Skip to content

Add opt-out functionality to all secure signal sample pages#48

Merged
eiman-eltigani-ttd merged 13 commits intomainfrom
eee-UID2-6171-handle-optout-secure-signals
Oct 21, 2025
Merged

Add opt-out functionality to all secure signal sample pages#48
eiman-eltigani-ttd merged 13 commits intomainfrom
eee-UID2-6171-handle-optout-secure-signals

Conversation

@eiman-eltigani-ttd
Copy link

@eiman-eltigani-ttd eiman-eltigani-ttd commented Oct 16, 2025
edited
Loading

  1. .env variables for testing client-side (sourced from uid2-operator repo in resources/test/client_side_keypairs/client_side_keypairs.json):
UID2_BASE_URL="http://localhost:8080"
UID2_CSTG_SERVER_PUBLIC_KEY="UID2-X-L-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEtXJdTSZAYHvoRDWiehMHoWF1BNPuqLs5w2ZHiAZ1IJc7O4/z0ojPTB0V+KYX/wxQK0hxx6kxCvHj335eI/ZQsQ=="
UID2_CSTG_SUBSCRIPTION_ID="4WvryDGbR5"
  1. .env variables from testing server/client-server.js (sourced from clients/clients.json):
UID2_BASE_URL="http://host.docker.internal:8080"
UID2_API_KEY="UID2-C-L-124-H8VwqX.l2G4TCuUWYAqdqkeG/UqtFoPEoXirKn4kHWxc="
UID2_CLIENT_SECRET="NcMgi6Y8C80SlxvV7pYlfcvEIo+2b0508tYQ3pKK8HM="
SESSION_KEY="any-random-string-here" #this is needed for server-side, it can be any string

@eiman-eltigani-ttd
Copy link
Author

eiman-eltigani-ttd commented Oct 20, 2025

Implementation details:

  • For server/client-server, opt-out status is returned as response.status === 'optout' from the /token/generate endpoint, so I added an additional check in server.js to render a newly created optout.html page
  • Client-side wasn't as straight forward because the UID2 SDk returns opt-out as {identity: null} which is the same when user hasn't generated any token so I had to create a loginAttempted flag to differentiate optout

eiman-eltigani-ttd
eiman-eltigani-ttd commented Oct 20, 2025
View reviewed changes
web-integrations/google-secure-signals/client-side/html/index.html
</div>
<div id="optout_message" style="display: none" class="form">
<button type="button" class="button" id="try_another">Try Another Email</button>
</div>
Copy link
Author

@eiman-eltigani-ttd eiman-eltigani-ttd Oct 20, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Also created an optout banner because the response for opt-out and initial page load is the same.

eiman-eltigani-ttd
eiman-eltigani-ttd commented Oct 20, 2025
View reviewed changes
web-integrations/google-secure-signals/server-side/views/login.html
window.location.replace('/');
});
});
</script>
Copy link
Author

@eiman-eltigani-ttd eiman-eltigani-ttd Oct 20, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The fetch/AJAX request was intercepting normal form submission and wasnt allowing other pages to render properly (now the error page and optout page are displaying as expected). Also secure signals are loaded/cleared automatically based on the identity state so it was simpler to remove it all

eiman-eltigani-ttd
eiman-eltigani-ttd commented Oct 20, 2025
View reviewed changes
web-integrations/google-secure-signals/react-client-side/src/SecureSignalsApp.tsx
Copy link
Author

@eiman-eltigani-ttd eiman-eltigani-ttd Oct 20, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Lastly, I applied the same logic I used on the client side after getting that working and tested properly. I still need to verify that it works locally after the Dockerfile is setup correctly/any final changes are made.

@eiman-eltigani-ttd eiman-eltigani-ttd marked this pull request as ready for review October 20, 2025 17:29
ssundahlTTD
ssundahlTTD reviewed Oct 20, 2025
View reviewed changes
web-integrations/google-secure-signals/server-side/views/login.html
</div>
<div><input type="submit" value="Generate UID2" class="button" /></div>
</form>
<script>
Copy link
Contributor

@ssundahlTTD ssundahlTTD Oct 20, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this may be breaking the non-optout flow. It's not working anymore.

Copy link
Author

@eiman-eltigani-ttd eiman-eltigani-ttd Oct 21, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Updated env.sample file and added SESSION_KEY so users know thats needed to run server-side site

@eiman-eltigani-ttd
Copy link
Author

eiman-eltigani-ttd commented Oct 21, 2025
edited
Loading

Was able to get React running with npm start by downloading dotenv-cli which allows you to load environment variables from a specific file path, updated the instructions in the ReadMe and env.sample file as well

@eiman-eltigani-ttd eiman-eltigani-ttd merged commit d7a94c9 into main Oct 21, 2025
2 checks passed
@eiman-eltigani-ttd eiman-eltigani-ttd deleted the eee-UID2-6171-handle-optout-secure-signals branch October 21, 2025 21:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ssundahlTTD ssundahlTTD ssundahlTTD left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@eiman-eltigani-ttd @ssundahlTTD