class Soteria::User

Public Instance Methods

add_credential(client, user_id, credential_id, credential_type, options) click to toggle source

Add a credential to an existing user in the Symantec VIP database.

@param [Savon::Client] client A Savon client object to make the call with. This needs to be created with the VIP management WSDL. @param [String] user_id Id of the user to add a credential to. @param [String] credential_id Unique identifier of the credential. @param [String] credential_type must be one of the keys to the credential types from the Utilities class. @see Utilities::CREDENTIAL_TYPES @param [Hash] options A hash that can contain the following. :name adds a friendly name to the credential added to vip, :otp sends a otp from the credential with the request to verify that the user actually has possession of the credential @return [Hash] A hash that contains; :success a boolean if the call succeeded, :message a string with any error message, :id the id of the call for debugging purposes

# File lib/soteria/user.rb, line 90
def add_credential(client, user_id, credential_id, credential_type, options)
  response = client.call(:add_credential, message: get_add_credential_message(user_id, credential_id, credential_type, options))
  get_return_hash(response.body[:add_credential_response])
end
clear_temp_pass(client, user_id) click to toggle source

Use clearTemporaryPassword to add users to VIP User Services.to remove a temporary security code from a user. If the user attempts to use a temporary security that has been cleared, VIP User Services returns an error stating the security code is not set. If the user validates a security code using a valid credential, any temporary security code that is set for that user is automatically cleared.

@param [Savon::Client] client A Savon client object to make the call with. This needs to be created with the VIP management WSDL. @param [String] user_id The unique ID for the user. @return [Hash] A hash that contains; :success a boolean if the call succeeded, :message a string with any error message, :id the id of the call for debugging purposes

# File lib/soteria/user.rb, line 368
def clear_temp_pass(client, user_id)
  message = {
      'vip:requestId': Utilities.get_request_id('clear_temp_pass'),
      'vip:userId': user_id
  }

  response = client.call(:clear_temporary_password, message: message)
  get_return_hash(response.body[:clear_temporary_password_response])
end
clear_user_pin(client, user_id) click to toggle source

Use clearUserPin to remove an assigned PIN from a user.

@param [Savon::Client] client A Savon client object to make the call with. This needs to be created with the VIP management WSDL. @param [String] user_id The unique ID for the user. @return [Hash] A hash that contains; :success a boolean if the call succeeded, :message a string with any error message, :id the id of the call for debugging purposes

# File lib/soteria/user.rb, line 249
def clear_user_pin(client, user_id)
  response = client.call(:clear_user_pin, message: {
      'vip:requestId': Utilities.get_request_id('clear_pin'),
      'vip:userId': user_id
  })

  get_return_hash(response.body[:clear_user_pin_response])
end
create(client, user_id, pin) click to toggle source

Add a new user to the list of users in Symantec VIP database.

@param [Savon::Client] client A Savon client object to make the call with. This needs to be created with the VIP management WSDL. @param [String] user_id Id of the user to create. @param [String] pin an optional value that is a pin for the user. The PIN may be 4 to 128 international characters in length, depending on restrictions of the PIN policy. @return [Hash] A hash that contains: :success a boolean if the call succeeded, :message a string with any error message, :id the id of the call for debugging purposes

# File lib/soteria/user.rb, line 12
def create(client, user_id, pin)
  message = {
      'vip:requestId': Utilities.get_request_id('create_user'),
      'vip:userId': user_id
  }

  unless pin.nil?
    message['vip:pin'] = pin
  end

  response = client.call(:create_user, message: message)

  get_return_hash(response.body[:create_user_response])
end
delete(client, user_id) click to toggle source

Delete a user from the database of Symantec VIP users.

@param [Savon::Client] client A Savon client object to make the call with. This needs to be created with the VIP management WSDL. @param [String] user_id Id of the user to delete. @return [Hash] A hash that contains: :success a boolean if the call succeeded, :message a string with any error message, :id the id of the call for debugging purposes

# File lib/soteria/user.rb, line 33
def delete(client, user_id)
  response = client.call(:delete_user,
                         message: {
                             'vip:requestId': Utilities.get_request_id('delete_user'),
                             'vip:userId': user_id
                         })

  get_return_hash(response.body[:delete_user_response])
end
get_add_credential_message(user_id, credential_id, credential_type, options) click to toggle source

Creates the body for a add credential request.

@param [String] user_id Id of the user to add a credential to. @param [String] credential_id @param [String] credential_type must be one of the keys to the credential types from the Utilities class. @see Utilities::CREDENTIAL_TYPES @param [Hash] options A hash that can contain the following. :name adds a friendly name to the credential added to vip, :otp sends a otp from the credential with the request to verify that the user actually has possession of the credential @return [Hash] A hash representing the body of the soap request to add a credential.

# File lib/soteria/user.rb, line 52
def get_add_credential_message(user_id, credential_id, credential_type, options)
  message = {
      'vip:requestId': Utilities.get_request_id('add_credential'),
      'vip:userId': user_id
  }

  credential_detail = {
      'vip:credentialId': credential_id,
      'vip:credentialType': credential_type
  }

  unless options == nil
    if options.key?(:name)
      credential_detail[:'vip:friendlyName'] = options[:name]
    end

    if options.key?(:otp)
      message[:'vip:otpAuthData'] = {
          'vip:otp': options[:otp]
      }
    end
  end

  message[:'vip:credentialDetail'] = credential_detail

  message
end
get_return_hash(response_hash) click to toggle source

Helper function to create the hash to return. All user calls have the same return values.

@param [Hash] response_hash @return [Hash] A hash with the appropriate values. Included are: :success - a boolean if the operation was successful,

# File lib/soteria/user.rb, line 397
def get_return_hash(response_hash)
  success = response_hash[:status] == '0000'

  {
      success: success,
      message: response_hash[:status_message],
      id: response_hash[:request_id]
  }
end
get_temp_pass_attr(client, user_id) click to toggle source

Use getTemporaryPasswordAttributes to poll VIP User Services every three to five seconds to check the status of a push notification. The push notification is validated against the notification’s unique transaction ID.

@param [Savon::Client] client A Savon client object to make the call with. This needs to be created with the VIP query WSDL. @param [String] user_id The unique ID for the user. @return [Hash] A hash that contains; :success a boolean if the call succeeded, :message a string with any error message, :id the id of the call for debugging purposes

# File lib/soteria/user.rb, line 295
def get_temp_pass_attr(client, user_id)
  response = client.call(:get_temporary_password_attributes, message: {
      'vip:requestId': Utilities.get_request_id('get_temp_pass_attr'),
      'vip:userId': user_id
  })
  response_hash = response.body[:get_temporary_password_attributes_response]

  ret = get_return_hash(response_hash)

  unless response_hash[:temp_pwd_attributes] == nil
    ret[:oneTime] = response_hash[:temp_pwd_attributes][:one_time_use_only]
    ret[:expiration] = response_hash[:temp_pwd_attributes][:expiration_time]
  end

  ret
end
get_user_info(client, user_id, include_push) click to toggle source

Get all the credentials that have been last bound to a user or the last authentication, as well as the friendly name for the user's credential.

@param [Savon::Client] client A Savon client object to make the call with. This needs to be created with the VIP query WSDL. @param [String] user_id Id of the user to get information about. @param [Boolean] include_push If the users push details should be returned. @return [Hash] A hash that contains; :credentials a array of credentials available, :success a boolean if the call succeeded, :message a string with any error message, :id the id of the call for debugging purposes

