smile-identity-core 1.0.2 → 1.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 4632631c9d5d1180a47ba34c74c5fd759d888d4f2bee913a002fd011f30e2354
-  data.tar.gz: 4e8a6febb9f7ebf199650c79db18f4d9c65fed6a6246cbd03bf17bfc78eae50f
+  metadata.gz: 2c6c2b9d1846e6939c1a1f8407b24d08f40eb54492f302ff682f0070afbd837a
+  data.tar.gz: 46d3ef6830ee732870ea1657faeb3d1feb8f020b05dd715b615d313541e90bfe
 SHA512:
-  metadata.gz: 816929a769bc1ceb3dde1afc9957885dccf3ebb73c901b7d119277dedc64e3c59e14f2a7f1aa8304521314c262e4fa1393b3c74e562224c0b3f90ee7bcafc8a9
-  data.tar.gz: d6c20e2a4947ecdf24fc0eabd2d24820277c60a4dd857b3ce74bff2b465cbbbea3b9530a8380069437b5309aa8fecaa0f461e822b4d21b8656234a7739e840d1
+  metadata.gz: 6548acb1e3cb5efa6cd2d73b048449e99ef74c8e3dde60fa06373c6535353f97bc46eb950446ed825c5938b95559db85d58870ce8909f258bcd7066bedae0085
+  data.tar.gz: 4a0b84d72c3ce4b69c051c944d2cc95d4c02bb58244fd2b47bc532d7f6a67ab5e7bb5d7cccb89c8e4a7fc0f217c3548a457ae1a6783ed6bdd2e9b3b18ed80d7d

data/.travis.yml

@@ -4,4 +4,7 @@ language: ruby
 cache: bundler
 rvm:
   - 2.5.1
-before_install: gem install bundler -v 2.0.2
+  - 2.6
+  - 2.7
+  - 3.0
+before_install: gem install bundler -v 2.2.6

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    smile-identity-core (1.0.1)
+    smile-identity-core (1.1.0)
       rubyzip (~> 1.2, >= 1.2.3)
       typhoeus (~> 1.0, >= 1.0.1)
 
@@ -12,8 +12,8 @@ GEM
     docile (1.1.5)
     ethon (0.12.0)
       ffi (>= 1.3.0)
-    ffi (1.11.3)
-    json (2.2.0)
+    ffi (1.13.1)
+    json (2.5.1)
     rake (10.5.0)
     rspec (3.8.0)
       rspec-core (~> 3.8.0)
@@ -34,7 +34,7 @@ GEM
       json (>= 1.8, < 3)
       simplecov-html (~> 0.10.0)
     simplecov-html (0.10.2)
-    typhoeus (1.3.1)
+    typhoeus (1.4.0)
       ethon (>= 0.9.0)
 
 PLATFORMS
@@ -48,4 +48,4 @@ DEPENDENCIES
   smile-identity-core!
 
 BUNDLED WITH
-   2.0.2
+   2.2.6

data/README.md

@@ -1,4 +1,4 @@
-# SmileIdentityCore
+# SmileIdentityCore [![Build Status](https://travis-ci.com/smileidentity/smile-identity-core-ruby.svg?branch=master)](https://travis-ci.com/smileidentity/smile-identity-core-ruby)
 
 The official Smile Identity gem exposes four classes namely; the Web Api class, the ID Api class, the Signature class and the Utilities class.
 
@@ -20,7 +20,7 @@ The **Utilities Class** allows you as the Partner to have access to our general
 
 This gem requires specific input parameters, for more detail on these parameters please refer to our [documentation for Web API](https://docs.smileidentity.com).
 
-Please note that you will have to be a Smile Identity Partner to be able to query our services. You can sign up on the [Portal](https://test-smileid.herokuapp.com/signup?products[]=1-IDVALIDATION&products[]=2-AUTHENTICATION).
+Please note that you will have to be a Smile Identity Partner to be able to query our services. You can sign up on the [Portal](https://portal.smileidentity.com/signup).
 
