telesign 1.0.2 → 2.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/telesign.rb +6 -404
- data/lib/telesign/autoverify.rb +23 -0
- data/lib/telesign/messaging.rb +33 -0
- data/lib/telesign/phoneid.rb +21 -0
- data/lib/telesign/rest.rb +177 -136
- data/lib/telesign/score.rb +21 -0
- data/lib/telesign/util.rb +39 -0
- data/lib/telesign/voice.rb +33 -0
- metadata +31 -5
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: ab9def95b96cf38a18a3da1f0bdeb190bb2b1251
|
4
|
+
data.tar.gz: 2b56069c25921ede2a59470e077d45b36536a60f
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 7717044b79a5869bf239d0c0e0f522337a8e90cdcc0be80e3cf69c56e419307a804f2c59252118d413309b0338325a5672e583f25c40f5638bcbc0c0864843af
|
7
|
+
data.tar.gz: 17264a1b3234d6b5dfe37a492c867200db0f2943faa6dab287d31c8313544e7629469c142ef1b6209d7c03298daeca23ee682d0033d092927bfb2846cbd3b425
|
data/lib/telesign.rb
CHANGED
@@ -1,405 +1,7 @@
|
|
1
|
-
|
2
|
-
|
3
|
-
|
4
|
-
# TeleSign Ruby SDK REST API endpoints.
|
5
|
-
#
|
6
|
-
# The api module contains Python classes and methods that allow you to
|
7
|
-
# use the Ruby programming language to programmatically access the
|
8
|
-
# Verify and PhoneId TeleSign web services.
|
9
|
-
#
|
10
|
-
|
1
|
+
require 'telesign/autoverify'
|
2
|
+
require 'telesign/messaging'
|
3
|
+
require 'telesign/phoneid'
|
11
4
|
require 'telesign/rest'
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
module API
|
16
|
-
|
17
|
-
# The PhoneId class exposes services that each provide detailed
|
18
|
-
# information about a specified phone number.
|
19
|
-
class PhoneId < Telesign::API::Rest
|
20
|
-
|
21
|
-
def initialize(customer_id,
|
22
|
-
secret_key,
|
23
|
-
ssl=true,
|
24
|
-
api_host='rest.telesign.com',
|
25
|
-
timeout=nil)
|
26
|
-
|
27
|
-
super(customer_id,
|
28
|
-
secret_key,
|
29
|
-
ssl,
|
30
|
-
api_host,
|
31
|
-
timeout)
|
32
|
-
end
|
33
|
-
|
34
|
-
# Retrieves the standard set of details about the specified phone number.
|
35
|
-
# This includes the type of phone (e.g., land line or mobile), and it's
|
36
|
-
# approximate geographic location.
|
37
|
-
def standard(phone_number,
|
38
|
-
use_case_code=nil,
|
39
|
-
extra=nil,
|
40
|
-
timeout=nil)
|
41
|
-
|
42
|
-
params = {}
|
43
|
-
|
44
|
-
unless use_case_code.nil?
|
45
|
-
params[:ucid] = use_case_code
|
46
|
-
end
|
47
|
-
|
48
|
-
unless extra.nil?
|
49
|
-
params.merge!(extra)
|
50
|
-
end
|
51
|
-
|
52
|
-
execute(Net::HTTP::Get,
|
53
|
-
"/v1/phoneid/standard/#{phone_number}",
|
54
|
-
params,
|
55
|
-
nil,
|
56
|
-
timeout)
|
57
|
-
end
|
58
|
-
|
59
|
-
# Retrieves a score for the specified phone number. This ranks the phone number's
|
60
|
-
# "risk level" on a scale from 0 to 1000, so you can code your web application to
|
61
|
-
# handle particular use cases (e.g., to stop things like chargebacks, identity
|
62
|
-
# theft, fraud, and spam).
|
63
|
-
def score(phone_number,
|
64
|
-
use_case_code,
|
65
|
-
extra=nil,
|
66
|
-
timeout=nil)
|
67
|
-
|
68
|
-
params = {:ucid => use_case_code}
|
69
|
-
|
70
|
-
unless extra.nil?
|
71
|
-
params.merge!(extra)
|
72
|
-
end
|
73
|
-
|
74
|
-
execute(Net::HTTP::Get,
|
75
|
-
"/v1/phoneid/score/#{phone_number}",
|
76
|
-
params,
|
77
|
-
nil,
|
78
|
-
timeout)
|
79
|
-
end
|
80
|
-
|
81
|
-
# In addition to the information retrieved by standard, this service provides the
|
82
|
-
# Name & Address associated with the specified phone number.
|
83
|
-
def contact(phone_number,
|
84
|
-
use_case_code,
|
85
|
-
extra=nil,
|
86
|
-
timeout=nil)
|
87
|
-
|
88
|
-
params = {:ucid => use_case_code}
|
89
|
-
|
90
|
-
unless extra.nil?
|
91
|
-
params.merge!(extra)
|
92
|
-
end
|
93
|
-
|
94
|
-
execute(Net::HTTP::Get,
|
95
|
-
"/v1/phoneid/contact/#{phone_number}",
|
96
|
-
params,
|
97
|
-
nil,
|
98
|
-
timeout)
|
99
|
-
end
|
100
|
-
|
101
|
-
# In addition to the information retrieved by standard, this service provides
|
102
|
-
# actionable data associated with the specified phone number.
|
103
|
-
def live(phone_number,
|
104
|
-
use_case_code,
|
105
|
-
extra=nil,
|
106
|
-
timeout=nil)
|
107
|
-
|
108
|
-
params = {:ucid => use_case_code}
|
109
|
-
|
110
|
-
unless extra.nil?
