devise-authy 1.8.1 → 1.8.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 43cdeb8cb4ad691e2fd862700f74149d3a044c5b
-  data.tar.gz: 1cfaaf8fada76bc386c70098e16d1fb387ee7bfe
+SHA256:
+  metadata.gz: b4a21e73c3efd8c4368a9685a1034a6dd43028949d6427309ee0ebd646d5c147
+  data.tar.gz: a3eaac986e7eb6620333bd9a6ea21d5aaa4ec58983a92cd1bc3650f2e02c3fe5
 SHA512:
-  metadata.gz: 94d1bde99b96301430f0f9d11c4153231dd5b1ac7b93c83cf76137801be6d691f0721213c5f652a8911dbad27d0c41f770fc7cdd064e516323469b18d2b6dc56
-  data.tar.gz: 9e2c66955cbca3e78b4c66d8e500f3b79e1780d85262447e08d148fb563a94a49b5426bd4f2ef2c21a1212179b6fa0938ca674b2652cf673bf3481307dd4add0
+  metadata.gz: 100a286438cc5befc4c02249aff14c68fde76ad20a05f8ec740241e54b92c797abce24d3aacb449fca1c2de31c5320d4d5914b47be8de39b5a23cab5520b836b
+  data.tar.gz: 8c958b9a2d7b852917df7a130f25b62325783f5e31e2a800a7755428dddf2a3ec573d82d89e164011ac3f99e3a1b1fa76a701e66e8d9f94a1dd5bf4ee77bfb31

data/Gemfile

@@ -1,11 +1,11 @@
 source 'https://rubygems.org'
 
 gem 'devise', '>= 3.0.0'
-gem 'authy'
+gem 'authy', ">= 2.7.2"
 
 group :development do
   gem 'rspec', '> 3.0.0'
-  gem 'yard'
+  gem 'yard', "~> 0.9.11"
   gem 'rdoc'
   gem 'bundler'
   gem 'jeweler', '>= 2.0.1'

data/README.md

@@ -53,7 +53,8 @@ Change the default routes to point to something sane like:
 devise_for :users, :path_names => {
 	:verify_authy => "/verify-token",
 	:enable_authy => "/enable-two-factor",
-	:verify_authy_installation => "/verify-installation"
+	:verify_authy_installation => "/verify-installation",
+	:authy_onetouch_status => "/onetouch-status"
 }
 ```
 
@@ -136,6 +137,14 @@ session["#{resource_name}_authy_token_checked"]
 session["user_authy_token_checked"]
 ```
 
+## OneTouch support
+
+To enable the OneTouch feature, you need to modify the Devise config file `config/initializers/devise.rb` and add configuration:
+
+```
+config.authy_enable_onetouch = true
+```
+
 
 ## Running Tests
 
@@ -151,6 +160,12 @@ Now on the project root run the following commands:
 $ bundle exec rspec spec/
 ```
 
+## Backporting to Rails 3
+
+While we are not currently supporting Rails 3, there's an active fork that maintains the backwards compatibility.
+
+https://github.com/gcosta/authy-devise
+
 ## Copyright
 
 Copyright (c) 2012-2020 Authy Inc. See LICENSE.txt for

data/VERSION

@@ -1 +1 @@
-1.8.1
+1.8.2

data/app/controllers/devise/devise_authy_controller.rb

@@ -3,7 +3,7 @@ class Devise::DeviseAuthyController < DeviseController
     :request_phone_call, :request_sms
   ]
   prepend_before_action :find_resource_and_require_password_checked, :only => [
-    :GET_verify_authy, :POST_verify_authy
+    :GET_verify_authy, :POST_verify_authy, :GET_authy_onetouch_status
   ]
   prepend_before_action :authenticate_scope!, :only => [
     :GET_enable_authy, :POST_enable_authy,
@@ -14,6 +14,10 @@ class Devise::DeviseAuthyController < DeviseController
 
   def GET_verify_authy
     @authy_id = @resource.authy_id
+    if resource_class.authy_enable_onetouch
+      approval_request = send_one_touch_request['approval_request']
+      @onetouch_uuid = approval_request['uuid'] if approval_request.present?
+    end
     render :verify_authy
   end
 
@@ -26,17 +30,11 @@ class Devise::DeviseAuthyController < DeviseController
     })
 
     if token.ok?
-      @resource.update_attribute(:last_sign_in_with_authy, DateTime.now)
-
-      session["#{resource_name}_authy_token_checked"] = true
-
       remember_device if params[:remember_device].to_i == 1
       if session.delete("#{resource_name}_remember_me") == true && @resource.respond_to?(:remember_me=)
         @resource.remember_me = true
       end
-      sign_in(resource_name, @resource)
-
-      set_flash_message(:notice, :signed_in) if is_navigational_format?
+      record_authy_authentication
       respond_with resource, :location => after_sign_in_path_for(@resource)
     else
       handle_invalid_token :verify_authy, :invalid_token
@@ -112,6 +110,21 @@ class Devise::DeviseAuthyController < DeviseController
       handle_invalid_token :verify_authy_installation, :not_enabled
     end
   end
+  
+  def GET_authy_onetouch_status
+    status = Authy::API.get_request("onetouch/json/approval_requests/#{params[:onetouch_uuid]}")['approval_request']['status']
+    case status
+    when 'pending'
+      head 202
+    when 'approved'
+      record_authy_authentication
+      render json: { redirect: after_sign_in_path_for(@resource) }
+    when 'denied'
+      head :unauthorized
+    else
+      head :error
+    end
+  end
 
   def request_phone_call
     unless @resource

data/app/views/devise/verify_authy.html.erb

@@ -19,3 +19,19 @@
   <%= authy_request_sms_link %>
   <%= submit_tag I18n.t('submit_token', {:scope => 'devise'}), :class => 'btn' %>
 <% end %>
+
+<% if @onetouch_uuid %>
+    <script>
+      (function(){
+        var onetouchInterval = setInterval(function(){
+          var onetouchRequest = new XMLHttpRequest();
+          onetouchRequest.addEventListener("load", function(){
+            if(this.status != 202) clearInterval(onetouchInterval);
+            if(this.status == 200) window.location = JSON.parse(this.responseText).redirect;
+          });
+          onetouchRequest.open("GET", "<%= polymorphic_path [resource_name, :authy_onetouch_status] %>?onetouch_uuid=<%= @onetouch_uuid %>");
+          onetouchRequest.send();
+        }, 3000);
+      })();
+    </script>
+<% end %>

data/app/views/devise/verify_authy.html.haml

@@ -16,3 +16,17 @@
 
   = authy_request_sms_link
   = submit_tag I18n.t('submit_token', {:scope => 'devise'}), :class => 'btn'
+
+- if @onetouch_uuid
+  :javascript
+    (function(){
+      var onetouchInterval = setInterval(function(){
+        var onetouchRequest = new XMLHttpRequest();
+        onetouchRequest.addEventListener("load", function(){
+          if(this.status != 202) clearInterval(onetouchInterval);
+          if(this.status == 200) window.location = JSON.parse(this.responseText).redirect;
+        });
+        onetouchRequest.open("GET", "<%= polymorphic_path [resource_name, :authy_onetouch_status] %>?onetouch_uuid=<%= @onetouch_uuid %>");
+        onetouchRequest.send();
+      }, 3000);
+    })();

data/authy-devise-demo/Gemfile.lock

@@ -1,8 +1,8 @@
 PATH
   remote: ..
