queueit_knownuserv3 3.6.1 → 3.7.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 313b49836c5ca9e7a82484eaf07feb22fda8e02c29d24bfecb3a1b85a3403dad
+  data.tar.gz: b1a45a83424b57e4e77ac8d56a73f55941a84578afc8b945c69c56e7b2338a5d
+SHA512:
+  metadata.gz: 17f214dff16a75677a943513e3b8bf705f413d8abcb5c6d0d001f5338d42136c04c04fdfc42c77485d3d81e8493354ccb078ae4c7d6633143fd23394991a307a
+  data.tar.gz: 2e6e657e9c26e1e5a255dbc9e2fdff3c7530fa2433d10676d76ae3a1c042cde08b7d0aeb3811179cc21ca632665f686170c99a198279a0f99e776fc2cc352129

data/Gemfile

@@ -1,4 +1,4 @@
-source 'https://rubygems.org'
-
-# Specify your gem's dependencies in queueit_knownuserv3.gemspec
-gemspec
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in queueit_knownuserv3.gemspec
+gemspec

data/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2020 Queue-it
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

data/README.md

@@ -0,0 +1,188 @@
+# KnownUser.V3.RubyOnRails
+Before getting started please read the [documentation](https://github.com/queueit/Documentation/tree/main/serverside-connectors) to get acquainted with server-side connectors.
+
+This connector supports Ruby v.1.9.3+ and Rails v.3.2+.
+
+## Installation
+Queue-it KnownUser V3 is distributed as a gem, which is how it should be used in your app.
+
+Include the gem in your Gemfile:
+
+```ruby
+gem "queueit_knownuserv3"
+```
+
+You can find the latest released version [here](https://github.com/queueit/KnownUser.V3.RubyOnRails/releases/latest) and distributed 
+gem [here](https://rubygems.org/gems/queueit_knownuserv3).
+
+
+## Implementation
+If we have the `integrationconfig.json` copied in the rails app folder then 
+the following example of a controller is all that is needed to validate that a user has been through the queue:
+
+```ruby
+class ResourceController < ApplicationController
+  def index
+    begin
+
+      configJson = File.read('integrationconfig.json')
+      customerId = "" # Your Queue-it customer ID
+      secretKey = "" # Your 72 char secret key as specified in Go Queue-it self-service platform
+
+      requestUrl = request.original_url
+      pattern = Regexp.new("([\\?&])(" + QueueIt::KnownUser::QUEUEIT_TOKEN_KEY + "=[^&]*)", Regexp::IGNORECASE)
+      requestUrlWithoutToken = requestUrl.gsub(pattern, '')
+      # The requestUrlWithoutToken is used to match Triggers and as the Target url (where to return the users to).
+      # It is therefor important that this is exactly the url of the users browsers. So, if your webserver is 
+      # behind e.g. a load balancer that modifies the host name or port, reformat requestUrlWithoutToken before proceeding.		
+      # Example of replacing host from requestUrlWithoutToken  
+      #requestUriNoToken = URI.parse(requestUrlWithoutToken)
+      #requestUriNoToken.host = "INSERT-REPLACEMENT-HOST-HERE"
+      #requestUrlWithoutToken = requestUriNoToken.to_s
+
+      queueitToken = request.query_parameters[QueueIt::KnownUser::QUEUEIT_TOKEN_KEY.to_sym]
+
+      # Initialize the SDK with the rails http context (must be done before calling validateRequestByIntegrationConfig)
+      QueueIt::HttpContextProvider::setHttpContext(QueueIt::RailsHttpContext.new(request))
+
+      # Verify if the user has been through the queue
+      validationResult = QueueIt::KnownUser.validateRequestByIntegrationConfig(
+        requestUrlWithoutToken,
+        queueitToken,
+        configJson,
+        customerId,
+        secretKey)
+
+      if(validationResult.doRedirect)      
+        #Adding no cache headers to prevent browsers to cache requests
+        response.headers["Cache-Control"] = "no-cache, no-store, must-revalidate, max-age=0"
+        response.headers["Pragma"] = "no-cache"
+        response.headers["Expires"] = "Fri, 01 Jan 1990 00:00:00 GMT"
+        #end
+
+        if(!validationResult.isAjaxResult)
+          # Send the user to the queue - either becuase hash was missing or becuase is was invalid
+          redirect_to validationResult.redirectUrl
+        else
+          head :ok
+          ajaxQueueRedirectHeaderName = validationResult.getAjaxQueueRedirectHeaderKey()
+          response.headers[ajaxQueueRedirectHeaderName] = validationResult.getAjaxRedirectUrl()
+          response.headers["Access-Control-Expose-Headers"] = ajaxQueueRedirectHeaderName
+        end       
+      else
+        # Request can continue, we remove queueittoken from url to avoid sharing of user specific token	
+        if(requestUrl != requestUrlWithoutToken && validationResult.actionType == "Queue")	
+          redirect_to requestUrlWithoutToken
+        end
+      end
+
+    rescue StandardError => stdErr
+      # There was an error validating the request
+      # Use your own logging framework to log the error
+      # This was a configuration error, so we let the user continue
+      puts stdErr.message
+    end
+  end
+end
+```
+
+
+## Implementation using inline queue configuration
