From bde42a4ca5940d018ea98ae589d69463cc51f22a Mon Sep 17 00:00:00 2001
From: Olivier Brisse <olivier.brisse@maestrano.com>
Date: Wed, 21 Sep 2016 13:43:18 +1000
Subject: [PATCH] [MNO-271] Add support for Intercom secure mode

Intercom need a server side generated HMAC of the user_id or email when
secure mode is enabled.

See: https://docs.intercom.com/configure-intercom-for-your-product-or-site/staying-secure/enable-secure-mode-on-your-web-product
---
 .../jpi/v1/current_users/show.json.jbuilder   |  6 +++-
 core/app/models/mno_enterprise/user.rb        |  1 +
 .../concerns/models/intercom_user.rb          | 33 +++++++++++++++++++
 3 files changed, 39 insertions(+), 1 deletion(-)
 create mode 100644 core/lib/mno_enterprise/concerns/models/intercom_user.rb

diff --git a/api/app/views/mno_enterprise/jpi/v1/current_users/show.json.jbuilder b/api/app/views/mno_enterprise/jpi/v1/current_users/show.json.jbuilder
index 3ed96201e..b75598945 100644
--- a/api/app/views/mno_enterprise/jpi/v1/current_users/show.json.jbuilder
+++ b/api/app/views/mno_enterprise/jpi/v1/current_users/show.json.jbuilder
@@ -17,7 +17,11 @@ json.cache! ['v1', @user.cache_key] do
     if current_impersonator
       json.current_impersonator true
     end
-    
+
+    if @user.respond_to?(:intercom_user_hash)
+      json.user_hash @user.intercom_user_hash
+    end
+
     # Embed association if user is persisted
     if @user.id
       json.organizations do
diff --git a/core/app/models/mno_enterprise/user.rb b/core/app/models/mno_enterprise/user.rb
index 07f08cbc0..a08f9d4d1 100644
--- a/core/app/models/mno_enterprise/user.rb
+++ b/core/app/models/mno_enterprise/user.rb
@@ -39,6 +39,7 @@
 
 module MnoEnterprise
   class User < BaseResource
+    include MnoEnterprise::Concerns::Models::IntercomUser
     extend Devise::Models
     
     # Note: password and encrypted_password are write-only attributes and are never returned by
diff --git a/core/lib/mno_enterprise/concerns/models/intercom_user.rb b/core/lib/mno_enterprise/concerns/models/intercom_user.rb
new file mode 100644
index 000000000..31b964f24
--- /dev/null
+++ b/core/lib/mno_enterprise/concerns/models/intercom_user.rb
@@ -0,0 +1,33 @@
+require 'openssl'
+
+module MnoEnterprise::Concerns::Models::IntercomUser
+  extend ActiveSupport::Concern
+
+  #==================================================================
+  # Included methods
+  #==================================================================
+  # 'included do' causes the included code to be evaluated in the
+  # context where it is included rather than being executed in the module's context
+  included do
+    if MnoEnterprise.intercom_enabled?
+      # Return intercom user hash
+      # This is used in secure mode
+      def intercom_user_hash
+        OpenSSL::HMAC.hexdigest('sha256', MnoEnterprise.intercom_api_secret, (self.id || self.email).to_s)
+      end
+    end
+  end
+
+  #==================================================================
+  # Class methods
+  #==================================================================
+  module ClassMethods
+    # def some_class_method
+    #   'some text'
+    # end
+  end
+
+  #==================================================================
+  # Instance methods
+  #==================================================================
+end