# File lib/soteria/user.rb, line 147
def get_user_info(client, user_id, include_push)
  response = client.call(:get_user_info, message: {
      'vip:requestId': Utilities.get_request_id('get_user_info'),
      'vip:userId': user_id,
      'vip:includePushAttributes': include_push
  })

  response_hash = response.body[:get_user_info_response]

  credentials = []

  if response_hash[:num_bindings] == nil || response_hash[:num_bindings] ==  '0'
    credentials = nil

  else
    response_hash[:credential_binding_detail].each do |credential|

      bind_detail = credential[:binding_detail]

      if credential[:credential_type] == 'STANDARD_OTP'
        push_attrs = credential[:push_attributes]
        credentials.push({
                             type: 'STANDARD_OTP',
                             enabled: response_hash[:credential_status] == 'ENABLED' && bind_detail[:bind_status] == 'ENABLED',
                             friendly_name: bind_detail[:friendly_name],
                             push: push_check(push_attrs),
                             credential_id: credential[:credential_id]
                         })

      elsif credential[:credential_type] == 'SMS_OTP'
        credentials.push({
                             type: 'SMS_OTP',
                             enabled: response_hash[:credential_status] == 'ENABLED' && bind_detail[:bind_status] == 'ENABLED',
                             friendly_name: bind_detail[:friendly_name],
                             push: false,
                             credential_id: credential[:credential_id]
                         })
      elsif credential[:credential_type] == 'VOICE_OTP'
        credentials.push({
                             type: 'VOICE_OTP',
                             enabled: response_hash[:credential_status] == 'ENABLED' && bind_detail[:bind_status] == 'ENABLED',
                             friendly_name: bind_detail[:friendly_name],
                             push: false,
                             credential_id: credential[:credential_id]
                         })
      end

    end

  end

  ret = get_return_hash(response_hash)
  ret[:credentials] = credentials
  ret
end
push_check(attrs) click to toggle source

Helper function to loop through an array of hashes with key value pairs and return if push is enabled.

@param [Array] attrs A array of hash attributes @return [Boolean] If push is enabled for the give attributes

# File lib/soteria/user.rb, line 383
def push_check(attrs)
  attrs.each do |a|
    if a[:key] == 'PUSH_ENABLED'
      return a[:value]
    end
  end
  false
end
remove_credential(client, user_id, credential_id, credential_type) click to toggle source

Remove a credential from a given user. If the Device deletion policy for Remembered Devices is set to Admin Only, credentials can only be removed through VIP Manager. The removeCredential API will return the error 6010: This account is not authorized to perform the requested operation

@param [Savon::Client] client A Savon client object to make the call with. This needs to be created with the VIP management WSDL. @param [String] user_id Id of the user to remove a credential from. @param [String] credential_id Unique identifier of the credential. @param [String] credential_type must be one of the keys to the credential types from the Utilities class. @see Utilities::CREDENTIAL_TYPES @return [Hash] A hash that contains; :success a boolean if the call succeeded, :message a string with any error message, :id the id of the call for debugging purposes

# File lib/soteria/user.rb, line 106
def remove_credential(client, user_id, credential_id, credential_type)
  response = client.call(:remove_credential, message: {
      'vip:requestId': Utilities.get_request_id('remove_credential'),
      'vip:userId': user_id,
      'vip:credentialId': credential_id,
      'vip:credentialType': credential_type
  })

  get_return_hash(response.body[:remove_credential_response])
end
set_temp_pass_attr(client, user_id, options) click to toggle source

Use setTemporaryPasswordAttributes to change the expiration date for a temporary security code you previously set.

@param [Savon::Client] client A Savon client object to make the call with. This needs to be created with the VIP management WSDL. @param [String] user_id The unique ID for the user. @param [Object] options @return [Hash] A hash that contains; :success a boolean if the call succeeded, :message a string with any error message, :id the id of the call for debugging purposes

# File lib/soteria/user.rb, line 265
def set_temp_pass_attr(client, user_id, options)
  message = {
      'vip:requestId': Utilities.get_request_id('set_temp_pass_attr'),
      'vip:userId': user_id
  }

  unless options == nil
    inner = {}
    if options.key?(:oneTime)
      inner[:'vip:oneTimeUseOnly'] = options[:oneTime]
    end

    if options.key?(:expireTime)
      inner[:'vip:expirationTime'] = options[:expireTime]
    end

    message[:'vip:temporaryPasswordAttributes'] = inner
  end

  response = client.call(:set_temporary_password_attributes, message: message)
  get_return_hash(response.body[:set_temporary_password_attributes_response])
end
set_temp_password(client, user_id, phone, options) click to toggle source

Use setTemporaryPassword to set a temporary security code for a user. You can optionally set an expiration date for the security code, or set it for one-time use only. The request requires the user ID and optionally, the temporary security code string. If you do not provide a security code, VIP User Services generates one for you.