|
111
|
-
params.merge!(extra)
|
112
|
-
end
|
113
|
-
|
114
|
-
execute(Net::HTTP::Get,
|
115
|
-
"/v1/phoneid/live/#{phone_number}",
|
116
|
-
params,
|
117
|
-
nil,
|
118
|
-
timeout)
|
119
|
-
end
|
120
|
-
|
121
|
-
# In addition to the information retrieved by standard, this service provides
|
122
|
-
# data about potential sim_swaps associated with the specified phone number.
|
123
|
-
def sim_swap(phone_number,
|
124
|
-
use_case_code,
|
125
|
-
extra=nil,
|
126
|
-
timeout=nil)
|
127
|
-
|
128
|
-
params = {:ucid => use_case_code}
|
129
|
-
|
130
|
-
unless extra.nil?
|
131
|
-
params.merge!(extra)
|
132
|
-
end
|
133
|
-
|
134
|
-
execute(Net::HTTP::Get,
|
135
|
-
"/v1/phoneid/sim_swap/check/#{phone_number}",
|
136
|
-
params,
|
137
|
-
nil,
|
138
|
-
timeout)
|
139
|
-
end
|
140
|
-
|
141
|
-
# In addition to the information retrieved by standard, this service provides
|
142
|
-
# information on call forwarding for the phone number provided.
|
143
|
-
def call_forward(phone_number,
|
144
|
-
use_case_code,
|
145
|
-
extra=nil,
|
146
|
-
timeout=nil)
|
147
|
-
|
148
|
-
params = {:ucid => use_case_code}
|
149
|
-
|
150
|
-
unless extra.nil?
|
151
|
-
params.merge!(extra)
|
152
|
-
end
|
153
|
-
|
154
|
-
execute(Net::HTTP::Get,
|
155
|
-
"/v1/phoneid/call_forward/#{phone_number}",
|
156
|
-
params,
|
157
|
-
nil,
|
158
|
-
timeout)
|
159
|
-
end
|
160
|
-
|
161
|
-
# In addition to the information retrieved by standard, this service provides
|
162
|
-
# information on call forwarding for the phone number provided.
|
163
|
-
def number_deactivation(phone_number,
|
164
|
-
use_case_code,
|
165
|
-
extra=nil,
|
166
|
-
timeout=nil)
|
167
|
-
|
168
|
-
params = {:ucid => use_case_code}
|
169
|
-
|
170
|
-
unless extra.nil?
|
171
|
-
params.merge!(extra)
|
172
|
-
end
|
173
|
-
|
174
|
-
execute(Net::HTTP::Get,
|
175
|
-
"/v1/phoneid/number_deactivation/#{phone_number}",
|
176
|
-
params,
|
177
|
-
nil,
|
178
|
-
timeout)
|
179
|
-
end
|
180
|
-
|
181
|
-
end
|
182
|
-
|
183
|
-
# The Verify class exposes several services for sending users a verification
|
184
|
-
# token. You can use this mechanism to simply test whether you can reach users
|
185
|
-
# at the phone number they supplied, or you can have them use the token to
|
186
|
-
# authenticate themselves with your web application.
|
187
|
-
#
|
188
|
-
# This class also exposes a service that is used in conjunction with the first
|
189
|
-
# two services, in that it allows you to confirm the result of the authentication.
|
190
|
-
#
|
191
|
-
# You can use this verification factor in combination with username & password to
|
192
|
-
# provide two-factor authentication for higher security.
|
193
|
-
class Verify < Telesign::API::Rest
|
194
|
-
|
195
|
-
def initialize(customer_id,
|
196
|
-
secret_key,
|
197
|
-
ssl=true,
|
198
|
-
api_host='rest.telesign.com',
|
199
|
-
timeout=nil)
|
200
|
-
|
201
|
-
super(customer_id,
|
202
|
-
secret_key,
|
203
|
-
ssl,
|
204
|
-
api_host,
|
205
|
-
timeout)
|
206
|
-
end
|
207
|
-
|
208
|
-
# Sends a text message containing the verification code, to the specified
|
209
|
-
# phone number (supported for mobile phones only).
|
210
|
-
def sms(phone_number,
|
211
|
-
use_case_code=nil,
|
212
|
-
extra=nil,
|
213
|
-
timeout=nil)
|
214
|
-
|
215
|
-
params = {:phone_number => phone_number}
|
216
|
-
|
217
|
-
unless use_case_code.nil?
|
218
|
-
params[:use_case_code] = use_case_code
|
219
|
-
end
|
220
|
-
|
221
|
-
unless extra.nil?
|
222
|
-
params.merge!(extra)
|
223
|
-
end
|
224
|
-
|
225
|
-
execute(Net::HTTP::Post,
|
226
|
-
"/v1/verify/sms",
|
227
|
-
nil,
|
228
|
-
params,
|
229
|
-
timeout)
|
230
|
-
end
|
231
|
-
|
232
|
-
# Calls the specified phone number, and using speech synthesis, speaks the
|
233
|
-
# verification code to the user.
|
234
|
-
def call(phone_number,
|
235
|
-
use_case_code=nil,
|
236
|
-
extra=nil,
|
237
|
-
timeout=nil)
|
238
|
-
|
239
|
-
params = {:phone_number => phone_number}
|
240
|
-
|
241
|
-
unless use_case_code.nil?
|
242
|
-
params[:use_case_code] = use_case_code
|
243
|
-
end
|
244
|
-
|
245
|
-
unless extra.nil?
|
246
|
-
params.merge!(extra)
|
247
|
-
end
|
248
|
-
|
249
|
-
execute(Net::HTTP::Post,
|
250
|
-
"/v1/verify/call",
|
251
|
-
nil,
|
252
|
-
params,
|
253
|
-
timeout)
|
254
|
-
end
|
255
|
-
|
256
|
-
# Calls the specified phone number, and using speech synthesis, speaks the
|
257
|
-
# verification code to the user.
|
258
|
-
def smart(phone_number,
|
259
|
-
use_case_code,
|
260
|
-
extra=nil,
|
261
|
-
timeout=nil)
|
262
|
-
|
263
|
-
params = {:phone_number => phone_number,
|
264
|
-
:ucid => use_case_code}
|
265
|
-
|
266
|
-
unless extra.nil?
|
267
|
-
params.merge!(extra)
|
268
|
-
end
|
269
|
-
|
270
|
-
execute(Net::HTTP::Post,
|
271
|
-
"/v1/verify/smart",
|
272
|
-
nil,
|
273
|
-
params,
|
274
|
-
timeout)
|
275
|
-
|
276
|
-
end
|
277
|
-
|
278
|
-
# The **push** method sends a push notification containing the verification
|
279
|
-
# code to the specified phone number (supported for mobile phones only).
|
280
|
-
def push(phone_number,
|
281
|
-
use_case_code,
|
282
|
-
extra=nil,
|
283
|
-
timeout=nil)
|
284
|
-
|
285
|
-
params = {:phone_number => phone_number,
|
286
|
-
:ucid => use_case_code}
|
287
|
-
|
288
|
-
unless extra.nil?
|
289
|
-
params.merge!(extra)
|
290
|
-
end
|
291
|
-
|
292
|
-
execute(Net::HTTP::Post,
|
293
|
-
"/v2/verify/push",
|
294
|
-
nil,
|
295
|
-
params,
|
296
|
-
timeout)
|
297
|
-
|
298
|
-
end
|
299
|
-
|
300
|
-
# Retrieves the verification result. You make this call in your web application
|
301
|
-
# after users complete the authentication transaction (using either a call or sms).
|
302
|
-
def status(reference_id,
|
303
|
-
verify_code=nil,
|
304
|
-
extra=nil,
|
305
|
-
timeout=nil)
|
306
|
-
|
307
|
-
params = {}
|
308
|
-
|
309
|
-
unless verify_code.nil?
|
310
|
-
params[:verify_code] = verify_code
|
311
|
-
end
|
312
|
-
|
313
|
-
unless extra.nil?
|
314
|
-
params.merge!(extra)
|
315
|
-
end
|
316
|
-
|
317
|
-
execute(Net::HTTP::Get,
|
318
|
-
"/v1/verify/#{reference_id}",
|
319
|
-
params,
|
320
|
-
nil,
|
321
|
-
timeout)
|
322
|
-
end
|
323
|
-
end
|
324
|
-
|
325
|
-
|
326
|
-
# The **Telebureau** class exposes services for creating, retrieving, updating and
|
327
|
-
# deleting telebureau fraud events. You can use this mechanism to simply test whether
|
328
|
-
# you can reach telebureau services.
|
329
|
-
class TeleBureau < Telesign::API::Rest
|
330
|
-
|
331
|
-
def initialize(customer_id,
|
332
|
-
secret_key,
|
333
|
-
ssl=true,
|
334
|
-
api_host='rest.telesign.com',
|
335
|
-
timeout=nil)
|
336
|
-
|
337
|
-
super(customer_id,
|
338
|
-
secret_key,
|
339
|
-
ssl,
|
340
|
-
api_host,
|
341
|
-
timeout)
|
342
|
-
end
|
343
|
-
|
344
|
-
# Creates a telebureau event corresponding to supplied data.
|
345
|
-
def create(phone_number,
|
346
|
-
fraud_type,
|
347
|
-
occurred_at,
|
348
|
-
extra=nil,
|
349
|
-
timeout=nil)
|
350
|
-
|
351
|
-
params = {:phone_number => phone_number,
|
352
|
-
:fraud_type => fraud_type,
|
353
|
-
:occurred_at => occurred_at}
|
354
|
-
|
355
|
-
unless extra.nil?
|
356
|
-
params.merge!(extra)
|
357
|
-
end
|
358
|
-
|
359
|
-
execute(Net::HTTP::Post,
|
360
|
-
"/v1/telebureau/event",
|
361
|
-
nil,
|
362
|
-
params,
|
363
|
-
timeout)
|
364
|
-
end
|
365
|
-
|
366
|
-
# Retrieves the fraud event status. You make this call in your web application after
|
367
|
-
# completion of create transaction for a telebureau event.
|
368
|
-
def retrieve(reference_id,
|
369
|
-
extra=nil,
|
370
|
-
timeout=nil)
|
371
|
-
|
372
|
-
params = {}
|
373
|
-
|
374
|
-
unless extra.nil?
