diff --git a/package-lock.json b/package-lock.json
index f34685ad..f649e71f 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,6 +1,6 @@
{
"name": "rules-templates",
- "version": "0.16.0",
+ "version": "0.16.1",
"lockfileVersion": 1,
"requires": true,
"dependencies": {
diff --git a/package.json b/package.json
index eacf5fc7..6d4052b5 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
{
"name": "rules-templates",
- "version": "0.16.0",
+ "version": "0.16.1",
"description": "Auth0 Rules Repository",
"main": "./rules",
"scripts": {
diff --git a/rules.json b/rules.json
index 145c6afe..c7516d8a 100644
--- a/rules.json
+++ b/rules.json
@@ -643,8 +643,8 @@
"categories": [
"marketplace"
],
- "description": "all configuration items are optional:\nAURAYA_URL = optional. EVA endpoint, typically: https://eva-web.mydomain.com/server/oauth\nAURAYA_CLIENT_ID = optional. JWT client id on the EVA server (and this server)\nAURAYA_CLIENT_SECRET = optional. JWT client secret on the EVA server (and this server)\nAURAYA_ISSUER = optional. this app (or \"issuer\")\n\nAURAYA_RANDOM_DIGITS = optional. true|false whether to prompt for random digits\nAURAYA_COMMON_DIGITS = optional. true|false whether to prompt for common digits\nAURAYA_PERSONAL_DIGITS = optional. a user.user_metadata property that contains digits such as phone_number\nAURAYA_COMMON_DIGITS_PROMPT = optional. a digit string to prompt for common digits (e.g '987654321')\nAURAYA_PERSONAL_DIGITS_PROMPT = optional. a string to prompt for personal digits (e.g 'your cell number')\n\nAURAYA_DEBUG = optional. if set, controls detailed debug output\n
",
- "code": "function evaVoiceBiometric(user, context, callback) {\n const debug = typeof configuration.AURAYA_DEBUG !== 'undefined';\n if (debug) {\n console.log(user);\n console.log(context);\n console.log(configuration);\n }\n\n const eva_url =\n configuration.AURAYA_URL ||\n 'https://eval-eva-web.aurayasystems.com/server/oauth';\n const clientSecret =\n configuration.AURAYA_CLIENT_SECRET ||\n 'o4X0LFKi2caP5ipUwaF4B27cZmfOIh0JXnqmfiC4mHkVskSzbp72Emk3AB6';\n const clientId = configuration.AURAYA_CLIENT_ID || 'auraya';\n const issuer = configuration.AURAYA_ISSUER || 'issuer';\n\n // Prepare user's enrolment status\n user.user_metadata = user.user_metadata || {};\n user.user_metadata.auraya_eva = user.user_metadata.auraya_eva || {};\n\n // User has initiated a login and is prompted to use voice biometrics\n // Send user's information and query params in a JWT to avoid tampering\n function createToken(user) {\n const options = {\n expiresInMinutes: 2,\n audience: clientId,\n issuer: issuer\n };\n\n return jwt.sign(user, clientSecret, options);\n }\n\n if (context.protocol === 'redirect-callback') {\n // user was redirected to the /continue endpoint with correct state parameter value\n\n var options = {\n //subject: user.user_id, // validating the subject is nice to have but not strictly necessary\n jwtid: user.jti // unlike state, this value can't be spoofed by DNS hacking or inspecting the payload\n };\n\n const payload = jwt.verify(\n context.request.body.token,\n clientSecret,\n options\n );\n if (debug) {\n console.log(payload);\n }\n\n if (payload.reason === 'enrolment_succeeded') {\n user.user_metadata.auraya_eva.status = 'enrolled';\n\n console.log('Biometric user successfully enrolled');\n // persist the user_metadata update\n auth0.users\n .updateUserMetadata(user.user_id, user.user_metadata)\n .then(function () {\n callback(null, user, context);\n })\n .catch(function (err) {\n callback(err);\n });\n\n return;\n }\n\n if (payload.reason !