omniauth-humanid 0.0.25 → 1.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Gemfile.lock +1 -1
- data/README.md +55 -22
- data/lib/omniauth-humanid.rb +6 -10
- data/omniauth-humanid.gemspec +2 -2
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: f4bc9196f2283e4f131635ef4d1aeed7c7870a55a7555e8c546c28fdd0f06eac
|
|
4
|
+
data.tar.gz: 340de736108b463ce81c404109179b3b44d2972bda377d86df67be776b0bc82a
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 91677e1ea06063748fac42aa84497786f6c514caa052ae4c68800427ad5487ae66c54009cd4dc534eb415e318fb4debc4b28b2eb35bc5113abd0eb66cc3aa66e
|
|
7
|
+
data.tar.gz: 1ba5d6c6a5ca2e2d22cc12d89ece24611c8fdd22622791c50b6a09a583b186495d5c5db9e4a6a4edfc3023b88217c07240d8e39adba67331325ff428d07e3a1a
|
data/Gemfile.lock
CHANGED
data/README.md
CHANGED
|
@@ -1,11 +1,13 @@
|
|
|
1
1
|
# Ruby/Rails OmniAuth for HumanID Alpha
|
|
2
2
|
|
|
3
|
+
status: working, but will wait a while to make sure before bumping to 1.0.0
|
|
4
|
+
|
|
3
5
|
Omniauth for humanID, a platform that prevents bots and increases privacy. HumanID is run by Human Internet,
|
|
4
6
|
a non-profit that is currently financed by organizations such as Harvard and the Mozilla Foundation (I love the Mozilla
|
|
5
7
|
Developer Network (MDN) which gives great javascript information).
|
|
6
8
|
|
|
7
9
|
HumanID works best when used as the only sign-up solution, due to this HumanID has to be highly trusted. This is where their
|
|
8
|
-
non-profit status steps in. HumanID has many
|
|
10
|
+
non-profit status steps in. HumanID has many benefits:
|
|
9
11
|
|
|
10
12
|
1. Increased privacy for users through both technical innovations and legal responsibilities.
|
|
11
13
|
2. Making bots inconvienient by requiring phone verification.
|
|
@@ -16,6 +18,8 @@ non-profit status steps in. HumanID has many benifits:
|
|
|
16
18
|
|
|
17
19
|
## Installation
|
|
18
20
|
|
|
21
|
+
This gem relies on the [omniauth gem](https://github.com/omniauth/omniauth). It was also developed along-side [devise](https://github.com/heartcombo/devise), but should work without it, some of the configuration may change though.
|
|
22
|
+
|
|
19
23
|
Add this line to your application's Gemfile:
|
|
20
24
|
|
|
21
25
|
```ruby
|
|
@@ -54,9 +58,39 @@ Update as normal.
|
|
|
54
58
|
= form_with url: user_humanid_omniauth_authorize_path, method: :post do
|
|
55
59
|
%input{type: :image, src: image_pack_path("icons/sign_in_logos/humanID.svg"), alt: "Anonymous Login with humanID"}
|
|
56
60
|
```
|
|
57
|
-
5. Create your callback area
|
|
58
|
-
- This area is generally supposed to be customizable, as you might have a
|
|
59
|
-
|
|
61
|
+
5. Create your callback area
|
|
62
|
+
- This area is generally supposed to be customizable, as you might have a different model name, want to attach some validations, etc, etc. So it is not included in the gem, but is here a partial implementation of it.
|
|
63
|
+
```ruby
|
|
64
|
+
#in the omnath_callbacks_controller.rb file
|
|
65
|
+
def accept_country_code?(code)
|
|
66
|
+
true
|
|
67
|
+
end
|
|
68
|
+
def humanid
|
|
69
|
+
omau = request.env['omniauth.auth']
|
|
70
|
+
uid = omau.info.appUserId
|
|
71
|
+
country_code = omau.info.countryCode
|
|
72
|
+
provider = omau.provider
|
|
73
|
+
Rails.logger.info("#{provider} - #{country_code} - #{uid}")
|
|
74
|
+
|
|
75
|
+
unless accept_country_code?(country_code)
|
|
76
|
+
redirect_to root_path, flash: {info: "phone number's country-code not accepted at this time"}
|
|
77
|
+
return
|
|
78
|
+
end
|
|
79
|
+
|
|
80
|
+
user = User.find_by(provider: provider, uid: uid)
|
|
81
|
+
if user
|
|
82
|
+
#allready have an account, sign them in
|
|
83
|
+
sign_in_and_redirect user, event: :authentication
|
|
84
|
+
else
|
|
85
|
+
request.session['signup'] ||= {}
|
|
86
|
+
request.session["signup"]["provider"] = provider
|
|
87
|
+
request.session["signup"]["uid"] = uid
|
|
88
|
+
request.session["signup"]["country_code"] = country_code
|
|
89
|
+
#continue the signup process, perhaps with a redirect, or create the user here,
|
|
90
|
+
#and redirect to the main website.
