Module: LoginRadius::RequestClient

Included in:

AccountApi, AuthenticationApi, ConfigurationApi, ConsentManagementApi, CustomObjectApi, MultiFactorAuthenticationApi, NativeSocialApi, OneTouchLoginApi, PINAuthenticationApi, PasswordLessLoginApi, PhoneAuthenticationApi, ReAuthenticationApi, RiskBasedAuthenticationApi, RoleApi, SmartLoginApi, SocialApi, SottApi, WebHookApi

Defined in:

lib/login_radius/request_client.rb

Constant Summary

API_V2_BASE_URL =

LoginRadius Client Module: Methods relating to building and sending requests are defined here.

'https://api.loginradius.com/'

API_V2_BASE_URL_CONFIG =

'https://config.lrcontent.com/'

INIT_VECTOR =

'tu89geji340t89u2'

KEY_SIZE =

256

Instance Method Summary

• #build_new_uri_obj(resource) ⇒ URI

  Builds a URI instance given type and resource.

• #create_hash_secret(endpoint, secret_key, headers, body = {}) ⇒ URI, headers

  Create a has digest in header.

• #delete_request(uri_endpoint, params, body = {}) ⇒ LoginRadius::Response

  Sends a DELETE API request.

• #get_request(uri_endpoint, params, body = {}) ⇒ LoginRadius::Response

  Sends a GET API request.

• #get_sott(time_difference = "", api_key = "", api_secret = "", start_time = "", end_time = "") ⇒ Object

  Local - Generate SOTT: Generates a Secured One Time Token manually.

• #getValidationMessage(params) ⇒ Object
• #isNullOrWhiteSpace(params) ⇒ Object
• #local_generate_sott(time_difference = 10, api_key = "", api_secret = "") ⇒ Object

  Local - Generate SOTT: Generates a Secured One Time Token manually.

• #post_request(uri_endpoint, params, body = {}) ⇒ LoginRadius::Response

  Sends a POST API request.

• #put_request(uri_endpoint, params, body = {}) ⇒ LoginRadius::Response

  Sends a PUT API request.

Instance Method Details

#build_new_uri_obj(resource) ⇒ URI

Builds a URI instance given type and resource

Parameters:

• resource (String) —

  Target resource custom_api_domain is set

Returns:

• (URI) —

  uri instance

# File 'lib/login_radius/request_client.rb', line 243

def build_new_uri_obj(resource)
  if resource == 'ciam/appinfo'
    return URI.parse(API_V2_BASE_URL_CONFIG + resource)
  else
    if ENV['CUSTOM_API_DOMAIN'] == 'false' || ENV['CUSTOM_API_DOMAIN'] == nil
      return URI.parse(API_V2_BASE_URL + resource)
    else
      return URI.parse(ENV['CUSTOM_API_DOMAIN'] + resource)
    end
  end
end

#create_hash_secret(endpoint, secret_key, headers, body = {}) ⇒ URI, headers

Create a has digest in header

Parameters:

• endpoint (String) —

  endpoint

• secret_key (String) —

  secret key

• headers (String) —

  headers

• body (String) (defaults to: {}) —

  body

Returns:

• (URI) —

  uri instance

• (headers) —

  header

# File 'lib/login_radius/request_client.rb', line 264

def create_hash_secret(endpoint, secret_key, headers, body = {})
  endpoint_uri = 'https://api.loginradius.com' + endpoint
  expiry_time = (Time.now.getutc() + (1*60*60)).strftime('%Y/%m/%d %H:%M:%S')

  encoded_uri = CGI.escape(CGI.unescape(endpoint_uri))

  if body.blank?
    string_to_hash = expiry_time + ':' + encoded_uri.downcase
  else
    string_to_hash = expiry_time + ':' + encoded_uri.downcase + ':' + body.to_json
  end

  mac = Base64.encode64(OpenSSL::HMAC.digest(OpenSSL::Digest.new('sha256'), secret_key, string_to_hash)).strip()
  headers['X-Request-Expires'] = expiry_time
  headers['digest'] = 'SHA-256='+mac
  return headers
end

#delete_request(uri_endpoint, params, body = {}) ⇒ LoginRadius::Response

Sends a DELETE API request.

Parameters:

• uri_endpoint (URI) —

  Target uri instance

• params (Hash) —

  Parameters to send

• body (Hash) (defaults to: {}) —

  POST body

Returns:

• (LoginRadius::Response) —

  LoginRadius response instance

# File 'lib/login_radius/request_client.rb', line 190

def delete_request(uri_endpoint, params, body = {})
  uri_obj = build_new_uri_obj(uri_endpoint)

  headers = { 'Content-Type' => 'application/json' }
  if params.key?('access_token') # has_key
    if uri_endpoint.include? 'auth'
      access_token = params['access_token']
      params.delete('access_token')
      headers['Authorization'] = 'Bearer ' + access_token
    end
  end

  if params.key?('apiSecret') # has_key
    secret_key = params['apiSecret']
    params.delete('apiSecret')

    if ENV['API_REQUEST_SIGNING'] == 'false' || ENV['API_REQUEST_SIGNING'] == nil
      headers['X-LoginRadius-ApiSecret'] = secret_key
    else
      uri_obj = build_new_uri_obj(uri_endpoint)
      uri_obj.query = URI.encode_www_form(params)
      headers = create_hash_secret(uri_obj.request_uri, secret_key, headers, body)
    end
  end
  if params.key?('sott') # has_key
    headers['X-LoginRadius-Sott'] = params['sott']
    params.delete('sott')
  end

  unless ENV['Origin_IP'] == "" || ENV['Origin_IP'] == nil
    headers['X-Origin-IP'] = ENV['Origin_IP']       
  end

  uri_obj.query = URI.encode_www_form(params)
  http = Net::HTTP.new(uri_obj.host, uri_obj.port)
  http.use_ssl = true
  http.verify_mode = OpenSSL::SSL::VERIFY_NONE
  req = Net::HTTP::Delete.new(uri_obj.request_uri, headers)
  req.body = body.to_json
  response = http.request(req)

  begin
    return LoginRadius::Response.new(response)
  rescue JSON::ParserError => e
    raise LoginRadius::Error.new("JSON parsing error has occurred. More info: #{e.message}")
  end
end

#get_request(uri_endpoint, params, body = {}) ⇒ LoginRadius::Response

Sends a GET API request.

Parameters:

• uri_endpoint (URI) —

  Target uri instance

• params (Hash) —

  Parameters to send

• body (Hash) (defaults to: {}) —

  Request body

Returns:

• (LoginRadius::Response) —

  LoginRadius response instance

# File 'lib/login_radius/request_client.rb', line 84

def get_request(uri_endpoint, params, body = {})      
  uri_obj = build_new_uri_obj(uri_endpoint)

  headers = {'Content-Type' => 'application/json'}
  if params.key?('access_token') # has_key
    if uri_endpoint.include? 'auth'
      access_token = params['access_token']
      params.delete('access_token')
      headers['Authorization'] = 'Bearer ' + access_token
    end
  end

  if params.key?('apiSecret') # has_key
    secret_key = params['apiSecret']
    params.delete('apiSecret')

    if ENV['API_REQUEST_SIGNING'] == 'false' || ENV['API_REQUEST_SIGNING'] == nil
      headers['X-LoginRadius-ApiSecret'] = secret_key
    else
      uri_obj = build_new_uri_obj(uri_endpoint)
      uri_obj.query = URI.encode_www_form(params)
      headers = create_hash_secret(uri_obj.request_uri, secret_key, headers, body)
    end
  end
  if params.key?('sott') # has_key
    headers['X-LoginRadius-Sott'] = params['sott']
    params.delete('sott')
  end

  unless ENV['Origin_IP'] == "" || ENV['Origin_IP'] == nil
    headers['X-Origin-IP'] = ENV['Origin_IP']       
  end

  uri_obj.query = URI.encode_www_form(params)
  http = Net::HTTP.new(uri_obj.host, uri_obj.port)
  http.use_ssl = true
  http.verify_mode = OpenSSL::SSL::VERIFY_NONE   
  response = http.get(uri_obj.request_uri, headers)

  begin
    return LoginRadius::Response.new(response)
  rescue JSON::ParserError => e
    raise LoginRadius::Error.new("JSON parsing error has occurred. More info: #{e.message}")
  end
end

#get_sott(time_difference = "", api_key = "", api_secret = "", start_time = "", end_time = "") ⇒ Object

Local - Generate SOTT: Generates a Secured One Time Token manually.

Do not pass the time difference if you are passing start_time & end_time. You can pass the start_time , end_time interval and the SOTT will be valid for this time duration.

# File 'lib/login_radius/request_client.rb', line 293

def get_sott(time_difference="", api_key="", api_secret="",start_time="",end_time="")

  key= !isNullOrWhiteSpace(api_key) ? api_key:ENV['API_KEY']
  time_difference= !isNullOrWhiteSpace(time_difference) ? time_difference.to_i : 10
  secret=!isNullOrWhiteSpace(api_secret) ? api_secret:ENV['API_SECRET']
  start_date_time=!isNullOrWhiteSpace(start_time)&&!isNullOrWhiteSpace(end_time)? start_time:Time.now.getutc().strftime('%Y/%m/%d %H:%M:%S')
  end_date_time =!isNullOrWhiteSpace(start_time)&&!isNullOrWhiteSpace(end_time)? end_time:(Time.now.getutc() + (time_difference*60)).strftime('%Y/%m/%d %H:%M:%S')

  
  plain_text = start_date_time + '#' + key + '#' + end_date_time
  iter = 10000
  salt = "\x00\x00\x00\x00\x00\x00\x00\x00"
  key_len = KEY_SIZE / 8
  cipher_key = OpenSSL::PKCS5.pbkdf2_hmac_sha1(secret, salt, iter, key_len)

  cipher = OpenSSL::Cipher.new('aes-' + KEY_SIZE.to_s + '-cbc')
  cipher.encrypt
  cipher.key = cipher_key
  cipher.iv = INIT_VECTOR

  encrypted = cipher.update(plain_text) + cipher.final
  encrypted_b64 = Base64.strict_encode64(encrypted)

  hash = Digest::MD5.hexdigest(encrypted_b64)
  sott = encrypted_b64 + '*' + hash
  return sott
end

#getValidationMessage(params) ⇒ Object

# File 'lib/login_radius/request_client.rb', line 73

def getValidationMessage(params)
  return params + " is a required parameter."
end

#isNullOrWhiteSpace(params) ⇒ Object

# File 'lib/login_radius/request_client.rb', line 69

def isNullOrWhiteSpace(params)
  return params.blank? ? true : false
end

#local_generate_sott(time_difference = 10, api_key = "", api_secret = "") ⇒ Object

Local - Generate SOTT: Generates a Secured One Time Token manually.

# File 'lib/login_radius/request_client.rb', line 329

def local_generate_sott(time_difference = 10, api_key="", api_secret="")

  key=!isNullOrWhiteSpace(api_key) ? api_key:ENV['API_KEY']

  secret=!isNullOrWhiteSpace(api_secret) ? api_secret:ENV['API_SECRET']

  start_time = Time.now.getutc().strftime('%Y/%m/%d %H:%M:%S')
  end_time = (Time.now.getutc() + (time_difference*60)).strftime('%Y/%m/%d %H:%M:%S')
  plain_text = start_time + '#' + key + '#' + end_time
  iter = 10000
  salt = "\x00\x00\x00\x00\x00\x00\x00\x00"
  key_len = KEY_SIZE / 8
  cipher_key = OpenSSL::PKCS5.pbkdf2_hmac_sha1(secret, salt, iter, key_len)

  cipher = OpenSSL::Cipher.new('aes-' + KEY_SIZE.to_s + '-cbc')
  cipher.encrypt
  cipher.key = cipher_key
  cipher.iv = INIT_VECTOR

  encrypted = cipher.update(plain_text) + cipher.final
  encrypted_b64 = Base64.strict_encode64(encrypted)

  hash = Digest::MD5.hexdigest(encrypted_b64)
  sott = encrypted_b64 + '*' + hash
  return sott
end

#post_request(uri_endpoint, params, body = {}) ⇒ LoginRadius::Response

Sends a POST API request.