   specs:
-    devise-authy (1.8.0)
-      authy
+    devise-authy (1.8.1)
+      authy (>= 2.4.2)
       devise (>= 3.0.0)
 
 GEM
@@ -76,7 +76,7 @@ GEM
     execjs (2.7.0)
     globalid (0.3.7)
       activesupport (>= 4.1.0)
-    httpclient (2.8.2.4)
+    httpclient (2.8.3)
     i18n (0.7.0)
     jbuilder (2.6.0)
       activesupport (>= 3.0.0, < 5.1)
@@ -191,4 +191,4 @@ DEPENDENCIES
   web-console (~> 2.0)
 
 BUNDLED WITH
-   1.12.5
+   1.16.0

data/authy-devise-demo/app/views/devise/devise_authy/verify_authy.html.erb

@@ -20,3 +20,19 @@
   <%= authy_request_phone_call_link %>
   <%= submit_tag I18n.t('submit_token', {:scope => 'devise'}), :class => 'btn' %>
 <% end %>
+
+<% if @onetouch_uuid %>
+    <script>
+      (function(){
+        var onetouchInterval = setInterval(function(){
+          var onetouchRequest = new XMLHttpRequest();
+          onetouchRequest.addEventListener("load", function(){
+            if(this.status != 202) clearInterval(onetouchInterval);
+            if(this.status == 200) window.location = JSON.parse(this.responseText).redirect;
+          });
+          onetouchRequest.open("GET", "<%= polymorphic_path [resource_name, :authy_onetouch_status] %>?onetouch_uuid=<%= @onetouch_uuid %>");
+          onetouchRequest.send();
+        }, 3000);
+      })();
+    </script>
+<% end %>

data/authy-devise-demo/config/initializers/devise.rb

@@ -5,6 +5,9 @@ Devise.setup do |config|
   # ==> Devise Authy Authentication Extension
   # How long should the user's device be remembered for.
   # config.authy_remember_device = 1.month
+  #
+  # Should Authy OneTouch be enabled?
+  config.authy_enable_onetouch = true
 
   # ==> Mailer Configuration
   # Configure the e-mail address which will be shown in Devise::Mailer,

data/devise-authy.gemspec

@@ -2,16 +2,16 @@
 # DO NOT EDIT THIS FILE DIRECTLY
 # Instead, edit Jeweler::Tasks in Rakefile, and run 'rake gemspec'
 # -*- encoding: utf-8 -*-
-# stub: devise-authy 1.8.1 ruby lib
+# stub: devise-authy 1.8.2 ruby lib
 
 Gem::Specification.new do |s|
   s.name = "devise-authy".freeze
-  s.version = "1.8.1"
+  s.version = "1.8.2"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0".freeze) if s.respond_to? :required_rubygems_version=
   s.require_paths = ["lib".freeze]
   s.authors = ["Authy Inc.".freeze]
-  s.date = "2016-12-06"
+  s.date = "2017-12-22"
   s.description = "Authy plugin for Devise".freeze
   s.email = "support@authy.com".freeze
   s.extra_rdoc_files = [
@@ -200,7 +200,7 @@ Gem::Specification.new do |s|
   ]
   s.homepage = "https://github.com/authy/authy-devise".freeze
   s.licenses = ["MIT".freeze]
-  s.rubygems_version = "2.6.7".freeze
+  s.rubygems_version = "2.7.3".freeze
   s.summary = "Authy plugin for Devise".freeze
 
   if s.respond_to? :specification_version then
@@ -208,9 +208,9 @@ Gem::Specification.new do |s|
 
     if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
       s.add_runtime_dependency(%q<devise>.freeze, [">= 3.0.0"])
-      s.add_runtime_dependency(%q<authy>.freeze, [">= 0"])
+      s.add_runtime_dependency(%q<authy>.freeze, [">= 2.7.2"])
       s.add_development_dependency(%q<rspec>.freeze, ["> 3.0.0"])
-      s.add_development_dependency(%q<yard>.freeze, [">= 0"])
+      s.add_development_dependency(%q<yard>.freeze, ["~> 0.9.11"])
       s.add_development_dependency(%q<rdoc>.freeze, [">= 0"])
       s.add_development_dependency(%q<bundler>.freeze, [">= 0"])