|
375
|
-
params.merge!(extra)
|
376
|
-
end
|
377
|
-
|
378
|
-
execute(Net::HTTP::Get,
|
379
|
-
"/v1/telebureau/event/#{reference_id}",
|
380
|
-
params,
|
381
|
-
nil,
|
382
|
-
timeout)
|
383
|
-
end
|
384
|
-
|
385
|
-
# Deletes a previously submitted fraud event. You make this call in your web application
|
386
|
-
# after completion of the create transaction for a telebureau event.
|
387
|
-
def delete(reference_id,
|
388
|
-
extra=nil,
|
389
|
-
timeout=nil)
|
390
|
-
|
391
|
-
params = {}
|
392
|
-
|
393
|
-
unless extra.nil?
|
394
|
-
params.merge!(extra)
|
395
|
-
end
|
396
|
-
|
397
|
-
execute(Net::HTTP::Delete,
|
398
|
-
"/v1/telebureau/event/#{reference_id}",
|
399
|
-
params,
|
400
|
-
nil,
|
401
|
-
timeout)
|
402
|
-
end
|
403
|
-
end
|
404
|
-
end
|
405
|
-
end
|
5
|
+
require 'telesign/score'
|
6
|
+
require 'telesign/util'
|
7
|
+
require 'telesign/voice'
|
@@ -0,0 +1,23 @@
|
|
1
|
+
require 'telesign/rest'
|
2
|
+
|
3
|
+
AUTOVERIFY_STATUS_RESOURCE = '/v1/mobile/verification/status/%{external_id}'
|
4
|
+
|
5
|
+
module Telesign
|
6
|
+
|
7
|
+
# AutoVerify is a secure, lightweight SDK that integrates a frictionless user verification process into existing
|
8
|
+
# native mobile applications.
|
9
|
+
class AutoVerifyClient < RestClient
|
10
|
+
|
11
|
+
# Retrieves the verification result for an AutoVerify transaction by external_id. To ensure a secure verification
|
12
|
+
# flow you must check the status using TeleSign's servers on your backend. Do not rely on the SDK alone to
|
13
|
+
# indicate a successful verification.
|
14
|
+
#
|
15
|
+
# See https://developer.telesign.com/docs/auto-verify-sdk#section-obtaining-verification-status for detailed API
|
16
|
+
# documentation.
|
17
|
+
def status(external_id, **params)
|
18
|
+
|
19
|
+
self.get(AUTOVERIFY_STATUS_RESOURCE % {:external_id => external_id},
|
20
|
+
**params)
|
21
|
+
end
|
22
|
+
end
|
23
|
+
end
|
@@ -0,0 +1,33 @@
|
|
1
|
+
require 'telesign/rest'
|
2
|
+
|
3
|
+
MESSAGING_RESOURCE = '/v1/messaging'
|
4
|
+
MESSAGING_STATUS_RESOURCE = '/v1/messaging/%{reference_id}'
|
5
|
+
|
6
|
+
module Telesign
|
7
|
+
|
8
|
+
# TeleSign's Messaging API allows you to easily send SMS messages. You can send alerts, reminders, and notifications,
|
9
|
+
# or you can send verification messages containing one-time passcodes (OTP).
|
10
|
+
class MessagingClient < RestClient
|
11
|
+
|
12
|
+
# Send a message to the target phone_number.
|
13
|
+
#
|
14
|
+
# See https://developer.telesign.com/v2.0/docs/messaging-api for detailed API documentation.
|
15
|
+
def message(phone_number, message, message_type, **params)
|
16
|
+
|
17
|
+
self.post(MESSAGING_RESOURCE,
|
18
|
+
phone_number: phone_number,
|
19
|
+
message: message,
|
20
|
+
message_type: message_type,
|
21
|
+
**params)
|
22
|
+
end
|
23
|
+
|
24
|
+
# Retrieves the current status of the message.
|
25
|
+
#
|
26
|
+
# See https://developer.telesign.com/v2.0/docs/messaging-api for detailed API documentation.
|
27
|
+
def status(reference_id, **params)
|
28
|
+
|
29
|
+
self.get(MESSAGING_STATUS_RESOURCE % {:reference_id => reference_id},
|
30
|
+
**params)
|
31
|
+
end
|
32
|
+
end
|
33
|
+
end
|
@@ -0,0 +1,21 @@
|
|
1
|
+
require 'telesign/rest'
|
2
|
+
|
3
|
+
PHONEID_RESOURCE = '/v1/phoneid/%{phone_number}'
|
4
|
+
|
5
|
+
module Telesign
|
6
|
+
|
7
|
+
# A set of APIs that deliver deep phone number data attributes that help optimize the end user
|
8
|
+
# verification process and evaluate risk.
|
9
|
+
class PhoneIdClient < RestClient
|
10
|
+
|
11
|
+
# The PhoneID API provides a cleansed phone number, phone type, and telecom carrier information to determine the
|
12
|
+
# best communication method - SMS or voice.
|
13
|
+
#
|
14
|
+
# See https://developer.telesign.com/docs/phoneid-api for detailed API documentation.
|
15
|
+
def phoneid(phone_number, **params)