== 'verification_accepted') {\n // logic to detect repeatedly rejected attempts could go here\n // and update the eva.status accordingly (perhaps with 'blocked')\n console.log(`Biometric rejection reason: ${payload.reason}`);\n return callback(new UnauthorizedError(payload.reason), user, context);\n }\n\n // verification accepted\n console.log('Biometric verification accepted');\n return callback(null, user, context);\n }\n\n const url = require('url@0.10.3');\n user.jti = uuid.v4();\n user.user_metadata.auraya_eva.status =\n user.user_metadata.auraya_eva.status || 'initial';\n const mode =\n user.user_metadata.auraya_eva.status === 'initial' ? 'enrol' : 'verify';\n\n // returns property of the user.user_metadata object, typically \"phone_number\"\n // default is '', (server skips this prompt)\n const personalDigits =\n typeof configuration.AURAYA_PERSONAL_DIGITS === 'undefined'\n ? ''\n : user.user_metadata[configuration.AURAYA_PERSONAL_DIGITS];\n\n // default value for these is 'true'\n const commonDigits = configuration.AURAYA_COMMON_DIGITS || 'true';\n const randomDigits = configuration.AURAYA_RANDOM_DIGITS || 'true';\n\n // default value for these is '' (the server default)\n const commonDigitsPrompt = configuration.AURAYA_COMMON_DIGITS_PROMPT || ''; // 123456789\n const personalDigitsPrompt =\n configuration.AURAYA_PERSONAL_DIGITS_PROMPT || ''; // 'your phone number'\n\n const token = createToken({\n sub: user.user_id,\n jti: user.jti,\n oauth: {\n state: '', // not used in token, only in the GET request\n callbackURL: url.format({\n protocol: 'https',\n hostname: context.request.hostname,\n pathname: '/continue'\n }),\n nonce: user.jti // performs same function as jti\n },\n biometric: {\n id: user.user_id, // email - can be used for identities that cross IdP boundaries\n mode: mode,\n personalDigits: personalDigits,\n personalDigitsPrompt: personalDigitsPrompt,\n commonDigits: commonDigits,\n commonDigitsPrompt: commonDigitsPrompt,\n randomDigits: randomDigits\n }\n });\n\n context.redirect = {\n url: `${eva_url}?token=${token}`\n };\n\n return callback(null, user, context);\n}"
+ "description": "Please see the EVA Voice Biometrics integration for more information and detailed installation instructions.
\nOptional configuration:
\n\nAURAYA_URL EVA endpoint, typically: https://eva-web.mydomain.com/server/oauthAURAYA_CLIENT_ID JWT client id on the EVA server (and this server)AURAYA_CLIENT_SECRET JWT client secret on the EVA server (and this server)AURAYA_ISSUER This app (or \"issuer\")AURAYA_RANDOM_DIGITSSet to \"true\" to prompt for random digits or \"false\" not toAURAYA_COMMON_DIGITS Set to \"true\" to prompt for common digits or \"false\" not toAURAYA_PERSONAL_DIGITS A user.usermetadata property that contains digits such as phonenumberAURAYA_COMMON_DIGITS_PROMPT A digit string to prompt for common digits (e.g '987654321')AURAYA_PERSONAL_DIGITS_PROMPT A string to prompt for personal digits (e.g 'your cell number')AURAYA_DEBUG Set to \"true\" to log errors in the console
",
+ "code": "function evaVoiceBiometric(user, context, callback) {\n const debug = typeof configuration.AURAYA_DEBUG !== 'undefined';\n if (debug) {\n console.log(user);\n console.log(context);\n console.log(configuration);\n }\n\n const eva_url =\n configuration.AURAYA_URL ||\n 'https://eval-eva-web.aurayasystems.com/server/oauth';\n const clientSecret =\n configuration.AURAYA_CLIENT_SECRET ||\n 'o4X0LFKi2caP5ipUwaF4B27cZmfOIh0JXnqmfiC4mHkVskSzbp72Emk3AB6';\n const clientId = configuration.AURAYA_CLIENT_ID || 'auraya';\n const issuer = configuration.AURAYA_ISSUER || 'issuer';\n\n // Prepare user's enrolment status\n user.user_metadata = user.user_metadata || {};\n user.user_metadata.auraya_eva = user.user_metadata.auraya_eva || {};\n\n // User has initiated a login and is prompted to use voice biometrics\n // Send user's information and query params