RubyGems - passageidentity - Versions diffs - 0.0.3 → 0.0.6 - Mend

passageidentity 0.0.3 → 0.0.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (22) hide show

checksums.yaml +4 -4
data/.github/workflows/deploy.yml +30 -0
data/.github/workflows/on_pr.yml +34 -0
data/.gitignore +1 -2
data/CONTRIBUTING.md +12 -11
data/lib/passageidentity/auth.rb +61 -18
data/lib/passageidentity/client.rb +75 -52
data/lib/passageidentity/user_api.rb +101 -101
data/lib/passageidentity.rb +2 -2
data/passageidentity.gemspec +2 -1
data/tests/all.rb +3 -2
data/tests/app_test.rb +15 -0
data/tests/auth_test.rb +15 -0
data/tests/magic_link_test.rb +8 -7
data/tests/user_api_test.rb +17 -16
metadata +24 -12
data/lib/passage/auth.rb +0 -35
data/lib/passage/client.rb +0 -39
data/lib/passage/request.rb +0 -32
data/lib/passage/user.rb +0 -0
data/lib/passage.rb +0 -9
data/passage-ruby +0 -1

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: a592cfe2a08870771b7bb52f737eada85f6b631bf6570a1f239a2187667352b4
-  data.tar.gz: 48e62a0beb94c042a0dffbeae6ea62dcb10010ad13e418d7c3958acf0d6aa8b3
+  metadata.gz: 2a690a22154faaee08c7f917391722ba209f13eed6b321a71112906c45c94c4b
+  data.tar.gz: 33d3a29b62ef42d6239d31082a06e9fc070271e4ebbccfa612fe0b6610c6dc58
 SHA512:
-  metadata.gz: b6ef3d1a59fb0e04597003fba47d6d5d73ccf9b0a47a5e25f99d7298adf2e656ba1d8b1f01303dcc8b7dd91b57f29ec8e66f906b5f05fe77f551845a706188af
-  data.tar.gz: 6560d66712f9bccfd9d0f80eb30bbf5e45602a25cb5099e77461891be284831f0db73a551b7d764df302fae6450b7af86a39494509acbdbd2c027580ba984fec
+  metadata.gz: 205210cafaa264ea5b1709c9d09a98f37d4f0c5c306a435a5b59972ed620160ad73a5bda9eb610e0df1204127d75c21b4f7138e9ffa5ea41b3a710c7d8098159
+  data.tar.gz: b06a3b13b4f95c3439f3acefee1872656ac151e88d0fa88e0a1b4800662114de2e25c745020ca26de21321b1c0db4f95ee03a977ed8950492e309fd134be6e0e

data/.github/workflows/deploy.yml ADDED Viewed

@@ -0,0 +1,30 @@
+name: Deploy Ruby Gem
+on:
+  push:
+    branches: [main]
+jobs:
+  build:
+    name: Build + Publish
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+    steps:
+      - uses: actions/checkout@v2
+      - uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: '3.0'
+      - name: Publish to RubyGems
+        run: |
+          mkdir -p $HOME/.gem
+          touch $HOME/.gem/credentials
+          chmod 0600 $HOME/.gem/credentials
+          printf -- "---\n:rubygems_api_key: ${GEM_HOST_API_KEY}\n" > $HOME/.gem/credentials
+          gem build *.gemspec
+          gem push *.gem
+        env:
+          GEM_HOST_API_KEY: "${{secrets.RUBYGEMS_AUTH_TOKEN}}"

data/.github/workflows/on_pr.yml ADDED Viewed

@@ -0,0 +1,34 @@
+name: PR Checks
+on:
+  pull_request:
+    branches: [ main ]
+env:
+  API_KEY: ${{ secrets.API_KEY }}
+  APP_ID: ${{ secrets.APP_ID }}
+  PSG_JWT: ${{ secrets.PSG_JWT }}
+  TEST_USER_ID: ${{ secrets.TEST_USER_ID }}
+jobs:
+  build:
+    name: Test and Lint
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v2
+    - uses: ruby/setup-ruby@v1
+      with:
+        ruby-version: '3.0'
+    - name: Run Tests
+      run: |
+        gem build passageidentity.gemspec -o test.gem
+        gem install test.gem
+        rm test.gem
+        ruby tests/all.rb
+    - name: Run Linting
+      run: |
+        npm install -g prettier @prettier/plugin-ruby
+        gem install bundler prettier_print syntax_tree syntax_tree-haml syntax_tree-rbs
+        prettier --check '**/*.rb'

data/.gitignore CHANGED Viewed

@@ -10,8 +10,7 @@
 /test/version_tmp/
 /tmp/
-/tests/environment.rb
+.env
 # Used by dotenv library to load environment variables.
 # .env