       s.add_development_dependency(%q<jeweler>.freeze, [">= 2.0.1"])
@@ -218,9 +218,9 @@ Gem::Specification.new do |s|
       s.add_development_dependency(%q<byebug>.freeze, [">= 0"])
     else
       s.add_dependency(%q<devise>.freeze, [">= 3.0.0"])
-      s.add_dependency(%q<authy>.freeze, [">= 0"])
+      s.add_dependency(%q<authy>.freeze, [">= 2.7.2"])
       s.add_dependency(%q<rspec>.freeze, ["> 3.0.0"])
-      s.add_dependency(%q<yard>.freeze, [">= 0"])
+      s.add_dependency(%q<yard>.freeze, ["~> 0.9.11"])
       s.add_dependency(%q<rdoc>.freeze, [">= 0"])
       s.add_dependency(%q<bundler>.freeze, [">= 0"])
       s.add_dependency(%q<jeweler>.freeze, [">= 2.0.1"])
@@ -229,9 +229,9 @@ Gem::Specification.new do |s|
     end
   else
     s.add_dependency(%q<devise>.freeze, [">= 3.0.0"])
-    s.add_dependency(%q<authy>.freeze, [">= 0"])
+    s.add_dependency(%q<authy>.freeze, [">= 2.7.2"])
     s.add_dependency(%q<rspec>.freeze, ["> 3.0.0"])
-    s.add_dependency(%q<yard>.freeze, [">= 0"])
+    s.add_dependency(%q<yard>.freeze, ["~> 0.9.11"])
     s.add_dependency(%q<rdoc>.freeze, [">= 0"])
     s.add_dependency(%q<bundler>.freeze, [">= 0"])
     s.add_dependency(%q<jeweler>.freeze, [">= 2.0.1"])

data/lib/devise-authy.rb

@@ -4,8 +4,9 @@ require 'devise'
 require 'authy'
 
 module Devise
-  mattr_accessor :authy_remember_device
+  mattr_accessor :authy_remember_device, :authy_enable_onetouch
   @@authy_remember_device = 1.month
+  @@authy_enable_onetouch = false
 end
 
 module DeviseAuthy

data/lib/devise-authy/controllers/helpers.rb

@@ -70,6 +70,17 @@ module DeviseAuthy
         scope = Devise::Mapping.find_scope!(resource_or_scope)
         send(:"#{scope}_verify_authy_path")
       end
+
+      def send_one_touch_request
+        Authy::OneTouch.send_approval_request(id: @authy_id, message: 'Request to Login')
+      end
+
+      def record_authy_authentication
+        @resource.update_attribute(:last_sign_in_with_authy, DateTime.now)
+        session["#{resource_name}_authy_token_checked"] = true
+        sign_in(resource_name, @resource)
+        set_flash_message(:notice, :signed_in) if is_navigational_format?
+      end
     end
   end
 end

data/lib/devise-authy/models/authy_authenticatable.rb

@@ -17,7 +17,7 @@ module Devise
           where(authy_id: authy_id).first
         end
 
-        Devise::Models.config(self, :authy_remember_device)
+        Devise::Models.config(self, :authy_remember_device, :authy_enable_onetouch)
       end
     end
   end

data/lib/devise-authy/routes.rb

@@ -14,6 +14,7 @@ module ActionDispatch::Routing
       match "/#{mapping.path_names[:verify_authy_installation]}", :controller => controllers[:devise_authy], :action => :GET_verify_authy_installation, :as => :verify_authy_installation, :via => :get
       match "/#{mapping.path_names[:verify_authy_installation]}", :controller => controllers[:devise_authy], :action => :POST_verify_authy_installation, :as => nil, :via => :post
 
+      match "/#{mapping.path_names[:authy_onetouch_status]}", :controller => controllers[:devise_authy], :action => :GET_authy_onetouch_status, as: :authy_onetouch_status, via: :get
 
       match "/request-sms", :controller => controllers[:devise_authy], :action => :request_sms, :as => :request_sms, :via => :post
       match "/request-phone-call", :controller => controllers[:devise_authy], :action => :request_phone_call, :as => :request_phone_call, :via => :post

