trusona 2.3.0 → 2.5.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 60739d2fd6bfd4db4b0e43b06aa314a857e46660
-  data.tar.gz: 49b452b94a0dcff871d2c6d8d3e8a18feb48177e
+SHA256:
+  metadata.gz: 6a371d2186875676cdb75a7108eb49fada888ebc9d4ff9b795fba9ef2151cd93
+  data.tar.gz: 2338ca4cb6b13dc08a9e6ab411dfe93c4b12c040ac30a35a49dcbd903bc3956b
 SHA512:
-  metadata.gz: 5fa55cbf9abe02741f48f82516371c1406e494189f6365521ab3aa0b4e99274e5e0907983cdfe0efdd908d7f9ca15261c39bb56a8091b35c9791814a8406b7ed
-  data.tar.gz: 4d0eb3dc425a90ca2eb367bc3bcabc6651749ca2fe01115efa853afb6f63b9681c12618f1d28922f696cf44072db429d03424dc00f1161b5c7b735dc95d8a64d
+  metadata.gz: e913a545b9658c398711c0469270746661f22c1e872a26d162edccfc9026e7b713a6df6b38c67aa901748da0a3b3b3da44a206bce4a39386a0fe8b1519831d94
+  data.tar.gz: 5cca66635a4ac1b576d2908a2da218370df3bbb61ce6e9967501910b51df01034284de116f43e69557d807a51a732a7d9ed8ec38b15e8bc8a163d26c6d526228

data/.gitignore

@@ -10,6 +10,8 @@
 *.gem
 *.key.pem
 
+vendor/
+
 # rspec failure tracking
 .rspec_status
 
@@ -19,3 +21,4 @@
 
 test.rb
 .vscode
+*.pem

data/.rubocop.yml

@@ -0,0 +1,13 @@
+## https://github.com/rubocop-hq/rubocop/blob/master/config/default.yml
+##
+Style/Documentation:
+  Enabled: false
+
+require: rubocop-performance
+
+AllCops:
+  Include:
+    - 'lib/**/*'
+Metrics:
+  Exclude:
+    - 'spec/**/*'

data/.ruby-version

@@ -1 +1 @@
-2.6.3
+2.6.5

data/.travis.yml

@@ -1,30 +1,34 @@
-sudo: false
 language: ruby
 cache:
   - bundler
+  - directories:
+    - vendor/
 rvm:
-  - 2.4.3
-  - 2.5.1
+  - 2.6
+  - 2.7
 before_script:
-  - openssl aes-256-cbc -K $encrypted_2ddff5084a28_key -iv $encrypted_2ddff5084a28_iv -in trusona.key.pem.enc -out trusona.key.pem -d
+  - openssl req -utf8 -config trusona.cnf -new -verify -newkey rsa:4096 -days 1 -nodes -x509 -keyout trusona.key.pem -out trusona.pub.pem
   - curl -L https://codeclimate.com/downloads/test-reporter/test-reporter-latest-linux-amd64 > ./cc-test-reporter
   - chmod +x ./cc-test-reporter
   - ./cc-test-reporter before-build
 script:
-  - bundle exec rspec spec -f p
-  - bundle exec rubocop lib/**/*.rb -F
-  - gem build trusona.gemspec
-after_script:
-  - ./cc-test-reporter after-build --exit-code $TRAVIS_TEST_RESULT
+  - bundle exec rspec -f p
+  - bundle exec rubocop lib
+  - bundle exec gem build trusona.gemspec --silent
+after_success:
+  - if [[ $TRAVIS_PULL_REQUEST == false ]] && [[ $TRAVIS_BRANCH == master ]] && [[ $TRAVIS_JOB_NUMBER =~ ^.*.1$ ]]; then ./cc-test-reporter after-build -t simplecov --exit-code 0; fi
+before_deploy:
+  - cp trusona-*.gem trusona.gem
+  - "echo ---$'\n':rubygems_api_key: $RUBYGEMS_API_KEY > ~/.gem/credentials"
+  - chmod 600 ~/.gem/credentials
 deploy:
-  provider: rubygems
-  api_key: $RUBYGEMS_API_KEY
-  gem: trusona
-  gemspec: trusona.gemspec
-  skip_cleanup: true
+  provider: script
+  edge: true
+  script: gem push trusona.gem
+  cleanup: false
   on:
     tags: true
-    rvm: '2.4.3'
+    rvm: '2.6'
 notifications:
   slack:
     on_success: always

data/README.md

@@ -4,7 +4,7 @@ Easily interact with the Trusona REST API.
 
 ## Current Status
 
-[![Build Status](https://travis-ci.com/lighthauz/trusona-server-sdk-ruby.svg?token=2f2CMAnop6pxz1LFFPky&branch=master)](https://travis-ci.com/lighthauz/trusona-server-sdk-ruby)
+[![Build Status](https://travis-ci.com/trusona/trusona-server-sdk-ruby.svg?branch=master)](https://travis-ci.com/trusona/trusona-server-sdk-ruby)
 [![Maintainability](https://api.codeclimate.com/v1/badges/ec9f4f928125c278fa39/maintainability)](https://codeclimate.com/github/trusona/trusona-server-sdk-ruby/maintainability)
 [![Test Coverage](https://api.codeclimate.com/v1/badges/ec9f4f928125c278fa39/test_coverage)](https://codeclimate.com/github/trusona/trusona-server-sdk-ruby/test_coverage)
 
@@ -171,8 +171,9 @@ Note that the custom fields are not used in the case that the Trusonafication is
 | Prompt            | `prompt`            |    N     | Should the user be prompted to Accept or Reject this Trusonafication? Defaults to `true`.                                         |
 | Expiration        | `expires_at`        |    N     | The ISO-8601 UTC timestamp of the Trusonafication's expiration. Defaults to 90 seconds from creation.                             |
 | Custom Fields     | `custom_fields`     |    N     | Arbitrary key-value data fields made available to the Trusonafication. Amount of data in the hash is limited to 1MB               |
+| Callback URL      | `callback_url`      |    N     | A HTTPS URL to POST to when the trusonafication has been completed (accepted, rejected, or expired).<br><br> **NOTE:** The URL should include a randomized segment so it cannot be guessed and abused by third-parties e.g. https://your.domain.com/completed_authentications/f8abe61d-4e51-493f-97b1-464c157624f2. |
 
-[^1]: You must provide at least one field that would allow Trusona to determine which user to authenticate. The identifier fields are `device_identifier`, `user_identifier`, and `trucode_id`.
+[^1]: You must provide at least one field that would allow Trusona to determine which user to authenticate. The identifier fields are `device_identifier`, `user_identifier`, `email`, and `trucode_id`.
 
 #### Retrieving an existing Trusonafication
 
@@ -255,7 +256,7 @@ end
 
 ### TruCodes
 
-After a user has scanned a TruCode, it's possible to acquire that user's information by getting the 
+After a user has scanned a TruCode, it's possible to acquire that user's information by getting the
 scanned TruCode from the server. The code sample below shows how to do that:
 
 ```ruby

data/integrations/buster.rb

@@ -0,0 +1,15 @@
+require 'httparty'
+
+class Buster
+  def initialize
+    @url = 'https://buster.staging.trusona.net'
+  end
+
+  def callback_url(id)
+    "#{@url}/callbacks/#{id}"
+  end
+
+  def callback_result(id)
+    HTTParty.get(callback_url(id))
+  end
+end

data/integrations/spec_helper.rb

@@ -7,9 +7,12 @@ SimpleCov.start do
 end
 
 require 'bundler/setup'
+require 'active_support/core_ext/numeric/time'
+require 'rspec/wait'
 require 'trusona'
 require 'securerandom'
 require 'webmock/rspec'
+require_relative 'buster'
 
 WebMock.allow_net_connect!
 

data/integrations/trusonafication_spec.rb

@@ -12,6 +12,8 @@ RSpec.describe 'Trusonafications' do
     }
 
     @timeout = 5
+
+    @buster = Buster.new
   end
   describe 'creating a trusonafication for a known trusona user' do
     before do
@@ -40,10 +42,8 @@ RSpec.describe 'Trusonafications' do
       end
     end
   end
-  describe 'creating a trusonafication for an unknown trusona user' do
+  describe 'creating a trusonafication without a level' do
     it 'as expected, does not work' do
-      @parameters[:email] = "#{Time.now.to_i}@example.com"
-
       expect {
         Trusona::Trusonafication.create(
           params: @parameters, timeout: @timeout
@@ -51,5 +51,20 @@ RSpec.describe 'Trusonafications' do
       }.to raise_error(Trusona::InvalidResourceError)
     end
   end
+  describe 'creating a trusonafication with a callback url' do
+    it 'should POST to the URL when the trusonafication is completed' do
+      callback_id = SecureRandom.uuid
+
+      @parameters[:callback_url] = @buster.callback_url(callback_id)
+      @parameters[:expires_at] = 1.second.from_now
+
+      Trusona::EssentialTrusonafication.create(params: @parameters, timeout: @timeout)
+
+      wait_for do
+        callback_result = @buster.callback_result(callback_id)
+        callback_result.code
+      end.to eq(200)
+    end
+  end
 end
 # rubocop:enable Metrics/BlockLength

data/lib/trusona.rb

@@ -32,6 +32,7 @@ require 'trusona/workers/device_user_binding_creator'
 require 'trusona/workers/device_user_binding_activator'
 require 'trusona/workers/trusonafication_creator'
 require 'trusona/workers/trusonafication_finder'
+require 'trusona/workers/trusonafication_canceler'
 require 'trusona/workers/identity_document_finder'
 require 'trusona/workers/device_finder'
 require 'trusona/workers/user_deactivator'
@@ -118,6 +119,7 @@ module Trusona
     end
 
     raise Trusona::ConfigurationError unless @config
+
     @config
   end
 
@@ -136,7 +138,7 @@ module Trusona
     attr_accessor :token, :secret
     attr_reader :api_host
 
-    def initialize()
+    def initialize
       @api_host = 'api.trusona.net'
     end
 

data/lib/trusona/api/signed_request.rb

@@ -22,7 +22,7 @@ module Trusona
       def headers
         @headers.merge(
           'x-date' => @date,
-          'Date'   => @date,
+          'Date' => @date,
           'X-Date' => @date,
           'Authorization' => @signature,
           'Content-Type' => determine_content_type
@@ -33,17 +33,20 @@ module Trusona
 
       def determine_content_type
         return '' if @method == 'GET' || @method == 'DELETE'
+
         Trusona::Api::HTTPClient::CONTENT_TYPE
       end
 
       def build_path(path)
         return path if @uri.query.nil? || @uri.query.empty?
+
         [@uri.path, @uri.query].join('?')
       end
 
       def build_uri(path, body)
         return build_uri_with_query(URI(path)) if URI(path).query
         return build_uri_with_body_as_query(path, body) if valid_hash_body(body)
+
         URI::HTTPS.build(host: @host, path: path)
       end
 

data/lib/trusona/api/verified_response.rb

@@ -15,7 +15,9 @@ module Trusona
       end
 
       def to_h
-        JSON.parse(@unverified.body) rescue {}
+        JSON.parse(@unverified.body)
+      rescue StandardError
+        {}
       end
 
       def verified?
@@ -50,6 +52,7 @@ module Trusona
 
       def parse_path(uri)
         return uri.path unless uri.query
+
         [uri.path, uri.query].join('?')
       end
 
@@ -61,6 +64,7 @@ module Trusona
         server = @unverified.headers['server']
         response_type = @unverified.headers['Content-Type']
         return response_type unless server == LEGACY_SERVER_HEADER
+
         determine_request_content_type
       end
 
@@ -69,6 +73,7 @@ module Trusona
         return default_type unless @unverified.request
         return default_type unless @unverified.request.options
         return default_type unless @unverified.request.options[:headers]
+
         @unverified.request.options[:headers]['Content-Type']
       end
 

data/lib/trusona/identity_document.rb

@@ -28,11 +28,8 @@ module Trusona
     #
 
     def self.all(user_identifier: nil)
-      # rubocop:disable Metrics/LineLength
       raise ArgumentError, 'A user identifier is required.' unless user_identifier
 
-      # rubocop:enable Metrics/LineLength
-
       Trusona::Workers::IdentityDocumentFinder.new.find_all(user_identifier)
     end
 
@@ -55,11 +52,8 @@ module Trusona
     #   Trusona::IdentityDocument.find('4FDF044D-89FB-4043-947D-A029CF785B5F')
     #
     def self.find(id: nil)
-      # rubocop:disable Metrics/LineLength
       raise ArgumentError, 'An Identity Document identifier is required.' unless id
 
-      # rubocop:enable Metrics/LineLength
-
       Trusona::Workers::IdentityDocumentFinder.new.find(id)
     end
   end

data/lib/trusona/mappers/base_mapper.rb

@@ -27,6 +27,7 @@ module Trusona
 
       def map_item(item, existing)
         return nil if item.nil? || item.empty?
+
         item = normalize_keys(item)
         item = merge_existing_state(item, existing.to_h)
         item = map_custom_fields(item)
@@ -40,6 +41,7 @@ module Trusona
 
       def map_custom_fields(response)
         return response if custom_mappings.nil? || custom_mappings.empty?
+
         custom_mappings.each do |original_key, new_key|
           value = response.delete(original_key)
           response[new_key] = value
@@ -51,17 +53,20 @@ module Trusona
       def response_invalid?(response)
         return true if response.nil?
         return true unless response.respond_to?(:to_h)
+
         false
       end
 
       def resource_invalid?(resource)
         return true if resource.nil?
         return true unless resource.respond_to?(:new)
+
         false
       end
 
       def existing_invalid?(existing)
         return true unless existing.respond_to?(:to_h)
+
         false
       end
     end

data/lib/trusona/mappers/paired_tru_code_mapper.rb

@@ -2,6 +2,7 @@
 
 module Trusona
   module Mappers
+    ## A Pair Trucode Mapper
     class PairedTruCodeMapper < BaseMapper
       def resource
         Trusona::Resources::PairedTruCode

data/lib/trusona/resources/base_resource.rb

@@ -17,7 +17,7 @@ module Trusona
         @params
       end
 
-      def to_json
+      def to_json(*_args)
         JSON(to_h)
       end
 

data/lib/trusona/resources/device_user_binding.rb

@@ -23,6 +23,7 @@ module Trusona
       def validate
         return false unless @user_identifier
         return false unless @device_identifier
+
         true
       end
     end

data/lib/trusona/resources/device_user_binding_activation.rb

@@ -11,7 +11,7 @@ module Trusona
 
       def initialize(params = {})
         normalized_params = normalize_keys(params)
-        @id     = normalized_params[:id]
+        @id = normalized_params[:id]
         @active = normalized_params[:active]
 
         @params = normalized_params
@@ -20,6 +20,7 @@ module Trusona
 
       def validate
         return false unless @id
+
         true
       end
     end

data/lib/trusona/resources/identity_document.rb

@@ -15,14 +15,14 @@ module Trusona
         normalized = normalize_keys(params)
 
         @params = normalized
-        @document_hash       = normalized[:document_hash]
-        @id                  = normalized[:id]
-        @type                = normalized[:type]
+        @document_hash = normalized[:document_hash]
+        @id = normalized[:id]
+        @type = normalized[:type]
         @verification_status = normalized[:verification_status]
         @user_identifier     = normalized[:user_identifier]
       end
 
-      def to_json
+      def to_json(*_args)
         JSON(
           hash: @document_hash,
           id: @id,

data/lib/trusona/resources/paired_tru_code.rb

@@ -2,6 +2,7 @@
 
 module Trusona
   module Resources
+    ## A Paired Trucode
     class PairedTruCode < BaseResource
       attr_reader :identifier
 

data/lib/trusona/resources/tru_code.rb

@@ -19,7 +19,7 @@ module Trusona
         raise ArgumentError unless validate
       end
 
-      def to_json
+      def to_json(*_args)
         JSON(to_h)
       end
 
@@ -35,6 +35,7 @@ module Trusona
 
       def validate
         return false unless present?(@relying_party_id)
+
         true
       end
     end

data/lib/trusona/resources/trusonafication.rb

@@ -1,5 +1,6 @@
 # frozen_string_literal: true
 
+# rubocop:disable Metrics/ClassLength
 module Trusona
   module Resources
     ##
@@ -11,13 +12,14 @@ module Trusona
       attr_accessor :device_identifier, :user_identifier, :trucode_id,
                     :resource, :action, :level, :id, :email,
                     :accepted_level, :trusona_id, :expires_at,
-                    :user_presence, :prompt, :custom_fields
+                    :user_presence, :prompt, :custom_fields, :callback_url
 
       # rubocop:disable Metrics/AbcSize
       # rubocop:disable Metrics/MethodLength
       def initialize(params = {})
         @params = normalize_keys(params)
         return if @params.nil?
+
         self.accepted_level    = determine_accepted_level(@params)
         self.action            = @params[:action]
         self.device_identifier = @params[:device_identifier]
@@ -32,6 +34,7 @@ module Trusona
         self.prompt            = defaulting_to(true, @params[:prompt])
         self.user_presence     = defaulting_to(true, @params[:user_presence])
         self.custom_fields     = @params[:custom_fields]
+        self.callback_url      = @params[:callback_url]
 
         @status = @params[:status]
       end
@@ -43,27 +46,31 @@ module Trusona
       end
 
       # rubocop:disable Metrics/MethodLength
-      def to_json
-        JSON(device_identifier: device_identifier,
-             user_identifier: user_identifier,
-             trucode_id: trucode_id,
-             trusona_id: trusona_id,
-             email: email,
-             resource: resource,
-             action: action,
-             desired_level: level,
-             id: id,
-             status: @status,
-             prompt: prompt,
-             user_presence: user_presence,
-             custom_fields: custom_fields,
-             expires_at: expires_at&.iso8601)
+      def to_json(*_args)
+        JSON(
+          device_identifier: device_identifier,
+          user_identifier: user_identifier,
+          trucode_id: trucode_id,
+          trusona_id: trusona_id,
+          email: email,
+          resource: resource,
+          action: action,
+          desired_level: level,
+          id: id,
+          status: @status,
+          prompt: prompt,
+          user_presence: user_presence,
+          custom_fields: custom_fields,
+          expires_at: expires_at&.iso8601,
+          callback_url: callback_url
+        )
       end
       # rubocop:enable Metrics/MethodLength
 
       def accepted?
         return true if status == :accepted
         return true if status == :accepted_at_higher_level
+
         false
       end
 
@@ -75,8 +82,8 @@ module Trusona
         attributes_present && attributes_filled
       end
 
-      # rubocop:disable MethodLength
-      # rubocop:disable CyclomaticComplexity
+      # rubocop:disable Metrics/MethodLength
+      # rubocop:disable Metrics/CyclomaticComplexity
       def status
         case @status
         when 'INVALID_TRUSONA_ID'
@@ -99,14 +106,15 @@ module Trusona
           :invalid
         end
       end
-      # rubocop:enable CyclomaticComplexity
-      # rubocop:enable MethodLength
+      # rubocop:enable Metrics/CyclomaticComplexity
+      # rubocop:enable Metrics/MethodLength
 
       private
 
       def defaulting_to(value, param)
         return value if param.nil?
         return value if param.respond_to?(:empty?) && param.empty?
+
         param
       end
 
@@ -137,3 +145,4 @@ module Trusona
     end
   end
 end
+# rubocop:enable Metrics/ClassLength