soteria 1.0.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 4c0cfc2a664b2499ac66b28f0448574b4f051b3b
+  data.tar.gz: 868b423d6a0be0b622c983be79444f428dcbedff
+SHA512:
+  metadata.gz: 6563f1bb0d6c1961dd7653e097e45fefed2d61e78b7bbabbb19ca1c66a78610479e9f5aa2163a2ff68d3dbed36c93b489d288319e723b85b6677d9ecf2e8df9e
+  data.tar.gz: 8e5ee6d25474c868fb929f6defcfa0e4194395b29b66d1b202e16e90d080752c1a40fcbc07ed00f1037cdcc6e51539fefc297f4efac82c13e63a848858a0272c

data/.gitignore

@@ -0,0 +1,9 @@
+/.bundle/
+/.yardoc
+/Gemfile.lock
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/

data/.rspec

@@ -0,0 +1,2 @@
+--format documentation
+--color

data/.travis.yml

@@ -0,0 +1,5 @@
+sudo: false
+language: ruby
+rvm:
+  - 2.3.1
+before_install: gem install bundler -v 1.13.2

data/CODE_OF_CONDUCT.md

@@ -0,0 +1,74 @@
+# Contributor Covenant Code of Conduct
+
+## Our Pledge
+
+In the interest of fostering an open and welcoming environment, we as
+contributors and maintainers pledge to making participation in our project and
+our community a harassment-free experience for everyone, regardless of age, body
+size, disability, ethnicity, gender identity and expression, level of experience,
+nationality, personal appearance, race, religion, or sexual identity and
+orientation.
+
+## Our Standards
+
+Examples of behavior that contributes to creating a positive environment
+include:
+
+* Using welcoming and inclusive language
+* Being respectful of differing viewpoints and experiences
+* Gracefully accepting constructive criticism
+* Focusing on what is best for the community
+* Showing empathy towards other community members
+
+Examples of unacceptable behavior by participants include:
+
+* The use of sexualized language or imagery and unwelcome sexual attention or
+advances
+* Trolling, insulting/derogatory comments, and personal or political attacks
+* Public or private harassment
+* Publishing others' private information, such as a physical or electronic
+  address, without explicit permission
+* Other conduct which could reasonably be considered inappropriate in a
+  professional setting
+
+## Our Responsibilities
+
+Project maintainers are responsible for clarifying the standards of acceptable
+behavior and are expected to take appropriate and fair corrective action in
+response to any instances of unacceptable behavior.
+
+Project maintainers have the right and responsibility to remove, edit, or
+reject comments, commits, code, wiki edits, issues, and other contributions
+that are not aligned to this Code of Conduct, or to ban temporarily or
+permanently any contributor for other behaviors that they deem inappropriate,
+threatening, offensive, or harmful.
+
+## Scope
+
+This Code of Conduct applies both within project spaces and in public spaces
+when an individual is representing the project or its community. Examples of
+representing a project or community include using an official project e-mail
+address, posting via an official social media account, or acting as an appointed
+representative at an online or offline event. Representation of a project may be
+further defined and clarified by project maintainers.
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be
+reported by contacting the project team at caslerry@msu.edu. All
+complaints will be reviewed and investigated and will result in a response that
+is deemed necessary and appropriate to the circumstances. The project team is
+obligated to maintain confidentiality with regard to the reporter of an incident.
+Further details of specific enforcement policies may be posted separately.
+
+Project maintainers who do not follow or enforce the Code of Conduct in good
+faith may face temporary or permanent repercussions as determined by other
+members of the project's leadership.
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4,
+available at [http://contributor-covenant.org/version/1/4][version]
+
+[homepage]: http://contributor-covenant.org
+[version]: http://contributor-covenant.org/version/1/4/

data/Gemfile

@@ -0,0 +1,2 @@
+source 'https://rubygems.org'
+gemspec

data/LICENSE.txt

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2016 Ryan Casler
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md

