yoti 1.7.0 → 1.7.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.gitignore +1 -0
- data/CONTRIBUTING.md +1 -1
- data/README.md +19 -224
- data/Rakefile +6 -2
- data/lib/yoti/http/request.rb +1 -0
- data/lib/yoti/version.rb +1 -1
- data/yoti.gemspec +3 -3
- metadata +4 -5
- data/login_flow.png +0 -0
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: f78d9caae30514cbb608f4156a54d6c8c2f7d82a3df8afbdf6295b8239e983a7
|
4
|
+
data.tar.gz: 59b9aad24b60db06445300441abfdf20203b52de713976d3a6815aca159b6579
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: f656f156b49a6b96ed09271fcbb1fa312ef918195c184631481a9dee5e427c1c1866c58d43d97f09f7f38c7072b1bb9adb2de9acafa99d9c9f783845090d2eab
|
7
|
+
data.tar.gz: 601d9374b0320b4c59bf6c5378e50dbba524337ef28b2b6d74ba7eebbef4f30c029f187ce75f52a631343178e9281cd5d28c8b25e1c96c3531d1816bc67c0de8
|
data/.gitignore
CHANGED
data/CONTRIBUTING.md
CHANGED
data/README.md
CHANGED
@@ -10,39 +10,16 @@ Welcome to the Yoti Ruby SDK. This repository contains the tools you need to qui
|
|
10
10
|
|
11
11
|
## Table of Contents
|
12
12
|
|
13
|
-
1. [An Architectural view](#an-architectural-view) - High level overview of integration
|
14
13
|
1. [Requirements](#requirements) - Everything you need to get started
|
15
|
-
1. [Installing the SDK](#installing-the-sdk) - How to install our SDK
|
16
|
-
1. [Configuration](#configuration) - Configuring the SDK
|
17
|
-
1. [Profile Retrieval](#profile-retrieval) - How to retrieve a Yoti profile using the one time use token
|
18
|
-
1. [AML Integration](#aml-integration) - How to integrate with Yoti's AML (Anti Money Laundering) service
|
19
|
-
1. [Running the Examples](#running-the-examples) - How to run the example projects provided
|
20
|
-
1. [API Coverage](#api-coverage) - Attributes defined
|
21
|
-
1. [Support](#support) - Please feel free to reach out
|
22
|
-
|
23
|
-
## An Architectural view
|
24
|
-
|
25
|
-
To integrate your application with Yoti, your back-end must expose a GET endpoint that Yoti will use to forward tokens.
|
26
|
-
The endpoint is configured in the [Yoti Hub](https://hub.yoti.com) where you create/update your application. To see an example of how this is configured, see the [Running the Examples](#running-the-examples) section.
|
27
14
|
|
28
|
-
|
29
|
-
Yoti SDK carries out for you steps 6, 7, 8 and the profile decryption in step 9.
|
30
|
-
|
31
|
-

|
32
|
-
|
33
|
-
Yoti also allows you to enable user details verification from your mobile app by means of the Android (TBA) and iOS (TBA) SDKs. In that scenario, your Yoti-enabled mobile app is playing both the role of the browser and the Yoti app. Your back-end doesn't need to handle these cases in a significantly different way, but you might decide to handle the `User-Agent` header in order to provide different responses for desktop and mobile clients.
|
15
|
+
1. [Installing the SDK](#installing-the-sdk) - How to install our SDK
|
34
16
|
|
35
|
-
|
17
|
+
1. [Setup](#setup) - Setup required before using the Yoti services
|
36
18
|
|
37
|
-
|
38
|
-
|
39
|
-
* [Protocol buffers][]
|
40
|
-
* [Base64 data][]
|
19
|
+
1. [Products](#products) -
|
20
|
+
Links to more information about the products offered by the Yoti SDK
|
41
21
|
|
42
|
-
[
|
43
|
-
[RSA pkcs asymmetric encryption]: https://en.wikipedia.org/wiki/RSA_(cryptosystem)
|
44
|
-
[Protocol buffers]: https://en.wikipedia.org/wiki/Protocol_Buffers
|
45
|
-
[Base64 data]: https://en.wikipedia.org/wiki/Base64
|
22
|
+
1. [Support](#support) - Please feel free to reach out
|
46
23
|
|
47
24
|
## Requirements
|
48
25
|
|
@@ -76,7 +53,7 @@ bundle install
|
|
76
53
|
Or simply run the following command from your terminal:
|
77
54
|
|
78
55
|
```shell
|
79
|
-
|
56
|
+
gem install yoti
|
80
57
|
```
|
81
58
|
|
82
59
|
## SDK Project Import
|
@@ -89,7 +66,12 @@ rails generate yoti:install
|
|
89
66
|
|
90
67
|
The generated initialisation file can be found in `config/initializers/yoti.rb`.
|
91
68
|
|
92
|
-
##
|
69
|
+
## Setup
|
70
|
+
|
71
|
+
For each service you will need:
|
72
|
+
|
73
|
+
* Your Client SDK ID, generated by [Yoti Hub](https://hub.yoti.com) when you create (and then publish) your app.
|
74
|
+
* Your .pem file. This is your own unique private key which your browser generates from the [Yoti Hub](https://hub.yoti.com) when you create an application.
|
93
75
|
|
94
76
|
A minimal Yoti client initialisation looks like this:
|
95
77
|
|
@@ -101,10 +83,8 @@ end
|
|
101
83
|
```
|
102
84
|
|
103
85
|
Make sure the following environment variables can be accessed by your app:
|
104
|
-
|
105
|
-
`
|
106
|
-
|
107
|
-
`YOTI_KEY_FILE_PATH` - the full path to your security key downloaded from the *Keys* settings page (e.g. /Users/developer/access-security.pem)
|
86
|
+
- `YOTI_CLIENT_SDK_ID`
|
87
|
+
- `YOTI_KEY_FILE_PATH`
|
108
88
|
|
109
89
|
The following options are available:
|
110
90
|
|
@@ -144,197 +124,12 @@ heroku config:add YOTI_KEY ="$(cat your-access-security.pem)"
|
|
144
124
|
|
145
125
|
[Heroku Command Line]: https://devcenter.heroku.com/articles/heroku-command-line
|
146
126
|
|
147
|
-
##
|
148
|
-
|
149
|
-
When your application receives a one time use token via the exposed endpoint (it will be assigned to a query string parameter named `token`), you can easily retrieve the user profile:
|
150
|
-
|
151
|
-
```ruby
|
152
|
-
one_time_use_token = params[:token]
|
153
|
-
yoti_activity_details = Yoti::Client.get_activity_details(one_time_use_token)
|
154
|
-
```
|
155
|
-
|
156
|
-
Before you inspect the user profile, you might want to check whether the user validation was successful. This is done as follows:
|
157
|
-
|
158
|
-
```ruby
|
159
|
-
if yoti_activity_details.outcome == 'SUCCESS'
|
160
|
-
profile = yoti_activity_details.profile
|
161
|
-
given_names = profile.given_names.value
|
162
|
-
family_name = profile.family_name.value
|
163
|
-
else
|
164
|
-
# handle unhappy path
|
165
|
-
end
|
166
|
-
```
|
167
|
-
|
168
|
-
The `profile` object provides a set of attributes corresponding to user attributes. Whether the attributes are present or not depends on the settings you have applied to your app on Yoti Hub.
|
169
|
-
|
170
|
-
### Handling Users
|
171
|
-
|
172
|
-
When you retrieve the user profile, you receive a user ID generated by Yoti exclusively for your application.
|
173
|
-
This means that if the same individual logs into another app, Yoti will assign her/him a different ID.
|
174
|
-
You can use this ID to verify whether (for your application) the retrieved profile identifies a new or an existing user.
|
175
|
-
Here is an example of how this works:
|
176
|
-
|
177
|
-
```ruby
|
178
|
-
if yoti_activity_details.outcome == 'SUCCESS'
|
179
|
-
user = your_user_search_function(yoti_activity_details.user_id)
|
180
|
-
profile = yoti_activity_details.profile
|
181
|
-
|
182
|
-
if user
|
183
|
-
# handle login
|
184
|
-
email = profile.email_address.value
|
185
|
-
else
|
186
|
-
# handle registration
|
187
|
-
given_names = profile.given_names.value
|
188
|
-
family_name = profile.family_name.value
|
189
|
-
email = profile.email_address.value
|
190
|
-
end
|
191
|
-
else
|
192
|
-
# handle unhappy path
|
193
|
-
end
|
194
|
-
```
|
195
|
-
|
196
|
-
Where `your_user_search_function` is a piece of logic in your app that is supposed to find a user, given a user_id. Regardless of whether the user is a new or an existing one, Yoti will always provide their profile, so you don't necessarily need to store it.
|
197
|
-
|
198
|
-
You can retrieve the sources and verifiers for each attribute as follows:
|
199
|
-
|
200
|
-
```ruby
|
201
|
-
given_names_sources = profile.given_names.sources # list of anchors
|
202
|
-
given_names_verifiers = profile.given_names.verifiers # list of anchors
|
203
|
-
given_names_anchors = profile.given_names.anchors # list of anchors
|
204
|
-
```
|
205
|
-
You can also retrieve further properties from these respective anchors in the following way:
|
206
|
-
|
207
|
-
```ruby
|
208
|
-
# Retrieving properties of the first anchor
|
209
|
-
type = given_names_sources[0].type # string
|
210
|
-
value = given_names_sources[0].value # string
|
211
|
-
sub_type = given_names_sources[0].sub_type # string
|
212
|
-
time_stamp = given_names_sources[0].signed_time_stamp.time_stamp # DateTime object
|
213
|
-
origin_server_certs = given_names_sources[0].origin_server_certs # list of X509 certificates
|
214
|
-
```
|
215
|
-
|
216
|
-
In case you want to prove the sources and verifiers of the helper`ActivityDetails.age_verified` on `Age Over 18` set as age derivation, please retrieve it's original attribute from the profile as follow:
|
217
|
-
|
218
|
-
```ruby
|
219
|
-
age_attribute = profile.get_attribute('age_over:18')
|
220
|
-
sources = age_attribute.sources
|
221
|
-
verifiers = age_attribute.verifiers
|
222
|
-
anchors = age_attribute.anchors
|
223
|
-
```
|
224
|
-
|
225
|
-
## AML Integration
|
226
|
-
|
227
|
-
Yoti provides an AML (Anti Money Laundering) check service to allow a deeper KYC process to prevent fraud. This is a chargeable service, so please contact [sdksupport@yoti.com](mailto:sdksupport@yoti.com) for more information.
|
228
|
-
|
229
|
-
Yoti will provide a boolean result on the following checks:
|
230
|
-
|
231
|
-
* PEP list - Verify against Politically Exposed Persons list
|
232
|
-
* Fraud list - Verify against US Social Security Administration Fraud (SSN Fraud) list
|
233
|
-
* Watch list - Verify against watch lists from the Office of Foreign Assets Control
|
234
|
-
|
235
|
-
To use this functionality you must ensure your application is assigned to your organisation in the Yoti Hub - please see [here](https://developers.yoti.com/yoti-app-integration/yoti-app-integration#step-1-creating-an-organisation) for further information.
|
236
|
-
|
237
|
-
For the AML check you will need to provide the following:
|
238
|
-
|
239
|
-
* Data provided by Yoti (please ensure you have selected the Given name(s) and Family name attributes for your scenario on the Yoti Hub)
|
240
|
-
* Given name(s)
|
241
|
-
* Family name
|
242
|
-
* Data that must be collected from the user:
|
243
|
-
* Country of residence (must be an ISO 3166 3-letter code)
|
244
|
-
* Social Security Number (US citizens only)
|
245
|
-
* Postcode/Zip code (US citizens only)
|
246
|
-
|
247
|
-
### Consent
|
248
|
-
|
249
|
-
Performing an AML check on a person *requires* their consent.
|
250
|
-
**You must ensure you have user consent *before* using this service.**
|
251
|
-
|
252
|
-
### Code Example
|
253
|
-
|
254
|
-
Given a YotiClient initialised with your SDK ID and KeyPair (see [Client Initialisation](#client-initialisation)) performing an AML check is a straightforward case of providing basic profile data.
|
255
|
-
|
256
|
-
```ruby
|
257
|
-
require 'yoti'
|
258
|
-
|
259
|
-
Yoti.configure do |config|
|
260
|
-
config.client_sdk_id = ENV['YOTI_CLIENT_SDK_ID']
|
261
|
-
config.key_file_path = ENV['YOTI_KEY_FILE_PATH']
|
262
|
-
end
|
263
|
-
|
264
|
-
aml_address = Yoti::AmlAddress.new('GBR')
|
265
|
-
aml_profile = Yoti::AmlProfile.new('Edward Richard George', 'Heath', aml_address)
|
266
|
-
|
267
|
-
puts Yoti::Client.aml_check(aml_profile)
|
268
|
-
```
|
127
|
+
## Products
|
269
128
|
|
270
|
-
|
271
|
-
|
272
|
-
|
273
|
-
|
274
|
-
### Ruby on Rails
|
275
|
-
|
276
|
-
1. Create your application in the [Yoti Hub](https://hub.yoti.com)
|
277
|
-
1. Set the application domain of your app to `localhost:3001`
|
278
|
-
1. Set the scenario callback URL to `/profile`
|
279
|
-
1. Rename the [.env.example](examples/rails/.env.example) file to `.env`
|
280
|
-
1. Fill in the environment variables in this file with the ones specific to your application (mentioned in the [Configuration](#configuration) section)
|
281
|
-
1. Install the dependencies by running the following commands
|
282
|
-
```ruby
|
283
|
-
$ bundle install
|
284
|
-
$ gem install foreman # We are doing this as it's not recommended to include foreman in your Gemfile
|
285
|
-
```
|
286
|
-
1. Start the server `foreman start`
|
287
|
-
|
288
|
-
Visiting `https://localhost:3001/` should show a Yoti Connect button
|
289
|
-
|
290
|
-
### Sinatra
|
291
|
-
|
292
|
-
1. Create your application in the [Yoti Hub](https://hub.yoti.com)
|
293
|
-
1. Set the application domain of your app to `localhost:4567`
|
294
|
-
1. Set the scenario callback URL to `/profile`
|
295
|
-
1. Rename the [.env.example](examples/sinatra/.env.example) file to `.env`
|
296
|
-
1. Fill in the environment variables in this file with the ones specific to your application (mentioned in the [Configuration](#configuration) section)
|
297
|
-
1. Install the dependencies by running the following commands
|
298
|
-
```ruby
|
299
|
-
$ bundle install
|
300
|
-
$ gem install foreman # We are doing this as it's not recommended to include foreman in your Gemfile
|
301
|
-
```
|
302
|
-
1. Start the server `foreman start`
|
303
|
-
|
304
|
-
Visiting `https://localhost:4567/` should show a Yoti Connect button
|
305
|
-
|
306
|
-
### AML Check
|
307
|
-
|
308
|
-
* rename the [.env.example](examples/aml_check/.env.example) file to `.env` and fill in the required configuration values
|
309
|
-
* install the dependencies with `bundle install`
|
310
|
-
* run the script with `ruby ./app.rb`
|
311
|
-
|
312
|
-
## API Coverage
|
313
|
-
|
314
|
-
* Activity Details
|
315
|
-
* [X] Remember Me ID `remember_me_id`
|
316
|
-
* [X] Parent Remember Me ID `parent_remember_me_id`
|
317
|
-
* [X] Receipt ID `receipt_id`
|
318
|
-
* [X] Timestamp `timestamp`
|
319
|
-
* [X] Base64 Selfie URI `base64_selfie_uri`
|
320
|
-
* [X] Age verified `age_verified`
|
321
|
-
* [X] Profile `profile`
|
322
|
-
* [X] Selfie `selfie`
|
323
|
-
* [X] Full Name `full_name`
|
324
|
-
* [X] Given Names `given_names`
|
325
|
-
* [X] Family Name `family_name`
|
326
|
-
* [X] Mobile Number `phone_number`
|
327
|
-
* [X] Email Address `email_address`
|
328
|
-
* [X] Age / Date of Birth `date_of_birth`
|
329
|
-
* [X] Address `postal_address`
|
330
|
-
* [X] Structured Postal Address `structured_postal_address`
|
331
|
-
* [X] Gender `gender`
|
332
|
-
* [X] Nationality `nationality`
|
333
|
-
* [X] Application Profile `application_profile`
|
334
|
-
* [X] Name `name`
|
335
|
-
* [X] URL `url`
|
336
|
-
* [X] Logo `logo`
|
337
|
-
* [X] Receipt Background Color `receipt_bgcolor`
|
129
|
+
The Yoti SDK can be used for the following products, follow the links for more information about each:
|
130
|
+
1) [Yoti app integration](/docs/PROFILE.md) - Connect with already-verified customers.
|
131
|
+
1) [Yoti Doc Scan](/docs/DOCSCAN.md) - Identity verification embedded in your website or app.