data/lib/generators/devise_authy/install_generator.rb

@@ -13,7 +13,10 @@ module DeviseAuthy
         inject_into_file "config/initializers/devise.rb", "\n" +
         "  # ==> Devise Authy Authentication Extension\n" +
         "  # How long should the user's device be remembered for.\n" +
-        "  # config.authy_remember_device = 1.month\n\n", :after => "Devise.setup do |config|\n"
+        "  # config.authy_remember_device = 1.month\n\n" +
+        "  # Should Authy OneTouch be enabled?\n" +
+        "  # config.authy_enable_onetouch = false\n\n", :after => "Devise.setup do |config|\n"
+
       end
 
       def add_initializer

data/spec/controllers/devise_authy_controller_spec.rb

@@ -9,11 +9,34 @@ describe Devise::DeviseAuthyController, type: :controller do
   end
 
   describe "GET #verify_authy" do
-    it "Should render the second step of authentication" do
-      request.session["user_id"] = @user.id
-      request.session["user_password_checked"] = true
-      get :GET_verify_authy
-      expect(response).to render_template('verify_authy')
+    describe "when the first step of authentication is complete" do
+      before do
+        request.session["user_id"] = @user.id
+        request.session["user_password_checked"] = true
+      end
+
+      it "Should render the second step of authentication" do
+        get :GET_verify_authy
+        expect(response).to render_template('verify_authy')
+      end
+
+      it "should not make a OneTouch request" do
+        expect(Authy::OneTouch).not_to receive(:send_approval_request)
+        get :GET_verify_authy
+      end
+
+      describe "when OneTouch is enabled" do
+        before do
+          allow(User).to receive(:authy_enable_onetouch).and_return(true)
+        end
+
+        it "should make a OneTouch request" do
+          expect(Authy::OneTouch).to receive(:send_approval_request)
+                                 .with(id: @user.authy_id, message: 'Request to Login')
+                                 .and_return('approval_request' => { 'uuid' => 'uuid' }).once
+          get :GET_verify_authy
+        end
+      end
     end
 
     it "Should no render the second step of authentication if first step is incomplete" do
@@ -26,6 +49,11 @@ describe Devise::DeviseAuthyController, type: :controller do
       get :GET_verify_authy
       expect(response).to redirect_to(root_url)
     end
+
+    it "should not make a OneTouch request" do
+      expect(Authy::OneTouch).not_to receive(:send_approval_request)
+      get :GET_verify_authy
+    end
   end
 
   describe "POST #verify_authy" do
@@ -269,4 +297,55 @@ describe Devise::DeviseAuthyController, type: :controller do
       expect(body['message']).to eq("User couldn't be found.")
     end
   end
+
+  describe "GET #authy_onetouch_status" do
+    # OneTouch stubbed due to test API key not having OneTouch enabled
+    before do
+      allow(Authy::OneTouch).to receive(:send_approval_request).with(id: @user.authy_id) { { 'approval_request' => { 'uuid' => SecureRandom.uuid } } }
+      @uuid = Authy::OneTouch.send_approval_request(id: @user.authy_id)['approval_request']['uuid']
+    end
+
+    it "Should return a 202 status code when pending" do
+      allow(Authy::API).to receive(:get_request).with(/onetouch\/json\/approval_requests\/.+/) { { 'approval_request' => { 'status' => 'pending' } } }
+      request.session["user_id"] = @user.id
+      request.session["user_password_checked"] = true