|
16
|
+
|
17
|
+
self.post(PHONEID_RESOURCE % {:phone_number => phone_number},
|
18
|
+
**params)
|
19
|
+
end
|
20
|
+
end
|
21
|
+
end
|
data/lib/telesign/rest.rb
CHANGED
@@ -1,181 +1,222 @@
|
|
1
|
-
#
|
2
|
-
# Copyright (c) 2016 TeleSign
|
3
|
-
#
|
4
|
-
# TeleSign Ruby SDK HMAC REST Auth.
|
5
|
-
#
|
6
|
-
|
7
1
|
require 'pp'
|
8
2
|
require 'json'
|
9
3
|
require 'time'
|
10
4
|
require 'base64'
|
11
5
|
require 'openssl'
|
12
|
-
require '
|
6
|
+
require 'securerandom'
|
7
|
+
require 'net/http/persistent'
|
13
8
|
|
14
9
|
module Telesign
|
10
|
+
SDK_VERSION = '2.0.0'
|
11
|
+
|
12
|
+
# The TeleSign RestClient is a generic HTTP REST client that can be extended to make requests against any of
|
13
|
+
# TeleSign's REST API endpoints.
|
14
|
+
#
|
15
|
+
# RequestEncodingMixin offers the function _encode_params for url encoding the body for use in string_to_sign outside
|
16
|
+
# of a regular HTTP request.
|
17
|
+
#
|
18
|
+
# See https://developer.telesign.com for detailed API documentation.
|
19
|
+
class RestClient
|
20
|
+
|
21
|
+
@user_agent = "TeleSignSDK/ruby-{#{SDK_VERSION} #{RUBY_DESCRIPTION} net/http/persistent"
|
22
|
+
|
23
|
+
# A simple HTTP Response object to abstract the underlying net/http library response.
|
24
|
+
|
25
|
+
# * +http_response+ - A net/http response object.
|
26
|
+
class Response
|
27
|
+
|
28
|
+
attr_accessor :status_code, :headers, :body, :ok, :json
|
29
|
+
|
30
|
+
def initialize(http_response)
|
31
|
+
@status_code = http_response.code
|
32
|
+
@headers = http_response.to_hash
|
33
|
+
@body = http_response.body
|
34
|
+
@ok = http_response.kind_of? Net::HTTPSuccess
|
35
|
+
|
36
|
+
begin
|
37
|
+
@json = JSON.parse(http_response.body)
|
38
|
+
rescue JSON::JSONError
|
39
|
+
@json = nil
|
40
|
+
end
|
41
|
+
end
|
42
|
+
end
|
15
43
|
|
16
|
-
|
44
|
+
# TeleSign RestClient, useful for making generic RESTful requests against the API.
|
45
|
+
#
|
46
|
+
# * +customer_id+ - Your customer_id string associated with your account.
|
47
|
+
# * +secret_key+ - Your secret_key string associated with your account.
|
48
|
+
# * +api_host+ - (optional) Override the default api_host to target another endpoint string.
|
49
|
+
# * +timeout+ - (optional) How long to wait for the server to send data before giving up, as a float.
|
50
|
+
def initialize(customer_id,
|
51
|
+
secret_key,
|
52
|
+
api_host: 'https://rest-api.telesign.com',
|
53
|
+
proxy: nil,
|
54
|
+
timeout: 10)
|
55
|
+
|
56
|
+
@customer_id = customer_id
|
57
|
+
@secret_key = secret_key
|
58
|
+
@api_host = api_host
|
59
|
+
|
60
|
+
@http = Net::HTTP::Persistent.new(name: 'telesign', proxy: proxy)
|
61
|
+
|
62
|
+
unless timeout.nil?
|
63
|
+
@http.open_timeout = timeout
|
64
|
+
@http.read_timeout = timeout
|
65
|
+
end
|
66
|
+
end
|
17
67
|
|
18
|
-
#
|
68
|
+
# Generates the TeleSign REST API headers used to authenticate requests.
|
19
69
|
#
|
20
|
-
#
|
21
|
-
#
|
70
|
+
# Creates the canonicalized string_to_sign and generates the HMAC signature. This is used to authenticate requests
|
71
|
+
# against the TeleSign REST API.
|
22
72
|
#
|
23
|
-
#
|
24
|
-
# and Telesign::API::Verify classes. Please see the TeleSign REST API docs at
|
25
|
-
# http://docs.telesign.com/rest/index.html for implementation details.
|
73
|
+
# See https://developer.telesign.com/docs/authentication-1 for detailed API documentation.
|
26
74
|
#
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
|
39
|
-
|
40
|
-
|
41
|
-
|
42
|
-
|
43
|
-
|
75
|
+
# * +customer_id+ - Your account customer_id.
|
76
|
+
# * +secret_key+ - Your account secret_key.
|
77
|
+
# * +method_name+ - The HTTP method name of the request as a upper case string, should be one of 'POST', 'GET',
|
78
|
+
# 'PUT' or 'DELETE'.
|
79
|
+
# * +resource+ - The partial resource URI to perform the request against, as a string.
|
80
|
+
# * +url_encoded_fields+ - HTTP body parameters to perform the HTTP request with, must be a urlencoded string.
|
81
|
+
# * +date_rfc2616+ - The date and time of the request formatted in rfc 2616, as a string.
|
82
|
+
# * +nonce+ - A unique cryptographic nonce for the request, as a string.
|
83
|
+
# * +user_agent+ - (optional) User Agent associated with the request, as a string.
|
84
|
+
def self.generate_telesign_headers(customer_id,
|
85
|
+
secret_key,
|
86
|
+
method_name,
|
87
|
+
resource,
|
88
|
+
url_encoded_fields,
|
89
|
+
date_rfc2616: nil,
|
90
|
+
nonce: nil,
|
91
|
+
user_agent: nil)
|
92
|
+
|
93
|
+
if date_rfc2616.nil?