@@ -0,0 +1,77 @@
+# Soteria
+
+Soteria is a gem to integrate Symantec VIP two factor authentication into any application.
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'soteria'
+```
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install soteria
+
+## Obtaining a certificate
+
+To use Soteria in your project you first need a certificate from [Symantec VIP manager](https://manager.vip.symantec.com).
+To obtain a certificate login and go to Account -> Manage VIP Certificates -> Request a Certificate. From there follow 
+the directions to create a new certificate. On the download screen select the PKCS#12 format and enter the password you 
+would like to use to secure the certificate.
+
+After downloading the PKCS#12 certificate, you must split it into a public and private key. To do so run the following two 
+commands.
+   
+Extract the private key: 
+    
+    $ openssl pkcs12 -in yourP12File.pfx -nocerts -out privateKey.pem
+
+Extract the public certificate: 
+
+    $ openssl pkcs12 -in yourP12File.pfx -clcerts -nokeys -out publicCert.pem
+
+## Usage
+
+Once the certificate is split, Soteria is easy to use. 
+
+```ruby
+# Start by createing a Soteria client 
+soteria = soteria = Soteria.new('/Users/user/soteria/lib/publicCert.pem', '/Users/user/soteria/lib/privateKey.pem', 'passwordForKey')
+
+# Register a new user
+soteria.create_user('userid', nil)
+
+# Add a credential
+soteria.add_credential('userid', 'VSMT123456', CredentialTypes::STANDARD, nil)
+
+# Send a push to that user
+soteria.send_push('userid', nil)
+# => { success: true, id: 'send_push_request_20161025010101', transaction_id: '3239814823', message: 'Success' }
+
+# Poll for the push response
+soteria.poll_for_response('3239814823', 5, 30)
+# => { success: true, message: '"Mobile push request approved by user', id: 'poll_push_status_20161025010101' }
+```
+
+
+## Development
+
+After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
+
+To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
+
+## Contributing
+
+Bug reports and pull requests are welcome on GitHub at https://github.com/ryanrampage1/soteria. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [Contributor Covenant](http://contributor-covenant.org) code of conduct.
+
+
+## License
+
+The gem is available as open source under the terms of the [MIT License](http://opensource.org/licenses/MIT).
+

data/Rakefile

@@ -0,0 +1,5 @@
+require 'bundler/gem_tasks'
+
+Dir.glob('tasks/**/*.rake').each(&method(:import))
+
+task default: :spec

data/bin/bundler

@@ -0,0 +1,17 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+#
+# This file was generated by Bundler.
+#
+# The application 'bundler' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+require "pathname"
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../../Gemfile",
+  Pathname.new(__FILE__).realpath)
+
+require "rubygems"
+require "bundler/setup"
+
+load Gem.bin_path("bundler", "bundler")

data/bin/console

@@ -0,0 +1,17 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+#
+# This file was generated by Bundler.
+#
+# The application 'console' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+require "pathname"
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../../Gemfile",
+  Pathname.new(__FILE__).realpath)
+
+require "rubygems"
+require "bundler/setup"
+
+load Gem.bin_path("soteria", "console")

data/bin/htmldiff

@@ -0,0 +1,17 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+#
+# This file was generated by Bundler.
+#
+# The application 'htmldiff' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+require "pathname"
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../../Gemfile",
+  Pathname.new(__FILE__).realpath)
+
+require "rubygems"
+require "bundler/setup"
+
+load Gem.bin_path("diff-lcs", "htmldiff")

data/bin/ldiff

@@ -0,0 +1,17 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+#
+# This file was generated by Bundler.
+#
+# The application 'ldiff' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+require "pathname"
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../../Gemfile",
+  Pathname.new(__FILE__).realpath)
+
+require "rubygems"
+require "bundler/setup"
+
+load Gem.bin_path("diff-lcs", "ldiff")

data/bin/nokogiri

@@ -0,0 +1,17 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+#
+# This file was generated by Bundler.
+#
+# The application 'nokogiri' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+require "pathname"
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../../Gemfile",
+  Pathname.new(__FILE__).realpath)
+
+require "rubygems"
+require "bundler/setup"
+
+load Gem.bin_path("nokogiri", "nokogiri")

data/bin/rackup

@@ -0,0 +1,17 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+#
+# This file was generated by Bundler.
+#
+# The application 'rackup' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+require "pathname"
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../../Gemfile",
+  Pathname.new(__FILE__).realpath)
+
+require "rubygems"
+require "bundler/setup"
+
+load Gem.bin_path("rack", "rackup")