+      get :GET_authy_onetouch_status, onetouch_uuid: @uuid
+      expect(response.code).to eq("202")
+    end
+
+    it "Should return a 401 status code when denied" do
+      allow(Authy::API).to receive(:get_request).with(/onetouch\/json\/approval_requests\/.+/) { { 'approval_request' => { 'status' => 'denied' } } }
+      request.session["user_id"] = @user.id
+      request.session["user_password_checked"] = true
+      get :GET_authy_onetouch_status, onetouch_uuid: @uuid
+      expect(response.code).to eq("401")
+    end
+
+    it "Should return a 200 status code when approved" do
+      allow(Authy::API).to receive(:get_request).with(/onetouch\/json\/approval_requests\/.+/) { { 'approval_request' => { 'status' => 'approved' } } }
+      request.session["user_id"] = @user.id
+      request.session["user_password_checked"] = true
+      get :GET_authy_onetouch_status, onetouch_uuid: @uuid
+      expect(response.code).to eq("200")
+    end
+
+    it "Should render a JSON object with the redirect path when approved" do
+      allow(Authy::API).to receive(:get_request).with(/onetouch\/json\/approval_requests\/.+/) { { 'approval_request' => { 'status' => 'approved' } } }
+      request.session["user_id"] = @user.id
+      request.session["user_password_checked"] = true
+      get :GET_authy_onetouch_status, onetouch_uuid: @uuid
+      expect(response.body).to eq({ redirect: root_path }.to_json)
+    end
+
+    it "Should not render the second step of authentication if first step is incomplete" do
+      request.session["user_id"] = @user.id
+      get :GET_authy_onetouch_status
+      expect(response).to redirect_to(root_url)
+    end
+
+    it "should redirect to root_url" do
+      get :GET_authy_onetouch_status
+      expect(response).to redirect_to(root_url)
+    end
+  end
 end

data/spec/rails-app/Gemfile.lock

@@ -1,126 +1,127 @@
 PATH
   remote: ../..
   specs:
-    devise-authy (1.8.1)
-      authy
+    devise-authy (1.8.2)
+      authy (>= 2.7.2)
       devise (>= 3.0.0)
 
 GEM
   remote: https://rubygems.org/
   specs:
-    actionmailer (4.2.7.1)
-      actionpack (= 4.2.7.1)
-      actionview (= 4.2.7.1)
-      activejob (= 4.2.7.1)
+    actionmailer (4.2.10)
+      actionpack (= 4.2.10)
+      actionview (= 4.2.10)
+      activejob (= 4.2.10)
       mail (~> 2.5, >= 2.5.4)
       rails-dom-testing (~> 1.0, >= 1.0.5)
-    actionpack (4.2.7.1)
-      actionview (= 4.2.7.1)
-      activesupport (= 4.2.7.1)
+    actionpack (4.2.10)
+      actionview (= 4.2.10)
+      activesupport (= 4.2.10)
       rack (~> 1.6)
       rack-test (~> 0.6.2)
       rails-dom-testing (~> 1.0, >= 1.0.5)
       rails-html-sanitizer (~> 1.0, >= 1.0.2)
-    actionview (4.2.7.1)
-      activesupport (= 4.2.7.1)
+    actionview (4.2.10)
+      activesupport (= 4.2.10)
       builder (~> 3.1)
       erubis (~> 2.7.0)
       rails-dom-testing (~> 1.0, >= 1.0.5)
-      rails-html-sanitizer (~> 1.0, >= 1.0.2)
-    activejob (4.2.7.1)
-      activesupport (= 4.2.7.1)
+      rails-html-sanitizer (~> 1.0, >= 1.0.3)
+    activejob (4.2.10)
+      activesupport (= 4.2.10)
       globalid (>= 0.3.0)
-    activemodel (4.2.7.1)
-      activesupport (= 4.2.7.1)
+    activemodel (4.2.10)
+      activesupport (= 4.2.10)
       builder (~> 3.1)
-    activerecord (4.2.7.1)
-      activemodel (= 4.2.7.1)
-      activesupport (= 4.2.7.1)
+    activerecord (4.2.10)
+      activemodel (= 4.2.10)
+      activesupport (= 4.2.10)