data/CONTRIBUTING.md CHANGED Viewed

@@ -5,8 +5,8 @@
 Install the gem
 ```
-gem build passageidentity.gemspec
-gem install ./passageidentity-0.0.1.gem
+gem build passageidentity.gemspec -o {$FILE_NAME}.gem
+gem install ./{$FILE_NAME}.gem
 ```
 Test it out:
@@ -27,6 +27,15 @@ ruby tests/all.rb
 ruby tests/*_test.rb
 ```
+Run Linter:
+```
+npm install -g prettier @prettier/plugin-ruby
+gem install bundler prettier_print syntax_tree syntax_tree-haml syntax_tree-rbs
+prettier --write '**/*.rb'
+```
 To test in the example app, change the Gemfile to include this path:
 ```
@@ -45,21 +54,13 @@ Enter host password for user '<username>':
 ```
 ```
-<<<<<<< HEAD
 gem push passage-0.0.0.gem
 ```
 You can check for the gem here:
 ```
 gem list -r passage
 ```
-=======
-gem push passageidentity-0.0.0.gem
-```
-You can check for the gem here:
-```
-gem list -r passageidentity
 ```
->>>>>>> 2d0e3f6dc3b40c621c8d16506fa6ab43b0fba673

data/lib/passageidentity/auth.rb CHANGED Viewed

@@ -1,61 +1,104 @@
-require 'openssl'
-require 'base64'
-require 'jwt'
-require_relative 'client'
+require "openssl"
+require "base64"
+require "jwt"
+require_relative "client"
 module Passage
   class Auth
-    def initialize(app_id, auth_strategy, public_key, auth_origin)
+    @@app_cache = {}
+    def initialize(app_id, auth_strategy, connection)
       @app_id = app_id
       @auth_strategy = auth_strategy
-      @auth_origin = auth_origin
+      @connection = connection
-      # bas64 decode and then parse the public key
-      # when we have JWKS endpoint, this will get easier I think
-      @public_key = OpenSSL::PKey::RSA.new(Base64.decode64(public_key))
+      fetch_jwks
+    end
+    def fetch_app()
+      begin
+        response = @connection.get("/v1/apps/#{@app_id}")
+        return response.body["app"]
+      rescue Faraday::Error => e
+        raise PassageError,
+              "failed to get Passage App. Http Status: #{e.response[:status]}. Response: #{e.response[:body]["error"]}"
+      end
+    end
+    def fetch_jwks()
+      if @@app_cache[@app_id]
+        @jwks, @auth_origin = @@app_cache[@app_id]
+      else
+        app = fetch_app
+        auth_gw_connection =
+          Faraday.new(url: "https://auth.passage.id") do |f|
+            f.request :json
+            f.request :retry
+            f.response :raise_error
+            f.response :json
+            f.adapter :net_http
+          end
+        # fetch the public key if not in cache
+        app = fetch_app
+        @auth_origin = app["auth_origin"]
+        response =
+          auth_gw_connection.get("/v1/apps/#{@app_id}/.well-known/jwks.json")
+        @jwks = response.body
+        @@app_cache[@app_id] ||= [@jwks, @auth_origin]
+      end
     end
     def authenticate_request(request)
       # Get the token based on the strategy
       if @auth_strategy === Passage::COOKIE_STRATEGY
-        unless request.cookies['psg_auth_token'].present?
+        unless request.cookies["psg_auth_token"].present?
           raise PassageError,
                 `missing authentication token: expected "psg_auth_token" cookie`
         end
-        @token = request.cookies['psg_auth_token']
+        @token = request.cookies["psg_auth_token"]
       else
         headers = request.headers
-        unless headers['Authorization'].present?
-          raise PassageError, 'no authentication token in header'
+        unless headers["Authorization"].present?
+          raise PassageError, "no authentication token in header"
         end
-        @token = headers['Authorization'].split(' ').last
+        @token = headers["Authorization"].split(" ").last
       end
       # authenticate the token
       if @token
         return authenticate_token(@token)
       else
-        raise PassageError, 'no authentication token'
+        raise PassageError, "no authentication token"
       end
       nil
     end
     def authenticate_token(token)
+      kid = JWT.decode(token, nil, false)[1]["kid"]
+      exists = false
+      for jwk in @jwks["keys"]
+        if jwk["kid"] == kid
+          exists = true
+          break
+        end
+      end
+      fetch_jwks unless exists
       begin
         claims =
           JWT.decode(
             token,
-            @public_key,
+            nil,
             true,
             {
               iss: @app_id,
               verify_iss: true,
               aud: @auth_origin,
               verify_aud: true,
-              algorithms: ['RS256']
+              algorithms: ["RS256"],
+              jwks: @jwks
             }
           )
-        return claims[0]['sub']
+        return claims[0]["sub"]
       rescue JWT::InvalidIssuerError => e
         raise Passage::PassageError, e.message
       rescue JWT::InvalidAudError => e

data/lib/passageidentity/client.rb CHANGED Viewed

@@ -1,10 +1,24 @@
 # frozen_string_literal: true
-require_relative 'auth'
-require_relative 'user_api'
-require_relative 'error'
+require_relative "auth"
+require_relative "user_api"
+require_relative "error"
 module Passage
+  App =
+    Struct.new :name,
+               :id,
+               :auth_origin,
+               :redirect_url,
+               :login_url,
+               :rsa_public_key,
+               :allowed_identifer,
+               :required_identifier,
+               :require_email_verification,
+               :session_timeout_length,
+               :user_metadata_schema,
+               :layouts,
+               keyword_init: true
   User =
     Struct.new :id,
                :status,
@@ -43,40 +57,36 @@ module Passage
   COOKIE_STRATEGY = 0
   HEADER_STRATEGY = 1
-  EMAIL_CHANNEL = 'email'
-  PHONE_CHANNEL = 'phone'
+  EMAIL_CHANNEL = "email"
+  PHONE_CHANNEL = "phone"
   class Client
-    @@app_cache = {}
     attr_reader :auth
     attr_reader :user
-    def initialize(app_id:, api_key: '', auth_strategy: COOKIE_STRATEGY)
-      @api_url = 'https://api.passage.id'
+    def initialize(app_id:, api_key: "", auth_strategy: COOKIE_STRATEGY)
+      @api_url = "https://api.passage.id"
       @app_id = app_id
       @api_key = api_key
       # check for valid auth strategy
       unless [COOKIE_STRATEGY, HEADER_STRATEGY].include? auth_strategy
-        raise PassageError, 'invalid auth strategy.'
+        raise PassageError, "invalid auth strategy."
       end
       @auth_strategy = auth_strategy
       # setup
       get_connection
-      fetch_public_key(@connection)
       # initialize auth class
-      @auth =
-        Passage::Auth.new(@app_id, @auth_strategy, @public_key, @auth_origin)
+      @auth = Passage::Auth.new(@app_id, @auth_strategy, @connection)
       # initialize user class
       @user = Passage::UserAPI.new(@connection, @app_id, @api_key)
     end
     def get_connection
-      if @api_key == ''
+      if @api_key == ""
         @connection =
           Faraday.new(url: @api_url) do |f|
             f.request :json
@@ -90,7 +100,7 @@ module Passage
           Faraday.new(
             url: @api_url,
             headers: {
-              'Authorization' => "Bearer #{@api_key}"
+              "Authorization" => "Bearer #{@api_key}"
             }
           ) do |f|
             f.request :json
@@ -102,66 +112,79 @@ module Passage
       end
     end
-    def fetch_public_key(conn)
-      if @@app_cache[@app_id]
-        @public_key, @auth_origin = @@app_cache[@app_id]
-      else
-        # fetch the public key if not in cache
-        response = conn.get("/v1/apps/#{@app_id}")
-        @public_key = response.body['app']['rsa_public_key']
-        @auth_origin = response.body['app']['auth_origin']
-        @@app_cache[@app_id] ||= [@public_key, @auth_origin]
+    def get_app()
+      begin
+        app_info = @auth.fetch_app()
+        return(
+          Passage::App.new(
+            name: app_info["name"],
+            id: app_info["id"],
+            auth_origin: app_info["auth_origin"],
+            redirect_url: app_info["redirect_url"],
+            login_url: app_info["login_url"],
+            rsa_public_key: app_info["rsa_public_key"],
+            allowed_identifer: app_info["allowed_identifer"],
+            required_identifier: app_info["required_identifier"],
+            require_email_verification: app_info["require_email_verification"],
+            session_timeout_length: app_info["session_timeout_length"],
+            user_metadata_schema: app_info["user_metadata_schema"],
+            layouts: app_info["layouts"]
+          )
+        )
+      rescue => e
+        raise e
       end
     end
     def create_magic_link(
-      user_id: '',
-      email: '',
-      phone: '',
-      channel: '',
+      user_id: "",
+      email: "",
+      phone: "",
+      channel: "",
       send: false,
-      magic_link_path: '',
-      redirect_url: '',
+      magic_link_path: "",
+      redirect_url: "",
       ttl: 60
     )
       magic_link_req = {}
-      magic_link_req['user_id'] = user_id unless user_id.empty?
-      magic_link_req['email'] = email unless email.empty?
-      magic_link_req['phone'] = phone unless phone.empty?
+      magic_link_req["user_id"] = user_id unless user_id.empty?
+      magic_link_req["email"] = email unless email.empty?
+      magic_link_req["phone"] = phone unless phone.empty?
       # check to see if the channel specified is valid before sending it off to the server
       unless [PHONE_CHANNEL, EMAIL_CHANNEL].include? channel
         raise PassageError,
-              'channel: must be either Passage::EMAIL_CHANNEL or Passage::PHONE_CHANNEL'
+              "channel: must be either Passage::EMAIL_CHANNEL or Passage::PHONE_CHANNEL"
       end
-      magic_link_req['channel'] = channel unless channel.empty?
-      magic_link_req['send'] = send
-      magic_link_req['magic_link_path'] = magic_link_path unless magic_link_path
-        .empty?
-      magic_link_req['redirect_url'] = redirect_url unless redirect_url.empty?
-      magic_link_req['ttl'] = ttl unless ttl == 0
+      magic_link_req["channel"] = channel unless channel.empty?
+      magic_link_req["send"] = send
+      magic_link_req[
+        "magic_link_path"
+      ] = magic_link_path unless magic_link_path.empty?
+      magic_link_req["redirect_url"] = redirect_url unless redirect_url.empty?
+      magic_link_req["ttl"] = ttl unless ttl == 0
       begin
         response =
           @connection.post("/v1/apps/#{@app_id}/magic-links", magic_link_req)
-        magic_link = response.body['magic_link']
+        magic_link = response.body["magic_link"]
         return(
           Passage::MagicLink.new(
-            id: magic_link['id'],
-            secret: magic_link['secret'],
-            activated: magic_link['activated'],
-            user_id: magic_link['user_id'],
-            app_id: magic_link['app_id'],
-            identifier: magic_link['identifier'],
-            type: magic_link['type'],
-            redirect_url: magic_link['redirect_url'],
-            ttl: magic_link['ttl'],
-            url: magic_link['url']
+            id: magic_link["id"],
+            secret: magic_link["secret"],
+            activated: magic_link["activated"],
+            user_id: magic_link["user_id"],
+            app_id: magic_link["app_id"],
+            identifier: magic_link["identifier"],
+            type: magic_link["type"],
+            redirect_url: magic_link["redirect_url"],
+            ttl: magic_link["ttl"],
+            url: magic_link["url"]
           )
         )
       rescue Faraday::Error => e
         raise PassageError,
-              "failed to create Passage Magic Link. Http Status: #{e.response[:status]}. Response: #{e.response[:body]['error']}"
+              "failed to create Passage Magic Link. Http Status: #{e.response[:status]}. Response: #{e.response[:body]["error"]}"
       end
     end
   end

data/lib/passageidentity/user_api.rb CHANGED Viewed

@@ -1,4 +1,4 @@
-require_relative 'client'
+require_relative "client"
 module Passage
   class UserAPI
@@ -10,26 +10,26 @@ module Passage
     end
     def get(user_id:)
-      raise PassageError, 'must supply a valid user_id' if user_id.to_s.empty?
+      raise PassageError, "must supply a valid user_id" if user_id.to_s.empty?
       begin
         response = @connection.get("/v1/apps/#{@app_id}/users/#{user_id}")
-        user = response.body['user']
+        user = response.body["user"]
         user.transform_keys(&:to_sym)
         return(
           Passage::User.new(
-            id: user['id'],
-            status: user['status'],
-            email: user['email'],
-            phone: user['phone'],
-            email_verified: user['email_verified'],
-            created_at: user['created_at'],
-            updated_at: user['updated_at'],
-            last_login_at: user['last_login_at'],
-            login_count: user['login_count'],
-            webauthn: user['webauthn'],
-            webauthn_devices: user['webauthn_devices'],
-            recent_events: user['recent_events'],
-            user_metadata: user['user_metadata']
+            id: user["id"],
+            status: user["status"],
+            email: user["email"],
+            phone: user["phone"],
+            email_verified: user["email_verified"],
+            created_at: user["created_at"],
+            updated_at: user["updated_at"],
+            last_login_at: user["last_login_at"],
+            login_count: user["login_count"],
+            webauthn: user["webauthn"],
+            webauthn_devices: user["webauthn_devices"],
+            recent_events: user["recent_events"],
+            user_metadata: user["user_metadata"]
           )
         )
       rescue Faraday::Error => e
@@ -38,32 +38,32 @@ module Passage
                 "passage User with ID \"#{user_id}\" does not exist"
         else
           raise PassageError,
-                "failed to get Passage User. Http Status: #{e.response[:status]}. Response: #{e.response[:body]['error']}"
+                "failed to get Passage User. Http Status: #{e.response[:status]}. Response: #{e.response[:body]["error"]}"
         end
       end
     end
     def activate(user_id:)
-      raise PassageError, 'must supply a valid user_id' if user_id.to_s.empty?
+      raise PassageError, "must supply a valid user_id" if user_id.to_s.empty?
       begin
         response =
           @connection.patch("/v1/apps/#{@app_id}/users/#{user_id}/activate")
-        user = response.body['user']
+        user = response.body["user"]
         return(
           Passage::User.new(
-            id: user['id'],
-            status: user['status'],
-            email: user['email'],
-            phone: user['phone'],
-            email_verified: user['email_verified'],
-            created_at: user['created_at'],
-            updated_at: user['updated_at'],
-            last_login_at: user['last_login_at'],
-            login_count: user['login_count'],
-            webauthn: user['webauthn'],
-            webauthn_devices: user['webauthn_devices'],
-            recent_events: user['recent_events'],
-            user_metadata: user['user_metadata']
+            id: user["id"],
+            status: user["status"],
+            email: user["email"],
+            phone: user["phone"],
+            email_verified: user["email_verified"],
+            created_at: user["created_at"],
+            updated_at: user["updated_at"],
+            last_login_at: user["last_login_at"],
+            login_count: user["login_count"],
+            webauthn: user["webauthn"],
+            webauthn_devices: user["webauthn_devices"],
+            recent_events: user["recent_events"],
+            user_metadata: user["user_metadata"]
           )
         )
       rescue Faraday::Error => e
@@ -72,32 +72,32 @@ module Passage
                 "passage User with ID \"#{user_id}\" does not exist"
         else
           raise PassageError,
-                "failed to activate Passage User. Http Status: #{e.response[:status]}. Response: #{e.response[:body]['error']}"
+                "failed to activate Passage User. Http Status: #{e.response[:status]}. Response: #{e.response[:body]["error"]}"
         end
       end
     end
     def deactivate(user_id:)
-      raise PassageError, 'must supply a valid user_id' if user_id.to_s.empty?
+      raise PassageError, "must supply a valid user_id" if user_id.to_s.empty?
       begin
         response =
           @connection.patch("/v1/apps/#{@app_id}/users/#{user_id}/deactivate")
-        user = response.body['user']
+        user = response.body["user"]