data/bin/rake

@@ -0,0 +1,17 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+#
+# This file was generated by Bundler.
+#
+# The application 'rake' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+require "pathname"
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../../Gemfile",
+  Pathname.new(__FILE__).realpath)
+
+require "rubygems"
+require "bundler/setup"
+
+load Gem.bin_path("rake", "rake")

data/bin/rspec

@@ -0,0 +1,17 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+#
+# This file was generated by Bundler.
+#
+# The application 'rspec' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+require "pathname"
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../../Gemfile",
+  Pathname.new(__FILE__).realpath)
+
+require "rubygems"
+require "bundler/setup"
+
+load Gem.bin_path("rspec-core", "rspec")

data/bin/setup

@@ -0,0 +1,17 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+#
+# This file was generated by Bundler.
+#
+# The application 'setup' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+require "pathname"
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../../Gemfile",
+  Pathname.new(__FILE__).realpath)
+
+require "rubygems"
+require "bundler/setup"
+
+load Gem.bin_path("soteria", "setup")

data/bin/socksify_ruby

@@ -0,0 +1,17 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+#
+# This file was generated by Bundler.
+#
+# The application 'socksify_ruby' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+require "pathname"
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../../Gemfile",
+  Pathname.new(__FILE__).realpath)
+
+require "rubygems"
+require "bundler/setup"
+
+load Gem.bin_path("socksify", "socksify_ruby")

data/lib/soteria.rb

@@ -0,0 +1,10 @@
+module Soteria
+
+  def self.client(cert_file, cert_key_file, password, should_log)
+    Client.new(cert_file, cert_key_file, password, should_log)
+  end
+
+end
+
+require "soteria/version"
+require "soteria/client"