|
94
|
+
date_rfc2616 = Time.now.httpdate
|
44
95
|
end
|
45
96
|
|
46
|
-
|
47
|
-
|
48
|
-
|
49
|
-
def execute(verb,
|
50
|
-
resource,
|
51
|
-
params=nil,
|
52
|
-
form_data=nil,
|
53
|
-
timeout=nil)
|
54
|
-
|
55
|
-
# generate the headers
|
56
|
-
headers = generate_auth_headers(
|
57
|
-
@customer_id,
|
58
|
-
@secret_key,
|
59
|
-
resource,
|
60
|
-
verb,
|
61
|
-
form_data.nil? ? nil : URI.encode_www_form(form_data))
|
62
|
-
|
63
|
-
uri = URI.join(@base_uri, resource)
|
64
|
-
|
65
|
-
# set query params
|
66
|
-
uri.query = URI.encode_www_form(params) unless params.nil?
|
67
|
-
|
68
|
-
# configure HTTP object
|
69
|
-
http = Net::HTTP.new(uri.host, uri.port)
|
70
|
-
http.use_ssl = @ssl
|
71
|
-
|
72
|
-
http.open_timeout = timeout.nil? ? @timeout : timeout
|
73
|
-
http.read_timeout = http.open_timeout
|
74
|
-
http.ssl_timeout = http.open_timeout
|
75
|
-
http.continue_timeout = http.open_timeout
|
76
|
-
|
77
|
-
#set headers
|
78
|
-
request = verb.new uri.request_uri
|
79
|
-
headers.each do |k, v|
|
80
|
-
request[k] = v
|
81
|
-
end
|
97
|
+
if nonce.nil?
|
98
|
+
nonce = SecureRandom.uuid
|
99
|
+
end
|
82
100
|
|
83
|
-
|
84
|
-
request.set_form_data(form_data) unless form_data.nil?
|
101
|
+
content_type = (%w[POST PUT].include? method_name) ? 'application/x-www-form-urlencoded' : ''
|
85
102
|
|
86
|
-
|
87
|
-
http_response = http.request(request)
|
103
|
+
auth_method = 'HMAC-SHA256'
|
88
104
|
|
89
|
-
|
90
|
-
unless http_response.is_a? Net::HTTPSuccess
|
91
|
-
if http_response.is_a? Net::HTTPUnauthorized
|
92
|
-
raise Telesign::API::AuthError.new(http_response)
|
93
|
-
else
|
94
|
-
raise Telesign::API::APIError.new(http_response)
|
95
|
-
end
|
96
|
-
end
|
105
|
+
string_to_sign = "#{method_name}"
|
97
106
|
|
98
|
-
|
99
|
-
end
|
107
|
+
string_to_sign << "\n#{content_type}"
|
100
108
|
|
101
|
-
|
102
|
-
# computed based on the contents of the request and the client's secret key.
|
103
|
-
def generate_auth_headers (customer_id,
|
104
|
-
secret_key,
|
105
|
-
resource,
|
106
|
-
verb,
|
107
|
-
form_data=nil,
|
108
|
-
content_type='')
|
109
|
+
string_to_sign << "\n#{date_rfc2616}"
|
109
110
|
|
110
|
-
|
111
|
-
|
111
|
+
string_to_sign << "\nx-ts-auth-method:#{auth_method}"
|
112
|
+
|
113
|
+
string_to_sign << "\nx-ts-nonce:#{nonce}"
|
114
|
+
|
115
|
+
if !content_type.empty? and !url_encoded_fields.empty?
|
116
|
+
string_to_sign << "\n#{url_encoded_fields}"
|
117
|
+
end
|
112
118
|
|
113
|
-
|
119
|
+
string_to_sign << "\n#{resource}"
|
114
120
|
|
115
|
-
|
116
|
-
|
117
|
-
"x-ts-auth-method:#{'HMAC-SHA256'}\n" +
|
118
|
-
"x-ts-date:#{datetime_stamp}\n" +
|
119
|
-
"x-ts-nonce:#{nonce}"
|
121
|
+
digest = OpenSSL::Digest.new('sha256')
|
122
|
+
key = Base64.decode64(secret_key)
|
120
123
|
|
121
|
-
|
124
|
+
signature = Base64.encode64(OpenSSL::HMAC.digest(digest, key, string_to_sign)).strip
|
122
125
|
|
123
|
-
|
126
|
+
authorization = "TSA #{customer_id}:#{signature}"
|
124
127
|
|
125
|
-
|
126
|
-
|
128
|
+
headers = {
|
129
|
+
'Authorization': authorization,
|
130
|
+
'Date': date_rfc2616,
|
131
|
+
'x-ts-auth-method': auth_method,
|
132
|
+
'x-ts-nonce': nonce
|
133
|
+
}
|
127
134
|
|
128
|
-
|
129
|
-
|
130
|
-
'x-ts-date' => datetime_stamp,
|
131
|
-
'x-ts-auth-method' => 'HMAC-SHA256',
|
132
|
-
'x-ts-nonce' => nonce,
|
133
|
-
'User-Agent' => @user_agent
|
134
|
-
}
|
135
|
+
unless user_agent.nil?