         return(
           Passage::User.new(
-            id: user['id'],
-            status: user['status'],
-            email: user['email'],
-            phone: user['phone'],
-            email_verified: user['email_verified'],
-            created_at: user['created_at'],
-            updated_at: user['updated_at'],
-            last_login_at: user['last_login_at'],
-            login_count: user['login_count'],
-            webauthn: user['webauthn'],
-            webauthn_devices: user['webauthn_devices'],
-            recent_events: user['recent_events'],
-            user_metadata: user['user_metadata']
+            id: user["id"],
+            status: user["status"],
+            email: user["email"],
+            phone: user["phone"],
+            email_verified: user["email_verified"],
+            created_at: user["created_at"],
+            updated_at: user["updated_at"],
+            last_login_at: user["last_login_at"],
+            login_count: user["login_count"],
+            webauthn: user["webauthn"],
+            webauthn_devices: user["webauthn_devices"],
+            recent_events: user["recent_events"],
+            user_metadata: user["user_metadata"]
           )
         )
       rescue Faraday::Error => e
@@ -106,36 +106,36 @@ module Passage
                 "passage User with ID \"#{user_id}\" does not exist"
         else
           raise PassageError,
-                "failed to deactivate Passage User. Http Status: #{e.response[:status]}. Response: #{e.response[:body]['error']}"
+                "failed to deactivate Passage User. Http Status: #{e.response[:status]}. Response: #{e.response[:body]["error"]}"
         end
       end
     end
-    def update(user_id:, email: '', phone: '', user_metadata: {})
-      raise PassageError, 'must supply a valid user_id' if user_id.to_s.empty?
+    def update(user_id:, email: "", phone: "", user_metadata: {})
+      raise PassageError, "must supply a valid user_id" if user_id.to_s.empty?
       updates = {}
-      updates['email'] = email unless email.empty?
-      updates['phone'] = phone unless phone.empty?
-      updates['user_metadata'] = user_metadata unless user_metadata.empty?
+      updates["email"] = email unless email.empty?
+      updates["phone"] = phone unless phone.empty?
+      updates["user_metadata"] = user_metadata unless user_metadata.empty?
       begin
         response =
           @connection.patch("/v1/apps/#{@app_id}/users/#{user_id}", updates)
-        user = response.body['user']
+        user = response.body["user"]
         return(
           Passage::User.new(
-            id: user['id'],
-            status: user['status'],
-            email: user['email'],
-            phone: user['phone'],
-            email_verified: user['email_verified'],
-            created_at: user['created_at'],
-            updated_at: user['updated_at'],
-            last_login_at: user['last_login_at'],
-            login_count: user['login_count'],
-            webauthn: user['webauthn'],
-            webauthn_devices: user['webauthn_devices'],
-            recent_events: user['recent_events'],
-            user_metadata: user['user_metadata']
+            id: user["id"],
+            status: user["status"],
+            email: user["email"],
+            phone: user["phone"],
+            email_verified: user["email_verified"],
+            created_at: user["created_at"],
+            updated_at: user["updated_at"],
+            last_login_at: user["last_login_at"],
+            login_count: user["login_count"],
+            webauthn: user["webauthn"],
+            webauthn_devices: user["webauthn_devices"],
+            recent_events: user["recent_events"],
+            user_metadata: user["user_metadata"]
           )
         )
       rescue Faraday::Error => e
@@ -144,44 +144,44 @@ module Passage
                 "passage User with ID \"#{user_id}\" does not exist"
         else
           raise PassageError,
-                "failed to update Passage User. Http Status: #{e.response[:status]}. Response: #{e.response[:body]['error']}"
+                "failed to update Passage User. Http Status: #{e.response[:status]}. Response: #{e.response[:body]["error"]}"
         end
       end
     end
-    def create(email: '', phone: '', user_metadata: {})
+    def create(email: "", phone: "", user_metadata: {})
       create = {}
-      create['email'] = email unless email.empty?
-      create['phone'] = phone unless phone.empty?
-      create['user_metadata'] = user_metadata unless user_metadata.empty?
+      create["email"] = email unless email.empty?
+      create["phone"] = phone unless phone.empty?
