Ruby
Introduction
The service authentication certificate available from the Customer Portal dashboard will be needed to communicate with the RapID service. In this example, the service authentication certificate has been placed in a safe location on the webserver. The RapID Ruby SDK contains a Ruby gem that needs to be installed to allow you to access the methods that communicate with the RapID service.
Methods
Request Identity
The request_identity
method requires an anonymousUserId - a string that you use to represent one of your users. It is recommended that this is unique, otherwise you will need to store the RequestId
field from the response object to be able to manage the credential later on.
The object returned by request_identity
is deserialized from the json structure below into a object_class: OpenStruct
{
"RequestId":"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"AnonId":"<anonymousUserId provided>"
}
Sample code of how to use the RapID SDK to request a credential and return the RequestId
class RegisterController < ApplicationController
private
def parse_request
@json = JSON.parse('{"username": "andy"}')
# A real site would verify the username
user = User.find_or_create_by(name: @json['username'])
anon_id = SecureRandom.urlsafe_base64
AnonUser.create(User_id: user.id, anon_id: anon_id )
rapid = Rapid.new(load_key())
credential = rapid.request_identity(anon_id)
render json: { :RequestId => credential.RequestId }
end
def load_key
keyfile = Rails.root.join('<your issuing pfx from rapid portal>.pfx')
p12 = OpenSSL::PKCS12.new(File.binread(keyfile), "rapidtests")
p12.key
end
end
Credential Collection
The sample code below will take the username to find the user in the user store. It will extract the user's anonymous identifier to prevent further credential collection.
The returned JSON should give the value true for the key PreventCollection
.
class CredentialController < ApplicationController
private
def parse_request
@json = JSON.parse('{"username": "john"}')
# A real site would verify the username
user = User.find_by(name: @json['username'])
rapid = Rapid.new(load_key())
credential = rapid.prevent_credential_collection(user.anon_id)
render json: { :PreventCollection => credential.PreventCollection }
end
def load_key
keyfile = Rails.root.join('<your issuing pfx from rapid portal>.pfx')
p12 = OpenSSL::PKCS12.new(File.binread(keyfile), "rapidtests")
p12.key
end
end
The alternative allow_credential_collection
method, the returned JSON should give the value false for the key PreventCollection
.
class CredentialManagementController < ApplicationController
private
def parse_request
@json = JSON.parse('{"username": "john"}')
# A real site would verify the username
user = User.find_by(name: @json['username'])
rapid = Rapid.new(load_key())
credential = rapid.allow_credential_collection(user.anon_id)
render json: { :PreventCollection => credential.PreventCollection }
end
def load_key
keyfile = Rails.root.join('<your issuing pfx from rapid portal>.pfx')
p12 = OpenSSL::PKCS12.new(File.binread(keyfile), "rapidtests")
p12.key
end
end
Credential Replacement
The sample code below will take the username to find the user in the user store. It will extract the user's anonymous identifier and then replace the user's existing credential.
The returned JSON should give the value of the RequestId
for the replacement credential.
class CredentialReplacementController < ApplicationController
private
def parse_request
@json = JSON.parse('{"username": "john"}')
# A real site would verify the username
user = User.find_by(name: @json['username'])
rapid = Rapid.new(load_key())
credential = rapid.replace_credential(user.anon_id)
render json: { :RequestId => credential.RequestId }
end
def load_key
keyfile = Rails.root.join('<your issuing pfx from rapid portal>.pfx')
p12 = OpenSSL::PKCS12.new(File.binread(keyfile), "rapidtests")
p12.key
end
end
Authenticated user
The authenticated_user
method returns the anonymous identifier which is extracted from the certificate in the request.
class AuthenticateController < ApplicationController
def index
anon_user = Rapid.authenticated_user( request )
render json: { 'User' => anon_user }
end
end
Reseed
The sample code below extracts the test RequestId
from the parsed JSON which is then used to reseed that particular test credential.
class DiagnosticsController < ApplicationController
private
def parse_request
@json = JSON.parse('{"requestid": "testid"}')
rapid = Rapid.new(load_key())
credential = rapid.reseed(@json['requestid'])
end
def load_key
keyfile = Rails.root.join('<your issuing pfx from rapid portal>.pfx')
p12 = OpenSSL::PKCS12.new(File.binread(keyfile), "rapidtests")
p12.key
end
end
Deprecated Ruby methods
The original request
method is still supported in this version of the sdk but will be removed in a future version. Update to the supported method request_identity
at the earliest possible opportunity.
def parse_request
@json = JSON.parse('{"username": "andy"}')
# A real site would verify the username
user = User.find_or_create_by(name: @json['username'])
anon_id = SecureRandom.urlsafe_base64
AnonUser.create(User_id: user.id, anon_id: anon_id )
rapid = Rapid.new(load_key())
identifier = rapid.request(anon_id)
render json: { :Identifier => identifier }
end