Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- require 'httparty'
- require 'securerandom'
- require 'jwt'
- require 'json'
- require 'pp'
- # Basic functionality to create accounts and login via Verimi
- class VerimiAPI
- attr_reader :base_uri, :grant_type, :redirect_uri, :client_id, :client_secret
- def initialize
- @base_uri = URI.parse(ENV['verimi_base_url'])
- @grant_type = 'authorization_code'
- @redirect_uri = ENV['verimi_redirection_url']
- @client_id = ENV['verimi_client_id']
- @client_secret = ENV['verimi_secret_id']
- end
- # From client Verimi login code extracts client credentials for account processing
- def self.load_credentials(code)
- @api ||= VerimiAPI.new
- @api.load_credentials(code)
- end
- def load_credentials(code)
- verimi_token = get_verimi_token(code)
- credentials = get_verimi_credentials(verimi_token)
- return nil if credentials.nil?
- process_verimi_credentials(credentials[:email], credentials[:first_name], credentials[:last_name], credentials[:verimi_id])
- end
- # Confirms to Verimi user was successfully logged in
- def login_verimi(euid)
- VerimiHttpClient.put("#{base_uri}users/#{euid}/linkage",
- options: {
- headers: { 'Content-Type' => 'application/x-www-form-urlencoded' }
- },
- basic_auth: {
- username: client_id,
- password: client_secret
- })
- end
- # Informs Verimi current user is disconnected from platform
- def logout_verimi(euid)
- VerimiHttpClient.delete("#{base_uri}users/#{euid}/linkage",
- options: {
- headers: { 'Content-Type' => 'application/x-www-form-urlencoded' }
- },
- basic_auth: {
- username: client_id,
- password: client_secret
- })
- end
- private
- # Return login credentials, creating user in system whenever it is possible
- # to read basket from Verimi. In case no credentials are found and basket is
- # not accessible it returns null
- def get_verimi_credentials(verimi_token)
- verimi_user_id = JWT.decode(verimi_token['id_token'], nil, false).first['eeuid']
- verimi_user = User.where(verimi_id: verimi_user_id).first
- request_scope = verimi_token['scope']
- access_token = verimi_token['access_token']
- if (request_scope.include? 'read_basket')
- get_baskets(access_token).merge(verimi_id: verimi_user_id)
- else
- return nil if verimi_user.nil?
- verimi_user.attributes.deep_symbolize_keys.merge(verimi_id: verimi_user_id)
- end
- end
- # Request Verimi API access token from user login code
- def get_verimi_token(code)
- # Get client tokens from Verimi
- verimi_token_response = VerimiHttpClient.post("#{base_uri}oauth/token?grant_type=#{grant_type}&redirect_uri=#{redirect_uri}&code=#{code}",
- options: {
- headers: { 'Content-Type' => 'application/x-www-form-urlencoded' }
- },
- basic_auth: {
- username: client_id,
- password: client_secret
- })
- raise "error when requesting access token" if verimi_token_response.code >= 300
- verimi_token_response.parsed_response
- end
- # Request access to client Baskets after successful verimi login, in order to request user credentials
- def get_baskets(access_token)
- # get list of baskets
- headers = {
- "Authorization" => "Bearer #{access_token}",
- "Content-Type" => "application/json" }
- basket_response = VerimiHttpClient.get("#{base_uri}query/baskets",headers: headers)
- raise "error when requesting basket" if basket_response.code >= 300
- # look for specific information in basket
- basket = basket_response.parsed_response
- {
- first_name: basket.dig('dataScopes')[1].dig('data')[0].dig('value'),
- last_name: basket.dig('dataScopes')[1].dig('data')[1].dig('value'),
- email: basket.dig('dataScopes')[0].dig('data')[0].dig('value')
- } if !basket.nil?
- end
- # From Verimi credentials checks whether user exists or not for creating user account and returning credentials
- def process_verimi_credentials(email, first_name, last_name, verimi_id)
- verimi_user_password = SecureRandom.base64(20)
- verimi_user = User.where(email: email).first_or_create do |user|
- user.password = verimi_user_password
- user.password_confirmation = verimi_user_password
- user.first_name = first_name
- user.last_name = last_name
- user.email = email
- user.verimi_id = verimi_id
- end
- verimi_user.update({password: verimi_user_password, password_confirmation: verimi_user_password})
- { email: email, password: verimi_user_password }
- end
- end
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement