diff options
author | Eugen Rochko <eugen@zeonfederated.com> | 2019-03-18 21:00:55 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-03-18 21:00:55 +0100 |
commit | 9c4cbdbafb0324ae259e10865b90ed1ed0255bdd (patch) | |
tree | 9d1d884fb1753f110683d7ff78912cdf868ec635 /app/lib/proof_provider/keybase/verifier.rb | |
parent | 42c581c45853cf08f2c9c521d59a2194ef2d9c61 (diff) |
Add Keybase integration (#10297)
* create account_identity_proofs table * add endpoint for keybase to check local proofs * add async task to update validity and liveness of proofs from keybase * first pass keybase proof CRUD * second pass keybase proof creation * clean up proof list and add badges * add avatar url to keybase api * Always highlight the “Identity Proofs” navigation item when interacting with proofs. * Update translations. * Add profile URL. * Reorder proofs. * Add proofs to bio. * Update settings/identity_proofs front-end. * Use `link_to`. * Only encode query params if they exist. URLs without params had a trailing `?`. * Only show live proofs. * change valid to active in proof list and update liveness before displaying * minor fixes * add keybase config at well-known path * extremely naive feature flagging off the identity proof UI * fixes for rubocop * make identity proofs page resilient to potential keybase issues * normalize i18n * tweaks for brakeman * remove two unused translations * cleanup and add more localizations * make keybase_contacts an admin setting * fix ExternalProofService my_domain * use Addressable::URI in identity proofs * use active model serializer for keybase proof config * more cleanup of keybase proof config * rename proof is_valid and is_live to proof_valid and proof_live * cleanup * assorted tweaks for more robust communication with keybase * Clean up * Small fixes * Display verified identity identically to verified links * Clean up unused CSS * Add caching for Keybase avatar URLs * Remove keybase_contacts setting
Diffstat (limited to 'app/lib/proof_provider/keybase/verifier.rb')
-rw-r--r-- | app/lib/proof_provider/keybase/verifier.rb | 62 |
1 files changed, 62 insertions, 0 deletions
diff --git a/app/lib/proof_provider/keybase/verifier.rb b/app/lib/proof_provider/keybase/verifier.rb new file mode 100644 index 000000000..86f249dd7 --- /dev/null +++ b/app/lib/proof_provider/keybase/verifier.rb @@ -0,0 +1,62 @@ +# frozen_string_literal: true + +class ProofProvider::Keybase::Verifier + def initialize(local_username, provider_username, token) + @local_username = local_username + @provider_username = provider_username + @token = token + end + + def valid? + request = Request.new(:get, "#{ProofProvider::Keybase::BASE_URL}/_/api/1.0/sig/proof_valid.json", params: query_params) + + request.perform do |res| + json = Oj.load(res.body_with_limit, mode: :strict) + + if json.is_a?(Hash) + json.fetch('proof_valid', false) + else + false + end + end + rescue Oj::ParseError, HTTP::Error, OpenSSL::SSL::SSLError + false + end + + def on_success_path(user_agent = nil) + url = Addressable::URI.parse("#{ProofProvider::Keybase::BASE_URL}/_/proof_creation_success") + url.query_values = query_params.merge(kb_ua: user_agent || 'unknown') + url.to_s + end + + def status + request = Request.new(:get, "#{ProofProvider::Keybase::BASE_URL}/_/api/1.0/sig/proof_live.json", params: query_params) + + request.perform do |res| + raise ProofProvider::Keybase::UnexpectedResponseError unless res.code == 200 + + json = Oj.load(res.body_with_limit, mode: :strict) + + raise ProofProvider::Keybase::UnexpectedResponseError unless json.is_a?(Hash) && json.key?('proof_valid') && json.key?('proof_live') + + json + end + rescue Oj::ParseError, HTTP::Error, OpenSSL::SSL::SSLError + raise ProofProvider::Keybase::UnexpectedResponseError + end + + private + + def query_params + { + domain: domain, + kb_username: @provider_username, + username: @local_username, + sig_hash: @token, + } + end + + def domain + Rails.configuration.x.local_domain + end +end |