passageidentity 0.2.3 → 0.3.0

data/lib/openapi_client.rb

@@ -0,0 +1,74 @@
+=begin
+#Passage Management API
+
+#Passage's management API to manage your Passage apps and users.
+
+The version of the OpenAPI document: 1
+Contact: support@passage.id
+Generated by: https://openapi-generator.tech
+OpenAPI Generator version: 7.1.0
+
+=end
+
+# Common files
+require_relative 'openapi_client/api_client'
+require_relative 'openapi_client/api_error'
+require_relative 'openapi_client/version'
+require_relative 'openapi_client/configuration'
+
+# Models
+require_relative 'openapi_client/models/app_info'
+require_relative 'openapi_client/models/app_response'
+require_relative 'openapi_client/models/auth_methods'
+require_relative 'openapi_client/models/create_magic_link_request'
+require_relative 'openapi_client/models/create_user_request'
+require_relative 'openapi_client/models/element_customization'
+require_relative 'openapi_client/models/font_family'
+require_relative 'openapi_client/models/layout_config'
+require_relative 'openapi_client/models/layouts'
+require_relative 'openapi_client/models/list_devices_response'
+require_relative 'openapi_client/models/magic_link_auth_method'
+require_relative 'openapi_client/models/magic_link'
+require_relative 'openapi_client/models/magic_link_channel'
+require_relative 'openapi_client/models/magic_link_response'
+require_relative 'openapi_client/models/magic_link_type'
+require_relative 'openapi_client/models/model400_error'
+require_relative 'openapi_client/models/model401_error'
+require_relative 'openapi_client/models/model404_error'
+require_relative 'openapi_client/models/model500_error'
+require_relative 'openapi_client/models/otp_auth_method'
+require_relative 'openapi_client/models/passkeys_auth_method'
+require_relative 'openapi_client/models/technologies'
+require_relative 'openapi_client/models/ttl_display_unit'
+require_relative 'openapi_client/models/update_magic_link_auth_method'
+require_relative 'openapi_client/models/update_otp_auth_method'
+require_relative 'openapi_client/models/update_passkeys_auth_method'
+require_relative 'openapi_client/models/update_user_request'
+require_relative 'openapi_client/models/user_event_info'
+require_relative 'openapi_client/models/user_info'
+require_relative 'openapi_client/models/user_metadata_field'
+require_relative 'openapi_client/models/user_metadata_field_type'
+require_relative 'openapi_client/models/user_response'
+require_relative 'openapi_client/models/user_status'
+require_relative 'openapi_client/models/web_authn_devices'
+require_relative 'openapi_client/models/web_authn_icons'
+require_relative 'openapi_client/models/web_authn_type'
+
+# APIs
+require_relative 'openapi_client/api/apps_api'
+require_relative 'openapi_client/api/magic_links_api'
+require_relative 'openapi_client/api/tokens_api'
+require_relative 'openapi_client/api/user_devices_api'
+require_relative 'openapi_client/api/users_api'
+
+module OpenapiClient
+  class << self
+    def configure
+      if block_given?
+        yield(Configuration.default)
+      else
+        Configuration.default
+      end
+    end
+  end
+end

data/lib/passageidentity/auth.rb

@@ -2,22 +2,24 @@ require "openssl"
 require "base64"
 require "jwt"
 require_relative "client"
+require_relative "../openapi_client"
 
 module Passage
   class Auth
     @@app_cache = {}
-    def initialize(app_id, auth_strategy, connection)
+    def initialize(app_id, auth_strategy)
       @app_id = app_id
       @auth_strategy = auth_strategy
-      @connection = connection
 
       fetch_jwks
     end
 
     def fetch_app()
       begin
-        response = @connection.get("/v1/apps/#{@app_id}")
-        return response.body["app"]
+        client = OpenapiClient::AppsApi.new
+        response = client.get_app(@app_id)
+        
+        return response.app
       rescue Faraday::Error => e
         raise PassageError.new(
                 message: "failed to fetch passage app",
@@ -43,7 +45,8 @@ module Passage
 
         # fetch the public key if not in cache
         app = fetch_app
-        @auth_origin = app["auth_origin"]
+
+        @auth_origin = app.auth_origin
         response =
           auth_gw_connection.get("/v1/apps/#{@app_id}/.well-known/jwks.json")
         @jwks = response.body
@@ -52,6 +55,8 @@ module Passage
     end
 
     def authenticate_request(request)
+      warn "[DEPRECATION] `auth.authenticate_request()` is deprecated.  Please use `auth.validate_jwt()` instead."
+
       # Get the token based on the strategy
       if @auth_strategy === Passage::COOKIE_STRATEGY
         unless request.cookies.key?("psg_auth_token")
@@ -78,6 +83,14 @@ module Passage
       nil
     end
 
+    def validate_jwt(token)
+      if token
+        return authenticate_token(token)
+      else
+        raise PassageError.new(message: "no authentication token")
+      end
+    end
+
     def authenticate_token(token)
       begin
         kid = JWT.decode(token, nil, false)[1]["kid"]
@@ -114,5 +127,19 @@ module Passage
         raise PassageError.new(message: e.message)
       end
     end
+
+    def revoke_user_refresh_tokens(user_id)
+      begin
+        client = OpenapiClient::TokensApi.new
+        response = client.revoke_user_refresh_tokens(@app_id, user_id)
+        return true
+      rescue Faraday::Error => e
+        raise PassageError.new(
+                message: "failed to revoke user's refresh tokens",
+                status_code: e.response[:status],
+                body: e.response[:body]
+              )
+      end
+    end
   end
 end

data/lib/passageidentity/client.rb

@@ -3,67 +3,11 @@
 require_relative "auth"
 require_relative "user_api"
 require_relative "error"
+require_relative "version"
 require "rubygems"
+require_relative "../openapi_client"
 
 module Passage
-  App =
-    Struct.new :name,
-               :id,
-               :auth_origin,
-               :redirect_url,
-               :login_url,
-               :rsa_public_key,
-               :allowed_identifer,
-               :require_identifier_verification,
-               :session_timeout_length,
-               :refresh_enabled,
-               :refresh_absolute_lifetime,
-               :refresh_inactivity_lifetime,
-               :user_metadata_schema,
-               :layouts,
-               :default_language,
-               :auth_fallback_method,
-               :auth_fallback_method_ttl,
-               keyword_init: true
-
-  User =
-    Struct.new :id,
-               :status,
-               :email,
-               :phone,
-               :email_verified,
-               :phone_verified,
-               :created_at,
-               :updated_at,
-               :last_login_at,
-               :login_count,
-               :recent_events,
-               :webauthn,
-               :webauthn_devices,
-               :user_metadata,
-               keyword_init: true
-  MagicLink =
-    Struct.new :id,
-               :secret,
-               :activated,
-               :user_id,
-               :app_id,
-               :identifier,
-               :type,
-               :redirect_url,
-               :ttl,
-               :url,
-               keyword_init: true
-  Device =
-    Struct.new :id,
-               :cred_id,
-               :friendly_name,
-               :usage_count,
-               :updated_at,
-               :created_at,
-               :last_login_at,
-               keyword_init: true
-
   COOKIE_STRATEGY = 0
   HEADER_STRATEGY = 1
 
@@ -75,7 +19,6 @@ module Passage
     attr_reader :user
 
     def initialize(app_id:, api_key: "", auth_strategy: COOKIE_STRATEGY)
-      @api_url = "https://api.passage.id"
       @app_id = app_id
       @api_key = api_key
 
@@ -85,58 +28,17 @@ module Passage
       end
       @auth_strategy = auth_strategy
 
-      # setup
-      get_connection
-
       # initialize auth class
-      @auth = Passage::Auth.new(@app_id, @auth_strategy, @connection)
+      @auth = Passage::Auth.new(@app_id, @auth_strategy)
 
       # initialize user class
-      @user = Passage::UserAPI.new(@connection, @app_id, @api_key)
-    end
-
-    def get_connection
-      gemspec = File.join(__dir__, "../../passageidentity.gemspec")
-      spec = Gem::Specification.load(gemspec)
-      headers = { "Passage-Version" => "passage-ruby #{spec.version}" }
-      headers["Authorization"] = "Bearer #{@api_key}" if @api_key != ""
-
-      @connection =
-        Faraday.new(url: @api_url, headers: headers) do |f|
-          f.request :json
-          f.request :retry
-          f.response :raise_error
-          f.response :json
-          f.adapter :net_http
-        end
+      @user = Passage::UserAPI.new(@app_id, @api_key)
     end
 
     def get_app()
       begin
-        app_info = @auth.fetch_app()
-        return(
-          Passage::App.new(
-            name: app_info["name"],
-            id: app_info["id"],
-            auth_origin: app_info["auth_origin"],
-            redirect_url: app_info["redirect_url"],
-            login_url: app_info["login_url"],
-            rsa_public_key: app_info["rsa_public_key"],
-            allowed_identifer: app_info["allowed_identifer"],
-            require_identifier_verification:
-              app_info["require_identifier_verification"],
-            session_timeout_length: app_info["session_timeout_length"],
-            refresh_enabled: app_info["refresh_enabled"],
-            refresh_absolute_lifetime: app_info["refresh_absolute_lifetime"],
-            refresh_inactivity_lifetime:
-              app_info["refresh_inactivity_lifetime"],
-            user_metadata_schema: app_info["user_metadata_schema"],
-            layouts: app_info["layouts"],
-            default_language: app_info["default_language"],
-            auth_fallback_method: app_info["auth_fallback_method"],
-            auth_fallback_method_ttl: app_info["auth_fallback_method_ttl"]
-          )
-        )
+        client = OpenapiClient::AppsApi.new
+        return client.get_app(@app_id).app
       rescue => e
         raise e
       end
@@ -176,23 +78,17 @@ module Passage
       magic_link_req["type"] = type
 
       begin
-        response =
-          @connection.post("/v1/apps/#{@app_id}/magic-links", magic_link_req)
-        magic_link = response.body["magic_link"]
-        return(
-          Passage::MagicLink.new(
-            id: magic_link["id"],
-            secret: magic_link["secret"],
-            activated: magic_link["activated"],
-            user_id: magic_link["user_id"],
-            app_id: magic_link["app_id"],
-            identifier: magic_link["identifier"],
-            type: magic_link["type"],
-            redirect_url: magic_link["redirect_url"],
-            ttl: magic_link["ttl"],
-            url: magic_link["url"]
-          )
-        )
+        gemspec = File.join(__dir__, "../../passageidentity.gemspec")
+        spec = Gem::Specification.load(gemspec)
+        header_params = { "Passage-Version" => "passage-ruby #{Passage::VERSION}" }
+        header_params["Authorization"] = "Bearer #{@api_key}" if @api_key != ""
+        
+        opts = {}
+        opts[:header_params] = header_params
+        opts[:debug_auth_names] = ["header"]
+
+        client = OpenapiClient::MagicLinksApi.new
+        return client.create_magic_link(@app_id, magic_link_req, opts).magic_link
       rescue Faraday::Error => e
         raise PassageError.new(
                 message: "failed to create Passage Magic Link",

data/lib/passageidentity/user_api.rb

@@ -3,37 +3,28 @@ require_relative "client"
 module Passage
   class UserAPI
     # This class will require an API key
-    def initialize(connection, app_id, api_key)
-      @connection = connection
+    def initialize(app_id, api_key)
       @app_id = app_id
       @api_key = api_key
+      @user_client = OpenapiClient::UsersApi.new
+      @user_device_client = OpenapiClient::UserDevicesApi.new
+
+      header_params = { "Passage-Version" => "passage-ruby #{Passage::VERSION}"}
+      header_params["Authorization"] = "Bearer #{@api_key}" if @api_key != ""
+      
+      @req_opts = {}
+      @req_opts[:header_params] = header_params
+      @req_opts[:debug_auth_names] = ["header"]
+      
     end
 
     def get(user_id:)
       user_exists?(user_id)
 
       begin
-        response = @connection.get("/v1/apps/#{@app_id}/users/#{user_id}")
-        user = response.body["user"]
-        user.transform_keys(&:to_sym)
-        return(
-          Passage::User.new(
-            id: user["id"],
-            status: user["status"],
-            email: user["email"],
-            phone: user["phone"],
-            email_verified: user["email_verified"],
-            phone_verified: user["phone_verified"],
-            created_at: user["created_at"],
-            updated_at: user["updated_at"],
-            last_login_at: user["last_login_at"],
-            login_count: user["login_count"],
-            webauthn: user["webauthn"],
-            webauthn_devices: user["webauthn_devices"],
-            recent_events: user["recent_events"],
-            user_metadata: user["user_metadata"]
-          )
-        )
+        response = @user_client.get_user(@app_id, user_id, @req_opts)
+        user = response.user
+        return user
       rescue Faraday::Error => e
         if e.is_a? Faraday::ResourceNotFound
           raise PassageError.new(
@@ -55,27 +46,8 @@ module Passage
       user_exists?(user_id)
 
       begin
-        response =
-          @connection.patch("/v1/apps/#{@app_id}/users/#{user_id}/activate")
-        user = response.body["user"]
-        return(
-          Passage::User.new(
-            id: user["id"],
-            status: user["status"],
-            email: user["email"],
-            phone: user["phone"],
-            email_verified: user["email_verified"],
-            phone_verified: user["phone_verified"],
-            created_at: user["created_at"],
-            updated_at: user["updated_at"],
-            last_login_at: user["last_login_at"],
-            login_count: user["login_count"],
-            webauthn: user["webauthn"],
-            webauthn_devices: user["webauthn_devices"],
-            recent_events: user["recent_events"],
-            user_metadata: user["user_metadata"]
-          )
-        )
+        response = @user_client.activate_user(@app_id, user_id, @req_opts)
+        return response.user
       rescue Faraday::Error => e
         if e.is_a? Faraday::ResourceNotFound
           raise PassageError.new(
@@ -97,27 +69,8 @@ module Passage
       user_exists?(user_id)
 
       begin
-        response =
-          @connection.patch("/v1/apps/#{@app_id}/users/#{user_id}/deactivate")
-        user = response.body["user"]
-        return(
-          Passage::User.new(
-            id: user["id"],
-            status: user["status"],
-            email: user["email"],
-            phone: user["phone"],
-            email_verified: user["email_verified"],
-            phone_verified: user["phone_verified"],
-            created_at: user["created_at"],
-            updated_at: user["updated_at"],
-            last_login_at: user["last_login_at"],
-            login_count: user["login_count"],
-            webauthn: user["webauthn"],
-            webauthn_devices: user["webauthn_devices"],
-            recent_events: user["recent_events"],
-            user_metadata: user["user_metadata"]
-          )
-        )
+        response = @user_client.deactivate_user(@app_id, user_id, @req_opts)
+        return response.user
       rescue Faraday::Error => e
         if e.is_a? Faraday::ResourceNotFound
           raise PassageError.new(
@@ -143,27 +96,8 @@ module Passage
       updates["phone"] = phone unless phone.empty?
       updates["user_metadata"] = user_metadata unless user_metadata.empty?
       begin
-        response =
-          @connection.patch("/v1/apps/#{@app_id}/users/#{user_id}", updates)
-        user = response.body["user"]
-        return(
-          Passage::User.new(
-            id: user["id"],
-            status: user["status"],
-            email: user["email"],
-            phone: user["phone"],
-            email_verified: user["email_verified"],
-            phone_verified: user["phone_verified"],
-            created_at: user["created_at"],
-            updated_at: user["updated_at"],
-            last_login_at: user["last_login_at"],
-            login_count: user["login_count"],
-            webauthn: user["webauthn"],
-            webauthn_devices: user["webauthn_devices"],
-            recent_events: user["recent_events"],
-            user_metadata: user["user_metadata"]
-          )
-        )
+        response = @user_client.update_user(@app_id, user_id, updates, @req_opts)
+        return response.user
       rescue Faraday::Error => e
         if e.is_a? Faraday::ResourceNotFound
           raise PassageError.new(
@@ -187,26 +121,8 @@ module Passage
       create["phone"] = phone unless phone.empty?
       create["user_metadata"] = user_metadata unless user_metadata.empty?
       begin
-        response = @connection.post("/v1/apps/#{@app_id}/users", create)
-        user = response.body["user"]
-        return(
-          Passage::User.new(
-            id: user["id"],
-            status: user["status"],
-            email: user["email"],
-            phone: user["phone"],
-            email_verified: user["email_verified"],
-            phone_verified: user["phone_verified"],
-            created_at: user["created_at"],
-            updated_at: user["updated_at"],
-            last_login_at: user["last_login_at"],
-            login_count: user["login_count"],
-            webauthn: user["webauthn"],
-            webauthn_devices: user["webauthn_devices"],
-            recent_events: user["recent_events"],
-            user_metadata: user["user_metadata"]
-          )
-        )
+        response = @user_client.create_user(@app_id, create, @req_opts)
+        return response.user
       rescue Faraday::Error => e
         raise PassageError.new(
                 "failed to create Passage User",
@@ -220,7 +136,7 @@ module Passage
       user_exists?(user_id)
 
       begin
-        response = @connection.delete("/v1/apps/#{@app_id}/users/#{user_id}")
+        response = @user_client.delete_user(@app_id, user_id, @req_opts)
         return true
       rescue Faraday::Error => e
         if e.is_a? Faraday::ResourceNotFound
@@ -244,10 +160,7 @@ module Passage
       device_exists?(device_id)
 
       begin
-        response =
-          @connection.delete(
-            "/v1/apps/#{@app_id}/users/#{user_id}/devices/#{device_id}"
-          )
+        response = @user_device_client.delete_user_devices(@app_id, user_id, device_id, @req_opts)
         return true
       rescue Faraday::Error => e
         raise PassageError.new(
@@ -262,24 +175,8 @@ module Passage
       user_exists?(user_id)
 
       begin
-        response =
-          @connection.get("/v1/apps/#{@app_id}/users/#{user_id}/devices")
-        devicesResp = response.body["devices"]
-        devices = Array.new
-        devicesResp.each do |device|
-          devices.append(
-            Passage::Device.new(
-              id: device["id"],
-              cred_id: device["cred_id"],
-              friendly_name: device["friendly_name"],
-              usage_count: device["usage_count"],
-              updated_at: device["updated_at"],
-              created_at: device["created_at"],
-              last_login_at: device["last_login_at"]
-            )
-          )
-        end
-        return devices
+        response = @user_device_client.list_user_devices(@app_id, user_id, @req_opts)
+        return response.devices
       rescue Faraday::Error => e
         raise PassageError.new(
                 "failed to delete Passage User Device",
@@ -290,10 +187,11 @@ module Passage
     end
 
     def signout(user_id:)
+      warn "[DEPRECATION] `user.signout()` is deprecated.  Please use `auth.revoke_user_refresh_tokens()` instead."
       user_exists?(user_id)
       begin
-        response =
-          @connection.delete("/v1/apps/#{@app_id}/users/#{user_id}/tokens/")
+        tokens_client = OpenapiClient::TokensApi.new
+        response = tokens_client.revoke_user_refresh_tokens(@app_id, user_id, @req_opts)
         return true
       rescue Faraday::Error => e
         raise PassageError.new(

data/lib/passageidentity/version.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+module Passage
+  VERSION = '0.3.0'
+end

data/openapitools.json

@@ -0,0 +1,7 @@
+{
+  "$schema": "./node_modules/@openapitools/openapi-generator-cli/config.schema.json",
+  "spaces": 2,
+  "generator-cli": {
+    "version": "7.1.0"
+  }
+}

data/passageidentity.gemspec

@@ -1,6 +1,8 @@
+require_relative 'lib/passageidentity/version'
+
 Gem::Specification.new do |s|
   s.name = 'passageidentity'
-  s.version = '0.2.3'
+  s.version = Passage::VERSION
   s.summary = 'Passage SDK for biometric authentication'
   s.description =
     'Enables verification of server-side authentication and user management for applications using Passage'

data/tests/auth_test.rb

@@ -5,7 +5,7 @@ require "rack"
 require "test/unit"
 
 Dotenv.load(".env")
-class TestUserAPI < Test::Unit::TestCase
+class TestAuthAPI < Test::Unit::TestCase
   PassageClient =
     Passage::Client.new(app_id: ENV["APP_ID"], api_key: ENV["API_KEY"])
   PassageHeaderClient =
@@ -15,6 +15,11 @@ class TestUserAPI < Test::Unit::TestCase
       auth_strategy: Passage::HEADER_STRATEGY
     )
 
+  def test_valid_jwt
+    user_id = PassageClient.auth.validate_jwt(ENV["PSG_JWT"])
+    assert_equal ENV["TEST_USER_ID"], user_id
+  end
+
   def test_valid_authenticate_token
     user_id = PassageClient.auth.authenticate_token(ENV["PSG_JWT"])
     assert_equal ENV["TEST_USER_ID"], user_id

data/tests/magic_link_test.rb

@@ -4,18 +4,19 @@ require "faraday"
 require "test/unit"
 
 Dotenv.load(".env")
-class TestUserAPI < Test::Unit::TestCase
+class TestMagicLinkAPI < Test::Unit::TestCase
   PassageClient =
     Passage::Client.new(app_id: ENV["APP_ID"], api_key: ENV["API_KEY"])
 
-  def test_create_magi_link()
+  def test_create_magic_link()
     magic_link =
       PassageClient.create_magic_link(
         email: "chris@passage.id",
         channel: Passage::EMAIL_CHANNEL,
-        ttl: 12
+        ttl: 122
       )
-    assert_equal 12, magic_link.ttl
+
+    assert_equal 122, magic_link.ttl
     assert_equal "chris@passage.id", magic_link.identifier
   end
 end

data/tests/user_api_test.rb

@@ -27,7 +27,7 @@ class TestUserAPI < Test::Unit::TestCase
         }
       )
     assert_equal "chris+test-create-delete@passage.id", user.email
-    assert_equal "cool", user.user_metadata["example1"]
+    assert_equal "cool", user.user_metadata[:example1]
     deleted = PassageClient.user.delete(user_id: user.id)
     assert_equal true, deleted
   end
@@ -61,7 +61,7 @@ class TestUserAPI < Test::Unit::TestCase
       )
     assert_equal $global_test_user.id, user.id
     assert_equal new_email, user.email
-    assert_equal "lame", user.user_metadata["example1"]
+    assert_equal "lame", user.user_metadata[:example1]
   end
 
   def test_list_devices()