lib/authy/api.rb
require "logger"
module Authy
class API
MIN_TOKEN_SIZE = 6
MAX_TOKEN_SIZE = 12
include Authy::URL
extend HTTPClient::IncludeClient
include_http_client
def self.register_user(attributes)
api_key = attributes.delete(:api_key) || Authy.api_key
send_install_link_via_sms = attributes.delete(:send_install_link_via_sms) { true }
params = {
:user => attributes,
:send_install_link_via_sms => send_install_link_via_sms
}
url = "#{Authy.api_uri}/protected/json/users/new"
response = http_client.post(url, :body => escape_query(params), :header => default_header(params: { api_key: api_key }))
Authy::User.new(response)
end
# options:
# :id user id
# :token authy token entered by the user
# :force (true|false) force to check even if the cellphone is not confirmed
#
def self.verify(params)
token = params.delete(:token) || params.delete("token")
user_id = params.delete(:id) || params.delete("id")
return invalid_response("Token format is invalid") unless token_is_safe?(token)
return invalid_response("User id is invalid") unless is_digit?(user_id)
params[:force] = true if params[:force].nil? && params["force"].nil?
response = get_request("protected/json/verify/:token/:user_id", params.merge({
"token" => token,
"user_id" => user_id
}))
return verify_response(response) if response.ok?
return response
end
# options:
# :id user id
# :force force sms
def self.request_sms(params)
user_id = params.delete(:id) || params.delete("id")
get_request("protected/json/sms/:user_id", params.merge({"user_id" => user_id}))
end
# options:
# :id user id
# :qr_size qr size
# :qr_label context for qr code
def self.request_qr_code(params)
user_id = params.delete(:id) || params.delete("id")
qr_size = params.delete(:qr_size) || params.delete("qr_size") || 300
qr_label = params.delete(:qr_label) || params.delete("qr_label") || ""
return invalid_response("User id is invalid") unless is_digit?(user_id)
return invalid_response("Qr image size is invalid") unless is_digit?(qr_size)
response = post_request("protected/json/users/:user_id/secret", params.merge({
"user_id" => user_id,
"qr_size" => qr_size,
"label" => qr_label
}))
end
# options:
# :id user id
# :force force phone_call
def self.request_phone_call(params)
user_id = params.delete(:id) || params.delete("id")
get_request("protected/json/call/:user_id", params.merge({"user_id" => user_id}))
end
# options:
# :id user id
def self.request_email(params)
user_id = params.delete(:id) || params.delete('id')
post_request("protected/json/email/:user_id", params.merge({"user_id" => user_id}))
end
# options:
# :id user id
# :email user's new email
def self.update_user(params)
user_id = params.delete(:id) || params.delete('id')
post_request("protected/json/users/:user_id/update", params.merge({"user_id" => user_id}))
end
# options:
# :id user id
def self.delete_user(params)
user_id = params.delete(:id) || params.delete("id")
post_request("protected/json/users/delete/:user_id", params.merge({"user_id" => user_id}))
end
# options:
# :id user id
def self.user_status(params)
user_id = params.delete(:id) || params.delete("id")
get_request("protected/json/users/:user_id/status", params.merge({"user_id" => user_id}))
end
private
def self.post_request(uri, params = {})
header_ = default_header(params: params)
uri_params = keys_to_verify(uri, params)
state, error = validate_for_url(uri_params, params)
response = if state
url = "#{Authy.api_uri}/#{eval_uri(uri, params)}"
params = clean_uri_params(uri_params, params)
http_client.post(url, :body => escape_query(params), header: header_)
else
build_error_response(error)
end
Authy::Response.new(response)
end
def self.get_request(uri, params = {})
header_ = default_header(params: params)
uri_params = keys_to_verify(uri, params)
state, error = validate_for_url(uri_params, params)
response = if state
url = "#{Authy.api_uri}/#{eval_uri(uri, params)}"
params = clean_uri_params(uri_params, params)
http_client.get(url, params, header_)
else
build_error_response(error)
end
Authy::Response.new(response)
end
def self.build_error_response(error = "blank uri param found")
OpenStruct.new({
"status" => 400,
"body" => {
"success" => false,
"message" => error,
"errors" => {
"message" => error,
},
}.to_json
})
end
def self.token_is_safe?(token)
!!(/\A\d{#{MIN_TOKEN_SIZE},#{MAX_TOKEN_SIZE}}\Z/.match token)
end
def self.is_digit?(str)
!!(/^\d+$/.match str.to_s)
end
def self.invalid_response(str = "Invalid resonse")
response = build_error_response(str)
return Authy::Response.new(response)
end
def self.verify_response(response)
return response if response["token"] == "is valid"
response = build_error_response("Token is invalid")
return Authy::Response.new(response)
end
def self.default_header(params: {})
api_key = params.delete(:api_key) || params.delete("api_key")
header = {
"X-Authy-API-Key" => api_key || Authy.api_key,
"User-Agent" => Authy.user_agent
}
return header
end
end
end