RubyGems - authsignal-ruby - Versions diffs - 0.1.3 → 0.1.4 - Mend

authsignal-ruby 0.1.3 → 0.1.4

Files changed (5) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: d563b12a80a89c807b644c531b09401fc38844d479581ca14f6fb58507cdc601
-  data.tar.gz: 436573b2924b8862b0332ce6fc07353a2cfe66fa4be8c801106f6b55e2546f49
+  metadata.gz: 69b244aee6e940441e952ba9fb62b4952e8da7b9ff29ac87893eedc87c042bbe
+  data.tar.gz: 21ae8f3d6d312308ffebc53a69eb6b23ce3e32d364b8c1a148826d8d1e68468e
 SHA512:
-  metadata.gz: d5790f1d540710c6341185342d7e26e165d08d2db070abb83696a3701ec3c8db95a0c7ae89b275176c59af86c5f54f99139f1e1155d98fdb92c8179c8d128e95
-  data.tar.gz: 650b7ceea94f65580a14c53cd1091e672034ebc1352e17e9ff198e03e7745fe901b0eefbdc2bd9e0d636befc63bba2da63e2f3df89aa38c6d479e55b1d97f56d
+  metadata.gz: 6fd2f1e28877868372c8f7992cb7d5a3d0b30dd4c9119d0329302d7bb9c64e5c48b2d9a212b4376ee5132ea11d1bdbe766fa69c38e00908b2cddb5e9140127c9
+  data.tar.gz: e59793ce77aa8e3e0f8387ff9fbcce36d97b1a68166b4d31758bddd3fe490b0cb210b7913961feff50ecb97ceb19b2374d5982a305295edce0e06f42c533a450

data/Gemfile.lock CHANGED Viewed

@@ -1,8 +1,8 @@
 PATH
   remote: .
   specs:
-    authsignal-ruby (0.1.2)
-      httparty (~> 0.20.0)
+    authsignal-ruby (0.1.3)
+      httparty (~> 0.21.0)
 GEM
   remote: https://rubygems.org/
@@ -13,12 +13,10 @@ GEM
       rexml
     diff-lcs (1.5.0)
     hashdiff (1.0.1)
-    httparty (0.20.0)
-      mime-types (~> 3.0)
+    httparty (0.21.0)
+      mini_mime (>= 1.0.0)
       multi_xml (>= 0.5.2)
-    mime-types (3.4.1)
-      mime-types-data (~> 3.2015)
-    mime-types-data (3.2022.0105)
+    mini_mime (1.1.2)
     multi_xml (0.6.0)
     public_suffix (4.0.7)
     rake (13.0.6)
@@ -51,4 +49,4 @@ DEPENDENCIES
   webmock (~> 3.14.0)
 BUNDLED WITH
-   2.2.32
+   2.3.21

data/README.md CHANGED Viewed

@@ -1,6 +1,6 @@
 # Authsignal Server Ruby SDK
-[Authsignal](https://www.authsignal.com/?utm_source=github&utm_medium=ruby_sdk) provides passwordless step up authentication (Multi-factor Authentication - MFA) that can be placed anywhere within your application. Authsignal also provides a no-code fraud risk rules engine to manage when step up challenges are triggered.
+Check out our [official Ruby SDK documentation](https://docs.authsignal.com/sdks/server/ruby), and [Ruby on Rails Quickstart Guide](https://docs.authsignal.com/quickstarts/ruby-on-rails).
 ## Installation
@@ -18,7 +18,8 @@ Or install it yourself as:
     $ gem install authsignal-ruby
-## Configuration
+## Initialization
 Initialize the Authsignal Ruby SDK, ensuring you do not hard code the Authsignal Secret Key, always keep this safe.
 In Ruby on Rails, you would typically place this code block in a file like `config/initializers/authsignal.rb`
@@ -29,100 +30,32 @@ Authsignal.setup do |config|
 end
 ```
-## Usage
-Authsignal's server side signal API has four main calls `track_action`, `get_action`, `get_user`, `identify`
+You can find your `api_secret_key` in the [Authsignal Portal](https://portal.authsignal.com/organisations/tenants/api).
-These examples assume that the SDK is being called from a Ruby on Rails app, adapt depending on your server framework.
+You must specify the correct `baseUrl` for your tenant's region.
-### Track Action
-The track action call is the main api call to send actions to authsignal, the default decision is to `ALLOW` actions, this allows you to call track action as a means to keep an audit trail of your user activity.
+| Region      | Base URL                            |
+| ----------- | ----------------------------------- |
+| US (Oregon) | https://signal.authsignal.com/v1    |
+| AU (Sydney) | https://au.signal.authsignal.com/v1 |
+| EU (Dublin) | https://eu.signal.authsignal.com/v1 |
-Add to the rules in the admin portal or the change default decision to influence the flows for your end users. If a user is not enrolled with authenticators, the default decision is to `ALLOW`.
+For example, to set the base URL to use our AU region:
-```ruby
-# OPTIONAL: The Authsignal cookie available when using the authsignal browser Javascript SDK
-# you could you use own device/session/fingerprinting identifiers.
-authsignal_cookie = request.cookies["__as_aid"]
-# OPTIONAL: The idempotencyKey is a unique identifier per track action
-# this could be for a unique object associated to your application
-# like a shopping cart check out id
-# If ommitted, Authsignal will generate the idempotencyKey and return in the response
-idempotency_key = SecureRandom.uuid
-# OPTIONAL: If you're using a redirect flow, set the redirect URL, this is the url authsignal will redirect to after a Challenge is completed.
-redirect_url = "https://www.yourapp.com/back_to_your_app"
-response = Authsignal.track_action({
-        action_code: "signIn",
-        idempotency_key: idempotency_key,
-        redirect_url: redirect_url,
-        user_id: current_user.id,
-        email: current_user.email,
-        device_id: authsignal_cookie,
-        user_agent: request.user_agent,
-        ip_address: request.ip,
-        custom: {
-            it_could_be_a_bool: true,
-            it_could_be_a_string: "test",
-            it_could_be_a_number: 400.00
-        }
-    }
-)
 ```
-*Response*
-```ruby
-response = Authsignal.track_action({..})
-case response[:state]
-when "ALLOW"
-    # Carry on with your operation/business logic
-when "BLOCK"
-    # Stop your operations
-when "CHALLENGE_REQUIRED"
-    # Step up authentication required, redirect or pass the challengeUrl to the front end
-    response[:challenge_url]
-end
-```
-### Get Action
-Call get action after a challenge is completed by the user, after a redirect or a succesful browser challenge pop-up flow, and if the state of the action is `CHALLENGE_SUCCEEDED` you can proceed with completing the business logic.
+require 'authsignal'
-```ruby
-response = Authsignal.get_action(
-    user_id: current_user.id,
-    action_code: "testAction",
-    idempotency_key: "15cac140-f639-48c5-92db-835ec8d3d144")
-if(response[:state] === "CHALLENGE_SUCCEEDED")
-    # The user has successfully completed the challenge, and you should proceed with
-    # the business logic
+Authsignal.setup do |config|
+    config.api_secret_key = ENV["AUTHSIGNAL_SECRET_KEY"]
+    config.base_uri = "https://au.signal.authsignal.com/v1"
 end
 ```
-### Get User
-Get user retrieves the current enrolment state of the user, use this call to redirect users to the enrolment or management flows so that the user can do self service management of their authenticator factors. User the `url` in the response to either redirect or initiate the pop up client side flow.
-```ruby
-response = Authsignal.get_user(user_id: current_user.id, redirect_url: "http://www.yourapp.com/path-back")
-is_enrolled = response[:is_enrolled]
-url = response[:url]
-```
-### Identify
-Get identify to link and update additional user indetifiers (like email) to the primary record.
-```ruby
-Authsignal.identify(user_id: current_user.id, user: { email: "newemail@email.com" })
-```
+## Usage
-### Enrol Authenticator
-If your application already has a valid authenticator like a validated phone number for your customer, you can enrol the authenticator on behalf of the user using this function
+Authsignal's server side signal API has four main api calls `track_action`, `get_action`, `get_user`, `enrol_authenticator`.
-```ruby
-Authsignal.enrol_authenticator(user_id: current_user.id, authenticator:{ oob_channel: "SMS", phone_number: "+64270000000" })
-```
+For more details on these api calls, refer to our [official Ruby SDK docs](https://docs.authsignal.com/sdks/server/ruby#track_action).
 ## Development

data/lib/authsignal/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module Authsignal
-  VERSION = "0.1.3"
+  VERSION = "0.1.4"
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: authsignal-ruby
 version: !ruby/object:Gem::Version
-  version: 0.1.3
+  version: 0.1.4
 platform: ruby
 authors:
 - justinsoong
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2022-09-23 00:00:00.000000000 Z
+date: 2023-08-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: httparty
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.20.0
+        version: 0.21.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.20.0
+        version: 0.21.0
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement