tidas 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 5cc58b3207e47f086cc6b329923dfa6828076edc
+  data.tar.gz: 16df291cedf64e1216b0b5d9a3dccce10885cb65
+SHA512:
+  metadata.gz: 1ba75c78c179a113be7f04144c85ae6434d2a635b7ead5bb5acfad18d9df47194888d2176517e3dc65db62504c7c7b752504ee004c335ff88adaada3c2ba5ee9
+  data.tar.gz: efaad392817cb09f7782e50516cc2fd22ab9ca8450535a3bbe2a09d9409e1d0dcd3d64987720926a320d24d91dbfd19210fb655b6e7bce595631245858ed7b62

data/.document

@@ -0,0 +1,3 @@
+- 
+ChangeLog.md
+LICENSE.txt

data/.gitignore

@@ -0,0 +1,10 @@
+/.bundle
+/.yardoc/
+/Gemfile.lock
+/doc/
+/pkg/
+/vendor/cache/*.gem
+*.pem
+*.pub
+*.gem
+/coverage/*

data/.rspec

@@ -0,0 +1 @@
+--colour --format documentation

data/.yardopts

@@ -0,0 +1 @@
+--markup markdown --title "Tidas Documentation" --protected

data/ChangeLog.md

@@ -0,0 +1,4 @@
+### 0.1.0 / 2015-08-28
+
+* Initial release:
+

data/Gemfile

@@ -0,0 +1,13 @@
+source 'https://rubygems.org'
+
+gemspec
+
+gem 'json'
+
+group :test do
+  gem 'simplecov'
+end
+
+group :development do
+  gem 'kramdown'
+end

data/LICENSE.txt

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2016 Trail of Bits, Inc.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

data/README.md

@@ -0,0 +1,223 @@
+# tidas-ruby
+middleware for tidas integrations
+
+[![Code Climate](https://codeclimate.com/github/tidas/tidas-middleware-ruby/badges/gpa.svg)](https://codeclimate.com/github/tidas/tidas-middleware-ruby)
+[![Test Coverage](https://codeclimate.com/github/tidas/tidas-middleware-ruby/badges/coverage.svg)](https://codeclimate.com/github/tidas/tidas-middleware-ruby/coverage)
+
+## Configuration
+
+Tidas is configured either with preset ENVs, or with a configuration method explained in the API below
+
+Configuration Params:
+
+* **server**: `<Tidas::Configuration.server>` The tidas production endpoint. You must set this to `https://app.passwordlessapps.com`
+* **api_key**: `<Tidas::Configuration.api_key>` The API key you use to authenticate your requests to our backend
+* **application**: `<Tidas::Configuration.application>` The application identifier you use to silo your users within our database
+* **timeout**: `<Tidas::Configuration.timeout>` If our default of 20s is too long a timeout for you, optionally set a shorter one for your implementation
+
+***
+
+## API v0.1
+
+#### Check Tidas availability ####
+
+This call is used to check the availability of the Tidas servers. 
+
+**API Call:** `Tidas.Ping`
+
+Parameters:
+
+* **None**
+
+Returns:
+* **Success**: `<Tidas::SuccessfulResult>` SuccessfulResult object containing "Pong!"
+* **Bad Request**: `<Tidas::ErrorResult>` ErrorResult explaining what happened
+* **Timeout**: `<Tidas::TimeoutError>` Timeout Error Object
+* **50x**: `<Tidas::ServerError>` Server Error Object
+
+***
+
+#### Configure Tidas ####
+
+This section is used to set needed ENVs for Tidas to operate.
+
+**API Call:** `Tidas::Configure`
+
+Parameters:
+
+* **server**: `<String>` The tidas production endpoint. You must set this to `https://app.passwordlessapps.com`
+* **api_key**: `<String>` The API key you use to authenticate your requests to our backend
+* **application**: `<String>` The application identifier you use to silo your users within our database
+* **timeout**: `<String>` If our default of 20s is too long a timeout for you, optionally set a shorter one for your implementation
+
+Returns:
+
+* **Success**: nil
+
+Example:
+
+```
+  Tidas::Configuration.configure(
+    server: 'https://app.passwordlessapps.com',
+    api_key: 'c8bbe73e1d6d0ba28b439599091140b1',
+    application: 'Javelin',
+    timeout: 1
+  )
+```
+
+***
+
+#### Enroll Identity ####
+
+This call is used to store a public key in our database. You can optionally supply a `tidas_id` if you want identity lookups to use your id conventions. Additionally, you can send an `overwrite` option to update an existing ID with a new identity object.
+
+**API Call:** `Tidas::Identity.enroll`
+
+Parameters:
+
+* **data**: `<Tidas::EnrollmentData>`enrollment blob from client device
+* **options/tidas_id**: `<String>` id to store key info with (optional: if not included, we will return one to you)
+* **options/overwrite**: `<Boolean>` supply `true` to allow overwriting existing public key info with this request
+
+Returns:
+
+* **Success**: `<Tidas::SuccessfulResult>` Contains tidas_id for you to store/ use to look up the saved identity
+* **Failure**: `<Tidas::ErrorResult>` Contains errors raised when attempting to create or update the `Tidas::Identity`
+
+Examples:
+
+`Tidas::Identity.enroll(data:<Tidas::EnrollmentData>)`
+
+```
+Tidas::Identity.enroll(
+  data:<Tidas::EnrollmentData>,
+  options: {
+    tidas_id: "e_23423",
+    overwrite: true
+  }
+)
+```
+
+***
+
+#### Validate Data####
+
+This call is used to validate data using a provided hash, signature, and a stored public key from our database. The call works by looking up a user with the provided tidas_id, then validating that the data provided was signed with that users' public key. Upon successful validation, the data is made available in the `SuccessfulResult` object.
+
+**API Call:** `Tidas::Identity.validate`
+
+Parameters:
+
+* **data**: `<Tidas::ValidationData>`validation blob from client device
+* **tidas_id**: `<String>` id to validate data against a specific user
+
+Returns:
+
+* **Success**: `<Tidas::SuccessfulResult>` Contains tidas_id and the data which was just validated, for you to use on your backend
+* **Failure**: `<Tidas::ErrorResult>` Contains errors raised when attempting to create or validate the data
+
+Examples:
+
+`Tidas::Identity.validate(data:<Tidas::ValidationData>, tidas_id:"e_23423")`
+
+***
+
+#### Deactivate User####
+
+This call is used to deactivate users which you no longer wish to validate data from. Users are not deleted, but made inactive in case they decide to use the application again
+
+**API Call:** `Tidas::Identity.deactivate`
+
+Parameters:
+
+* **tidas_id**: `<String>` id of user you wish to deactivate
+
+Returns:
+
+* **Success**: `<Tidas::SuccessfulResult>` Contains tidas_id and a message confirming deactivation
+* **Failure**: `<Tidas::ErrorResult>` Contains errors raised when attempting to deactivate the user
+
+Examples:
+
+`Tidas::Identity.deactivate(tidas_id:'24jdpoifj24')`
+
+***
+
+#### Activate User####
+
+This call is used to activate users which you previously deactivated, and want to begin validating data from again.
+
+**API Call:** `Tidas::Identity.activate`
+
+Parameters:
+
+* **tidas_id**: `<String>` id of user you wish to activate
+
+Returns:
+
+* **Success**: `<Tidas::SuccessfulResult>` Contains tidas_id and a message confirming activation
+* **Failure**: `<Tidas::ErrorResult>` Contains errors raised when attempting to activate the user
+
+Examples:
+
+`Tidas::Identity.activate(tidas_id:'24jdpoifj24')`
+
+***
+
+#### List Users####
+
+This call is used to list users of your application, both active and deactivated. public keys are trimmed for brevity, but the accompanying `get(<tidas_id>)` method will return this info if you ask for a specific user's information
+
+**API Call:** `Tidas::Identity.index`
+
+Parameters:
+
+* **None**
+
+Returns:
+
+* **Success**: `Array[<Tidas::Identity>]` An array of tidas identity objects
+* **Failure**: `<Tidas::ErrorResult>` Contains errors raised when attempting to list users
+
+Examples:
+
+`Tidas::Identity.index`
+
+***
+
+#### Get User Info####
+
+This call is used to retrieve information about a specific user, including their public_key
+
+**API Call:** `Tidas::Identity.get`
+
+Parameters:
+
+* **tidas_id**: `<String>` id of user you wish to get information for
+
+Returns:
+
+* **Success**: `<Tidas::Identity>` Contains tidas identity object with the requested user's info
+* **Not Found**: `Array[]` Empty Array 
+* **Failure**: `<Tidas::ErrorResult>` Contains errors raised when attempting to find the user
+
+Examples:
+
+`Tidas::Identity.get('24jdpoifj24')`
+
+
+***
+
+## Tidas Error Types
+
+List of Errors which may be encountered when using the tidas
+
+### Application Errors (these are normal)
+* **Generic App Errors**: `<Tidas::ErrorResult>` ErrorResult with a contextual message from our server
+* **Timeout**: `<Tidas::TimeoutError>` Timeout Error Object
+* **Connection**: `<Tidas::ConnectionError>` Error when server could not be reached
+* **50x**: `<Tidas::ServerError>` Server Error Object
+* **Configuration**: `<Tidas::ConfigurationError>` This error is not wrapped, and an exception will raise explaining that your tidas instance is not configured correctly
+
+### Gem Errors
+* **Uncaught Gem Exception**: `<Tidas::RuntimeError>` Tidas-specific RuntimeError which shouldn't happen! Report these to us please

data/Rakefile

@@ -0,0 +1,25 @@
+# encoding: utf-8
+
+require 'rubygems'
+
+begin
+  require 'bundler/setup'
+rescue LoadError => e
+  abort e.message
+end
+
+require 'rake'
+
+
+require 'rubygems/tasks'
+Gem::Tasks.new
+
+require 'rspec/core/rake_task'
+RSpec::Core::RakeTask.new
+
+task :test    => :spec
+task :default => :spec
+
+require 'yard'
+YARD::Rake::YardocTask.new  
+task :doc => :yard

data/lib/tidas/client.rb

@@ -0,0 +1,139 @@
+require 'tidas/error_result'
+require 'tidas/exceptions'
+
+require 'faraday'
+
+module Tidas
+  module Client
+
+    private
+
+    def self.client
+      unless server && api_key && application
+        raise(ConfigurationError,"Tidas not configured: see readme for help")
+      end
+      @client ||= Faraday.new(url:server)
+    end
+
+    def self.server
+      Configuration.server
+    end
+
+    def self.api_key
+      Configuration.api_key
+    end
+
+    def self.application
+      Configuration.application
+    end
+
+    def self.timeout
+      Configuration.timeout.to_i
+    end
+
+    def self.ping
+      wrapped_get('ping')
+    end
+
+    def self.index_identities
+      wrapped_get("identities/index")
+    end
+
+    def self.get_identity(id)
+      wrapped_get("identities/index", {tidas_id: id})
+    end
+
+    def self.enroll(data, id, overwrite)
+      body = {}
+      body[:enrollment_data] = data
+      body[:tidas_id] = id if !id.to_s.empty?
+      body[:overwrite] = true if overwrite
+
+      wrapped_post('identities/enroll', body)
+    end
+
+    def self.validate(data, id = nil)
+
+      begin
+        tidas_data = Utilities::Unpacker.init_with_blob(data)
+      rescue StandardError, NoMethodError
+        raise(ParameterError,"Invalid data for request")
+      end
+
+      body = {}
+      body[:validation_data] = tidas_data.to_s
+      body[:tidas_id] = id if !id.to_s.empty?
+      wrapped_post('identities/validate', body, tidas_data.parse[:data_to_sign])
+    end
+
+    def self.deactivate(id)
+      body = {tidas_id: id}    
+      wrapped_post('identities/deactivate', body)
+    end
+
+    def self.activate(id)
+      body = {tidas_id: id}
+      wrapped_post('identities/activate', body)
+    end
+
+    def self.wrapped_get(url, extra_params = nil)
+      begin
+        resp = get(url, extra_params)
+      rescue Faraday::TimeoutError
+        return TimeoutError
+      rescue Faraday::ConnectionFailed
+        return ConnectionError
+      end
+      return Utilities::ResponsePackager.package_response(resp)
+    end
+
+    def self.wrapped_post(url, body, data = nil)
+      begin
+        resp = post(url,body)
+        if data
+          return Utilities::ResponsePackager.package_response(resp, data)
+        else
+          return Utilities::ResponsePackager.package_response(resp)
+        end
+      rescue Faraday::TimeoutError
+        return TimeoutError
+      rescue Faraday::ConnectionFailed
+        return ConnectionError
+      end
+    end
+
+    def self.get(url, extra_params = nil)
+      resp = client.get do |req|
+        req.url url
+        req.params['api_key'] = api_key
+        req.params['application'] = application
+
+        if extra_params != nil
+          extra_params.each do |param, value|
+            req.params[param] = value
+          end
+        end
+
+        req.options[:timeout] = timeout
+      end
+
+      resp
+    end
+
+    def self.post(url, body)
+      resp = client.post do |req|
+        req.url url
+        req.headers['Content-Type'] = 'application/json'
+        req.params['api_key'] = api_key
+        req.options[:timeout] = timeout
+
+        body[:application] = application
+
+        req.body = body.to_json
+      end
+
+      resp
+    end
+
+  end
+end

data/lib/tidas/configuration.rb

@@ -0,0 +1,67 @@
+module Tidas
+  module Configuration
+
+    attr_reader :server, :api_key, :application, :timeout
+
+    def self.test_configure #:nodoc#
+      Configuration.configure(
+        server: 'http://localhost:3000',
+        api_key: 'test-api-key',
+        application: 'Javelin',
+        timeout: 1
+      )
+    end
+
+    def self.configure(attributes={})
+      server = attributes.fetch(:server,ENV['tidas_server'])
+      api_key = attributes.fetch(:api_key,ENV['tidas_api_key'])
+      application = attributes.fetch(:application,ENV['tidas_application'])
+      timeout = attributes.fetch(:timeout,ENV['tidas_timeout'])
+
+      if server
+        @server = server
+      end
+
+      if api_key
+        @api_key = api_key
+      end
+
+      if application
+        @application = application
+      end
+
+      if timeout
+        @timeout = timeout.to_s
+      end
+    end
+
+    def self.clear_configuration(flag)
+      case flag
+        when :server then @server = nil
+        when :api_key then @api_key = nil
+        when :application then @application = nil
+        when :timeout then @timeout = nil
+      end
+    end
+
+    def self.server
+      @server
+    end
+
+    def self.api_key
+      @api_key
+    end
+
+    def self.application
+      @application
+    end
+
+    def self.timeout
+      if timeout = @timeout
+        timeout.to_i
+      else
+        20
+      end
+    end
+  end
+end

data/lib/tidas/error_result.rb

@@ -0,0 +1,39 @@
+module Tidas
+
+  class ErrorResult
+
+    attr_reader :tidas_id, :errors, :message
+
+    def initialize(attributes = {}) # :nodoc:
+      @tidas_id = attributes[:tidas_id]
+      @errors   = Array(attributes[:errors])
+    end
+
+    def success?
+      false
+    end
+
+    def msg
+      @errors.first
+    end
+
+    def to_json
+      {
+        error_result: {
+          tidas_id: @tidas_id,
+          errors: @errors.map(&:to_s)
+        }
+      }.to_json
+    end
+
+  end
+
+  ConnectionError = ErrorResult.new(errors: "Could not connect to server")
+
+  TimeoutError = ErrorResult.new(errors: "Request Timeout")
+
+  class ServerError < ErrorResult
+  end
+
+  InvalidResponse = ServerError.new(errors: "Invalid response received from server - we're on it!")
+end

data/lib/tidas/exceptions.rb

@@ -0,0 +1,13 @@
+module Tidas
+  ###################
+  # Wrap Exceptions #
+  ###################
+  class TidasError < StandardError
+  end
+
+  class ParameterError < TidasError
+  end
+
+  class ConfigurationError < TidasError
+  end
+end

data/lib/tidas/identity.rb

@@ -0,0 +1,100 @@
+require 'tidas/exceptions'
+
+module Tidas
+  class Identity
+
+    attr_reader :id, :deactivated, :app_name, :public_key
+
+    def self.index
+      resp = Client.index_identities
+      process_identity_response(resp)
+    end
+
+    def self.get(id)
+      resp = Client.get_identity(id)
+      process_identity_response(resp)
+    end
+
+    def self.process_identity_response(resp)
+      if resp.success?
+        request_identities(resp)
+      else
+        resp
+      end
+    end
+
+    def self.request_identities(resp)
+      identities_data = JSON.parse(resp.data, symbolize_names: true)
+      identities_array = identities_data[:identities]
+      identities_array.map! do |identity_hash|
+        Identity.new(
+          id:identity_hash[:id],
+          deactivated: identity_hash[:deactivated],
+          app_name: identity_hash[:app],
+          public_key: identity_hash[:public_key]
+        )
+      end
+
+      if identities_array.length == 1
+        out = identities_array[0]
+      else
+        out = identities_array
+      end
+
+      SuccessfulResult.new(message:"Search successful", data:out)
+    end
+
+    def self.enroll(attributes)
+      data = attributes[:data]
+      if attributes[:options] != nil
+        tidas_id = attributes[:options][:tidas_id]
+        overwrite = attributes[:options][:overwrite]
+      end
+      if overwrite && overwrite != true
+        raise(ParameterError,"Overwrite may only be called as an enrollment option if the value is set to true")
+      end
+
+      Client.enroll(data, tidas_id, overwrite)
+    end
+
+    def self.validate(attributes)
+      data      = attributes[:data]
+      tidas_id  = attributes[:tidas_id]
+      Client.validate(data, tidas_id)
+    end
+
+    def self.deactivate(attributes)
+      tidas_id = attributes[:tidas_id]
+      Client.deactivate(tidas_id)
+    end
+
+    def self.activate(attributes)
+      tidas_id = attributes[:tidas_id]
+      Client.activate(tidas_id)
+    end
+
+    def to_hash_with_key
+      hash = to_hash
+      hash[:public_key] = public_key
+      hash
+    end
+
+    def to_hash
+      {
+        id: id,
+        deactivated: deactivated,
+        app: app_name
+      }
+    end
+
+    private
+
+    def initialize(attributes)
+      @id = attributes[:id]
+      @deactivated = attributes[:deactivated]
+      @app_name = attributes[:app_name]
+      @public_key = attributes[:public_key] || "<Filtered>"
+    end
+
+  end
+end

data/lib/tidas/successful_result.rb

@@ -0,0 +1,17 @@
+module Tidas
+  class SuccessfulResult
+
+    attr_reader :tidas_id, :data, :message
+
+    def initialize(attributes = {}) # :nodoc:
+      @tidas_id = attributes[:tidas_id]
+      @data     = attributes[:data]
+      @message  = attributes[:message]
+    end
+
+    def success?
+      true
+    end
+
+  end
+end