Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
…into jon-UID2-2431-identity-map

# Conflicts:
#	src/main/java/com/uid2/client/PublisherUid2Client.java
  • Loading branch information
jon8787 committed Jan 24, 2024
2 parents 12e4101 + e8a299a commit 7c71fef
Show file tree
Hide file tree
Showing 11 changed files with 161 additions and 110 deletions.
35 changes: 35 additions & 0 deletions .github/workflows/build-and-publish.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,35 @@
name: Build and Publish JAR Packages
run-name: ${{ inputs.release_type == 'Snapshot' && 'Publish pre-release' || format('Release {0}', inputs.release_type)}} Package by @${{ github.actor }}
on:
workflow_dispatch:
inputs:
release_type:
type: choice
description: 'The type of release'
options:
- Major
- Minor
- Patch
- Snapshot
publish_to_maven:
description: 'True to publish the artifacts to Maven repository, false to skip the step'
default: false
required: false
type: boolean
java_version:
type: string
default: '11'
publish_vulnerabilities:
type: string
default: 'true'

jobs:
build-and-pubish:
name: Build and publish JAR packages to Maven repository
uses: IABTechLab/uid2-shared-actions/.github/workflows/shared-java-publish-versioned-package.yaml@v2
with:
release_type: ${{ inputs.release_type }}
publish_to_maven: ${{ inputs.publish_to_maven }}
java_version: ${{ inputs.java_version }}
publish_vulnerabilities: ${{ inputs.publish_vulnerabilities }}
secrets: inherit
16 changes: 0 additions & 16 deletions .github/workflows/publish-major.yaml

This file was deleted.

16 changes: 0 additions & 16 deletions .github/workflows/publish-minor.yaml

This file was deleted.

16 changes: 0 additions & 16 deletions .github/workflows/publish-patch.yaml

This file was deleted.

16 changes: 0 additions & 16 deletions .github/workflows/publish-snapshot.yaml

This file was deleted.

88 changes: 67 additions & 21 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -50,20 +50,27 @@ If you're using the SDK's HTTP implementation, follow these steps.

>IMPORTANT: Be sure to call this function only when you have obtained legal basis to convert the user’s [directly identifying information (DII)](https://unifiedid.com/docs/ref-info/glossary-uid#gl-dii) to UID2 tokens for targeted advertising.
>`doNotGenerateTokensForOptedOut()` applies `policy=1` in the [/token/generate](https://unifiedid.com/docs/endpoints/post-token-generate#token-generation-policy) call. Without this, `policy` is omitted to maintain backwards compatibility.
>IMPORTANT: Always apply `doNotGenerateTokensForOptedOut()`. This applies a parameter similar to setting `optout_check=1` in the call to the POST /token/generate endpoint (see [Unencrypted JSON Body Parameters](https://unifiedid.com/docs/endpoints/post-token-generate#unencrypted-json-body-parameters)).
#### Standard Integration

If you're using standard integration (client and server) (see [UID2 SDK for JavaScript Integration Guide](https://unifiedid.com/docs/guides/publisher-client-side)), follow this step:
If you're using standard integration (client and server) (see [JavaScript Standard Integration Guide](https://unifiedid.com/docs/guides/integration-javascript-standard)), follow this step:

* Send this identity as a JSON string back to the client (to use in the [identity field](https://unifiedid.com/docs/sdks/client-side-identity#initopts-object-void)) using the following:

