0.0
Repository is archived
No commit activity in last 3 years
No release in over 3 years
Yoti strategy for OmniAuth
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
 Dependencies

Development

~> 1.13
~> 12.1
~> 3.6
~> 0.15
~> 3.0

Runtime

~> 1.6
~> 1.2.1
 Project Readme

OmniAuth Yoti

This gem contains the Yoti strategy for OmniAuth.

Before You Begin

You should have already installed OmniAuth into your app. If not, read the OmniAuth README to get started.

Now sign in into the Yoti dashboard and create an application. Take note of your Application ID and Yoti client SDK ID because that is what your web application will use to authenticate against the Yoti API. Make sure to set a callback URL to YOUR_SITE/auth/yoti/callback, and download the pem key.

Using This Strategy

Add this line to your application's Gemfile:

gem 'omniauth-yoti'

And then execute:

bundle

Or install it yourself as:

gem install omniauth-yoti

Configuration

Yoti client initialisation looks like this:

require 'omniauth-yoti'

Rails.application.config.middleware.use OmniAuth::Builder do
  provider :yoti, client_options: {
    application_id: ENV['YOTI_APPLICATION_ID'],
    client_sdk_id: ENV['YOTI_CLIENT_SDK_ID'],
    key_file_path: ENV['YOTI_KEY_FILE_PATH']
  }
end

YOTI_APPLICATION_ID - found on the Integrations settings page, under the Login button section.

YOTI_CLIENT_SDK_ID - found on the Integrations settings page.

YOTI_KEY_FILE_PATH - the full path to your security key downloaded from the Keys settings page (e.g. /Users/developer/access-security.pem).

If you don't have access to the file system to store the pem file, you can replace key_file_path with key, that stores a string with the content of the secret key (key: "-----BEGIN RSA PRIVATE KEY-----\nMIIEp...").

The configuration values are documented in the Yoti gem repository.

Authentication

A call to /auth/yoti/callback will open the Yoti authentication page, and after a successful authentication, you will be redirected to the callback URL from your Yoti dashboard. The auth hash will be available in request.env['omniauth.auth']:

{
  "provider" => "yoti",
  "uid" => "mHvpV4...",
  "info" => {
    "name" => "John Doe",
    "selfie" => "jpeg image data file",
    "full_name" => "John Doe",
    "given_names" => "John",
    "family_name" => "Doe",
    "phone_number" => "07474747474",
    "email_address" => "email@example.com",
    "date_of_birth" => "1989-11-09",
    "postal_address" => "Fountain House\n130 Fenchurch St\nLONDON\nEC3M 5DJ",
    "gender" => "MALE",
    "nationality" => "GBR"
    "base64_selfie_uri" => "data:image/jpeg;base64,/9j/2wCEAAMCAg..."
    "age_verified" => true
  },
  "credentials" => {},
  "extra" => {
    { "raw_info" =>
      {
        "selfie" => "jpeg image data file",
        "full_name" => "John Doe",
        "given_names" => "Given Name",
        "family_name" => "Family Name",
        "phone_number" => "07474747474",
        "email_address" => "email@example.com",
        "date_of_birth" => "1989-11-09",
        "postal_address" => "Fountain House\n130 Fenchurch St\nLONDON\nEC3M 5DJ",
        "gender" => "MALE",
        "nationality" => "GBR",
        "age_over:18" => true
      }
    }
}

Upgrading from version 1.1

Most of the profile attributes that were being stored in the extra fields got moved to info.

e.g. request.env['omniauth.auth']['extra']['given_names'] will become request.env['omniauth.auth']['info']['given_names']