+Specify the configuration in code without using the Trigger/Action paradigm. In this case it is important *only to queue-up page requests* and not requests for resources. 
+This can be done by adding custom filtering logic before caling the `QueueIt::KnownUser.resolveQueueRequestByLocalConfig` method. 
+
+The following is an example of how to specify the configuration in code:
+
+```ruby
+class ResourceController < ApplicationController	
+  def index	
+    begin 	  
+
+      customerId = "" # Your Queue-it customer ID
+      secretKey = "" # Your 72 char secret key as specified in Go Queue-it self-service platform		
+      eventConfig = QueueIt::QueueEventConfig.new
+      eventConfig.eventId = "" # ID of the queue to use
+      eventConfig.queueDomain = "xxx.queue-it.net" # Domain name of the queue.
+      # eventConfig.cookieDomain = ".my-shop.com" # Optional - Domain name where the Queue-it session cookie should be saved
+      eventConfig.cookieValidityMinute = 15 # Validity of the Queue-it session cookie should be positive number.
+      eventConfig.extendCookieValidity = true # Should the Queue-it session cookie validity time be extended each time the validation runs?
+      # eventConfig.culture = "da-DK" # Optional - Culture of the queue layout in the format specified here: https:#msdn.microsoft.com/en-us/library/ee825488(v=cs.20).aspx. If unspecified then settings from Event will be used.
+      # eventConfig.layoutName = "NameOfYourCustomLayout" # Optional - Name of the queue layout. If unspecified then settings from Event will be used.
+
+      requestUrl = request.original_url
+      queueitToken = request.query_parameters[QueueIt::KnownUser::QUEUEIT_TOKEN_KEY.to_sym]
+
+      # Initialize the SDK with the rails http context (must be done before calling validateRequestByIntegrationConfig)
+      QueueIt::HttpContextProvider::setHttpContext(QueueIt::RailsHttpContext.new(request))
+
+      # Verify if the user has been through the queue
+      validationResult = QueueIt::KnownUser.resolveQueueRequestByLocalConfig(
+        requestUrl,
+        queueitToken,
+        eventConfig,
+        customerId,
+        secretKey)
+
+      if(validationResult.doRedirect)	
+        #Adding no cache headers to prevent browsers to cache requests
+        response.headers["Cache-Control"] = "no-cache, no-store, must-revalidate, max-age=0"
+        response.headers["Pragma"] = "no-cache"
+        response.headers["Expires"] = "Fri, 01 Jan 1990 00:00:00 GMT"
+        #end
+        if(!validationResult.isAjaxResult)
+          # Send the user to the queue - either becuase hash was missing or becuase is was invalid
+          redirect_to validationResult.redirectUrl
+        else
+          head :ok
+          ajaxQueueRedirectHeaderName = validationResult.getAjaxQueueRedirectHeaderKey()
+          response.headers[ajaxQueueRedirectHeaderName] = validationResult.getAjaxRedirectUrl()
+          response.headers["Access-Control-Expose-Headers"] = ajaxQueueRedirectHeaderName
+        end
+      else
+        # Request can continue - we remove queueittoken form querystring parameter to avoid sharing of user specific token				
+        pattern = Regexp.new("([\\?&])(" + QueueIt::KnownUser::QUEUEIT_TOKEN_KEY + "=[^&]*)", Regexp::IGNORECASE)
+        requestUrlWithoutToken = requestUrl.gsub(pattern, '')
+
+        if(requestUrl != requestUrlWithoutToken && validationResult.actionType == "Queue")
+          redirect_to requestUrlWithoutToken
+        end
+      end
+
+    rescue StandardError => stdErr
+      # There was an error validating the request
+      # Use your own logging framework to log the error
+      # This was a configuration error, so we let the user continue
+      puts stdErr.message
+    end
+  end
+end
+```
+
+## Advanced Features
+### Request body trigger
+
+The connector supports triggering on request body content. An example could be a POST call with specific item ID where you want end-users to queue up for.
+For this to work, you will need to contact Queue-it support or enable request body triggers in your integration settings in your GO Queue-it platform account.
+Once enabled you will need to update your integration so request body is available for the connector.  
+You need to create a custom RailsHttpContext similar to this one (make sure to inherit from `QueueIt::RailsHttpContext`):
+
+```ruby
+class RailsHttpContextWithRequestBody < QueueIt::RailsHttpContext
+  @request
+
+  def initialize(request)
+    super
+    @request = request
+  end
+
+  def requestBodyAsString
+    return @request.raw_post
+  end
+end
+```
+
+Then, on each request, before calling the any of the SDK methods, you should initialize the SDK with your custom RailsHttpContext implementation, instead of the RailsHttpContext:
+
+```ruby
+QueueIt::HttpContextProvider::setHttpContext(RailsHttpContextWithRequestBody.new(request))
+```

data/Rakefile

@@ -1,2 +1,2 @@
-require "bundler/gem_tasks"
-task :default => :spec
+require "bundler/gem_tasks"
+task :default => :spec

data/bin/console

@@ -1,14 +1,14 @@
-#!/usr/bin/env ruby
-
-require "bundler/setup"
-require "queueit_knownuserv3"
-
-# You can add fixtures and/or initialization code here to make experimenting
-# with your gem easier. You can also use a different console, if you like.
-
-# (If you use this, don't forget to add pry to your Gemfile!)
-# require "pry"
-# Pry.start
-
-require "irb"
-IRB.start
+#!/usr/bin/env ruby
+
+require "bundler/setup"
+require "queueit_knownuserv3"
+
+# You can add fixtures and/or initialization code here to make experimenting
+# with your gem easier. You can also use a different console, if you like.
+
+# (If you use this, don't forget to add pry to your Gemfile!)
+# require "pry"
+# Pry.start
+
+require "irb"
+IRB.start

data/bin/setup

@@ -1,8 +1,8 @@
-#!/usr/bin/env bash
-set -euo pipefail
-IFS=$'\n\t'
-set -vx
-
-bundle install
-
-# Do any other automated setup that you need to do here
+#!/usr/bin/env bash
+set -euo pipefail
+IFS=$'\n\t'
+set -vx
+
+bundle install
+
+# Do any other automated setup that you need to do here

data/lib/queueit_knownuserv3/connector_diagnostics.rb

@@ -1,69 +1,69 @@
-module QueueIt
-    class ConnectorDiagnostics
-        attr_accessor :isEnabled
-        attr_accessor :hasError
-        attr_accessor :validationResult
-
-        def initialize
-            @isEnabled = false
-            @hasError = false
-            @validationResult = nil
-        end
-
-        def setStateWithTokenError(customerId, errorCode)
-            @hasError = true
-            @validationResult = RequestValidationResult.new(
-                "ConnectorDiagnosticsRedirect",
-                nil, nil, 
-                "https://" + customerId + ".api2.queue-it.net/" + customerId + "/diagnostics/connector/error/?code=" + errorCode, 
-                nil, nil)
-        end
-
-        def setStateWithSetupError()
-            @hasError = true
-            @validationResult = RequestValidationResult.new(
-                "ConnectorDiagnosticsRedirect",
-                nil, nil, 
-                "https://api2.queue-it.net/diagnostics/connector/error/?code=setup", 
-                nil, nil)
-        end
-
-        def self.verify(customerId, secretKey, queueitToken)
-            diagnostics = ConnectorDiagnostics.new
-
-            qParams = QueueUrlParams.extractQueueParams(queueitToken)
-
-            if(qParams == nil)
-                return diagnostics
-            end
-
-            if(qParams.redirectType == nil)
-                return diagnostics
-            end
-
-            if(not qParams.redirectType.upcase.eql?("DEBUG"))
-                return diagnostics
-            end
-
-            if(Utils.isNilOrEmpty(customerId) or Utils.isNilOrEmpty(secretKey))
-                diagnostics.setStateWithSetupError()
-                return diagnostics
-            end
-
-            calculatedHash = OpenSSL::HMAC.hexdigest('sha256', secretKey, qParams.queueITTokenWithoutHash)
-            if(not qParams.hashCode.eql?(calculatedHash))
-                diagnostics.setStateWithTokenError(customerId, "hash")
-                return diagnostics
-            end
-                
-            if(qParams.timeStamp < Time.now.getutc.tv_sec)
-                diagnostics.setStateWithTokenError(customerId, "timestamp")
-                return diagnostics
-			end
-            
-            diagnostics.isEnabled = true
-
-            return diagnostics
-        end            
-    end
+module QueueIt
+    class ConnectorDiagnostics
+        attr_accessor :isEnabled
+        attr_accessor :hasError
+        attr_accessor :validationResult
+
+        def initialize
+            @isEnabled = false
+            @hasError = false
+            @validationResult = nil
+        end
+
+        def setStateWithTokenError(customerId, errorCode)
+            @hasError = true
+            @validationResult = RequestValidationResult.new(
+                "ConnectorDiagnosticsRedirect",
+                nil, nil, 
+                "https://" + customerId + ".api2.queue-it.net/" + customerId + "/diagnostics/connector/error/?code=" + errorCode, 
+                nil, nil)
+        end
+
+        def setStateWithSetupError()
+            @hasError = true
+            @validationResult = RequestValidationResult.new(
+                "ConnectorDiagnosticsRedirect",
+                nil, nil, 
+                "https://api2.queue-it.net/diagnostics/connector/error/?code=setup", 
+                nil, nil)
+        end
+
+        def self.verify(customerId, secretKey, queueitToken)
+            diagnostics = ConnectorDiagnostics.new
+
+            qParams = QueueUrlParams.extractQueueParams(queueitToken)
+
+            if(qParams == nil)
+                return diagnostics
+            end
+
+            if(qParams.redirectType == nil)
+                return diagnostics
+            end
+
+            if(not qParams.redirectType.upcase.eql?("DEBUG"))
+                return diagnostics
+            end
+
+            if(Utils.isNilOrEmpty(customerId) or Utils.isNilOrEmpty(secretKey))
+                diagnostics.setStateWithSetupError()
+                return diagnostics
+            end
+
+            calculatedHash = OpenSSL::HMAC.hexdigest('sha256', secretKey, qParams.queueITTokenWithoutHash)
+            if(not qParams.hashCode.eql?(calculatedHash))
+                diagnostics.setStateWithTokenError(customerId, "hash")
+                return diagnostics
+            end
+                
+            if(qParams.timeStamp < Time.now.getutc.tv_sec)
+                diagnostics.setStateWithTokenError(customerId, "timestamp")
+                return diagnostics
+			end
+            
+            diagnostics.isEnabled = true
+
+            return diagnostics
+        end            
+    end
 end

data/lib/queueit_knownuserv3/httpcontext_provider.rb

@@ -0,0 +1,93 @@
+module QueueIt
+  class IHttpContext
+
+    def userAgent
+      raise 'userAgent not implemented'
+    end
+
+    def headers
+      raise 'headers not implemented'
+    end
+
+    def url
+      raise 'url not implemented'
+    end
+
+    def userHostAddress
+      raise 'userHostAddress not implemented'
+    end
+
+    def cookieManager
+      raise 'cookieManager not implemented'
+    end
+
+    def requestBodyAsString
+      raise 'requestBodyAsString not implemented'
+    end
+
+  end
+
+  class RailsHttpContext < IHttpContext
+    @request
+
+    def initialize(request)
+      @request = request
+    end
+
+    def userAgent
+      return @request.user_agent
+    end
+
+    def headers
+      return @request.headers
+    end
+
+    def url
+      return @request.env["rack.url_scheme"] + "://" + @request.env["HTTP_HOST"] + @request.original_fullpath
+    end
+
+    def userHostAddress
+      return @request.remote_ip
+    end
+
+    def cookieManager
+      cookieManager = CookieManager.new(@request.cookie_jar)
+      return cookieManager
+    end
+
+    def requestBodyAsString
+      return ''
+    end
+
+  end
+
+  # Used to initialize SDK for each request
+  class SDKInitializer
+
+    def self.setHttpContext(httpContext)
+      if (httpContext.class < IHttpContext)
+        HttpContextProvider.setHttpContext(httpContext)
+      else
+        raise "httpContext must be a subclass of IHttpContext (e.g. MyHttpContext < IHttpContext)"
+      end
+    end
+
+  end
+
+  class HttpContextProvider
+    @@httpContext
+
+    def self.httpContext
+      if (defined?(@@httpContext))
+        return @@httpContext
+      else
+        raise "Please initialize the SDK using SDKInitializer.setHttpContext(httpContext) method"
+      end
+    end
+
+    def self.setHttpContext(httpContext)
+      @@httpContext = httpContext
+    end
+
+  end
+end