`tokenGenerateResponse.getIdentityJsonString()` //Note: this method returns `null` if the user has opted out, so be sure to handle that case.
```
tokenGenerateResponse.getIdentityJsonString()
```
>NOTE: If the user has opted out, this method returns `null`, so be sure to handle that case.
#### Server-Only Integration
If you're using server-only integration (see [Publisher Integration Guide, Server-Only](https://unifiedid.com/docs/guides/custom-publisher-integration)):
1. Store this identity as a JSON string in the user's session, using the `tokenGenerateResponse.getIdentityJsonString()` function. This method returns `null` if the user has opted out, so be sure to handle that case.
1. Store this identity as a JSON string in the user's session, using the `tokenGenerateResponse.getIdentityJsonString()` function.
If the user has opted out, this method returns `null`, so be sure to handle that case.
2. To retrieve the user's UID2 token, use:
```
Expand All @@ -84,7 +91,9 @@ If you're using server-only integration (see [Publisher Integration Guide, Serve
`TokenRefreshResponse tokenRefreshResponse = publisherUid2Client.refreshToken(identity);`
6. Store `tokenRefreshResponse.getIdentityJsonString()` in the user's session. If the user has opted out, this method returns `null`, indicating that the user's identity should be removed from the session. To confirm optout, you can use the `tokenRefreshResponse.isOptout()` function.
6. Store `tokenRefreshResponse.getIdentityJsonString()` in the user's session.
If the user has opted out, this method returns `null`, indicating that the user's identity should be removed from the session. To confirm optout, you can use the `tokenRefreshResponse.isOptout()` function.
### Advanced Usage
Expand All @@ -102,25 +111,31 @@ If you're using server-only integration (see [Publisher Integration Guide, Serve
2. Body: `envelope.getEnvelope()`
>IMPORTANT: Be sure to call this endpoint only when you have obtained legal basis to convert the user’s [directly identifying information (DII)](https://unifiedid.com/docs/ref-info/glossary-uid#gl-dii) to UID2 tokens for targeted advertising.
>`doNotGenerateTokensForOptedOut()` applies `policy=1` in the [/token/generate](https://unifiedid.com/docs/endpoints/post-token-generate#token-generation-policy) call. Without this, `policy` is omitted to maintain backwards compatibility.
>IMPORTANT: Always apply `doNotGenerateTokensForOptedOut()`. This applies a parameter similar to setting `optout_check=1` in the call to the POST /token/generate endpoint (see [Unencrypted JSON Body Parameters](https://unifiedid.com/docs/endpoints/post-token-generate#unencrypted-json-body-parameters)).
4. If the HTTP response status code is _not_ 200, see [Response Status Codes](https://unifiedid.com/docs/endpoints/post-token-generate#response-status-codes) to determine next steps. Otherwise, convert the UID2 identity response content into a `TokenGenerateResponse` object:
`TokenGenerateResponse tokenGenerateResponse = publisherUid2Helper.createTokenGenerateResponse({response body}, envelope);`
#### Standard Integration
If you're using standard integration (client and server) (see [UID2 SDK for JavaScript Integration Guide](https://unifiedid.com/docs/guides/publisher-client-side)):
If you're using standard integration (client and server) (see [JavaScript Standard Integration Guide](https://unifiedid.com/docs/guides/integration-javascript-standard)):
* Send this identity as a JSON string back to the client (to use in the [identity field](https://unifiedid.com/docs/sdks/client-side-identity#initopts-object-void)) using the following:
`tokenGenerateResponse.getIdentityJsonString() //Note: this method returns null if the user has opted out, so be sure to handle that case.`
```
tokenGenerateResponse.getIdentityJsonString()
```
>NOTE: If the user has opted out, this method returns `null`, so be sure to handle that case.
#### Server-Only Integration
If you're using server-only integration (see [Publisher Integration Guide, Server-Only](https://unifiedid.com/docs/guides/custom-publisher-integration)):
1. Store this identity as a JSON string in the user's session, using: `tokenGenerateResponse.getIdentityJsonString()`. This method returns null if the user has opted out, so be sure to handle that case.
1. Store this identity as a JSON string in the user's session, using: `tokenGenerateResponse.getIdentityJsonString()`.
If the user has opted out, this method returns null, so be sure to handle that case.
2. To retrieve the user's UID2 token, use:
```
Expand All @@ -131,13 +146,22 @@ If you're using server-only integration (see [Publisher Integration Guide, Serve
3. When the user accesses another page, or on a timer, determine whether a refresh is needed:
1. Retrieve the identity JSON string from the user's session, and then call the following function that generates an `IdentityTokens` object:
`IdentityTokens identity = IdentityTokens.fromJsonString(identityJsonString);`
```
IdentityTokens identity = IdentityTokens.fromJsonString(identityJsonString);
```
2. Determine if the identity can be refreshed (that is, the refresh token hasn't expired):

