Add IdentityApi to check rewards eligibility #2103
Merged
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
This PR implements an eligibility check for the Safe clients. The main criterion for eligibility (e.g.: eligible for rewards) is the country of origin of the incoming request.
For that purpose, FingerprintJS is used. This service requires the client to install a JS Agent, that makes a request to Fingerprint servers. The response contains a sealed data payload, holding anonymous identity data like browser type, VPN information, IP location, etc. Then, this data can be sent to the CGW, which unseals it, and applies the eligibility logic.
A more detailed explanation of how this works can be found in the Fingerprint documentation for Sealed Client Results.
Changes
CommunityRepository['checkEligibility']
function to check if a specific request is eligible.FingerprintApiService
that wraps aFingerprintJS
library, to unseal the request identity payload.FINGERPRINT_NON_ELIGIBLE_COUNTRIES
as a non-mandatory environment variable (defaulting to['US']
).FINGERPRINT_ENCRYPTION_KEY
as a mandatory environment variable.Out of scope