selfsdk 0.0.195 → 0.0.198

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e41a8293552addc1b1de4266ae6116de304f94da70410d0c6edc159e579a6787
-  data.tar.gz: 974a651863325ae66fd015af0cbcaf95757a79baf90b6336b4a79e15780d824b
+  metadata.gz: '07875d6dd8a8786b62dbb757976d48e6254e553f1baba1f6e804ac75c20984a3'
+  data.tar.gz: f21a0a69b9342b7f8b68b4c288337413183f57ca662e8bf8bd7ea4f2230e9c28
 SHA512:
-  metadata.gz: b53fca4a9a5d211438f38e8c97768b2f84d9513e78adfc10282f1472bd8346e8aa8801659cff543f77d19909bc4588d3f987ca2ee65e909529b48585e5eeabfe
-  data.tar.gz: 643f600065d4fad7c551bf57fd07ac3f316ac9a1f17f496f11aed4d67ec8618371247c1ce2b742d3d6b9a19525689e4e123328bae6e0db3b55e1b4acd21b7a4a
+  metadata.gz: ce37ab428a4e072f413f635114051c5d8b4fb31b96d27f019a8315d09adaec78f3a1a254bdb9511d4feca73c71287f7eb94bdbc521925ec818f51c948fc1de37
+  data.tar.gz: 6140b82f58d59acf6a087f8560d182f82f8e925deb6067688c05133807447ece403871fbd62bf045263e70dcda945731440b5c53ed82e68f6f0d6ebcc7d25f46

data/lib/authenticated.rb

@@ -14,6 +14,7 @@ module SelfSDK
 
     def accepted?
       return false if @payload.nil?
+      return false if @payload[:auth] != true
 
       @payload[:status] == "accepted"
     end

data/lib/chat/file_object.rb

@@ -41,8 +41,7 @@ module SelfSDK
             ciphertext = URI.open(input[:link], "Authorization" => "Bearer #{@token}").read
             break
           rescue => e
-            SelfSDK.logger.info e.message
-            SelfSDK.logger.info e.backtrace.join("\n")
+            SelfSDK.logger.info "error fetching #{input[:link]} : #{e.message}"
             sleep 1
           end
         end

data/lib/messages/attestation.rb

@@ -24,7 +24,16 @@ module SelfSDK
         @expected_value = payload[:expected_value]
         @operator = payload[:operator]
         @fact_name = name.to_s
-        unless payload[name].nil?
+        if payload[name].nil?
+          return if payload[:facts].nil?
+
+          payload[:facts].each do |f|
+            if f[:key] == name.to_s
+              @value = f[:value]
+              break
+            end
+          end
+        else
           @value = payload[name]
         end
       end

data/lib/messages/{authentication_req.rb → connection_request.rb}

@@ -5,13 +5,14 @@
 require 'self_msgproto'
 require_relative 'base'
 require_relative '../ntptime'
-require_relative 'authentication_message'
 
 module SelfSDK
   module Messages
-    class AuthenticationReq < AuthenticationMessage
-      MSG_TYPE = "identities.authenticate.req"
-      DEFAULT_EXP_TIMEOUT = 300
+    class ConnectionRequest < Base
+      MSG_TYPE = "identities.connections.req"
+      DEFAULT_EXP_TIMEOUT = 9000
+
+      attr_accessor :facts, :options, :auth
 
       def initialize(messaging)
         @typ = MSG_TYPE
@@ -22,34 +23,42 @@ module SelfSDK
         @id = SecureRandom.uuid
         @from = @client.jwt.id
         @to = selfid
-
-        @id = opts[:cid] if opts.include?(:cid)
-        @description = opts.include?(:description) ? opts[:description] : nil
         @exp_timeout = opts.fetch(:exp_timeout, DEFAULT_EXP_TIMEOUT)
       end
 
+      def parse(input, envelope=nil)
+        super
+        @typ = MSG_TYPE
+        @body = @payload[:msg]
+      end
+
       def body
-        { typ: MSG_TYPE,
+        {
+          typ: MSG_TYPE,
           iss: @jwt.id,
-          sub: @to,
           aud: @to,
+          sub: @to,
           iat: SelfSDK::Time.now.strftime('%FT%TZ'),
           exp: (SelfSDK::Time.now + @exp_timeout).strftime('%FT%TZ'),
-          cid: @id,
-          jti: SecureRandom.uuid }
+          jti: SecureRandom.uuid,
+          require_confirmation: true,
+        }
       end
 
       protected
 
       def proto(to_device)
+        @to_device = to_device
+        recipient = "#{@to}:#{@to_device}"
+        ciphertext = encrypt_message(@jwt.prepare(body), [{id: @to, device_id: @to_device}])
+
         m = SelfMsg::Message.new
         m.id = @id
         m.sender = "#{@jwt.id}:#{@messaging.device_id}"
-        m.recipient = "#{@to}:#{to_device}"
-        m.ciphertext = encrypt_message(@jwt.prepare(body), [{ id: @to, device_id: to_device }])
+        m.recipient = recipient
+        m.ciphertext = ciphertext
         m
       end
-
     end
   end
 end

data/lib/messages/connection_response.rb

@@ -0,0 +1,52 @@
+# Copyright 2020 Self Group Ltd. All Rights Reserved.
+
+# frozen_string_literal: true
+
+require 'self_msgproto'
+require_relative 'base'
+require_relative '../ntptime'
+
+module SelfSDK
+  module Messages
+    class ConnectionResponse < Base
+      MSG_TYPE = "identities.connections.resp"
+      DEFAULT_EXP_TIMEOUT = 900
+
+      attr_accessor :facts, :options, :auth
+
+      def initialize(messaging)
+        @typ = MSG_TYPE
+        super
+      end
+
+      def populate(selfid)
+        @id = SecureRandom.uuid
+        @from = @client.jwt.id
+        @to = selfid
+      end
+
+      def parse(input, envelope=nil)
+        @typ = MSG_TYPE
+        @payload = get_payload input
+        @body = @payload[:msg]
+        @status = @payload[:status]
+      end
+
+      def get_payload(input)
+        body = if input.is_a? String
+                 input
+               else
+                 input.ciphertext
+               end
+
+        jwt = JSON.parse(body, symbolize_names: true)
+        payload = JSON.parse(@jwt.decode(jwt[:payload]), symbolize_names: true)
+        header = JSON.parse(@jwt.decode(jwt[:protected]), symbolize_names: true)
+        @from = payload[:iss]
+        verify! jwt, header[:kid]
+        payload
+      end
+
+    end
+  end
+end

data/lib/messages/fact.rb

@@ -14,11 +14,15 @@ module SelfSDK
       end
 
       def parse(fact)
-        @name = @messaging.source.normalize_fact_name! fact[:fact]
+        @name = @messaging.source.normalize_fact_name fact[:fact]
         @operator = @messaging.source.normalize_operator!(fact[:operator])
         @sources = []
         fact[:sources]&.each do |s|
-          @sources << @messaging.source.normalize_source!(s)
+          @sources << s.to_s
+        end
+        @issuers = []
+        fact[:issuers]&.each do |i|
+          @issuers << i.to_s
         end
 
         @expected_value = fact[:expected_value] || ""
@@ -39,6 +43,7 @@ module SelfSDK
 
       def to_hash
         h = { fact: @name }
+        h[:issuers] = @issuers if @issuers.length > 0
         unless @sources.nil?
           h[:sources] = @sources if @sources.length > 0
         end

data/lib/messages/fact_issue.rb

@@ -0,0 +1,94 @@
+# Copyright 2020 Self Group Ltd. All Rights Reserved.
+
+# frozen_string_literal: true
+
+require 'self_msgproto'
+require_relative 'base'
+require_relative '../ntptime'
+
+module SelfSDK
+  module Messages
+    class FactIssue < Base
+      MSG_TYPE = "identities.facts.issue"
+      DEFAULT_EXP_TIMEOUT = 900
+
+      def initialize(messaging)
+        @typ = MSG_TYPE
+        super
+      end
+
+      def populate(selfid, facts, opts)
+        @id = opts.fetch(:cid, SecureRandom.uuid)
+        @exp_timeout = opts.fetch(:exp_timeout, DEFAULT_EXP_TIMEOUT)
+        @viewers = opts.fetch(:viewers, nil)
+
+        @from = @jwt.id
+        @to = selfid
+        @attestations = build_attestations!(facts)
+      end
+
+      def body
+        b = {
+          typ: MSG_TYPE,
+          iss: @jwt.id,
+          aud: @to,
+          sub: @to,
+          iat: SelfSDK::Time.now.strftime('%FT%TZ'),
+          exp: (SelfSDK::Time.now + @exp_timeout).strftime('%FT%TZ'),
+          cid: @id,
+          jti: SecureRandom.uuid,
+          status: 'verified',
+          attestations: @attestations
+        }
+        # viewers
+        b[:viewers] = @viewers unless @viewers.nil?
+        b
+      end
+
+      protected
+
+      def proto(to_device)
+        @to_device = to_device
+        recipient = "#{@to}:#{@to_device}"
+        ciphertext = encrypt_message(@jwt.prepare(body), [{id: @to, device_id: @to_device}])
+
+        m = SelfMsg::Message.new
+        m.id = @id
+        m.sender = "#{@jwt.id}:#{@messaging.device_id}"
+        m.recipient = recipient
+        m.ciphertext = ciphertext
+        m
+      end
+
+      private
+
+      def build_attestations!(facts)
+        raise 'facts must be provided in the form of an array' unless facts.kind_of?(Array)
+
+        attestations = []
+        facts.each do |fact|
+          att = fact.transform_keys(&:to_sym)
+          raise 'invalid attestation : does not provide a key' if !att.has_key?(:key) || att[:key].empty?
+
+          raise 'invalid attestation : does not provide a value' if !att.has_key?(:value) || att[:value].empty?
+          att.delete(:source)
+
+          attestations << sign(fact[:source], att)
+        end
+
+        attestations
+      end
+
+      def sign(source, facts)
+        fact = { jti: SecureRandom.uuid,
+                 sub: @to,
+                 iss: @from,
+                 iat: SelfSDK::Time.now.strftime('%FT%TZ'),
+                 source: source,
+                 verified: true,
+                 facts: [ facts ] }
+        @client.jwt.signed(fact)
+      end
+    end
+  end
+end

data/lib/messages/fact_request.rb

@@ -12,7 +12,12 @@ module SelfSDK
       MSG_TYPE = "identities.facts.query.req"
       DEFAULT_EXP_TIMEOUT = 900
 
-      attr_accessor :facts, :options
+      attr_accessor :facts, :options, :auth
+
+      def initialize(messaging)
+        @typ = MSG_TYPE
+        super
+      end
 
       def parse_facts(facts)
         @facts = []
@@ -82,6 +87,7 @@ module SelfSDK
         b = {
           typ: MSG_TYPE,
           iss: @jwt.id,
+          aud: @to,
           sub: @to,
           iat: SelfSDK::Time.now.strftime('%FT%TZ'),
           exp: (SelfSDK::Time.now + @exp_timeout).strftime('%FT%TZ'),

data/lib/messages/fact_response.rb

@@ -13,6 +13,11 @@ module SelfSDK
 
       attr_accessor :facts, :audience, :auth
 
+      def initialize(messaging)
+        @typ = MSG_TYPE
+        super
+      end
+
       def parse(input, envelope=nil)
         @input = input
         @typ = MSG_TYPE
@@ -43,7 +48,7 @@ module SelfSDK
       end
 
       def fact(name)
-        name = @messaging.source.normalize_fact_name!(name)
+        name = @messaging.source.normalize_fact_name(name)
         @facts.select{|f| f.name == name}.first
       end
 
@@ -84,6 +89,10 @@ module SelfSDK
           auth: @auth }
       end
 
+      def auth_response?
+        @auth == true
+      end
+
       protected
 
       def proto(to_device)

data/lib/messages/message.rb

@@ -4,8 +4,6 @@
 
 require_relative "fact_request"
 require_relative "fact_response"
-require_relative "authentication_resp"
-require_relative "authentication_req"
 require_relative "chat_message"
 require_relative "chat_message_read"
 require_relative "chat_message_delivered"
@@ -13,6 +11,7 @@ require_relative "chat_invite"
 require_relative "chat_join"
 require_relative "chat_remove"
 require_relative "document_sign_resp"
+require_relative "connection_response"
 
 module SelfSDK
   module Messages
@@ -30,18 +29,12 @@ module SelfSDK
       payload = JSON.parse(messaging.jwt.decode(jwt[:payload]), symbolize_names: true)
 
       case payload[:typ]
-      when "identities.facts.query.req"
+      when SelfSDK::Messages::FactRequest::MSG_TYPE
         m = FactRequest.new(messaging)
         m.parse(body, envelope)
-      when "identities.facts.query.resp"
+      when SelfSDK::Messages::FactResponse::MSG_TYPE
         m = FactResponse.new(messaging)
         m.parse(body, envelope)
-      when "identities.authenticate.resp"
-        m = AuthenticationResp.new(messaging)
-        m.parse(body, envelope)
-      when "identities.authenticate.req"
-        m = AuthenticationReq.new(messaging)
-        m.parse(body, envelope)
       when SelfSDK::Messages::ChatMessage::MSG_TYPE
         m = ChatMessage.new(messaging)
         m.parse(body, envelope)
@@ -63,6 +56,9 @@ module SelfSDK
       when SelfSDK::Messages::DocumentSignResponse::MSG_TYPE
         m = DocumentSignResponse.new(messaging)
         m.parse(body, envelope)
+      when SelfSDK::Messages::ConnectionResponse::MSG_TYPE
+        m = ConnectionResponse.new(messaging)
+        m.parse(body, envelope)
       else
         raise StandardError.new("Invalid message type #{payload[:typ]}.")
       end

data/lib/messaging.rb

@@ -430,9 +430,8 @@ module SelfSDK
         message.validate! @uuid_observer[message.id][:original_message] if @uuid_observer.include? message.id
         notify_observer(message)
       end
-
     rescue StandardError => e
-      p "Error processing incoming message #{input.to_json}"
+      p "Error processing incoming message #{e.message}"
       SelfSDK.logger.info e
       # p e.backtrace
       nil

data/lib/selfsdk.rb

@@ -17,6 +17,7 @@ require_relative 'authenticated'
 require_relative 'acl'
 require_relative 'sources'
 require_relative 'services/auth'
+require_relative 'services/requester'
 require_relative 'services/facts'
 require_relative 'services/identity'
 require_relative 'services/messaging'
@@ -66,12 +67,12 @@ module SelfSDK
 
     # Provides access to SelfSDK::Services::Facts service
     def facts
-      @facts ||= SelfSDK::Services::Facts.new(messaging, @client)
+      @facts ||= SelfSDK::Services::Facts.new(requester)
     end
 
     # Provides access to SelfSDK::Services::Authentication service
     def authentication
-      @authentication ||= SelfSDK::Services::Authentication.new(messaging, @client)
+      @authentication ||= SelfSDK::Services::Authentication.new(requester)
     end
 
     # Provides access to SelfSDK::Services::Identity service
@@ -109,6 +110,10 @@ module SelfSDK
 
     protected
 
+      def requester
+        @requester ||= SelfSDK::Services::Requester.new(messaging, @client)
+      end
+
       def base_url(opts)
         return opts[:base_url] if opts.key? :base_url
         return "https://api.#{opts[:env].to_s}.joinself.com" if opts.key? :env

data/lib/services/auth.rb

@@ -16,10 +16,8 @@ module SelfSDK
       # @param client [SelfSDK::Client] http client object.
       #
       # @return [SelfSDK::Services::Authentication] authentication service.
-      def initialize(messaging, client)
-        @messaging = messaging.client
-        @messaging_service = messaging
-        @client = client
+      def initialize(requester)
+        @requester = requester
       end
 
       # Sends an authentication request to the specified selfid.
@@ -30,6 +28,7 @@ module SelfSDK
       #  @param [String] selfid the receiver of the authentication request.
       #  @param [Hash] opts the options to authenticate.
       #  @option opts [String] :cid The unique identifier of the authentication request.
+      #  @option opts [Array] :facts array of facts to be requested
       #  @yield [request] Invokes the block with an authentication response for each result.
       #  @return [String, String] conversation id or encoded body.
       #
@@ -38,29 +37,21 @@ module SelfSDK
       #  @param [Hash] opts the options to authenticate.
       #  @option [Boolean] :async if the request is asynchronous.
       #  @option opts [String] :cid The unique identifier of the authentication request.
+      #  @option opts [Array] :facts array of facts to be requested
       #  @return [String, String] conversation id or encoded body.
       def request(selfid, opts = {}, &block)
-        SelfSDK.logger.info "authenticating #{selfid}"
-        rq = opts.fetch(:request, true)
-        if rq
-          raise "You're not permitting connections from #{selfid}" unless @messaging_service.is_permitted?(selfid)
-        end
-
-        req = SelfSDK::Messages::AuthenticationReq.new(@messaging)
-        req.populate(selfid, opts)
-
-        body = @client.jwt.prepare(req.body)
-        return body unless rq
-        return req.send_message if opts.fetch(:async, false)
-
-        # when a block is given the request will always be asynchronous.
-        if block_given?
-          @messaging.set_observer(req, timeout: req.exp_timeout, &block)
-          return req.send_message
-        end
-
-        # Otherwise the request is synchronous
-        req.request
+        opts[:auth] = true
+        facts = opts.fetch(:facts, [])
+
+        @requester.request(selfid, facts, opts, &block)
+      end
+
+      # Adds an observer for a fact response
+      # Whenever you receive a fact response registered observers will receive a notification.
+      #
+      #  @yield [request] Invokes the block with a fact response message.
+      def subscribe(&block)
+        @requester.subscribe(true, &block)
       end
 
       # Generates a QR code so users can authenticate to your app.
@@ -70,10 +61,10 @@ module SelfSDK
       #
       # @return [String, String] conversation id or encoded body.
       def generate_qr(opts = {})
-        opts[:request] = false
-        selfid = opts.fetch(:selfid, "-")
-        req = request(selfid, opts)
-        ::RQRCode::QRCode.new(req, level: 'l')
+        opts[:auth] = true
+        facts = opts.fetch(:facts, [])
+
+        @requester.generate_qr(facts, opts)
       end
 
       # Generates a deep link to authenticate with self app.
@@ -84,24 +75,10 @@ module SelfSDK
       #
       # @return [String, String] conversation id or encoded body.
       def generate_deep_link(callback, opts = {})
-        opts[:request] = false
-        selfid = opts.fetch(:selfid, "-")
-        body = @client.jwt.encode(request(selfid, opts))
-
-        if @client.env.empty?
-          return "https://links.joinself.com/?link=#{callback}%3Fqr=#{body}&apn=com.joinself.app"
-        elsif @client.env == 'development'
-          return "https://links.joinself.com/?link=#{callback}%3Fqr=#{body}&apn=com.joinself.app.dev"
-        end
-        "https://#{@client.env}.links.joinself.com/?link=#{callback}%3Fqr=#{body}&apn=com.joinself.app.#{@client.env}"
-      end
+        opts[:auth] = true
+        facts = opts.fetch(:facts, [])
 
-      # Adds an observer for an authentication response
-      def subscribe(&block)
-        @messaging.subscribe :authentication_response do |res|
-          valid_payload(res.input)
-          yield(res)
-        end
+        @requester.generate_deep_link(facts, callback, opts)
       end
 
       private
@@ -130,27 +107,6 @@ module SelfSDK
         nil
       end
 
-      # Prepares an authentication payload to be sent to a user.
-      #
-      # @param selfid [string] the selfid of the user you want to send the auth request to.
-      # @param cid [string] the conversation id to be used.
-      def prepare_payload(selfid, cid)
-        # TODO should this be moved to its own message/auth_req.rb?
-        body = {
-            typ: 'identities.authenticate.req',
-            aud: @client.self_url,
-            iss: @client.jwt.id,
-            sub: selfid,
-            iat: SelfSDK::Time.now.strftime('%FT%TZ'),
-            exp: (SelfSDK::Time.now + 3600).strftime('%FT%TZ'),
-            cid: cid,
-            jti: SecureRandom.uuid,
-            device_id: @messaging.device_id,
-        }
-
-        @client.jwt.prepare(body)
-      end
-
       def parse_payload(response)
         jws = @client.jwt.parse(response)
         return unless jws.include? :payload
@@ -161,7 +117,7 @@ module SelfSDK
         identity = @client.entity(payload[:sub])
         return if identity.nil?
 
-        return payload
+        payload
       end
     end
   end

data/lib/services/chat.rb

@@ -6,6 +6,8 @@ require 'self_crypto'
 require_relative '../chat/file_object'
 require_relative '../chat/group'
 require_relative '../chat/message'
+require_relative "../messages/connection_request"
+
 module SelfSDK
   module Services
     class Chat
@@ -15,7 +17,7 @@ module SelfSDK
         @messaging = messaging
         @client = client
         @app_id = @messaging.client.client.jwt.id
-        @auth_token = @messaging.client.client.jwt.auth_token
+        @jwt = @messaging.client.client.jwt
         @self_url = @messaging.client.client.self_url
       end
 
@@ -34,7 +36,7 @@ module SelfSDK
         payload[:rid] = opts[:rid] if opts.key? :rid
         payload[:objects] = opts[:objects] if opts.key? :objects
 
-        m = SelfSDK::Chat::Message.new(self, recipients, payload, @auth_token, @self_url)
+        m = SelfSDK::Chat::Message.new(self, recipients, payload, @jwt.auth_token, @self_url)
         _req = send(m.recipients, m.payload)
 
         m
@@ -43,7 +45,7 @@ module SelfSDK
       # Subscribes to an incoming chat message
       def on_message(opts = {}, &block)
         @messaging.subscribe :chat_message do |msg|
-          cm = SelfSDK::Chat::Message.new(self, msg.payload[:aud], msg.payload, @auth_token, @self_url)
+          cm = SelfSDK::Chat::Message.new(self, msg.payload[:aud], msg.payload, @jwt.auth_token, @self_url)
 
           cm.mark_as_delivered unless opts[:mark_as_delivered] == false
           cm.mark_as_read if opts[:mark_as_read] == true
@@ -128,7 +130,7 @@ module SelfSDK
                     members: members }
 
         if opts.key? :data
-          obj = SelfSDK::Chat::FileObject.new(@auth_token, @self_url)
+          obj = SelfSDK::Chat::FileObject.new(@jwt.auth_token, @self_url)
           obj_payload = obj.build_from_data("", opts[:data], opts[:mime]).to_payload
           obj_payload.delete(:name)
           payload.merge! obj_payload
@@ -160,6 +162,46 @@ module SelfSDK
         send(members, typ: "chat.remove", gid: gid )
       end
 
+      # Generates a connection request in form of QR
+      #
+      #  @opts opts [Integer] :exp_timeout timeout in seconds to expire the request.
+      def generate_connection_qr(opts = {})
+        req = SelfSDK::Messages::ConnectionRequest.new(@messaging)
+        req.populate(@jwt.id, opts)
+        body = @jwt.prepare(req.body)
+
+        ::RQRCode::QRCode.new(body, level: 'l')
+      end
+
+      # Generates a connection request in form of deep link
+      #
+      # @param callback [String] the url you'll be redirected if the app is not installed.
+      #  @opts opts [Integer] :exp_timeout timeout in seconds to expire the request.
+      def generate_connection_deep_link(callback, opts = {})
+        req = SelfSDK::Messages::ConnectionRequest.new(@messaging)
+        req.populate(@jwt.id, opts)
+        body = @jwt.prepare(req.body)
+        body = @jwt.encode(body)
+
+        env = @messaging.client.client.env
+        if env.empty?
+          return "https://links.joinself.com/?link=#{callback}%3Fqr=#{body}&apn=com.joinself.app"
+        elsif env == 'development'
+          return "https://links.joinself.com/?link=#{callback}%3Fqr=#{body}&apn=com.joinself.app.dev"
+        end
+
+        "https://#{env}.links.joinself.com/?link=#{callback}%3Fqr=#{body}&apn=com.joinself.app.#{env}"
+      end
+
+      # Subscribes to a connection response
+      #
+      #  @yield [request] Invokes the block with a connection response message.
+      def on_connection(&block)
+        @messaging.subscribe :connection_response do |msg|
+          block.call(msg)
+        end
+      end
+
       private
 
       # sends a confirmation for a list of messages to a list of recipients.