in a JWT to avoid tampering\n function createToken(user) {\n const options = {\n expiresInMinutes: 2,\n audience: clientId,\n issuer: issuer\n };\n\n return jwt.sign(user, clientSecret, options);\n }\n\n if (context.protocol === 'redirect-callback') {\n // user was redirected to the /continue endpoint with correct state parameter value\n\n var options = {\n //subject: user.user_id, // validating the subject is nice to have but not strictly necessary\n jwtid: user.jti // unlike state, this value can't be spoofed by DNS hacking or inspecting the payload\n };\n\n const payload = jwt.verify(\n context.request.body.token,\n clientSecret,\n options\n );\n if (debug) {\n console.log(payload);\n }\n\n if (payload.reason === 'enrolment_succeeded') {\n user.user_metadata.auraya_eva.status = 'enrolled';\n\n console.log('Biometric user successfully enrolled');\n // persist the user_metadata update\n auth0.users\n .updateUserMetadata(user.user_id, user.user_metadata)\n .then(function () {\n callback(null, user, context);\n })\n .catch(function (err) {\n callback(err);\n });\n\n return;\n }\n\n if (payload.reason !== 'verification_accepted') {\n // logic to detect repeatedly rejected attempts could go here\n // and update the eva.status accordingly (perhaps with 'blocked')\n console.log(`Biometric rejection reason: ${payload.reason}`);\n return callback(new UnauthorizedError(payload.reason), user, context);\n }\n\n // verification accepted\n console.log('Biometric verification accepted');\n return callback(null, user, context);\n }\n\n const url = require('url@0.10.3');\n user.jti = uuid.v4();\n user.user_metadata.auraya_eva.status =\n user.user_metadata.auraya_eva.status || 'initial';\n const mode =\n user.user_metadata.auraya_eva.status === 'initial' ? 'enrol' : 'verify';\n\n // returns property of the user.user_metadata object, typically \"phone_number\"\n // default is '', (server skips this prompt)\n\n let personalDigits = '';\n if (typeof configuration.AURAYA_PERSONAL_DIGITS !== 'undefined') {\n personalDigits = user.user_metadata[configuration.AURAYA_PERSONAL_DIGITS];\n }\n\n // default value for these is 'true'\n const commonDigits = configuration.AURAYA_COMMON_DIGITS || 'true';\n const randomDigits = configuration.AURAYA_RANDOM_DIGITS || 'true';\n\n // default value for these is '' (the server default)\n const commonDigitsPrompt = configuration.AURAYA_COMMON_DIGITS_PROMPT || ''; // 123456789\n const personalDigitsPrompt =\n configuration.AURAYA_PERSONAL_DIGITS_PROMPT || ''; // 'your phone number'\n\n const token = createToken({\n sub: user.user_id,\n jti: user.jti,\n oauth: {\n state: '', // not used in token, only in the GET request\n callbackURL: url.format({\n protocol: 'https',\n hostname: context.request.hostname,\n pathname: '/continue'\n }),\n nonce: user.jti // performs same function as jti\n },\n biometric: {\n id: user.user_id, // email - can be used for identities that cross IdP boundaries\n mode: mode,\n personalDigits: personalDigits,\n personalDigitsPrompt: personalDigitsPrompt,\n commonDigits: commonDigits,\n commonDigitsPrompt: commonDigitsPrompt,\n randomDigits: randomDigits\n }\n });\n\n context.redirect = {\n url: `${eva_url}?token=${token}`\n };\n\n return callback(null, user, context);\n}"
},
{
"id": "iddataweb-verification-workflow",
diff --git a/src/rules/eva-voice-biometric.js b/src/rules/eva-voice-biometric.js
index 959c6c59..97ec7f3d 100644
--- a/src/rules/eva-voice-biometric.js
+++ b/src/rules/eva-voice-biometric.js
@@ -4,21 +4,22 @@
* @gallery true
* @category marketplace
*
+ * Please see the [EVA Voice Biometrics integration](https://marketplace.auth0.com/integrations/eva-voice-biometrics) for more information and detailed installation instructions.
