[MNO-271] Add support for Intercom secure mode

Intercom need a server side generated HMAC of the user_id or email when secure mode is enabled. See: https://docs.intercom.com/configure-intercom-for-your-product-or-site/staying-secure/enable-secure-mode-on-your-web-product
maestrano · Sep 21, 2016 · bde42a4 · bde42a4
1 parent a4366b4
commit bde42a4
Show file tree

Hide file tree

Showing 3 changed files with 39 additions and 1 deletion.
diff --git a/api/app/views/mno_enterprise/jpi/v1/current_users/show.json.jbuilder b/api/app/views/mno_enterprise/jpi/v1/current_users/show.json.jbuilder
@@ -17,7 +17,11 @@ json.cache! ['v1', @user.cache_key] do
     if current_impersonator
       json.current_impersonator true
     end
-
+
+    if @user.respond_to?(:intercom_user_hash)
+      json.user_hash @user.intercom_user_hash
+    end
+
     # Embed association if user is persisted
     if @user.id
       json.organizations do

diff --git a/core/app/models/mno_enterprise/user.rb b/core/app/models/mno_enterprise/user.rb
@@ -39,6 +39,7 @@
 
 module MnoEnterprise
   class User < BaseResource
+    include MnoEnterprise::Concerns::Models::IntercomUser
     extend Devise::Models
 
     # Note: password and encrypted_password are write-only attributes and are never returned by

diff --git a/core/lib/mno_enterprise/concerns/models/intercom_user.rb b/core/lib/mno_enterprise/concerns/models/intercom_user.rb
@@ -0,0 +1,33 @@
+require 'openssl'
+
+module MnoEnterprise::Concerns::Models::IntercomUser
+  extend ActiveSupport::Concern
+
+  #==================================================================
+  # Included methods
+  #==================================================================
+  # 'included do' causes the included code to be evaluated in the
+  # context where it is included rather than being executed in the module's context
+  included do
+    if MnoEnterprise.intercom_enabled?
+      # Return intercom user hash
+      # This is used in secure mode
+      def intercom_user_hash
+        OpenSSL::HMAC.hexdigest('sha256', MnoEnterprise.intercom_api_secret, (self.id || self.email).to_s)
+      end
+    end
+  end
+
+  #==================================================================
+  # Class methods
+  #==================================================================
+  module ClassMethods
+    # def some_class_method
+    #   'some text'
+    # end
+  end
+
+  #==================================================================
+  # Instance methods
+  #==================================================================
+end