@param [Savon::Client] client A Savon client object to make the call with. This needs to be created with the VIP management WSDL. @param [String] user_id The unique ID for the user. @param [Int] phone The phone or mobile device number to which the VIP User Service should deliver the security code. @param [Hash] options @return [Hash] A hash that contains; :success a boolean if the call succeeded, :message a string with any error message, :id the id of the call for debugging purposes

# File lib/soteria/user.rb, line 323
def set_temp_password(client, user_id, phone, options)
  message = {
      'vip:requestId': Utilities.get_request_id('set_temp_pass'),
      'vip:userId': user_id
  }

  phone_options = {'vip:phoneNumber': phone}

  unless options == nil
    if options.key?(:otp)
      message[:'vip:temporaryPassword'] = options[:otp]
    end

    if options.key?(:expireTime)
      message[:'vip:expirationTime'] = options[:expireTime]
    end

    if options.key?(:oneTime)
      message[:'vip:temporaryPasswordAttributes'] = { 'vip:oneTimeUseOnly': options[:oneTime] }
    end

    if options.key?(:from)
      phone_options[:'vip:expirationTime'] = options[:from]
    end
  end

  message[:'vip:smsDeliveryInfo'] = phone_options

  response = client.call(:set_temporary_password, message: message)

  ret = get_return_hash(response.body[:set_temporary_password_response])
  ret[:password] = response.body[:set_temporary_password_response][:temporary_password]

  ret
end
update_credential(client, user_id, credential_id, credential_type, name) click to toggle source

Updates the friendly name of a users credential.

@param [Savon::Client] client A Savon client object to make the call with. This needs to be created with the VIP management WSDL. @param [String] user_id Id of the user to remove a credential from. @param [String] credential_id Unique identifier of the credential. @param [String] credential_type must be one of the keys to the credential types from the Utilities class. @see Utilities::CREDENTIAL_TYPES @param [Object] name A user-defined name to identify the credential. @return [Hash] A hash that contains; :success a boolean if the call succeeded, :message a string with any error message, :id the id of the call for debugging purposes

# File lib/soteria/user.rb, line 127
def update_credential(client, user_id, credential_id, credential_type, name)
  response = client.call(:update_credential, message: {
      'vip:requestId': Utilities.get_request_id('update_credential'),
      'vip:userId': user_id,
      'vip:credentialId': credential_id,
      'vip:credentialType': credential_type,
      'vip:friendlyName': name
  })

  get_return_hash(response.body[:update_credential_response])
end
update_user(client, user_id, options) click to toggle source

Use updateUser to update information about a user in VIP User Services.

@param [Savon::Client] client A Savon client object to make the call with. This needs to be created with the VIP management WSDL. @param [String] user_id The unique ID for the user. @param [Object] options @return [Hash] A hash that contains; :success a boolean if the call succeeded, :message a string with any error message, :id the id of the call for debugging purposes

# File lib/soteria/user.rb, line 210
def update_user(client, user_id, options)
  message = {
      'vip:requestId': Utilities.get_request_id('update_user'),
      'vip:userId': user_id
  }

  unless options == nil
    if options.key?(:newId)
      message[:'vip:newUserId'] = options[:newId]
    end

    if options.key?(:status)
      message[:'vip:newUserStatus'] = options[:status]
    end

    if options.key?(:oldPin)
      message[:'vip:oldPin'] = options[:oldPin]
    end

    if options.key?(:newPin)
      message[:'vip:newPin'] = options[:newPin]
    end

    if options.key?(:pinReset)
      message[:'vip:forcePinReset'] = options[:pinReset]
    end

  end

  response = client.call(:update_user, message: message)
  get_return_hash(response.body[:update_user_response])
end