|
136
|
+
headers['User-Agent'] = user_agent
|
135
137
|
end
|
138
|
+
|
139
|
+
headers
|
140
|
+
|
136
141
|
end
|
137
142
|
|
138
|
-
|
143
|
+
# Generic TeleSign REST API POST handler.
|
144
|
+
#
|
145
|
+
# * +resource+ - The partial resource URI to perform the request against, as a string.
|
146
|
+
# * +params+ - Body params to perform the POST request with, as a hash.
|
147
|
+
def post(resource, **params)
|
139
148
|
|
140
|
-
|
149
|
+
execute(Net::HTTP::Post, 'POST', resource, **params)
|
141
150
|
|
142
|
-
|
143
|
-
|
151
|
+
end
|
152
|
+
|
153
|
+
# Generic TeleSign REST API GET handler.
|
154
|
+
#
|
155
|
+
# * +resource+ - The partial resource URI to perform the request against, as a string.
|
156
|
+
# * +params+ - Body params to perform the GET request with, as a hash.
|
157
|
+
def get(resource, **params)
|
158
|
+
|
159
|
+
execute(Net::HTTP::Get, 'GET', resource, **params)
|
144
160
|
|
145
|
-
@body = JSON.parse(http_response.body)
|
146
|
-
@headers = http_response.to_hash
|
147
|
-
@status = http_response.code
|
148
|
-
@verify_code = verify_code
|
149
|
-
end
|
150
161
|
end
|
151
162
|
|
152
|
-
|
163
|
+
# Generic TeleSign REST API PUT handler.
|
164
|
+
#
|
165
|
+
# * +resource+ - The partial resource URI to perform the request against, as a string.
|
166
|
+
# * +params+ - Body params to perform the PUT request with, as a hash.
|
167
|
+
def put(resource, **params)
|
153
168
|
|
154
|
-
|
169
|
+
execute(Net::HTTP::Put, 'PUT', resource, **params)
|
155
170
|
|
156
|
-
|
171
|
+
end
|
157
172
|
|
158
|
-
|
159
|
-
|
160
|
-
|
161
|
-
|
162
|
-
|
173
|
+
# Generic TeleSign REST API DELETE handler.
|
174
|
+
#
|
175
|
+
# * +resource+ - The partial resource URI to perform the request against, as a string.
|
176
|
+
# * +params+ - Body params to perform the DELETE request with, as a hash.
|
177
|
+
def delete(resource, **params)
|
163
178
|
|
164
|
-
|
165
|
-
result = ''
|
166
|
-
@errors.each do |error|
|
167
|
-
result = "#{result}#{error['description']}\n"
|
168
|
-
end
|
179
|
+
execute(Net::HTTP::Delete, 'DELETE', resource, **params)
|
169
180
|
|
170
|
-
result
|
171
|
-
end
|
172
181
|
end
|
173
182
|
|
174
|
-
|
183
|
+
private
|
184
|
+
# Generic TeleSign REST API request handler.
|
185
|
+
#
|
186
|
+
# * +method_function+ - The net/http request to perform the request.
|
187
|
+
# * +method_name+ - The HTTP method name, as an upper case string.
|
188
|
+
# * +resource+ - The partial resource URI to perform the request against, as a string.
|
189
|
+
# * +params+ - Body params to perform the HTTP request with, as a hash.
|
190
|
+
def execute(method_function, method_name, resource, **params)
|
191
|
+
|
192
|
+
resource_uri = URI.parse("#{@api_host}#{resource}")
|
193
|
+
|
194
|
+
url_encoded_fields = URI.encode_www_form(params)
|
195
|
+
|
196
|
+
headers = RestClient.generate_telesign_headers(@customer_id,
|
197
|
+
@secret_key,
|
198
|
+
method_name,
|
199
|
+
resource,
|
200
|
+
url_encoded_fields,
|
201
|
+
user_agent: @user_agent)
|
202
|
+
|
203
|
+
request = method_function.new(resource_uri.request_uri)
|
204
|
+
|
205
|
+
unless params.empty?
|
206
|
+
if %w[POST PUT].include? method_name
|
207
|
+
request.set_form_data(params)
|
208
|
+
else
|
209
|
+
resource_uri.query = url_encoded_fields
|
210
|
+
end
|
211
|
+
end
|
175
212
|
|
176
|
-
|
177
|
-
|
213
|
+
headers.each do |k, v|
|
214
|
+
request[k] = v
|
178
215
|
end
|
216
|
+
|
217
|
+
http_response = @http.request(resource_uri, request)
|
218
|
+
|
219
|
+
Response.new(http_response)
|
179
220
|
end
|
180
221
|
end
|
181
|
-
end
|
222
|
+
end
|
@@ -0,0 +1,21 @@
|
|
1
|
+
require 'telesign/rest'
|
2
|
+
|
3
|
+
SCORE_RESOURCE = '/v1/score/%{phone_number}'
|
4
|
+
|
5
|
+
module Telesign
|
6
|
+
|
7
|
+
# Score provides risk information about a specified phone number.
|
8
|
+
class ScoreClient < RestClient
|
9
|
+
|
10
|
+
# Score is an API that delivers reputation scoring based on phone number intelligence, traffic patterns, machine
|
11
|
+
# learning, and a global data consortium.
|
12
|
+
#
|
13
|
+
# See https://developer.telesign.com/docs/rest_api-phoneid-score for detailed API documentation.
|
14
|
+
def score(phone_number, account_lifecycle_event, **params)
|
15
|
+
|
16
|
+
self.post(SCORE_RESOURCE % {:phone_number => phone_number},
|
17
|
+
account_lifecycle_event: account_lifecycle_event,
|
18
|
+
**params)
|
19
|
+
end
|
20
|
+
end
|
21
|
+
end
|
@@ -0,0 +1,39 @@
|
|
1
|
+
require 'base64'
|
2
|
+
require 'openssl'
|
3
|
+
require 'securerandom'
|
4
|
+
|
5
|
+
module Telesign
|
6
|
+
class Util
|
7
|
+
|
8
|
+
def self.random_with_n_digits(n)
|
9
|
+
n.times.map { SecureRandom.random_number(10) }.join
|
10
|
+
end
|
11
|
+
|
12
|
+
# Verify that a callback was made by TeleSign and was not sent by a malicious client by verifying the signature.
|
13
|
+
#
|
14
|
+
# * +secret_key+ - the TeleSign API secret_key associated with your account.
|
15
|
+
# * +signature+ - the TeleSign Authorization header value supplied in the callback, as a string.
|
16
|
+
# * +json_str+ - the POST body text, that is, the JSON string sent by TeleSign describing the transaction status.
|
17
|
+
def verify_telesign_callback_signature(secret_key, signature, json_str)
|
18
|
+
|
19
|
+
digest = OpenSSL::Digest.new('sha256')
|
20
|
+
key = Base64.decode64(secret_key)
|
21
|
+
|
22
|
+
your_signature = Base64.encode64(OpenSSL::HMAC.digest(digest, key, json_str)).strip
|
23
|
+
|
24
|
+
unless signature.length == your_signature.length
|
25
|
+
return false
|
26
|
+
end
|
27
|
+
|
28
|
+
# avoid timing attack with constant time equality check
|
29
|
+
signatures_equal = true
|
30
|
+
signature.split('').zip(your_signature.split('')).each do |x, y|
|
31
|
+
unless x == y
|
32
|
+
signatures_equal = false
|
33
|
+
end
|
34
|
+
end
|
35
|
+
|
36
|
+
signatures_equal
|
37
|
+
end
|
38
|
+
end
|
39
|
+
end
|
@@ -0,0 +1,33 @@
|
|
1
|
+
require 'telesign/rest'
|
2
|
+
|
3
|
+
VOICE_RESOURCE = '/v1/voice'
|
4
|
+
VOICE_STATUS_RESOURCE = '/v1/voice/%{reference_id}'
|
5
|
+
|
6
|
+
module Telesign
|
7
|
+
|
8
|
+
# TeleSign's Voice API allows you to easily send voice messages. You can send alerts, reminders, and notifications,
|
9
|
+
# or you can send verification messages containing time-based, one-time passcodes (TOTP).
|
10
|
+
class VoiceClient < RestClient
|
11
|
+
|
12
|
+
# Send a voice call to the target phone_number.
|
13
|
+
#
|
14
|
+
# See https://developer.telesign.com/docs/voice-api for detailed API documentation.
|
15
|
+
def call(phone_number, message, message_type, **params)
|
16
|
+
|
17
|
+
self.post(VOICE_RESOURCE,
|
18
|
+
phone_number: phone_number,
|
19
|
+
message: message,
|
20
|
+
message_type: message_type,
|
21
|
+
**params)
|
22
|
+
end
|
23
|
+
|
24
|
+
# Retrieves the current status of the voice call.
|
25
|
+
#
|
26
|
+
# See https://developer.telesign.com/docs/voice-api for detailed API documentation.
|
27
|
+
def status(reference_id, **params)
|
28
|
+
|
29
|
+
self.get(VOICE_STATUS_RESOURCE % {:reference_id => reference_id},
|
30
|
+
**params)
|
31
|
+
end
|
32
|
+
end
|
33
|
+
end
|
metadata
CHANGED
@@ -1,23 +1,49 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: telesign
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version:
|
4
|
+
version: 2.0.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
|
-
-
|
7
|
+
- TeleSign
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
12
|
-
dependencies:
|
11
|
+
date: 2017-02-26 00:00:00.000000000 Z
|
12
|
+
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: net-http-persistent
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - "~>"
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: '3.0'
|
20
|
+
- - ">="
|
21
|
+
- !ruby/object:Gem::Version
|
22
|
+
version: 3.0.0
|
23
|
+
type: :runtime
|
24
|
+
prerelease: false
|
25
|
+
version_requirements: !ruby/object:Gem::Requirement
|
26
|
+
requirements:
|
27
|
+
- - "~>"
|
28
|
+
- !ruby/object:Gem::Version
|
29
|
+
version: '3.0'
|
30
|
+
- - ">="
|
31
|
+
- !ruby/object:Gem::Version
|
32
|
+
version: 3.0.0
|
13
33
|
description: TeleSign Ruby SDK
|
14
|
-
email:
|
34
|
+
email: support@telesign.com
|
15
35
|
executables: []
|
16
36
|
extensions: []
|
17
37
|
extra_rdoc_files: []
|
18
38
|
files:
|
19
39
|
- lib/telesign.rb
|
40
|
+
- lib/telesign/autoverify.rb
|
41
|
+
- lib/telesign/messaging.rb
|
42
|
+
- lib/telesign/phoneid.rb
|
20
43
|
- lib/telesign/rest.rb
|
44
|
+
- lib/telesign/score.rb
|
45
|
+
- lib/telesign/util.rb
|
46
|
+
- lib/telesign/voice.rb
|
21
47
|
homepage: http://rubygems.org/gems/telesign
|
22
48
|
licenses:
|
23
49
|
- MIT
|