Parameters:

• uri_endpoint (URI) —

  Target uri instance

• params (Hash) —

  Parameters to send

• body (Hash) (defaults to: {}) —

  POST body

Returns:

• (LoginRadius::Response) —

  LoginRadius response instance

# File 'lib/login_radius/request_client.rb', line 22

def post_request(uri_endpoint, params, body = {})
  uri_obj = build_new_uri_obj(uri_endpoint)

  headers = { 'Content-Type' => 'application/json' }
  if params.key?('access_token') # has_key
    if uri_endpoint.include? 'auth'
      access_token = params['access_token']
      params.delete('access_token')
      headers['Authorization'] = 'Bearer ' + access_token
    end
  end

  if params.key?('apiSecret') # has_key
    secret_key = params['apiSecret']
    params.delete('apiSecret')

    if ENV['API_REQUEST_SIGNING'] == 'false' || ENV['API_REQUEST_SIGNING'] == nil
      headers['X-LoginRadius-ApiSecret'] = secret_key
    else
      uri_obj = build_new_uri_obj(uri_endpoint)
      uri_obj.query = URI.encode_www_form(params)
      headers = create_hash_secret(uri_obj.request_uri, secret_key, headers, body)
    end
  end
  if params.key?('sott') # has_key
    headers['X-LoginRadius-Sott'] = params['sott']
    params.delete('sott')
  end

  unless ENV['Origin_IP'] == "" || ENV['Origin_IP'] == nil
    headers['X-Origin-IP'] = ENV['Origin_IP']       
  end
  
  uri_obj.query = URI.encode_www_form(params)
  http = Net::HTTP.new(uri_obj.host, uri_obj.port)
  http.use_ssl = true
  http.verify_mode = OpenSSL::SSL::VERIFY_NONE

  response = http.post(uri_obj.request_uri, body.to_json, headers)

  begin
    return LoginRadius::Response.new(response)
  rescue JSON::ParserError => e
    raise LoginRadius::Error.new("JSON parsing error has occurred. More info: #{e.message}")        
  end
end

#put_request(uri_endpoint, params, body = {}) ⇒ LoginRadius::Response

Sends a PUT API request.

Parameters:

• uri_endpoint (URI) —

  Target uri instance

• params (Hash) —

  Parameters to send

• body (Hash) (defaults to: {}) —

  PUT body

Returns:

• (LoginRadius::Response) —

  LoginRadius response instance

# File 'lib/login_radius/request_client.rb', line 137

def put_request(uri_endpoint, params, body = {})
  uri_obj = build_new_uri_obj(uri_endpoint)

  headers = { 'Content-Type' => 'application/json' }
  if params.key?('access_token') # has_key
    if uri_endpoint.include? 'auth'
      access_token = params['access_token']
      params.delete('access_token')
      headers['Authorization'] = 'Bearer ' + access_token
    end
  end

  if params.key?('apiSecret') # has_key
    secret_key = params['apiSecret']
    params.delete('apiSecret')

    if ENV['API_REQUEST_SIGNING'] == 'false' || ENV['API_REQUEST_SIGNING'] == nil
      headers['X-LoginRadius-ApiSecret'] = secret_key
    else
      uri_obj = build_new_uri_obj(uri_endpoint)
      uri_obj.query = URI.encode_www_form(params)

      headers = create_hash_secret(uri_obj.request_uri, secret_key, headers, body)
    end
  end
  if params.key?('sott') # has_key
    headers['X-LoginRadius-Sott'] = params['sott']
    params.delete('sott')
  end

  unless ENV['Origin_IP'] == "" || ENV['Origin_IP'] == nil
    headers['X-Origin-IP'] = ENV['Origin_IP']       
  end

  uri_obj.query = URI.encode_www_form(params)
  http = Net::HTTP.new(uri_obj.host, uri_obj.port)
  http.use_ssl = true
  http.verify_mode = OpenSSL::SSL::VERIFY_NONE
  response = http.put(uri_obj.request_uri, body.to_json, headers)
  begin
    return LoginRadius::Response.new(response)
  rescue JSON::ParserError => e
    raise LoginRadius::Error.new("JSON parsing error has occurred. More info: #{e.message}")
  end
end