|
132
|
+
1) [Yoti AML](/docs/AML.md) - Anti-Money Laundering check service to allow a deeper KYC process, preventing fraud
|
338
133
|
|
339
134
|
## Support
|
340
135
|
|
data/Rakefile
CHANGED
@@ -6,7 +6,7 @@ require 'yaml'
|
|
6
6
|
# Tests #
|
7
7
|
################################
|
8
8
|
|
9
|
-
RSpec::Core::RakeTask.new(:
|
9
|
+
RSpec::Core::RakeTask.new(:test_yoti) do |t|
|
10
10
|
t.pattern = ['spec/yoti']
|
11
11
|
end
|
12
12
|
|
@@ -14,6 +14,8 @@ RSpec::Core::RakeTask.new(:test_generators) do |t|
|
|
14
14
|
t.pattern = ['spec/generators']
|
15
15
|
end
|
16
16
|
|
17
|
+
RSpec::Core::RakeTask.new(:spec)
|
18
|
+
|
17
19
|
################################
|
18
20
|
# Rubocop #
|
19
21
|
################################
|
@@ -29,6 +31,7 @@ end
|
|
29
31
|
|
30
32
|
require 'yard'
|
31
33
|
YARD::Rake::YardocTask.new do |t|
|
34
|
+
t.options = ['--output-dir', './yardoc']
|
32
35
|
t.stats_options = ['--list-undoc']
|
33
36
|
end
|
34
37
|
|
@@ -43,4 +46,5 @@ end
|
|
43
46
|
# Defaults #
|
44
47
|
################################
|
45
48
|
|
46
|
-
task default: %i[spec
|
49
|
+
task default: %i[spec rubocop]
|
50
|
+
task test: %i[test_yoti test_generators rubocop]
|
data/lib/yoti/http/request.rb
CHANGED
data/lib/yoti/version.rb
CHANGED
data/yoti.gemspec
CHANGED
@@ -5,8 +5,8 @@ require 'yoti/version'
|
|
5
5
|
Gem::Specification.new do |spec|
|
6
6
|
spec.name = 'yoti'
|
7
7
|
spec.version = Yoti::VERSION
|
8
|
-
spec.authors = ['
|
9
|
-
spec.email = ['
|
8
|
+
spec.authors = ['Yoti']
|
9
|
+
spec.email = ['websdk@yoti.com']
|
10
10
|
|
11
11
|
spec.summary = 'Yoti Ruby SDK for back-end integration.'
|
12
12
|
spec.description = <<-DESC
|
@@ -18,7 +18,7 @@ Gem::Specification.new do |spec|
|
|
18
18
|
spec.homepage = 'https://github.com/getyoti/yoti-ruby-sdk'
|
19
19
|
spec.license = 'MIT'
|
20
20
|
|
21
|
-
spec.files = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features|examples)/|^sonar-project.properties$|^.dependabot/config.yml$|^.travis.yml$}) }
|
21
|
+
spec.files = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features|examples|docs)/|^sonar-project.properties$|^.dependabot/config.yml$|^.travis.yml$}) }
|
22
22
|
spec.require_paths = ['lib']
|
23
23
|
|
24
24
|
spec.required_ruby_version = '>= 2.4'
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: yoti
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.7.
|
4
|
+
version: 1.7.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
|
-
-
|
7
|
+
- Yoti
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2020-06-
|
11
|
+
date: 2020-06-17 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: google-protobuf
|
@@ -155,7 +155,7 @@ description: |2
|
|
155
155
|
with Yoti, so that your users can share their identity details with your
|
156
156
|
application in a secure and trusted way.
|
157
157
|
email:
|
158
|
-
-
|
158
|
+
- websdk@yoti.com
|
159
159
|
executables: []
|
160
160
|
extensions: []
|
161
161
|
extra_rdoc_files: []
|
@@ -266,7 +266,6 @@ files:
|
|
266
266
|
- lib/yoti/util/log.rb
|
267
267
|
- lib/yoti/util/validation.rb
|
268
268
|
- lib/yoti/version.rb
|
269
|
-
- login_flow.png
|
270
269
|
- rubocop.yml
|
271
270
|
- yardstick.yml
|
272
271
|
- yoti.gemspec
|
data/login_flow.png
DELETED
Binary file
|