
- data.tar.gz: 436573b2924b8862b0332ce6fc07353a2cfe66fa4be8c801106f6b55e2546f49
3
+ metadata.gz: 69b244aee6e940441e952ba9fb62b4952e8da7b9ff29ac87893eedc87c042bbe
4
+ data.tar.gz: 21ae8f3d6d312308ffebc53a69eb6b23ce3e32d364b8c1a148826d8d1e68468e
5
5
  SHA512:
6
- metadata.gz: d5790f1d540710c6341185342d7e26e165d08d2db070abb83696a3701ec3c8db95a0c7ae89b275176c59af86c5f54f99139f1e1155d98fdb92c8179c8d128e95
7
- data.tar.gz: 650b7ceea94f65580a14c53cd1091e672034ebc1352e17e9ff198e03e7745fe901b0eefbdc2bd9e0d636befc63bba2da63e2f3df89aa38c6d479e55b1d97f56d
6
+ metadata.gz: 6fd2f1e28877868372c8f7992cb7d5a3d0b30dd4c9119d0329302d7bb9c64e5c48b2d9a212b4376ee5132ea11d1bdbe766fa69c38e00908b2cddb5e9140127c9
7
+ data.tar.gz: e59793ce77aa8e3e0f8387ff9fbcce36d97b1a68166b4d31758bddd3fe490b0cb210b7913961feff50ecb97ceb19b2374d5982a305295edce0e06f42c533a450
data/Gemfile.lock CHANGED
@@ -1,8 +1,8 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- authsignal-ruby (0.1.2)
5
- httparty (~> 0.20.0)
4
+ authsignal-ruby (0.1.3)
5
+ httparty (~> 0.21.0)
6
6
 
7
7
  GEM
8
8
  remote: https://rubygems.org/
@@ -13,12 +13,10 @@ GEM
13
13
  rexml
14
14
  diff-lcs (1.5.0)
15
15
  hashdiff (1.0.1)
16
- httparty (0.20.0)
17
- mime-types (~> 3.0)
16
+ httparty (0.21.0)
17
+ mini_mime (>= 1.0.0)
18
18
  multi_xml (>= 0.5.2)
19
- mime-types (3.4.1)
20
- mime-types-data (~> 3.2015)
21
- mime-types-data (3.2022.0105)
19
+ mini_mime (1.1.2)
22
20
  multi_xml (0.6.0)
23
21
  public_suffix (4.0.7)
24
22
  rake (13.0.6)
@@ -51,4 +49,4 @@ DEPENDENCIES
51
49
  webmock (~> 3.14.0)
52
50
 
53
51
  BUNDLED WITH
54
- 2.2.32
52
+ 2.3.21
data/README.md CHANGED
@@ -1,6 +1,6 @@
1
1
  # Authsignal Server Ruby SDK
2
2
 
3
- [Authsignal](https://www.authsignal.com/?utm_source=github&utm_medium=ruby_sdk) provides passwordless step up authentication (Multi-factor Authentication - MFA) that can be placed anywhere within your application. Authsignal also provides a no-code fraud risk rules engine to manage when step up challenges are triggered.
3
+ Check out our [official Ruby SDK documentation](https://docs.authsignal.com/sdks/server/ruby), and [Ruby on Rails Quickstart Guide](https://docs.authsignal.com/quickstarts/ruby-on-rails).
4
4
 
5
5
  ## Installation
6
6
 
@@ -18,7 +18,8 @@ Or install it yourself as:
18
18
 
19
19
  $ gem install authsignal-ruby
20
20
 
21
- ## Configuration
21
+ ## Initialization
22
+
22
23
  Initialize the Authsignal Ruby SDK, ensuring you do not hard code the Authsignal Secret Key, always keep this safe.
23
24
 