|
|
91
|
+
end
|
|
92
|
+
end
|
|
93
|
+
```
|
|
60
94
|
|
|
61
95
|
## Additional configuration
|
|
62
96
|
|
|
@@ -67,6 +101,7 @@ additional configuration can be set in your initializer file at the same area an
|
|
|
67
101
|
- humanid_version: version string that goes in the url. Defaults to 'v0.0.3'. If humanid updates this may need to be updated aswell.
|
|
68
102
|
- priority_country: not sure exactly what this does or how to use it, but it was in the docs so i added it as an option. Defaults to nil.
|
|
69
103
|
- external_signup_url: the web login url. Defaults to: "https://core.human-id.org/[HUMANID_VERSION]/server/users/web-login". [HUMANID_VERSION] gets substituted by humanid_version above.
|
|
104
|
+
- exchange_url: the exchange url. Defaults to: "https://core.human-id.org/[HUMANID_VERSION]/server/users/exchange". [HUMANID_VERSION] gets substituted by humanid_version above.
|
|
70
105
|
|
|
71
106
|
### Devise without emails/passwords
|
|
72
107
|
|
|
@@ -82,11 +117,11 @@ Although Devise is easier to deal with without usernames / passwords, it takes a
|
|
|
82
117
|
2. In your devise.rb initializer file, make sure to set authentication_keys to []
|
|
83
118
|
3. delete or comment out the selections in devise.rb related to number 1.
|
|
84
119
|
4. I had to add back the route below:
|
|
85
|
-
```ruby
|
|
86
|
-
as :user do
|
|
87
|
-
|
|
88
|
-
end
|
|
89
|
-
```
|
|
120
|
+
```ruby
|
|
121
|
+
as :user do
|
|
122
|
+
delete "/users/sign_out" => "users/sessions#destroy"
|
|
123
|
+
end
|
|
124
|
+
```
|
|
90
125
|
5. For development you may have to create a seperate way to login/signup for testing purposes. You can do this by sending a form that implements the method 'sign_in_and_redirect user, event: :authentication', or that sets fake values for signup. MAKE SURE THIS METHOD IS ONLY ACTIVE DURING DEVELOPMENT. I have a version of this below:
|
|
91
126
|
- in my routes.rb:
|
|
92
127
|
```ruby
|
|
@@ -98,24 +133,22 @@ end
|
|
|
98
133
|
```
|
|
99
134
|
- in my OmniauthCallbacksController override (see devise documentation):
|
|
100
135
|
```ruby
|
|
101
|
-
def callback_common(provider, uid)
|
|
102
|
-
user = User.from_omniauth(provider, uid)
|
|
103
|
-
if user
|
|
104
|
-
#allready have an account, sign them in
|
|
105
|
-
sign_in_and_redirect user, event: :authentication # this will throw if user is not activated
|
|
106
|
-
else
|
|
107
|
-
request.session['signup'] ||= {}
|
|
108
|
-
request.session["signup"]["provider"] = provider
|
|
109
|
-
request.session["signup"]["uid"] = uid
|
|
110
|
-
raise StandardError.new("REPLACE THIS ERROR WITH A REDIRECT TO FINISH SIGNUP")
|
|
111
|
-
end
|
|
112
|
-
end
|
|
113
136
|
if Rails.env.development?
|
|
114
137
|
def callback_override
|
|
115
138
|
raise StandardError.new("nope") unless Rails.env.development?
|
|
116
139
|
provider = 'override'
|
|
117
140
|
uid = params['uid']
|
|
118
|
-
|
|
141
|
+
user = User.find_by(provider: provider, uid: uid)
|
|
142
|
+
if user
|
|
143
|
+
#allready have an account, sign them in
|
|
144
|
+
sign_in_and_redirect user, event: :authentication # this will throw if user is not activated
|
|
145
|
+
else
|
|
146
|
+
request.session['signup'] ||= {}
|
|
147
|
+
request.session["signup"]["provider"] = provider
|
|
148
|
+
request.session["signup"]["uid"] = uid
|
|
149
|
+
request.session["signup"]["country_code"] = 'US'
|
|
150
|
+
#continue your usual sign-up process. Note for the override strategy that the username is the uid.