 ## Installation
 

data/lib/smile-identity-core/id_api.rb

@@ -8,8 +8,8 @@ module SmileIdentityCore
       @sid_server = sid_server
       if !(sid_server =~ URI::regexp)
         sid_server_mapping = {
-          0 => 'https://3eydmgh10d.execute-api.us-west-2.amazonaws.com/test',
-          1 => 'https://la7am6gdm8.execute-api.us-west-2.amazonaws.com/prod'
+          0 => 'https://testapi.smileidentity.com/v1',
+          1 => 'https://api.smileidentity.com/v1',
         }
         @url = sid_server_mapping[sid_server.to_i]
       else
@@ -17,12 +17,10 @@ module SmileIdentityCore
       end
     end
 
-    def submit_job(partner_params, id_info)
+    def submit_job(partner_params, id_info, options = {})
       self.partner_params = symbolize_keys partner_params
-
-      @timestamp = Time.now.to_i
-
       self.id_info = symbolize_keys id_info
+      @use_new_signature = symbolize_keys(options || {}).fetch(:signature, false)
 
       if @partner_params[:job_type].to_i != 5
         raise ArgumentError.new('Please ensure that you are setting your job_type to 5 to query ID Api')
@@ -99,20 +97,28 @@ module SmileIdentityCore
     end
 
     def configure_json
-      body = {
-        timestamp: @timestamp,
-        sec_key: determine_sec_key,
-        partner_id: @partner_id,
-        partner_params: @partner_params
-      }
-
-      body.merge!(@id_info)
-      JSON.generate(body)
+      request_security(use_new_signature: @use_new_signature)
+        .merge(@id_info)
+        .merge(
+          partner_id: @partner_id,
+          partner_params: @partner_params)
+        .to_json
     end
 
-    def determine_sec_key
-      @sec_key = SmileIdentityCore::Signature.new(@partner_id, @api_key).generate_sec_key(@timestamp)[:sec_key]
+    def request_security(use_new_signature: true)
+      if use_new_signature
+        @timestamp = Time.now.to_s
+        {
+          signature: SmileIdentityCore::Signature.new(@partner_id, @api_key).generate_signature(@timestamp)[:signature],
+          timestamp: @timestamp,
+        }
+      else
+        @timestamp = Time.now.to_i
+        {
+          sec_key: SmileIdentityCore::Signature.new(@partner_id, @api_key).generate_sec_key(@timestamp)[:sec_key],
+          timestamp: @timestamp,
+        }
+      end
     end
-
   end
 end

data/lib/smile-identity-core/signature.rb

@@ -3,7 +3,7 @@ module SmileIdentityCore
 
     def initialize(partner_id, api_key)
       @api_key = api_key
-      @partner_id = partner_id.to_i
+      @partner_id = partner_id
     end
 
     def generate_sec_key(timestamp=Time.now.to_i)
@@ -36,5 +36,21 @@ module SmileIdentityCore
         raise e
       end
     end
+
+    def generate_signature(timestamp=Time.now.to_s)
+      hmac = OpenSSL::HMAC.new(@api_key, 'sha256')
+      hmac.update(timestamp.to_s)
+      hmac.update(@partner_id)
+      hmac.update("sid_request")
+      signature = Base64.strict_encode64(hmac.digest())
+      return {
+        signature: signature,
+        timestamp: timestamp.to_s
+      }
+    end
+
+    def confirm_signature(timestamp, msg_signature)
+      generate_signature(timestamp)[:signature] == msg_signature
+    end
   end
 end

data/lib/smile-identity-core/utilities.rb

@@ -7,8 +7,8 @@ module SmileIdentityCore
 
       if !(sid_server =~ URI::regexp)
         sid_server_mapping = {
-          0 => 'https://3eydmgh10d.execute-api.us-west-2.amazonaws.com/test',
-          1 => 'https://la7am6gdm8.execute-api.us-west-2.amazonaws.com/prod'
+          0 => 'https://testapi.smileidentity.com/v1',
+          1 => 'https://api.smileidentity.com/v1',
         }
         @url = sid_server_mapping[sid_server.to_i]
       else
@@ -20,16 +20,12 @@ module SmileIdentityCore
     end
 
     def get_job_status(user_id, job_id, options = {})
+      options = symbolize_keys(options || {})
+      options[:return_history] ||= false
+      options[:return_image_links] ||= false
 
-      if(options.nil? || options.empty?)
-        options = {
-          return_history: false,
-          return_job_status: false
-        }
-      end
-
-      @timestamp = Time.now.to_i
-      return query_job_status(user_id, job_id, symbolize_keys(options))
+      security = request_security(use_new_signature: options.fetch(:signature, false))
+      query_job_status(configure_job_query(user_id, job_id, options).merge(security))
     end
 
     private
@@ -38,21 +34,30 @@ module SmileIdentityCore
       (params.is_a?(Hash)) ? Hash[params.map{ |k, v| [k.to_sym, v] }] : params
     end
 
-    def query_job_status(user_id, job_id, options)
+    def query_job_status(request_json_data)
       url = "#{@url}/job_status"
 
       request = Typhoeus::Request.new(
         url,
         headers: {'Content-Type': 'application/json', 'Accept': 'application/json'},
         method: :post,
-        body: configure_job_query(user_id, job_id, options)
+        body: request_json_data.to_json
       )
 
       request.on_complete do |response|
         begin
           body = JSON.parse(response.body)
 
-          valid = @signature_connection.confirm_sec_key(body['timestamp'], body['signature'])
+          # NB: we have to trust that the server will return the right kind of
+          # timestamp (integer or string) for the signature, and the right kind
+          # of signature in the "signature" field. The best way to know what
+          # kind of validation to perform is by remembering which kind of
+          # security we started with.
+          if request_json_data.has_key?(:sec_key)
+            valid = @signature_connection.confirm_sec_key(body['timestamp'], body['signature'])
+          else
+            valid = @signature_connection.confirm_signature(body['timestamp'], body['signature'])
+          end
 
           if(!valid)
             raise "Unable to confirm validity of the job_status response"
@@ -67,17 +72,30 @@ module SmileIdentityCore
       request.run
     end
 
+    def request_security(use_new_signature: false)
+      if use_new_signature
+        @timestamp = Time.now.to_s
+        {
+          signature: @signature_connection.generate_signature(@timestamp)[:signature],
+          timestamp: @timestamp,
+        }
+      else
+        @timestamp = Time.now.to_i
+        {
+          sec_key: @signature_connection.generate_sec_key(@timestamp)[:sec_key],
+          timestamp: @timestamp,
+        }
+      end
+    end
+
     def configure_job_query(user_id, job_id, options)
-      return {
-        sec_key: @signature_connection.generate_sec_key(@timestamp)[:sec_key],
-        timestamp: @timestamp,
+      {
         user_id: user_id,
         job_id: job_id,
         partner_id: @partner_id,
-        image_links: options[:return_image_links] || false,
-        history:  options[:return_history] || false
-      }.to_json
+        image_links: options[:return_image_links],
+        history:  options[:return_history]
+      }
     end
-
   end
 end

data/lib/smile-identity-core/version.rb

@@ -1,3 +1,8 @@
 module SmileIdentityCore
-  VERSION = "1.0.2"
+  VERSION = "1.1.0"
+
+  def self.version_as_hash
+    major, minor, patch = *VERSION.split('.')
+    { majorVersion: major, minorVersion: minor, buildNumber: patch }
+  end
 end

data/lib/smile-identity-core/web_api.rb

@@ -18,8 +18,8 @@ module SmileIdentityCore
       @sid_server = sid_server
       if !(sid_server =~ URI::regexp)
         sid_server_mapping = {
-          0 => 'https://3eydmgh10d.execute-api.us-west-2.amazonaws.com/test',
-          1 => 'https://la7am6gdm8.execute-api.us-west-2.amazonaws.com/prod'
+          0 => 'https://testapi.smileidentity.com/v1',
+          1 => 'https://api.smileidentity.com/v1',
         }
         @url = sid_server_mapping[sid_server.to_i]
       else
@@ -35,8 +35,6 @@ module SmileIdentityCore
       end
 
       self.images = images
-      @timestamp = Time.now.to_i
-
       self.id_info = symbolize_keys id_info
       self.options = symbolize_keys options
 
@@ -130,19 +128,13 @@ module SmileIdentityCore
     end
 
     def options=(options)
-      updated_options = options
-
-      if updated_options.nil?
-        updated_options = {}
-      end
+      updated_options = options || {}
 
-      [:optional_callback, :return_job_status, :return_image_links, :return_history].map do |key|
-        if key != :optional_callback
-          updated_options[key] = check_boolean(key, options)
-        else
-          updated_options[key] = check_string(key, options)
-        end
-      end
+      updated_options[:optional_callback] = check_string(:optional_callback, options)
+      updated_options[:return_job_status] = check_boolean(:return_job_status, options)
+      updated_options[:return_image_links] = check_boolean(:return_image_links, options)
+      updated_options[:return_history] = check_boolean(:return_history, options)
+      @use_new_signature = updated_options.fetch(:signature, false)
 
       @options = updated_options
     end
@@ -176,6 +168,7 @@ module SmileIdentityCore
 
       return obj[key]
     end
+    # zeKn:WFL7t2X/+4
 
     def check_string(key, obj)
       if (!obj || !obj[key])
@@ -185,23 +178,30 @@ module SmileIdentityCore
       end
     end
 
-    def determine_sec_key
-      @sec_key = SmileIdentityCore::Signature.new(@partner_id, @api_key).generate_sec_key(@timestamp)[:sec_key]
+    def request_security(use_new_signature: true)
+      if use_new_signature
+        @timestamp = Time.now.to_s
+        {
+          signature: SmileIdentityCore::Signature.new(@partner_id, @api_key).generate_signature(@timestamp)[:signature],
+          timestamp: @timestamp,
+        }
+      else
+        @timestamp = Time.now.to_i
+        {
+          sec_key: SmileIdentityCore::Signature.new(@partner_id, @api_key).generate_sec_key(@timestamp)[:sec_key],
+          timestamp: @timestamp,
+        }
+      end
     end
 
     def configure_prep_upload_json
-
-      body = {
+      request_security(use_new_signature: @use_new_signature).merge(
         file_name: 'selfie.zip',
-        timestamp: @timestamp,
-        sec_key: determine_sec_key,
         smile_client_id: @partner_id,
         partner_params: @partner_params,
         model_parameters: {}, # what is this for
         callback_url: @callback_url
-      }
-
-      JSON.generate(body)
+      ).to_json
     end
 
     def setup_requests
@@ -216,6 +216,12 @@ module SmileIdentityCore
 
       request.on_complete do |response|
         if response.success?
+          # TODO: if/when we sign these responses, verify the signature here and raise if it's off.
+          # if updated_options[:signature]
+          #   SmileIdentityCore::Signature.new(@partner_id, @api_key).generate_signature(@timestamp)
+          # else
+          #   SmileIdentityCore::Signature.new(@partner_id, @api_key).generate_sec_key(@timestamp)
+          # end
 
           prep_upload_response = JSON.parse(response.body)
           info_json = configure_info_json(prep_upload_response)
@@ -239,18 +245,12 @@ module SmileIdentityCore
     def configure_info_json(server_information)
       info = {
         "package_information": {
-          "apiVersion": {
-            "buildNumber": 0,
-            "majorVersion": 2,
-            "minorVersion": 0
-          },
+          "apiVersion": SmileIdentityCore.version_as_hash,
           "language": "ruby"
         },
-        "misc_information": {
-          "sec_key": @sec_key,
+        "misc_information": request_security(use_new_signature: @use_new_signature).merge(
           "retry": "false",
           "partner_params": @partner_params,
-          "timestamp": @timestamp,
           "file_name": "selfie.zip", # figure out what to do here
           "smile_client_id": @partner_id,
           "callback_url": @callback_url,
@@ -266,7 +266,7 @@ module SmileIdentityCore
             "countryCode": "+",
             "countryName": ""
           }
-        },
+        ),
         "id_info": @id_info,
         "images": configure_image_payload,
         "server_information": server_information
@@ -276,7 +276,7 @@ module SmileIdentityCore
 
     def configure_image_payload
       @images.map { |i|
-        if isImageFile?i[:image_type_id]
+        if image_file?(i[:image_type_id])
           {
             image_type_id: i[:image_type_id],
             image: '',
@@ -292,7 +292,7 @@ module SmileIdentityCore
       }
     end
 
-    def isImageFile?type
+    def image_file?(type)
       type.to_i == 0 || type.to_i == 1
     end
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: smile-identity-core
 version: !ruby/object:Gem::Version
-  version: 1.0.2
+  version: 1.1.0
 platform: ruby
 authors:
 - Ridhwana
-autorequire: 
+autorequire:
 bindir: exe
 cert_chain: []
-date: 2020-01-16 00:00:00.000000000 Z
+date: 2021-09-29 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -130,7 +130,6 @@ files:
 - lib/smile-identity-core/version.rb
 - lib/smile-identity-core/web_api.rb
 - smile-identity-core.gemspec
-- travis.yml
 homepage: https://www.smileidentity.com/
 licenses:
 - MIT
@@ -139,7 +138,7 @@ metadata:
   source_code_uri: https://github.com/smileidentity/smile-identity-core-ruby
   documentation_uri: https://docs.smileidentity.com
   changelog_uri: https://github.com/smileidentity/smile-identity-core/blob/master/CHANGELOG.md
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -154,9 +153,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.7.6
-signing_key: 
+rubygems_version: 3.2.3
+signing_key:
 specification_version: 4
 summary: The Smile Identity Web API allows the user to access most of the features
   of the Smile Identity system through direct server to server queries.

data/travis.yml

@@ -1,9 +0,0 @@
-language: ruby
-rvm:
-  - 2.5.1
-
-script:
-  - bundle exec rake spec
-
-before_install:
-  - gem install bundle