       arel (~> 6.0)
-    activesupport (4.2.7.1)
+    activesupport (4.2.10)
       i18n (~> 0.7)
-      json (~> 1.7, >= 1.7.7)
       minitest (~> 5.1)
       thread_safe (~> 0.3, >= 0.3.4)
       tzinfo (~> 1.1)
-    addressable (2.4.0)
-    arel (6.0.3)
-    authy (2.7.1)
+    addressable (2.5.2)
+      public_suffix (>= 2.0.2, < 4.0)
+    arel (6.0.4)
+    authy (2.7.2)
       httpclient (>= 2.5.3.3)
     bcrypt (3.1.11)
-    builder (3.2.2)
-    concurrent-ruby (1.0.2)
-    devise (4.2.0)
+    builder (3.2.3)
+    concurrent-ruby (1.0.5)
+    crass (1.0.3)
+    devise (4.3.0)
       bcrypt (~> 3.0)
       orm_adapter (~> 0.1)
-      railties (>= 4.1.0, < 5.1)
+      railties (>= 4.1.0, < 5.2)
       responders
       warden (~> 1.2.3)
     erubis (2.7.0)
-    globalid (0.3.7)
-      activesupport (>= 4.1.0)
-    httpclient (2.8.2.3)
-    i18n (0.7.0)
-    json (1.8.3)
+    globalid (0.4.1)
+      activesupport (>= 4.2.0)
+    httpclient (2.8.3)
+    i18n (0.9.1)
+      concurrent-ruby (~> 1.0)
+    json (2.1.0)
     launchy (2.4.3)
       addressable (~> 2.3)
-    loofah (2.0.3)
+    loofah (2.1.1)
+      crass (~> 1.0.2)
       nokogiri (>= 1.5.9)
-    mail (2.6.4)
-      mime-types (>= 1.16, < 4)
-    mime-types (3.1)
-      mime-types-data (~> 3.2015)
-    mime-types-data (3.2016.0521)
-    mini_portile2 (2.1.0)
-    minitest (5.9.0)
-    nokogiri (1.6.8)
-      mini_portile2 (~> 2.1.0)
-      pkg-config (~> 1.1.7)
+    mail (2.7.0)
+      mini_mime (>= 0.1.1)
+    mini_mime (1.0.0)
+    mini_portile2 (2.3.0)
+    minitest (5.10.3)
+    nokogiri (1.8.1)
+      mini_portile2 (~> 2.3.0)
     orm_adapter (0.5.0)
-    pkg-config (1.1.7)
-    rack (1.6.4)
+    public_suffix (3.0.1)
+    rack (1.6.8)
     rack-test (0.6.3)
       rack (>= 1.0)
-    rails (4.2.7.1)
-      actionmailer (= 4.2.7.1)
-      actionpack (= 4.2.7.1)
-      actionview (= 4.2.7.1)
-      activejob (= 4.2.7.1)
-      activemodel (= 4.2.7.1)
-      activerecord (= 4.2.7.1)
-      activesupport (= 4.2.7.1)
+    rails (4.2.10)
+      actionmailer (= 4.2.10)
+      actionpack (= 4.2.10)
+      actionview (= 4.2.10)
+      activejob (= 4.2.10)
+      activemodel (= 4.2.10)
+      activerecord (= 4.2.10)
+      activesupport (= 4.2.10)
       bundler (>= 1.3.0, < 2.0)
-      railties (= 4.2.7.1)
+      railties (= 4.2.10)
       sprockets-rails
     rails-deprecated_sanitizer (1.0.3)
       activesupport (>= 4.2.0.alpha)
-    rails-dom-testing (1.0.7)
+    rails-dom-testing (1.0.8)
       activesupport (>= 4.2.0.beta, < 5.0)
-      nokogiri (~> 1.6.0)
+      nokogiri (~> 1.6)
       rails-deprecated_sanitizer (>= 1.0.1)
     rails-html-sanitizer (1.0.3)
       loofah (~> 2.0)
-    railties (4.2.7.1)
-      actionpack (= 4.2.7.1)
-      activesupport (= 4.2.7.1)
+    railties (4.2.10)
+      actionpack (= 4.2.10)
+      activesupport (= 4.2.10)
       rake (>= 0.8.7)
       thor (>= 0.18.1, < 2.0)
-    rake (11.2.2)
-    responders (2.3.0)
-      railties (>= 4.2.0, < 5.1)
-    sprockets (3.7.0)
+    rake (12.3.0)
+    responders (2.4.0)
+      actionpack (>= 4.2.0, < 5.3)
+      railties (>= 4.2.0, < 5.3)
+    sprockets (3.7.1)
       concurrent-ruby (~> 1.0)
       rack (> 1, < 3)
-    sprockets-rails (3.2.0)
+    sprockets-rails (3.2.1)
       actionpack (>= 4.0)
       activesupport (>= 4.0)
       sprockets (>= 3.0.0)
-    sqlite3 (1.3.11)
-    thor (0.19.1)
-    thread_safe (0.3.5)
-    tzinfo (1.2.2)