+      create["user_metadata"] = user_metadata unless user_metadata.empty?
       begin
         response = @connection.post("/v1/apps/#{@app_id}/users", create)
-        user = response.body['user']
+        user = response.body["user"]
         return(
           Passage::User.new(
-            id: user['id'],
-            status: user['status'],
-            email: user['email'],
-            phone: user['phone'],
-            email_verified: user['email_verified'],
-            created_at: user['created_at'],
-            updated_at: user['updated_at'],
-            last_login_at: user['last_login_at'],
-            login_count: user['login_count'],
-            webauthn: user['webauthn'],
-            webauthn_devices: user['webauthn_devices'],
-            recent_events: user['recent_events'],
-            user_metadata: user['user_metadata']
+            id: user["id"],
+            status: user["status"],
+            email: user["email"],
+            phone: user["phone"],
+            email_verified: user["email_verified"],
+            created_at: user["created_at"],
+            updated_at: user["updated_at"],
+            last_login_at: user["last_login_at"],
+            login_count: user["login_count"],
+            webauthn: user["webauthn"],
+            webauthn_devices: user["webauthn_devices"],
+            recent_events: user["recent_events"],
+            user_metadata: user["user_metadata"]
           )
         )
       rescue Faraday::Error => e
         raise PassageError,
-              "failed to create Passage User. Http Status: #{e.response[:status]}. Response: #{e.response[:body]['error']}"
+              "failed to create Passage User. Http Status: #{e.response[:status]}. Response: #{e.response[:body]["error"]}"
       end
     end
     def delete(user_id:)
-      raise PassageError, 'must supply a valid user_id' if user_id.to_s.empty?
+      raise PassageError, "must supply a valid user_id" if user_id.to_s.empty?
       begin
         response = @connection.delete("/v1/apps/#{@app_id}/users/#{user_id}")
         return true
@@ -191,15 +191,15 @@ module Passage
                 "passage User with ID \"#{user_id}\" does not exist"
         else
           raise PassageError,
-                "failed to delete Passage User. Http Status: #{e.response[:status]}. Response: #{e.response[:body]['error']}"
+                "failed to delete Passage User. Http Status: #{e.response[:status]}. Response: #{e.response[:body]["error"]}"
         end
       end
     end
     def delete_device(user_id:, device_id:)
-      raise PassageError, 'must supply a valid user_id' if user_id.to_s.empty?
+      raise PassageError, "must supply a valid user_id" if user_id.to_s.empty?
       if device_id.to_s.empty?
-        raise PassageError, 'must supply a valid device_id'
+        raise PassageError, "must supply a valid device_id"
       end
       begin
         response =
@@ -209,32 +209,32 @@ module Passage
         return true
       rescue Faraday::Error => e
         raise PassageError,
-              "failed to delete Passage User Device. Http Status: #{e.response[:status]}. Response: #{e.response[:body]['error']}"
+              "failed to delete Passage User Device. Http Status: #{e.response[:status]}. Response: #{e.response[:body]["error"]}"
       end
     end
     def list_devices(user_id:)
-      raise PassageError, 'must supply a valid user_id' if user_id.to_s.empty?
+      raise PassageError, "must supply a valid user_id" if user_id.to_s.empty?
       begin
         response =
           @connection.get("/v1/apps/#{@app_id}/users/#{user_id}/devices")
-        devicesResp = response.body['devices']
+        devicesResp = response.body["devices"]
         devices = Array.new
         devicesResp.each do |device|
           devices.append(
             Passage::Device.new(
-              id: device['id'],
-              cred_id: device['cred_id'],
-              friendly_name: device['friendly_name'],
-              usage_count: device['usage_count'],
-              last_used: device['last_used']
+              id: device["id"],
+              cred_id: device["cred_id"],
+              friendly_name: device["friendly_name"],
+              usage_count: device["usage_count"],
+              last_used: device["last_used"]
             )
           )
         end
         return devices
       rescue Faraday::Error => e
         raise PassageError,
-              "failed to delete Passage User Device. Http Status: #{e.response[:status]}. Response: #{e.response[:body]['error']}"
+              "failed to delete Passage User Device. Http Status: #{e.response[:status]}. Response: #{e.response[:body]["error"]}"
       end
     end
   end