data/lib/soteria/client.rb

@@ -0,0 +1,326 @@
+require 'savon'
+require 'soteria/utilities'
+require 'soteria/sms'
+require 'soteria/credential'
+require 'soteria/user'
+require 'soteria/push'
+
+module Soteria
+
+  class Client
+
+    # To use Soteria, SSL certificates for Symantec VIP Services are required. To obtain a certificate go to
+    # https://manager.vip.symantec.com/ and log in. From the dashboard go to Account -> Manage VIP Certificates -> Request
+    # a Certificate. From there follow the directions to create a new certificate. On the download screen select the PKCS#12
+    # format and enter the password you would like to use to secure the certificate. Once the certificate is downoaded run
+    # these two commands to split the PKCS#12 certificate into a public and private key.
+    #
+    # @param [String] cert_file The relative path to the SSL cert on the server.
+    # @param [String] cert_key_file The relative path to the SSL cert key on the server.
+    # @param [String] password The password for the cert key file.
+    # @param [Boolean] should_log if the client should log everything. This is good for development.
+    def initialize(cert_file, cert_key_file, password, should_log)
+      # @cert_file = cert_file
+      # @cert_key_file = cert_key_file
+      # @cert_key_password = password
+
+      #[:get_server_time, :get_user_info, :get_credential_info, :get_temporary_password_attributes, :poll_push_status]
+      @query_client = Utilities.create_client('http://webdev.cse.msu.edu/~yehanlin/vip/vipuserservices-query-1.7.wsdl', should_log, cert_file, cert_key_file, password)
+
+      #[:authenticate_user, :authenticate_user_with_push, :authenticate_credentials, :evaluate_risk, :confirm_risk, :deny_risk, :check_otp]
+      @auth_client = Utilities.create_client('http://webdev.cse.msu.edu/~yehanlin/vip/vipuserservices-auth-1.7.wsdl', should_log, cert_file, cert_key_file, password)
+
+      #[:create_user, :update_user, :delete_user, :clear_user_pin, :add_credential, :update_credential, :remove_credential, :set_temporary_password, :clear_temporary_password, :set_temporary_password_attributes, :send_otp, :register]
+      @management_client = Utilities.create_client('http://webdev.cse.msu.edu/~yehanlin/vip/vipuserservices-mgmt-1.7.wsdl', should_log, cert_file, cert_key_file, password)
+
+      @push = Push.new
+      @sms = SMS.new
+      @credential = Credential.new
+      @user = User.new
+    end
+
+
+    # Getter for the query client
+    #
+    # @return [Soteria.Client] The Query client
+    def get_query_client
+      @query_client
+    end
+
+
+    # Getter for the auth client
+    #
+    # @return [Soteria.Client] The Auth client
+    def get_auth_client
+      @auth_client
+    end
+
+
+    # Getter for the management client
+    #
+    # @return [Soteria.Client] The Management client
+    def get_management_client
+      @management_client
+    end
+
+
+    # Send a push notification to the specified user for authentication.
+    #
+    # @param [String] user_id Id of the user to authenticate. This is the user id that is stored in the Symantec database.
+    # @param [Hash] options
+    # @return [Hash]
+    def send_push(user_id, options)
+      @push.send_push(@auth_client, user_id, options)
+    end
+
+
+    # Polls for the status of the push notification. This is necessary because VIP does not have push support.
+    # This will poll until the response is no longer push in progress, then it will return a hash with the results.
+    #
+    # @param [String] transaction_id The id of the push transaction. id is in the hash returned from the send_push call
+    # @param [Int] interval An integer value in seconds that is the interval between polling VIP Services for a push response.
+    # @param [Int] time_out An integer value in seconds that is the timeout for polling. This should match the timeout that was set for the push message.
+    # @return [Hash] A hash with information on if the authentication was successful.
+    def poll_for_response(transaction_id, interval, time_out)
+      @push.poll_for_response(@query_client, transaction_id, interval, time_out)
+    end
+
+
+    # authenticate_with_push handles the process of sending the push to a user as well as polling for the response.
+    # It calls send_push, then takes the transaction id from that call and starts polling for the result. It has the
+    # same result as making the calls independently but requires only one call instead of two as well as handles any errors.
+    #
+    # @param [String] user_id Id of the user to authenticate. This is the user id that is stored in the Symantec database.
+    # @param [Int] interval An integer value in seconds that is the interval between polling VIP Services for a push response.
+    # @param [Int] time_out An integer value in seconds that is the timeout for polling. This should match the timeout that was set for the push message.
+    # @param [Hash] options
+    # @return [Hash] A hash with information on if the authentication was successful.
+    def authenticate_with_push(user_id, interval, time_out, options)
+      push_response = @push.send_push(@auth_client, user_id, options)
+
+      unless push_response[:success]
+        return push_response
+      end
+
+      transaction_id = push_response[:transaction_id]
+
+      @push.poll_for_response(@query_client, transaction_id, interval, time_out)
+    end
+
+
+    # Authenticate a user with a credential. A credential includes a physical token, the desktop VIP credential app or
+    # the mobile VIP credential app. Users must link their credential id to their user id for this authentication to work.
+    #
+    # @param [String] user_id Id of the user to authenticate. This is the user id that is stored in the Symantec database.
+    # @param [String] credential_code The code from the users credential that was entered into the website.
+    # @return [Hash] A hash with information on if the authentication was successful.
+    def authenticate_user_cridential(user_id, credential_code)
+      @credential.authenticate_user_credential(@auth_client, user_id, credential_code)
+    end
+
+
+    # Check if a otp is valid for a given credential.
+    #
+    # @param [Integer] otp The One Time Password to check if valid.
+    # @param [Array] credentials An array of hashes, with between 1 and 5 credentials. Each hash should contain 2 values :id - the id of the credential and :type - the type of the credential.
+    # @see CredentialTypes
+    # @return [Hash] A hash with all information about if the otp was successful
+    def authenticate_credentials(otp, credentials)
+      @credential.authenticate_credentials(@auth_client, otp, credentials)
+    end
+
+
+    # Send a sms One Time Password to a user.
+    #
+    # @param [String] user_id Id of the user to authenticate. This is the user id that is stored in the Symantec database.
+    # @param [Int] phone_number The phone number that the sms code should be sent to.
+    # @return [Hash] A hash with all the appropriate information about the status of the SMS.
+    def send_sms(user_id, phone_number)
+      @sms.send_sms(@management_client, user_id, phone_number)
+    end
+
+
+    # Check if the otp that a user entered is valid or not.
+    #
+    # @param [String] user_id Id of the user to authenticate. This is the user id that is stored in the Symantec database.
+    # @param [Object] otp The otp that was sent to the user via sms or voice
+    # @return [Hash] A hash with all information about if the otp was successful
+    def check_otp(user_id, otp)
+      @sms.check_otp(@auth_client, user_id, otp)
+    end
+
+
+    # Add a new user to the list of users in Symantec VIP database.
+    #
+    # @param [String] user_id Id of the user to create.
+    # @param [String] pin an optional value that is a pin for the user. The PIN may be 4 to 128 international characters in length, depending on restrictions of the PIN policy.
+    # @return [Hash] A hash that contains: :success a boolean if the call succeeded, :message a string with any error message, :id the id of the call for debugging purposes
+    def create_user(user_id, pin)
+      @user.create(@management_client, user_id, pin)
+    end
+
+
+    # Delete a user from the database of Symantec VIP users.
+    #
+    # @param [String] user_id Id of the user to delete.
+    # @return [Hash] A hash that contains: :success a boolean if the call succeeded, :message a string with any error message, :id the id of the call for debugging purposes
+    def delete_user(user_id)
+      @user.delete(@management_client, user_id)
+    end
+
+
+    # Use updateUser to update information about a user in VIP User Services.
+    #
+    # @param [String] user_id The unique ID for the user.
+    # @param [Object] options
+    # @return [Hash] A hash that contains; :success a boolean if the call succeeded, :message a string with any error message, :id the id of the call for debugging purposes
+    def update_user(user_id, options)
+      @user.update_user(@management_client, user_id, options)
+    end
+
+
+    # Use clearUserPin to remove an assigned PIN from a user.
+    #
+    # @param [String] user_id The unique ID for the user.
+    # @return [Hash] A hash that contains; :success a boolean if the call succeeded, :message a string with any error message, :id the id of the call for debugging purposes
+    def clear_user_pin(user_id)
+      @user.clear_user_pin(@management_client, user_id)
+    end
+
+
+    # Use setTemporaryPasswordAttributes to change the expiration date for a temporary security code you previously set.
+    #
+    # @param [String] user_id The unique ID for the user.
+    # @param [Object] options
+    # @return [Hash] A hash that contains; :success a boolean if the call succeeded, :message a string with any error message, :id the id of the call for debugging purposes
+    def set_temp_pass_attr(user_id, options)
+      @user.set_temp_pass_attr(@management_client, user_id, options)
+    end
+
+
+    # Use getTemporaryPasswordAttributes to poll VIP User Services every three to five seconds to check the status of a
+    # push notification. The push notification is validated against the notification’s unique transaction ID.
+    #
+    # @param [String] user_id The unique ID for the user.
+    # @return [Hash] A hash that contains; :success a boolean if the call succeeded, :message a string with any error message, :id the id of the call for debugging purposes
+    def get_temp_pass_attr(user_id)
+      @user.get_temp_pass_attr(@query_client, user_id)
+    end
+
+
+    # Use setTemporaryPassword to set a temporary security code for a user. You can optionally set an
+    # expiration date for the security code, or set it for one-time use only. The request requires the user ID and
+    # optionally, the temporary security code string. If you do not provide a security code, VIP User Services generates
+    # one for you.
+    #
+    # @param [String] user_id The unique ID for the user.
+    # @param [Int] phone The phone or mobile device number to which the VIP User Service should deliver the security code.
+    # @param [Hash] options
+    # @return [Hash] A hash that contains; :success a boolean if the call succeeded, :message a string with any error message, :id the id of the call for debugging purposes
+    def set_temp_password(user_id, phone, options)
+      @user.set_temp_password(@management_client, user_id, phone, options)
+    end
+
+
+    # Use clearTemporaryPassword to add users to VIP User Services.to remove a temporary security code from a user. If the
+    # user attempts to use a temporary security that has been cleared, VIP User Services returns an error stating the
+    # security code is not set. If the user validates a security code using a valid credential, any temporary security