*
- * all configuration items are optional:
- * AURAYA_URL = optional. EVA endpoint, typically: https://eva-web.mydomain.com/server/oauth
- * AURAYA_CLIENT_ID = optional. JWT client id on the EVA server (and this server)
- * AURAYA_CLIENT_SECRET = optional. JWT client secret on the EVA server (and this server)
- * AURAYA_ISSUER = optional. this app (or "issuer")
+ * **Optional configuration:**
*
- * AURAYA_RANDOM_DIGITS = optional. true|false whether to prompt for random digits
- * AURAYA_COMMON_DIGITS = optional. true|false whether to prompt for common digits
- * AURAYA_PERSONAL_DIGITS = optional. a user.user_metadata property that contains digits such as phone_number
- * AURAYA_COMMON_DIGITS_PROMPT = optional. a digit string to prompt for common digits (e.g '987654321')
- * AURAYA_PERSONAL_DIGITS_PROMPT = optional. a string to prompt for personal digits (e.g 'your cell number')
- *
- * AURAYA_DEBUG = optional. if set, controls detailed debug output
+ * - `AURAYA_URL` EVA endpoint, typically: https://eva-web.mydomain.com/server/oauth
+ * - `AURAYA_CLIENT_ID` JWT client id on the EVA server (and this server)
+ * - `AURAYA_CLIENT_SECRET` JWT client secret on the EVA server (and this server)
+ * - `AURAYA_ISSUER` This app (or "issuer")
+ * - `AURAYA_RANDOM_DIGITS`Set to "true" to prompt for random digits or "false" not to
+ * - `AURAYA_COMMON_DIGITS` Set to "true" to prompt for common digits or "false" not to
+ * - `AURAYA_PERSONAL_DIGITS` A user.user_metadata property that contains digits such as phone_number
+ * - `AURAYA_COMMON_DIGITS_PROMPT` A digit string to prompt for common digits (e.g '987654321')
+ * - `AURAYA_PERSONAL_DIGITS_PROMPT` A string to prompt for personal digits (e.g 'your cell number')
+ * - `AURAYA_DEBUG` Set to "true" to log errors in the console
*/
+
function evaVoiceBiometric(user, context, callback) {
const debug = typeof configuration.AURAYA_DEBUG !== 'undefined';
if (debug) {
@@ -107,10 +108,11 @@ function evaVoiceBiometric(user, context, callback) {
// returns property of the user.user_metadata object, typically "phone_number"
// default is '', (server skips this prompt)
- const personalDigits =
- typeof configuration.AURAYA_PERSONAL_DIGITS === 'undefined'
- ? ''
- : user.user_metadata[configuration.AURAYA_PERSONAL_DIGITS];
+
+ let personalDigits = '';
+ if (typeof configuration.AURAYA_PERSONAL_DIGITS !== 'undefined') {
+ personalDigits = user.user_metadata[configuration.AURAYA_PERSONAL_DIGITS];
+ }
// default value for these is 'true'
const commonDigits = configuration.AURAYA_COMMON_DIGITS || 'true';