data/lib/passageidentity.rb CHANGED Viewed

@@ -1,8 +1,8 @@
 # frozen_string_literal: true
-require 'faraday'
+require "faraday"
-require_relative 'passageidentity/client'
+require_relative "passageidentity/client"
 module Passage
 end

data/passageidentity.gemspec CHANGED Viewed

@@ -1,6 +1,6 @@
 Gem::Specification.new do |s|
   s.name = 'passageidentity'
-  s.version = '0.0.3'
+  s.version = '0.0.6'
   s.summary = 'Passage SDK for biometric authentication'
   s.description =
     'Enables verification of server-side authentication and user management for applications using Passage'
@@ -27,4 +27,5 @@ Gem::Specification.new do |s|
   s.add_dependency 'faraday', '>= 0.17.0', '< 2.0'
   s.add_dependency 'jwt', '>= 2.3.0'
   s.add_dependency 'openssl', '>= 3.0.0'
+  s.add_dependency 'dotenv', '>= 2.7.6'
 end

data/tests/all.rb CHANGED Viewed

@@ -1,2 +1,3 @@
-Dir[File.dirname(File.absolute_path(__FILE__)) + '/**/*_test.rb']
-  .each { |file| require file }
+Dir[File.dirname(File.absolute_path(__FILE__)) + "/**/*_test.rb"].each do |file|
+  require file
+end

data/tests/app_test.rb ADDED Viewed

@@ -0,0 +1,15 @@
+require_relative "../lib/passageidentity/client"
+require "dotenv"
+require "faraday"
+require "test/unit"
+Dotenv.load(".env")
+class TestAppAPI < Test::Unit::TestCase
+  PassageClient =
+    Passage::Client.new(app_id: ENV["APP_ID"], api_key: ENV["API_KEY"])
+  def test_get_app()
+    app = PassageClient.get_app()
+    assert_equal ENV["APP_ID"], app.id
+  end
+end

data/tests/auth_test.rb ADDED Viewed

@@ -0,0 +1,15 @@
+require_relative "../lib/passageidentity/client"
+require "dotenv"
+require "faraday"
+require "test/unit"
+Dotenv.load(".env")
+class TestUserAPI < Test::Unit::TestCase
+  PassageClient =
+    Passage::Client.new(app_id: ENV["APP_ID"], api_key: ENV["API_KEY"])
+  def test_authenticate_token
+    user_id = PassageClient.auth.authenticate_token(ENV["PSG_JWT"])
+    assert_equal ENV["TEST_USER_ID"], user_id
+  end
+end

data/tests/magic_link_test.rb CHANGED Viewed

@@ -1,20 +1,21 @@
-require_relative '../lib/passageidentity/client'
-require_relative './environment'
-require 'faraday'
-require 'test/unit'
+require_relative "../lib/passageidentity/client"
+require "dotenv"
+require "faraday"
+require "test/unit"
+Dotenv.load(".env")
 class TestUserAPI < Test::Unit::TestCase
   PassageClient =
-    Passage::Client.new(app_id: ENV['APP_ID'], api_key: ENV['API_KEY'])
+    Passage::Client.new(app_id: ENV["APP_ID"], api_key: ENV["API_KEY"])
   def test_create_magi_link()
     magic_link =
       PassageClient.create_magic_link(
-        email: 'chris@passage.id',
+        email: "chris@passage.id",
         channel: Passage::EMAIL_CHANNEL,
         ttl: 12
       )
     assert_equal 12, magic_link.ttl
-    assert_equal 'chris@passage.id', magic_link.identifier
+    assert_equal "chris@passage.id", magic_link.identifier
   end
 end

data/tests/user_api_test.rb CHANGED Viewed

@@ -1,18 +1,19 @@
-require_relative '../lib/passageidentity/client'
-require_relative './environment'
-require 'faraday'
-require 'test/unit'
+require_relative "../lib/passageidentity/client"
+require "dotenv"
+require "faraday"
+require "test/unit"
+Dotenv.load(".env")
 class TestUserAPI < Test::Unit::TestCase
   PassageClient =
-    Passage::Client.new(app_id: ENV['APP_ID'], api_key: ENV['API_KEY'])
+    Passage::Client.new(app_id: ENV["APP_ID"], api_key: ENV["API_KEY"])
   def setup()
     $global_test_user =
       PassageClient.user.create(
-        email: 'chris+test-ruby@passage.id',
+        email: "chris+test-ruby@passage.id",
         user_metadata: {
-          'example1': 'cool'
+          example1: "cool"
         }
       )
   end
@@ -20,13 +21,13 @@ class TestUserAPI < Test::Unit::TestCase
   def test_create_delete_user()
     user =
       PassageClient.user.create(
-        email: 'chris+test-create-delete@passage.id',
+        email: "chris+test-create-delete@passage.id",
         user_metadata: {
-          'example1': 'cool'
+          example1: "cool"
         }
       )
-    assert_equal 'chris+test-create-delete@passage.id', user.email
-    assert_equal 'cool', user.user_metadata['example1']
+    assert_equal "chris+test-create-delete@passage.id", user.email
+    assert_equal "cool", user.user_metadata["example1"]
     deleted = PassageClient.user.delete(user_id: user.id)
     assert_equal true, deleted
   end
@@ -39,28 +40,28 @@ class TestUserAPI < Test::Unit::TestCase
   def test_deactivate_user()
     user = PassageClient.user.deactivate(user_id: $global_test_user.id)
     assert_equal $global_test_user.id, user.id
-    assert_equal 'inactive', user.status
+    assert_equal "inactive", user.status
   end
   def test_activate_user()
     user = PassageClient.user.activate(user_id: $global_test_user.id)
     assert_equal $global_test_user.id, user.id
-    assert_equal 'active', user.status
+    assert_equal "active", user.status
   end
   def test_update_user()
-    new_email = 'chris+update_test-ruby@passage.id'
+    new_email = "chris+update_test-ruby@passage.id"
     user =
       PassageClient.user.update(
         user_id: $global_test_user.id,
         email: new_email,
         user_metadata: {
-          'example1': 'lame'
+          example1: "lame"
         }
       )
     assert_equal $global_test_user.id, user.id
     assert_equal new_email, user.email
-    assert_equal 'lame', user.user_metadata['example1']
+    assert_equal "lame", user.user_metadata["example1"]
   end
   def test_list_devices()