+    # code that is set for that user is automatically cleared.
+    #
+    # @param [String] user_id The unique ID for the user.
+    # @return [Hash] A hash that contains; :success a boolean if the call succeeded, :message a string with any error message, :id the id of the call for debugging purposes
+    def clear_temp_pass(user_id)
+      @user.clear_temp_pass(@management_client, user_id)
+    end
+
+
+    # Use getCredentialInfo to get the credential that was last bound to the user, When the credential was last authenticated and
+    # the friendly name for the credential.
+    #
+    # @param [String] credential_id The unique ID for the credential.
+    # @param [String] credential_type The type of the credential.
+    # @param [Boolean] include_push If this flag is present and set to be true, the response contains all the push attributes in the field pushAttributes.
+    # @return [Hash] A hash that contains; :success a boolean if the call succeeded, :message a string with any error message, :id the id of the call for debugging purposes. Also contains :credential which is a hash with info about the credential.
+    def get_credential_info(credential_id, credential_type, include_push)
+      @credential.get_credential_info(@query_client, credential_id, credential_type, include_push)
+    end
+
+
+    # Use getServerTime to obtain the current server time.
+    #
+    # @return [Hash] A hash that contains; :success a boolean if the call succeeded, :message a string with any error message, :id the id of the call for debugging purposes. Also contains :time which is current server time.
+    def get_server_time()
+      @credential.get_server_time(@query_client)
+    end
+
+
+    # Add a credential to an existing user in the Symantec VIP database.
+    #
+    # @param [String] user_id Id of the user to add a credential to.
+    # @param [String] credential_id
+    # @param [String] credential_type must be one of the keys to the credential types from the Utilities class.
+    # @see Utilities::CREDENTIAL_TYPES
+    # @param [Hash] options A hash that can contain the following. :name adds a friendly name to the credential added to vip, :otp sends a otp from the credential with the request to verify that the user actually has possession of the credential
+    # @return [Hash] A hash that contains; :success a boolean if the call succeeded, :message a string with any error message, :id the id of the call for debugging purposes
+    def add_credential(user_id, credential_id, credential_type, options)
+      @user.add_credential(@management_client, user_id, credential_id, credential_type, options)
+    end
+
+
+    # Get all the credentials that have been last bound to a user or the last authentication, as well as the friendly
+    # name for the user's credential.
+    #
+    # Returns an array with a hash for every credential that can be used as a second factor authentication option a user has. Each hash contains:
+    # * :type - The type of the credential.
+    # * :enabled - If the credential is enabled.
+    # * :friendly_name - The name the user gave the credential.
+    # * :push - A boolean if push is enabled for the credential.
+    # * :credential_id - The id of the credential. This is useful for SMS auth.
+    #
+    # @param [String] user_id Id of the user to get information about.
+    # @param [Boolean] include_push If the users push details should be returned.
+    def get_user_info(user_id, include_push)
+      @user.get_user_info(@query_client, user_id, include_push)
+    end
+
+
+    # Call to register a SMS credential to the VIP account. Before a user can add a SMS credential to their account
+    # it must first exist in the organizations list of credentials.
+    #
+    # @param [Integer] phone_number The phone number credential to register.
+    # @return [Hash] A hash that contains; :success a boolean if the call succeeded, :message a string with any error message, :id the id of the call for debugging purposes
+    def register_sms(phone_number)
+      @credential.register_sms(@management_client, phone_number)
+    end
+
+
+    # Remove a credential from a given user. If the Device deletion policy for Remembered Devices is set to Admin Only,
+    # credentials can only be removed through VIP Manager. The removeCredential API will return the error 6010: This
+    # account is not authorized to perform the requested operation
+    #
+    # @param [String] user_id Id of the user to remove a credential from.
+    # @param [String] credential_id Unique identifier of the credential.
+    # @param [String] credential_type must be one of the keys to the credential types from the Utilities class.
+    # @see Utilities::CREDENTIAL_TYPES
+    # @return [Hash] A hash that contains; :success a boolean if the call succeeded, :message a string with any error message, :id the id of the call for debugging purposes
+    def remove_credential(user_id, credential_id, credential_type)
+      puts @user.remove_credential(@management_client, user_id, credential_id, credential_type)
+    end
+
+
+    # Updates the friendly name of a users credential.
+    #
+    # @param [String] user_id Id of the user to remove a credential from.
+    # @param [String] credential_id Unique identifier of the credential.
+    # @param [String] credential_type must be one of the keys to the credential types from the Utilities class.
+    # @see Utilities::CREDENTIAL_TYPES
+    # @param [Object] name A user-defined name to identify the credential.
+    # @return [Hash] A hash that contains; :success a boolean if the call succeeded, :message a string with any error message, :id the id of the call for debugging purposes
+    def update_credential(user_id, credential_id, credential_type, name)
+      puts @user.update_credential(@management_client, user_id, credential_id, credential_type, name)
+    end
+
+
+  end
+
+end