24
25
  In Ruby on Rails, you would typically place this code block in a file like `config/initializers/authsignal.rb`
@@ -29,100 +30,32 @@ Authsignal.setup do |config|
29
30
  end
30
31
  ```
31
32
 
32
- ## Usage
33
-
34
- Authsignal's server side signal API has four main calls `track_action`, `get_action`, `get_user`, `identify`
33
+ You can find your `api_secret_key` in the [Authsignal Portal](https://portal.authsignal.com/organisations/tenants/api).
35
34
 
36
- These examples assume that the SDK is being called from a Ruby on Rails app, adapt depending on your server framework.
35
+ You must specify the correct `baseUrl` for your tenant's region.
37
36
 
38
- ### Track Action
39
- The track action call is the main api call to send actions to authsignal, the default decision is to `ALLOW` actions, this allows you to call track action as a means to keep an audit trail of your user activity.
37
+ | Region | Base URL |
38
+ | ----------- | ----------------------------------- |
39
+ | US (Oregon) | https://signal.authsignal.com/v1 |
40
+ | AU (Sydney) | https://au.signal.authsignal.com/v1 |
41
+ | EU (Dublin) | https://eu.signal.authsignal.com/v1 |
40
42
 
41
- Add to the rules in the admin portal or the change default decision to influence the flows for your end users. If a user is not enrolled with authenticators, the default decision is to `ALLOW`.
43
+ For example, to set the base URL to use our AU region:
42
44
 
43
- ```ruby
44
- # OPTIONAL: The Authsignal cookie available when using the authsignal browser Javascript SDK
45
- # you could you use own device/session/fingerprinting identifiers.
46
- authsignal_cookie = request.cookies["__as_aid"]
47
-
48
- # OPTIONAL: The idempotencyKey is a unique identifier per track action
49
- # this could be for a unique object associated to your application
50
- # like a shopping cart check out id
51
- # If ommitted, Authsignal will generate the idempotencyKey and return in the response
52
- idempotency_key = SecureRandom.uuid
53
-
54
- # OPTIONAL: If you're using a redirect flow, set the redirect URL, this is the url authsignal will redirect to after a Challenge is completed.
55
- redirect_url = "https://www.yourapp.com/back_to_your_app"
56
-
57
- response = Authsignal.track_action({
58
- action_code: "signIn",
59
- idempotency_key: idempotency_key,
60
- redirect_url: redirect_url,
61
- user_id: current_user.id,
62
- email: current_user.email,
63
- device_id: authsignal_cookie,
64
- user_agent: request.user_agent,
65
- ip_address: request.ip,
66
- custom: {
67
- it_could_be_a_bool: true,
68
- it_could_be_a_string: "test",
69
- it_could_be_a_number: 400.00
70
- }
71
- }
72
- )
73
45
  ```
74
- *Response*
75
- ```ruby
76
- response = Authsignal.track_action({..})
77
- case response[:state]
78
- when "ALLOW"
79
- # Carry on with your operation/business logic
80
- when "BLOCK"
81
- # Stop your operations
82
- when "CHALLENGE_REQUIRED"
83
- # Step up authentication required, redirect or pass the challengeUrl to the front end
84
- response[:challenge_url]
85
- end
86
- ```
87
-
88
- ### Get Action
89
- Call get action after a challenge is completed by the user, after a redirect or a succesful browser challenge pop-up flow, and if the state of the action is `CHALLENGE_SUCCEEDED` you can proceed with completing the business logic.
46
+ require 'authsignal'
90
47
 
91
- ```ruby
92
- response = Authsignal.get_action(
93
- user_id: current_user.id,
94
- action_code: "testAction",
95
- idempotency_key: "15cac140-f639-48c5-92db-835ec8d3d144")
96
-
97
- if(response[:state] === "CHALLENGE_SUCCEEDED")
98
- # The user has successfully completed the challenge, and you should proceed with
99
- # the business logic
48
+ Authsignal.setup do |config|
49
+ config.api_secret_key = ENV["AUTHSIGNAL_SECRET_KEY"]
50
+ config.base_uri = "https://au.signal.authsignal.com/v1"
100
51
  end
101
52
  ```
102
53
 
103
- ### Get User
104
- Get user retrieves the current enrolment state of the user, use this call to redirect users to the enrolment or management flows so that the user can do self service management of their authenticator factors. User the `url` in the response to either redirect or initiate the pop up client side flow.
105
-
106
- ```ruby
107
- response = Authsignal.get_user(user_id: current_user.id, redirect_url: "http://www.yourapp.com/path-back")
108
-
109
- is_enrolled = response[:is_enrolled]
110
- url = response[:url]
111
- ```
112
-
113
- ### Identify
114
- Get identify to link and update additional user indetifiers (like email) to the primary record.
115
-
116
- ```ruby
117
- Authsignal.identify(user_id: current_user.id, user: { email: "newemail@email.com" })
118
- ```
54
+ ## Usage
119
55
 
120
- ### Enrol Authenticator
121
- If your application already has a valid authenticator like a validated phone number for your customer, you can enrol the authenticator on behalf of the user using this function
56
+ Authsignal's server side signal API has four main api calls `track_action`, `get_action`, `get_user`, `enrol_authenticator`.
122
57
 
123
- ```ruby
124
- Authsignal.enrol_authenticator(user_id: current_user.id, authenticator:{ oob_channel: "SMS", phone_number: "+64270000000" })
125
- ```
58
+ For more details on these api calls, refer to our [official Ruby SDK docs](https://docs.authsignal.com/sdks/server/ruby#track_action).
126
59
 
127
60
  ## Development
128
61
 
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Authsignal
4
- VERSION = "0.1.3"
4
+ VERSION = "0.1.4"
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: authsignal-ruby
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.3
4
+ version: 0.1.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - justinsoong
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2022-09-23 00:00:00.000000000 Z
11
+ date: 2023-08-02 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: httparty
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - "~>"
18
18
  - !ruby/object:Gem::Version
19
- version: 0.20.0
19
+ version: 0.21.0
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - "~>"
25
25
  - !ruby/object:Gem::Version
26
- version: 0.20.0
26
+ version: 0.21.0
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: rspec
29
29
  requirement: !ruby/object:Gem::Requirement