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: passageidentity
 version: !ruby/object:Gem::Version
-  version: 0.0.3
+  version: 0.0.6
 platform: ruby
 authors:
 - Passage Identity
-autorequire:
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-04-29 00:00:00.000000000 Z
+date: 2022-05-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: faraday
@@ -58,6 +58,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: 3.0.0
+- !ruby/object:Gem::Dependency
+  name: dotenv
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 2.7.6
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 2.7.6
 description: Enables verification of server-side authentication and user management
   for applications using Passage
 email: support@passage.id
@@ -65,23 +79,21 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- ".github/workflows/deploy.yml"
+- ".github/workflows/on_pr.yml"
 - ".gitignore"
 - CONTRIBUTING.md
 - LICENSE
 - README.md
-- lib/passage.rb
-- lib/passage/auth.rb
-- lib/passage/client.rb
-- lib/passage/request.rb
-- lib/passage/user.rb
 - lib/passageidentity.rb
 - lib/passageidentity/auth.rb
 - lib/passageidentity/client.rb
 - lib/passageidentity/error.rb
 - lib/passageidentity/user_api.rb
-- passage-ruby
 - passageidentity.gemspec
 - tests/all.rb
+- tests/app_test.rb
+- tests/auth_test.rb
 - tests/magic_link_test.rb
 - tests/user_api_test.rb
 homepage: https://rubygems.org/gems/passageidentity
@@ -89,7 +101,7 @@ licenses:
 - MIT
 metadata:
   source_code_uri: https://github.com/passage-identity/passage-ruby
-post_install_message:
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -104,8 +116,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.3.11
-signing_key:
+rubygems_version: 3.2.33
+signing_key:
 specification_version: 4
 summary: Passage SDK for biometric authentication
 test_files: []

data/lib/passage/auth.rb DELETED Viewed

@@ -1,35 +0,0 @@
-require 'openssl'
-require 'base64'
-require 'jwt'
-module Passage
-    class Auth
-        def initialize(app_id, public_key, auth_origin)
-            @app_id = app_id
-            @auth_origin = auth_origin
-            # bas64 decode and then parse the public key
-            # when we have JWKS endpoint, this will get easier I think
-            @public_key = OpenSSL::PKey::RSA.new(Base64.decode64(public_key))
-        end
-        def authenticate(token)
-            begin
-              claims = JWT.decode(token, @public_key, true,{ iss: @app_id, verify_iss: true, aud: @auth_origin, verify_aud: true, algorithms: ["RS256"] })
-              return claims[0]["sub"]
-            rescue JWT::InvalidIssuerError
-              raise JWTInvalidIssuerError
-            rescue JWT::InvalidAudError
-              raise JWTInvalidAudienceError
-            rescue JWT::ExpiredSignature
-              raise JWTExpiredSignatureError
-            rescue JWT::IncorrectAlgorithm
-              raise JWTIncorrectAlgorithmError
-            end
-          end
-    end
-end

data/lib/passage/client.rb DELETED Viewed

@@ -1,39 +0,0 @@
-# frozen_string_literal: true
-require_relative 'request'
-require_relative 'auth'
-module Passage
-    class Client
-        attr_reader :auth
-        def initialize(app_id:)
-            @api_url = "https://api.passage.id"
-            @app_id = app_id
-            get_connection()
-            fetch_public_key(@connection)
-            @auth = Passage::Auth.new(@app_id, @public_key, @auth_origin)
-        end
-        def get_connection
-            @connection = Faraday.new(url: @api_url) do |f|
-                f.request :json
-                f.request :retry
-                f.response :json
-                f.adapter :net_http
-            end
-        end
-        def fetch_public_key(conn)
-            response = conn.get("/v1/apps/" + @app_id)
-            # TODO Add error handling
-            @public_key = response.body["app"]["rsa_public_key"]
-            @auth_origin = response.body["app"]["auth_origin"]
-        end
-    end
-end

data/lib/passage/request.rb DELETED Viewed

@@ -1,32 +0,0 @@
-# frozen_string_literal: true
-module Passage
-    module Request
-      def get_request(path)
-        @connection.get(
-          path
-        ).body
-      end
-      def post_request(path, data)
-        @connection.post(
-          path,
-          data
-        ).body
-      end
-      def put_request(path, data)
-        @connection.put(
-          path,
-          data
-        ).body
-      end
-      def delete_request(path)
-        @connection.delete(
-          path
-        ).body
-      end
-    end
-end

data/lib/passage/user.rb DELETED Viewed

File without changes

data/lib/passage.rb DELETED Viewed

@@ -1,9 +0,0 @@
-# frozen_string_literal: true
-require 'faraday'
-require_relative 'passage/client'
-module Passage end

data/passage-ruby DELETED Viewed

	@@ -1 +0,0 @@
1	- passage-ruby