9c4cbdbafb
* create account_identity_proofs table * add endpoint for keybase to check local proofs * add async task to update validity and liveness of proofs from keybase * first pass keybase proof CRUD * second pass keybase proof creation * clean up proof list and add badges * add avatar url to keybase api * Always highlight the “Identity Proofs” navigation item when interacting with proofs. * Update translations. * Add profile URL. * Reorder proofs. * Add proofs to bio. * Update settings/identity_proofs front-end. * Use `link_to`. * Only encode query params if they exist. URLs without params had a trailing `?`. * Only show live proofs. * change valid to active in proof list and update liveness before displaying * minor fixes * add keybase config at well-known path * extremely naive feature flagging off the identity proof UI * fixes for rubocop * make identity proofs page resilient to potential keybase issues * normalize i18n * tweaks for brakeman * remove two unused translations * cleanup and add more localizations * make keybase_contacts an admin setting * fix ExternalProofService my_domain * use Addressable::URI in identity proofs * use active model serializer for keybase proof config * more cleanup of keybase proof config * rename proof is_valid and is_live to proof_valid and proof_live * cleanup * assorted tweaks for more robust communication with keybase * Clean up * Small fixes * Display verified identity identically to verified links * Clean up unused CSS * Add caching for Keybase avatar URLs * Remove keybase_contacts setting
63 lines
1.7 KiB
Ruby
63 lines
1.7 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
class ProofProvider::Keybase::Verifier
|
|
def initialize(local_username, provider_username, token)
|
|
@local_username = local_username
|
|
@provider_username = provider_username
|
|
@token = token
|
|
end
|
|
|
|
def valid?
|
|
request = Request.new(:get, "#{ProofProvider::Keybase::BASE_URL}/_/api/1.0/sig/proof_valid.json", params: query_params)
|
|
|
|
request.perform do |res|
|
|
json = Oj.load(res.body_with_limit, mode: :strict)
|
|
|
|
if json.is_a?(Hash)
|
|
json.fetch('proof_valid', false)
|
|
else
|
|
false
|
|
end
|
|
end
|
|
rescue Oj::ParseError, HTTP::Error, OpenSSL::SSL::SSLError
|
|
false
|
|
end
|
|
|
|
def on_success_path(user_agent = nil)
|
|
url = Addressable::URI.parse("#{ProofProvider::Keybase::BASE_URL}/_/proof_creation_success")
|
|
url.query_values = query_params.merge(kb_ua: user_agent || 'unknown')
|
|
url.to_s
|
|
end
|
|
|
|
def status
|
|
request = Request.new(:get, "#{ProofProvider::Keybase::BASE_URL}/_/api/1.0/sig/proof_live.json", params: query_params)
|
|
|
|
request.perform do |res|
|
|
raise ProofProvider::Keybase::UnexpectedResponseError unless res.code == 200
|
|
|
|
json = Oj.load(res.body_with_limit, mode: :strict)
|
|
|
|
raise ProofProvider::Keybase::UnexpectedResponseError unless json.is_a?(Hash) && json.key?('proof_valid') && json.key?('proof_live')
|
|
|
|
json
|
|
end
|
|
rescue Oj::ParseError, HTTP::Error, OpenSSL::SSL::SSLError
|
|
raise ProofProvider::Keybase::UnexpectedResponseError
|
|
end
|
|
|
|
private
|
|
|
|
def query_params
|
|
{
|
|
domain: domain,
|
|
kb_username: @provider_username,
|
|
username: @local_username,
|
|
sig_hash: @token,
|
|
}
|
|
end
|
|
|
|
def domain
|
|
Rails.configuration.x.local_domain
|
|
end
|
|
end
|