+    sqlite3 (1.3.13)
+    thor (0.20.0)
+    thread_safe (0.3.6)
+    tzinfo (1.2.4)
       thread_safe (~> 0.1)
-    warden (1.2.6)
+    warden (1.2.7)
       rack (>= 1.0)
 
 PLATFORMS
@@ -137,4 +138,4 @@ DEPENDENCIES
   sqlite3
 
 BUNDLED WITH
-   1.12.5
+   1.16.0

data/spec/rails-app/app/views/devise/devise_authy/verify_authy.html.erb

@@ -19,3 +19,19 @@
   <%= authy_request_sms_link %>
   <%= submit_tag I18n.t('submit_token', {:scope => 'devise'}), :class => 'btn' %>
 <% end %>
+
+<% if @onetouch_uuid %>
+    <script>
+      (function(){
+        setInterval(function(){
+          var onetouchRequest = new XMLHttpRequest();
+          onetouchRequest.addEventListener("load", function(){
+            if(this.status != 202) clearInterval(onetouch_status);
+            if(this.status == 200) window.location = JSON.parse(this.responseText).redirect;
+          });
+          onetouchRequest.open("GET", "#{polymorphic_path [resource_name, :authy_onetouch_status]}?onetouch_uuid=#{@onetouch_uuid}");
+          onetouchRequest.send();
+        }, 3000);
+      })();
+    </script>
+<% end %>

data/spec/rails-app/config/initializers/devise.rb

@@ -1,6 +1,14 @@
 # Use this hook to configure devise mailer, warden hooks and so forth.
 # Many of these configuration options can be set straight in your model.
 Devise.setup do |config|
+
+  # ==> Devise Authy Authentication Extension
+  # How long should the user's device be remembered for.
+  # config.authy_remember_device = 1.month
+
+  # Should Authy OneTouch be enabled?
+  # config.authy_enable_onetouch = false
+
   # ==> Mailer Configuration
   # Configure the e-mail address which will be shown in Devise::Mailer,
   # note that it will be overwritten if you use your own mailer class with default "from" parameter.
@@ -241,5 +249,8 @@ Devise.setup do |config|
   # ==> Devise Authy Authentication Extension
   # How long should the user's device be remembered for.
   # config.authy_remember_device = 1.month
+  #
+  # Should Authy OneTouch be enabled?
+  # config.authy_enable_onetouch = false
 
 end

data/spec/routing/routes_spec.rb

@@ -28,4 +28,8 @@ describe "routes for devise_authy" do
   it "routes to devise_authy#request_sms" do
     expect(post('/users/request-sms')).to route_to("devise/devise_authy#request_sms")
   end
+
+  it "routes to devise_authy#GET_authy_onetouch_status" do
+    expect(get('/users/authy_onetouch_status')).to route_to("devise/devise_authy#GET_authy_onetouch_status")
+  end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: devise-authy
 version: !ruby/object:Gem::Version
-  version: 1.8.1
+  version: 1.8.2
 platform: ruby
 authors:
 - Authy Inc.
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-12-06 00:00:00.000000000 Z
+date: 2017-12-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: devise
@@ -30,14 +30,14 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 2.7.2
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 2.7.2
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
@@ -56,16 +56,16 @@ dependencies:
   name: yard
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 0.9.11
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 0.9.11
 - !ruby/object:Gem::Dependency
   name: rdoc
   requirement: !ruby/object:Gem::Requirement
@@ -342,7 +342,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.6.7
+rubygems_version: 2.7.3
 signing_key: 
 specification_version: 4
 summary: Authy plugin for Devise