` if (identity == null || !identity.isRefreshable()) { we must no longer use this identity (for example, remove this identity from the user's session) }`
```
if (identity == null || !identity.isRefreshable()) { we must no longer use this identity (for example, remove this identity from the user's session) }
```
3. Determine if a refresh is needed:
`if (identity.isDueForRefresh()) {..}`
```
if (identity.isDueForRefresh()) {..}
```
4. If a refresh is needed, call the [POST token/refresh](https://unifiedid.com/docs/endpoints/post-token-refresh) endpoint, with:
1. Headers (depending on your HTTP library, this might look something like):
Expand All @@ -146,30 +170,52 @@ If you're using server-only integration (see [Publisher Integration Guide, Serve
2. Body: `identity.getRefreshToken()`
5. If the refresh HTTP response status code is 200:
`TokenRefreshResponse tokenRefreshResponse = PublisherUid2Helper.createTokenRefreshResponse({response body}, identity);`
6. Store `tokenRefreshResponse.getIdentityJsonString()` in the user's session. If the user has opted out, this method returns null, indicating that the user's identity should be removed from the session. To confirm optout, you can use the `tokenRefreshResponse.isOptout()` function.
```
TokenRefreshResponse tokenRefreshResponse = PublisherUid2Helper.createTokenRefreshResponse({response body}, identity);
```
6. Store `tokenRefreshResponse.getIdentityJsonString()` in the user's session.
If the user has opted out, this method returns null, indicating that the user's identity should be removed from the session. To confirm optout, you can use the `tokenRefreshResponse.isOptout()` function.
## Usage for UID2 Sharers
A UID2 sharer is a participant that wants to share UID2s or EUIDs with another participant. Raw UID2s must be encrypted into UID2 tokens before sending them to another participant. For an example of usage, see [com.uid2.client.test.IntegrationExamples](https://github.com/IABTechLab/uid2-client-java/blob/master/src/test/java/com/uid2/client/test/IntegrationExamples.java) (runSharingExample method).
1. Use UID2ClientFactory.create() to create an IUID2Client reference:
`private final IUID2Client client = UID2ClientFactory.create(UID2_BASE_URL, UID2_API_KEY, UID2_SECRET_KEY);`
```
private final IUID2Client client = UID2ClientFactory.create(UID2_BASE_URL, UID2_API_KEY, UID2_SECRET_KEY);
```
2. Call IUID2Client.refresh once at startup, and then periodically (for example, every hour):
`client.refresh();`
```
client.refresh();
```
3. Senders:
1. Call the following:
`EncryptionDataResponse encrypted = client.encrypt(rawUid);`
```
EncryptionDataResponse encrypted = client.encrypt(rawUid);
```
2. If encryption succeeded, send the UID2 token to the receiver:
`if (encrypted.isSuccess()) {` send `encrypted.getEncryptedData()` to receiver`} else {`check `encrypted.getStatus()` for the failure reason}
```
if (encrypted.isSuccess()) {` send `encrypted.getEncryptedData()` to receiver`} else {`check `encrypted.getStatus()` for the failure reason}
```
4. Receivers:
1. Call the following:
`DecryptionResponse decrypted = client.decrypt(uidToken);`
```
DecryptionResponse decrypted = client.decrypt(uidToken);
```
2. If decryption succeeded, use the raw UID2:
`if (decrypted.isSuccess()) {`use `decrypted.getUid() } else {`check `decrypted.getStatus()` for the failure reason `}`
```
if (decrypted.isSuccess()) {`use `decrypted.getUid() } else {`check `decrypted.getStatus()` for the failure reason `}
```
2 changes: 1 addition & 1 deletion pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@

<groupId>com.uid2</groupId>
<artifactId>uid2-client</artifactId>
<version>4.2.4-dcf7ac1ce6</version>
<version>4.2.27-af48744214</version>

<name>${project.groupId}:${project.artifactId}</name>
<description>UID2 Client</description>
Expand Down
11 changes: 8 additions & 3 deletions src/main/java/com/uid2/client/KeyParser.java
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@ static KeyContainer parse(InputStream stream) {
tokenExpirySeconds = defaultTokenExpiryDays * 24 * 60 * 60;
}

JsonArray keysJson = body.get("keys").getAsJsonArray();
JsonArray keysJson = isNull(body.get("keys")) ? new JsonArray() : body.get("keys").getAsJsonArray();

List<Key> keys = new ArrayList<>();
for (JsonElement element : keysJson) {
Expand All @@ -62,10 +62,15 @@ static KeyContainer parse(InputStream stream) {

static private int getAsInt(JsonObject body, String memberName) {
JsonElement element = body.get(memberName);
return element == null ? 0 : element.getAsInt();
return isNull(element) ? 0 : element.getAsInt();
}

static private long getAsLong(JsonObject body, String memberName) {
JsonElement element = body.get(memberName);
return element == null ? 0 : element.getAsLong();
return isNull(element) ? 0 : element.getAsLong();
}

static private boolean isNull(JsonElement jo) {
return jo == null || jo.isJsonNull();
}
}
1 change: 1 addition & 0 deletions src/main/java/com/uid2/client/TokenGenerateInput.java
Original file line number Diff line number Diff line change
Expand Up @@ -51,6 +51,7 @@ TokenGenerateInput doNotHash() {
return this;
}

// Always use .doNotGenerateTokensForOptedOut(), which applies policy=1. Support for policy=0 will be removed soon.
public TokenGenerateInput doNotGenerateTokensForOptedOut() {
generateForOptedOut = false;
return this;
Expand Down
Loading

0 comments on commit 7c71fef

Please sign in to comment.