|
|
151
|
+
end
|
|
119
152
|
end
|
|
120
153
|
end
|
|
121
154
|
```
|
data/lib/omniauth-humanid.rb
CHANGED
|
@@ -4,7 +4,7 @@ module OmniAuth
|
|
|
4
4
|
module Strategies
|
|
5
5
|
class Humanid
|
|
6
6
|
include OmniAuth::Strategy
|
|
7
|
-
#Omniauth strategy creation guide be useful
|
|
7
|
+
#Omniauth strategy creation guide can be useful
|
|
8
8
|
#- https://github.com/omniauth/omniauth/wiki/Strategy-Contribution-Guide
|
|
9
9
|
#- note the request_phase and the callback_phase
|
|
10
10
|
|
|
@@ -62,7 +62,7 @@ module OmniAuth
|
|
|
62
62
|
|
|
63
63
|
#get uri
|
|
64
64
|
uri = get_external_signup_uri
|
|
65
|
-
Rails.logger.debug "
|
|
65
|
+
Rails.logger.debug "uri: #{uri.to_s}"
|
|
66
66
|
#make a post request (but dont send it yet)
|
|
67
67
|
post_request = Net::HTTP::Post.new(uri)
|
|
68
68
|
#set the headers as per docs.
|
|
@@ -108,9 +108,8 @@ module OmniAuth
|
|
|
108
108
|
#this is done in the verify exchange token step in the humanID docs.
|
|
109
109
|
|
|
110
110
|
#get the exchange_token from the humanID callback
|
|
111
|
-
Rails.logger.info("
|
|
111
|
+
Rails.logger.info("humanid callback phase")
|
|
112
112
|
exchange_token = request.params['et']
|
|
113
|
-
Rails.logger.info("EXCHANGE TOKEN: #{exchange_token}")
|
|
114
113
|
|
|
115
114
|
#create the request (as per the humanID docs)
|
|
116
115
|
uri = get_exchange_uri
|
|
@@ -121,10 +120,9 @@ module OmniAuth
|
|
|
121
120
|
post_request.body = {"exchangeToken" => exchange_token}.to_json
|
|
122
121
|
#send the request, get the response.
|
|
123
122
|
res = Net::HTTP.start(uri.hostname, uri.port, use_ssl: true){|http| http.request(post_request)}
|
|
124
|
-
Rails.logger.info("RESPONSE: #{res}")
|
|
125
123
|
if res.code == "200"
|
|
126
124
|
self.raw_info = JSON.parse(res.body)
|
|
127
|
-
Rails.logger.info("
|
|
125
|
+
Rails.logger.info("humanid callback phase: success")
|
|
128
126
|
super
|
|
129
127
|
else
|
|
130
128
|
str = "Issue with the callback_phase of humanid omniauth, response from human id has code: #{res.code}, and body: #{res.body}"
|
|
@@ -133,13 +131,11 @@ module OmniAuth
|
|
|
133
131
|
end
|
|
134
132
|
end
|
|
135
133
|
|
|
136
|
-
#not a method? Some DSL magic that is not explained in docs.
|
|
134
|
+
#not a method? Some DSL magic that is not explained in docs.
|
|
135
|
+
#tried to do the same with uid but it didn't work. Either way its accessible now
|
|
137
136
|
info do
|
|
138
137
|
raw_info['data']
|
|
139
138
|
end
|
|
140
|
-
uid do
|
|
141
|
-
raw_info['data']['userAppId']
|
|
142
|
-
end
|
|
143
139
|
end
|
|
144
140
|
end
|
|
145
141
|
end
|
data/omniauth-humanid.gemspec
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
version = '0.0
|
|
1
|
+
version = '1.0.0'
|
|
2
2
|
#version must be on the first line for the update script
|
|
3
3
|
|
|
4
4
|
Gem::Specification.new do |spec|
|
|
@@ -29,4 +29,4 @@ Gem::Specification.new do |spec|
|
|
|
29
29
|
spec.bindir = "exe"
|
|
30
30
|
spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
|
|
31
31
|
spec.require_paths = ["lib"]
|
|
32
|
-
end
|
|
32
|
+
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: omniauth-humanid
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0
|
|
4
|
+
version: 1.0.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Luke Clancy
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-08
|
|
11
|
+
date: 2022-09-08 00:00:00.000000000 Z
|
|
12
12
|
dependencies: []
|
|
13
13
|
description:
|
|
14
14
|
email:
|