kamiliff 0.30.0 → 0.34.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: ab829402ca3be1e4abb919a2aa749300880defcd4a83f34722295fde8c630a4d
-  data.tar.gz: 258646936128084b87188a5f8cff334a3a3eb10014802fa2ce2169d79cfd21ab
+  metadata.gz: 11cfdd6d0774b7633ec67141f49a41b8c34a6ae057f076bf91aaae555538236b
+  data.tar.gz: c2a05f104e9c15bfa8a287a25b7d8686d5e72d9798282af560b0f7bc274f3642
 SHA512:
-  metadata.gz: 133c3d84174a56c589d79c26c29786b1e68d5fd38e6dd72f50061b3a6d8c0f7c51bfe5fec6365744f5c9a6564c23825597f3454e0ac546f15442c9b30689c11d
-  data.tar.gz: '0484a56b8f8d10c570d6377f745cdc441a8a2dca505468530da92f48bee0a23eadd13fdf4e9647c71f4e1ec5d9b5a75bf17add44d0d3274895bc0e099a33603b'
+  metadata.gz: 2a69c31a08788456a74fd2211ca1d607b87f69f5b1c6b0e56d43466f84225b768069637680d5c567091918c8999d1d0e1cd1a594015edd9423a3b54928917b46
+  data.tar.gz: c3cd30b0d24bb39ec6ff7c6fe4c8fa19f436a56e967db1461904e21c7fa4ada0ebb2e9f4a7ea633f4bbe09f3a31f26f396f1816b8153a34f8eb14e90d5574c94

data/README.md

@@ -123,3 +123,9 @@ Create by [etrex](https://etrex.tw)
 
 ## License
 The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).
+
+## How to test this gem
+
+```
+rails t
+```

data/app/controllers/liff_controller.rb

@@ -23,7 +23,7 @@ class LiffController < ActionController::Base
     # fix liff 2.0 redirect issue
     @need_reload = query["liff.state"].present?
 
-    # 需要從 session 讀取 @liff_param
+    # 需要從 session 讀取 @liff_param (使用電腦開啟 LIFF 頁面，第一次登入時的情況)
     if query["liffRedirectUri"].present?
       @liff_param = Base64DecodeService.new(session[:liff_param]).run
       session[:liff_param] = nil
@@ -75,22 +75,62 @@ class LiffController < ActionController::Base
     res&.to_s || e.full_message
   end
 
+
+  # profile format
+  # {
+  #   "userId"=>"U1234567890abcdefghijklmnopqrstuv",
+  #   "displayName"=>"user name",
+  #   "statusMessage"=>"user status message",
+  #   "pictureUrl"=>"https://this.is.an.image.url"
+  # }
   def source_info
     context = params["context"]
-    return nil if context.nil?
-
-    source_type = context["type"].gsub("utou", "user")
-    source_group_id = context["roomId"] || context["groupId"] || context["userId"]
-    source_user_id = context["userId"]
+    return {
+      platform_type: 'line',
+      liff_error: 'context not found',
+    } if context.nil?
 
     profile = params["profile"]
+    return {
+      platform_type: 'line',
+      liff_error: 'profile not found',
+    } if profile.nil?
+
+    # authorize the user id
+    decoded_id_token = get_decoded_id_token
+    return {
+      platform_type: 'line',
+      liff_error: 'user id does not match',
+    } unless decoded_id_token["sub"] == context["userId"] && decoded_id_token["sub"] == profile["userId"]
+
+    source_type = context["type"].gsub("utou", "user")
+    source_group_id = context["roomId"] || context["groupId"] || decoded_id_token["sub"]
+    source_user_id = decoded_id_token["sub"]
 
     {
       platform_type: 'line',
       source_type: source_type,
       source_group_id: source_group_id,
       source_user_id: source_user_id,
-      profile: profile
+      context: context,
+      profile: profile,
+      decoded_id_token: decoded_id_token
     }
   end
+
+  # decoded_id_token is JWT format
+  # {
+  #  "iss"=>"https://access.line.me",
+  #  "sub"=>"U1234567890abcdefghijklmnopqrstuv",
+  #  "aud"=>"1234567890",
+  #  "exp"=>1641638901,
+  #  "iat"=>1641635301,
+  #  "name"=>"user name",
+  #  "picture"=>"https://this.is.an.image.url"
+  # }
+  def get_decoded_id_token
+    id_token = params["idToken"]
+    Kamiliff.line_login_client.verify_id_token(id_token: id_token)
+  end
+
 end

data/app/views/liff/_send_messages.liff.erb

@@ -0,0 +1,16 @@
+<%
+  messages = [messages] if messages.is_a? Hash
+  messages = messages.to_json if messages.is_a? Array
+%>
+
+<script>
+  (function(){
+    async function send_messages(){
+      const messages = <%= raw messages %>;
+      await liff.sendMessages(messages);
+      liff.closeWindow();
+    }
+
+    send_messages();
+  })();
+</script>

data/app/views/liff/_share_target_picker.liff.erb

@@ -1,3 +1,8 @@
+<%
+  messages = [messages] if messages.is_a? Hash
+  messages = messages.to_json if messages.is_a? Array
+%>
+
 <script>
   (function(){
     async function share_target_picker(messages){

data/app/views/liff/entry.html.erb

@@ -38,12 +38,22 @@ let open_liff_page = (function(){
     }
   }
 
+  async function get_liff_profile(){
+    try{
+      return await liff.getProfile();
+    }catch(error){
+      return {};
+    }
+  }
+
   async function get_liff_data(){
-    const profile = await liff.getProfile();
+    const profile = await get_liff_profile();
     const context = liff.getContext();
+    const idToken = liff.getIDToken();
     return {
-      profile,
-      context
+      context,
+      idToken,
+      profile
     }
   }
 

data/config/initializers/mime_types.rb

@@ -3,4 +3,4 @@
 # Add new mime types for use in respond_to blocks:
 # Mime::Type.register "text/richtext", :rtf
 
-Mime::Type.register "text/html", :liff
+Mime::Type.register_alias "text/html", :liff

data/lib/kamiliff/version.rb

@@ -1,3 +1,3 @@
 module Kamiliff
-  VERSION = '0.30.0'
+  VERSION = '0.34.0'
 end

data/lib/kamiliff.rb

@@ -2,7 +2,50 @@ require "kamiliff/engine"
 require "kamiliff/services/base64_encode_service"
 require "kamiliff/services/base64_decode_service"
 require "kamiliff/services/liff_service"
+require "line_login"
 
 module Kamiliff
-  # Your code goes here...
+  # env
+  mattr_writer :line_login_channel_id
+  mattr_writer :line_login_channel_secret
+  mattr_writer :line_login_redirect_uri
+
+  mattr_writer :liff_url_compact
+  mattr_writer :liff_url_tall
+  mattr_writer :liff_url_full
+
+  def self.line_login_channel_id
+    @@line_login_channel_id || ENV["LINE_LOGIN_CHANNEL_ID"]
+  end
+
+  def self.line_login_channel_secret
+    @@line_login_channel_secret || ENV["LINE_LOGIN_CHANNEL_SECRET"]
+  end
+
+  def self.line_login_redirect_uri
+    @@line_login_redirect_uri || ENV["LINE_LOGIN_REDIRECT_URI"]
+  end
+
+  def self.liff_url_compact
+    @@liff_url_compact || ENV["LIFF_COMPACT"]
+  end
+
+  def self.liff_url_tall
+    @@liff_url_tall || ENV["LIFF_TALL"]
+  end
+
+  def self.liff_url_full
+    @@liff_url_full || ENV["LIFF_FULL"]
+  end
+
+  def self.line_login_client
+    @line_login_client ||= LineLogin::Client.new(
+      client_id: Kamiliff.line_login_channel_id,
+      client_secret: Kamiliff.line_login_channel_secret
+    )
+  end
+
+  def self.setup
+    yield self
+  end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: kamiliff
 version: !ruby/object:Gem::Version
-  version: 0.30.0
+  version: 0.34.0
 platform: ruby
 authors:
 - etrex kuo
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-07-24 00:00:00.000000000 Z
+date: 2022-01-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -24,6 +24,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: 5.0.0
+- !ruby/object:Gem::Dependency
+  name: line_login
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.1.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.1.0
 description: An easy way to use LINE Front-end Framework(LIFF) on rails.
 email:
 - et284vu065k3@gmail.com
@@ -39,6 +53,7 @@ files:
 - app/helpers/liff_helper.rb
 - app/views/layouts/application.liff.erb
 - app/views/layouts/liff.html.erb
+- app/views/liff/_send_messages.liff.erb
 - app/views/liff/_share_target_picker.liff.erb
 - app/views/liff/entry.html.erb
 - app/views/liff/route.html.erb
@@ -72,7 +87,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.2
+rubygems_version: 3.1.4
 signing_key:
 specification_version: 4
 summary: An easy way to use LINE Front-end Framework(LIFF) on rails.