kamiliff 0.32.0 → 0.33.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 36670cc34affa11b01f78976bd3630a7a5cae7061f420a83e4c5a4ae4e49c118
-  data.tar.gz: 439962ffdba9c96506dd942d876c28888d6c49054db21faa7e19454f598c3d9c
+  metadata.gz: c1af1031691e8a44c53de0db7b33a2b0b6780c745e2132045ab423cad8ba8af9
+  data.tar.gz: a8735c527d1aa12471dd28c240e5cebb4e69cb3c15c95bd2e5c77ea5d845d26d
 SHA512:
-  metadata.gz: ad8417dbe7cdd11be8b7a147887812485ea313994795673479432997f0bd94d2f896c05bde1b30eedd74b7d1157ae92d8d9d7f97327cd45944e4b6472ff49e01
-  data.tar.gz: e89b3b1e26bb1f9ba1d76c388dff2029cd0e344f2187330c8930607401b697c0c093c6e008a84afb60cf96203f94788e01d4b847e2f8828b47dcae77f5cdf5bb
+  metadata.gz: 0a8b0cf61a6a580a936ea67dfc384d02dbf155ebdcc647a06ee82fd1f1077bf837ca3b4af7d4024701c919f136fcf7680e3fb6f39bcf8e17656b538df8701d25
+  data.tar.gz: a6f69448aa55004ba4561dfb6c95c54fccc27232a97a982f48c0909b932d017a672e50c9e9ef46fde9657cd2d4a23b2c0c82e26f0efe812e6ef3c09c16c05642

data/app/controllers/liff_controller.rb

@@ -23,7 +23,7 @@ class LiffController < ActionController::Base
     # fix liff 2.0 redirect issue
     @need_reload = query["liff.state"].present?
 
-    # 需要從 session 讀取 @liff_param
+    # 需要從 session 讀取 @liff_param (使用電腦開啟 LIFF 頁面，第一次登入時的情況)
     if query["liffRedirectUri"].present?
       @liff_param = Base64DecodeService.new(session[:liff_param]).run
       session[:liff_param] = nil
@@ -75,22 +75,53 @@ class LiffController < ActionController::Base
     res&.to_s || e.full_message
   end
 
+
+  # profile format
+  # {
+  #   "userId"=>"U1234567890abcdefghijklmnopqrstuv",
+  #   "displayName"=>"user name",
+  #   "statusMessage"=>"user status message",
+  #   "pictureUrl"=>"https://this.is.an.image.url"
+  # }
   def source_info
     context = params["context"]
-    return nil if context.nil?
-
-    source_type = context["type"].gsub("utou", "user")
-    source_group_id = context["roomId"] || context["groupId"] || context["userId"]
-    source_user_id = context["userId"]
+    return {} if context.nil?
 
     profile = params["profile"]
+    return {} if profile.nil?
+
+    # authorize the user id
+    decoded_id_token = get_decoded_id_token
+    return {} unless decoded_id_token["sub"] == profile["userId"] && decoded_id_token["sub"] == profile["userId"]
+
+    source_type = context["type"].gsub("utou", "user")
+    source_group_id = context["roomId"] || context["groupId"] || decoded_id_token["sub"]
+    source_user_id = decoded_id_token["sub"]
 
     {
       platform_type: 'line',
       source_type: source_type,
       source_group_id: source_group_id,
       source_user_id: source_user_id,
-      profile: profile
+      context: context,
+      profile: profile,
+      decoded_id_token: decoded_id_token
     }
   end
+
+  # decoded_id_token is JWT format
+  # {
+  #  "iss"=>"https://access.line.me",
+  #  "sub"=>"U1234567890abcdefghijklmnopqrstuv",
+  #  "aud"=>"1234567890",
+  #  "exp"=>1641638901,
+  #  "iat"=>1641635301,
+  #  "name"=>"user name",
+  #  "picture"=>"https://this.is.an.image.url"
+  # }
+  def get_decoded_id_token
+    id_token = params["idToken"]
+    Kamiliff.line_login_client.verify_id_token(id_token: id_token)
+  end
+
 end

data/app/views/liff/entry.html.erb

@@ -49,9 +49,11 @@ let open_liff_page = (function(){
   async function get_liff_data(){
     const profile = await get_liff_profile();
     const context = liff.getContext();
+    const idToken = liff.getIDToken();
     return {
-      profile,
-      context
+      context,
+      idToken,
+      profile
     }
   }
 

data/lib/kamiliff/version.rb

@@ -1,3 +1,3 @@
 module Kamiliff
-  VERSION = '0.32.0'
+  VERSION = '0.33.0'
 end

data/lib/kamiliff.rb

@@ -2,7 +2,50 @@ require "kamiliff/engine"
 require "kamiliff/services/base64_encode_service"
 require "kamiliff/services/base64_decode_service"
 require "kamiliff/services/liff_service"
+require "line_login"
 
 module Kamiliff
-  # Your code goes here...
+  # env
+  mattr_writer :line_login_channel_id
+  mattr_writer :line_login_channel_secret
+  mattr_writer :line_login_redirect_uri
+
+  mattr_writer :liff_url_compact
+  mattr_writer :liff_url_tall
+  mattr_writer :liff_url_full
+
+  def self.line_login_channel_id
+    @@line_login_channel_id || ENV["LINE_LOGIN_CHANNEL_ID"]
+  end
+
+  def self.line_login_channel_secret
+    @@line_login_channel_secret || ENV["LINE_LOGIN_CHANNEL_SECRET"]
+  end
+
+  def self.line_login_redirect_uri
+    @@line_login_redirect_uri || ENV["LINE_LOGIN_REDIRECT_URI"]
+  end
+
+  def self.liff_url_compact
+    @@liff_url_compact || ENV["LIFF_COMPACT"]
+  end
+
+  def self.liff_url_tall
+    @@liff_url_tall || ENV["LIFF_TALL"]
+  end
+
+  def self.liff_url_full
+    @@liff_url_full || ENV["LIFF_FULL"]
+  end
+
+  def self.line_login_client
+    @line_login_client ||= LineLogin::Client.new(
+      client_id: Kamiliff.line_login_channel_id,
+      client_secret: Kamiliff.line_login_channel_secret
+    )
+  end
+
+  def self.setup
+    yield self
+  end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: kamiliff
 version: !ruby/object:Gem::Version
-  version: 0.32.0
+  version: 0.33.0
 platform: ruby
 authors:
 - etrex kuo
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-10-11 00:00:00.000000000 Z
+date: 2022-01-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -24,6 +24,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: 5.0.0
+- !ruby/object:Gem::Dependency
+  name: line_login
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.1.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.1.0
 description: An easy way to use LINE Front-end Framework(LIFF) on rails.
 email:
 - et284vu065k3@gmail.com