Ruby

Introduction

The service authentication certificate available from the Customer Portal dashboard will be needed to communicate with the RapID service. In this example, the service authentication certificate has been placed in a safe location on the webserver. The RapID Ruby SDK contains a Ruby gem that needs to be installed to allow you to access the methods that communicate with the RapID service.

Methods

Request Identity

The request_identity method requires an anonymousUserId - a string that you use to represent one of your users. It is recommended that this is unique, otherwise you will need to store the RequestId field from the response object to be able to manage the credential later on.

The object returned by request_identity is deserialized from the json structure below into a object_class: OpenStruct

{
    "RequestId":"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
    "AnonId":"<anonymousUserId provided>"
}

Sample code of how to use the RapID SDK to request a credential and return the RequestId

class RegisterController < ApplicationController

  private
    def parse_request
      @json = JSON.parse('{"username": "andy"}')

      # A real site would verify the username
      user = User.find_or_create_by(name: @json['username'])

      anon_id = SecureRandom.urlsafe_base64 
      AnonUser.create(User_id: user.id, anon_id: anon_id )

      rapid = Rapid.new(load_key())
      credential = rapid.request_identity(anon_id)

      render json: { :RequestId => credential.RequestId }
    end

    def load_key
      keyfile = Rails.root.join('<your issuing pfx from rapid portal>.pfx')
      p12 = OpenSSL::PKCS12.new(File.binread(keyfile), "rapidtests")
      p12.key
    end
end

Credential Collection

The sample code below will take the username to find the user in the user store. It will extract the user's anonymous identifier to prevent further credential collection. The returned JSON should give the value true for the key PreventCollection.

class CredentialController < ApplicationController

  private
    def parse_request
      @json = JSON.parse('{"username": "john"}')

      # A real site would verify the username
      user = User.find_by(name: @json['username'])     

      rapid = Rapid.new(load_key())
      credential = rapid.prevent_credential_collection(user.anon_id)

      render json: { :PreventCollection => credential.PreventCollection }
    end

    def load_key
      keyfile = Rails.root.join('<your issuing pfx from rapid portal>.pfx')
      p12 = OpenSSL::PKCS12.new(File.binread(keyfile), "rapidtests")
      p12.key
    end
end

The alternative allow_credential_collection method, the returned JSON should give the value false for the key PreventCollection.

class CredentialManagementController < ApplicationController

  private
    def parse_request
      @json = JSON.parse('{"username": "john"}')

      # A real site would verify the username
      user = User.find_by(name: @json['username'])     

      rapid = Rapid.new(load_key())
      credential = rapid.allow_credential_collection(user.anon_id)

      render json: { :PreventCollection => credential.PreventCollection }
    end

    def load_key
      keyfile = Rails.root.join('<your issuing pfx from rapid portal>.pfx')
      p12 = OpenSSL::PKCS12.new(File.binread(keyfile), "rapidtests")
      p12.key
    end
end

Credential Replacement

The sample code below will take the username to find the user in the user store. It will extract the user's anonymous identifier and then replace the user's existing credential. The returned JSON should give the value of the RequestId for the replacement credential.

class CredentialReplacementController < ApplicationController

  private
    def parse_request
      @json = JSON.parse('{"username": "john"}')

      # A real site would verify the username
      user = User.find_by(name: @json['username'])     

      rapid = Rapid.new(load_key())
      credential = rapid.replace_credential(user.anon_id)

      render json: { :RequestId => credential.RequestId }
    end

    def load_key
      keyfile = Rails.root.join('<your issuing pfx from rapid portal>.pfx')
      p12 = OpenSSL::PKCS12.new(File.binread(keyfile), "rapidtests")
      p12.key
    end
end

Authenticated user

The authenticated_user method returns the anonymous identifier which is extracted from the certificate in the request.

class AuthenticateController < ApplicationController
  def index
    anon_user = Rapid.authenticated_user( request )
    render json: { 'User' => anon_user }
  end
end

Reseed

The sample code below extracts the test RequestId from the parsed JSON which is then used to reseed that particular test credential.

class DiagnosticsController < ApplicationController

  private
    def parse_request
      @json = JSON.parse('{"requestid": "testid"}')

      rapid = Rapid.new(load_key())
      credential = rapid.reseed(@json['requestid'])

    end

    def load_key
      keyfile = Rails.root.join('<your issuing pfx from rapid portal>.pfx')
      p12 = OpenSSL::PKCS12.new(File.binread(keyfile), "rapidtests")
      p12.key
    end
end

Deprecated Ruby methods

The original request method is still supported in this version of the sdk but will be removed in a future version. Update to the supported method request_identity at the earliest possible opportunity.

def parse_request
  @json = JSON.parse('{"username": "andy"}')

  # A real site would verify the username
  user = User.find_or_create_by(name: @json['username'])

  anon_id = SecureRandom.urlsafe_base64 
  AnonUser.create(User_id: user.id, anon_id: anon_id )

  rapid = Rapid.new(load_key())
  identifier = rapid.request(anon_id)

  render json: { :Identifier => identifier }
end