https://github.com/govtechsg/myinfo-rails

Rails Wrapper for MyInfo API
https://github.com/govtechsg/myinfo-rails

myinfo rails ruby

Last synced: 10 months ago
JSON representation

Rails Wrapper for MyInfo API

• Host: GitHub
• URL: https://github.com/govtechsg/myinfo-rails
• Owner: GovTechSG
• License: mit
• Created: 2021-01-18T02:35:45.000Z (over 5 years ago)
• Default Branch: main
• Last Pushed: 2023-12-26T13:15:23.000Z (over 2 years ago)
• Last Synced: 2025-04-19T08:10:28.353Z (about 1 year ago)
• Topics: myinfo, rails, ruby
• Language: Ruby
• Homepage:
• Size: 151 KB
• Stars: 3
• Watchers: 5
• Forks: 3
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# Rails wrapper for MyInfo API

![tests](https://github.com/GovTechSG/myinfo/workflows/tests/badge.svg?branch=main)

# MyInfo V4

[MyInfo Documentation (Public)](https://public.cloud.myinfo.gov.sg/myinfo/api/myinfo-kyc-v4.0.html)

Note: Currently this gem only supports `public_facing = true` for MyInfo V4 API.

## Basic Setup (Public)

1. `bundle add myinfo`

2. Create a `config/initializers/myinfo.rb` and add the required configuration based on your environment.

```ruby

  MyInfo.configure do |config|

    config.app_id = ''

    config.client_id = ''

    config.client_secret = ''

    config.base_url = 'test.api.myinfo.gov.sg'

    config.redirect_uri = 'https://localhost:3001/callback'

    config.public_facing = true

    config.sandbox = false # optional, false by default

    config.private_encryption_key = ''

    config.private_signing_key = ''

    config.authorise_jwks_base_url = "test.authorise.singpass.gov.sg"

    # setup proxy here if needed

    config.proxy = { address: 'proxy_address', port: 'proxy_port' } # optional, nil by default

    config.gateway_url = 'https://test_gateway_url' # optional, nil by default

    config.gateway_key = '44d953c796cccebcec9bdc826852857ab412fbe2' # optional, nil by default

  end

```

3. Generate the code verifier and code challenge and manage a session to their frontend to link the code_verifier and code_challenge.

```ruby

code_verifier, code_challenge = MyInfo::V4::Session.call

```

4. On callback url triggered, obtain a `MyInfo::V4::Token`. This token can only be used once.

```ruby

key_pairs = SecurityHelper.generate_session_key_pair

response = MyInfo::V4::Token.call(

  key_pairs: key_pairs,

  auth_code: params[:code],

  code_verifier: session[:code_verifier]

)

access_token = response.data

```

5. Obtain the `access_token` from the `response` and query for `MyInfo::V4::Person`:

```ruby

response = MyInfo::V4::Person.call(key_pairs: key_pairs, access_token: access_token)

```

# MyInfo V3

[MyInfo Documentation (Public)](https://public.cloud.myinfo.gov.sg/myinfo/api/myinfo-kyc-v3.1.0.html)

[MyInfo Documentation (Government)](https://public.cloud.myinfo.gov.sg/myinfo/tuo/myinfo-tuo-specs.html)

## Basic Setup (Public)

1. `bundle add myinfo`

2. Create a `config/initializers/myinfo.rb` and add the required configuration based on your environment.

```ruby

  MyInfo.configure do |config|

    config.app_id = ''

    config.client_id = ''

    config.client_secret = ''

    config.base_url = 'test.api.myinfo.gov.sg'

    config.redirect_uri = 'https://localhost:3001/callback'

    config.public_facing = true

    config.private_key = File.read(Rails.root.join('private_key_location'))

    config.public_cert = File.read(Rails.root.join('public_cert_location'))

    config.sandbox = false # optional, false by default

    config.proxy = { address: 'proxy_address', port: 'proxy_port' } # optional, nil by default

    config.gateway_url = 'https://test_gateway_url' # optional, nil by default

    config.gateway_key = '44d953c796cccebcec9bdc826852857ab412fbe2' # optional, nil by default

  end

```

3. To obtain a person's MyInfo information, we need to authorise the query first:

```ruby

redirect_to MyInfo::V3::AuthoriseUrl.call(

      purpose: 'set your purpose here',

      state: SecureRandom.hex # set a state to check on callback

    )

```

4. On `redirect_url`, obtain a `MyInfo::V3::Token`. This token can only be used once.

```ruby

    response = MyInfo::V3::Token.call(

      code: params[:code],

      state: params[:state]

    )

```

5. Obtain the `access_token` from the `response` and query for `MyInfo::V3::Person`:

```ruby

result = MyInfo::V3::Person.call(access_token: response.data) if response.success?

```

## Basic Setup (Government)

1. `bundle add myinfo`

2. Create a `config/initializers/myinfo.rb` and add the required configuration based on your environment.

```ruby

  MyInfo.configure do |config|

    config.app_id = ''

    config.client_id = ''

    config.client_secret = ''

    config.base_url = 'test.api.myinfo.gov.sg'

    config.redirect_uri = 'https://localhost:3001/callback'

    config.singpass_eservice_id = 'MYINFO-CONSENTPLATFORM'

    config.private_key = File.read(Rails.root.join('private_key_location'))

    config.public_cert = File.read(Rails.root.join('public_cert_location'))

    config.sandbox = false # optional, false by default

    config.proxy = { address: 'proxy_address', port: 'proxy_port' } # optional, nil by default

    config.gateway_url = 'https://test_gateway_url' #optional, nil by default

    config.gateway_key = '44d953c796cccebcec9bdc826852857ab412fbe2' #optional, nil by default

  end

```

3. To obtain a person's MyInfo information, we need to authorise the query first:

```ruby

redirect_to MyInfo::V3::AuthoriseUrl.call(

      nric_fin: "user's NRIC", # see documentation for list of sample NRICs

      purpose: 'set your purpose here',

      state: SecureRandom.hex # set a state to check on callback

    )

```

4. On `redirect_url`, obtain a `MyInfo::V3::Token`. This token can only be used once.

```ruby

    response = MyInfo::V3::Token.call(

      code: params[:code],

      state: params[:state]

    )

```

5. Obtain the `access_token` from the `response` and query for `MyInfo::V3::Person`:

```ruby

result = MyInfo::V3::Person.call(access_token: response.data) if response.success?

```

## Sample App Demo

1. `git clone git@github.com:GovTechSG/myinfo-rails.git`

2. `cd myinfo-rails`

3. `bundle install`

4. `cd spec/dummy && rails s`

5. Navigate to `localhost:3001`

## Advanced

- `attributes` can be passed to `AuthoriseUrl` and `Person` as an array to override the default attributes queried - check MyInfo for a list of available attributes.

- `success?` can be called on `MyInfo::V3::Response` to determine whether the query has succeeded or failed. Check MyInfo API for a list of responses and how to handle them.

## Disclaimer

Provided credentials in the repository are either obtained from [MyInfo Demo App](https://github.com/ndi-trusted-data/myinfo-demo-app) or samples online, and are only for testing purposes. They should not be re-used for staging or production environments. Visit the [official MyInfo tutorial](https://www.ndi-api.gov.sg/library/myinfo/tutorial3) for more information.

## Contributing

Contributions are welcome!

1. Fork the repository

2. Write code and tests

3. Submit a PR