Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

XCH-801 GDPR Compliance #8

Merged
merged 4 commits into from
Aug 16, 2018
Merged

XCH-801 GDPR Compliance #8

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
60b6821
check gdpr in buildRequest
curlyblueeagle Aug 3, 2018
888a1bd
User sync based on whether gdpr applies or not
curlyblueeagle Aug 3, 2018
59f8304
check if consent data exists during user sync
curlyblueeagle Aug 3, 2018
1096846
split user sync into further branches: 1) when gdpr does not apply 2)…
curlyblueeagle Aug 7, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
40 changes: 33 additions & 7 deletions modules/33acrossBidAdapter.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,8 +23,9 @@ function _createBidResponse(response) {
}
}

// infer the necessary data from valid bid for a minimal ttxRequest and create HTTP request
function _createServerRequest(bidRequest) {
// Infer the necessary data from valid bid for a minimal ttxRequest and create HTTP request
// NOTE: At this point, TTX only accepts request for a single impression
function _createServerRequest(bidRequest, gdprConsent) {
const ttxRequest = {};
const params = bidRequest.params;

Expand All @@ -48,11 +49,24 @@ function _createServerRequest(bidRequest) {
// therefore in ad targetting process
ttxRequest.id = bidRequest.bidId;

// Set GDPR related fields
ttxRequest.user = {
ext: {
consent: gdprConsent.consentString
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is it possible for gdprConsent to be undefined ? If so, then this line will probably throw an exception.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

FYI, when the request playload is stringyfied, an consentString: undefined is translated to

user: {
  ext: {}
}

}
}
ttxRequest.regs = {
ext: {
gdpr: (gdprConsent.gdprApplies === true) ? 1 : 0
}
}

// Finally, set the openRTB 'test' param if this is to be a test bid
if (params.test === 1) {
ttxRequest.test = 1;
}


/*
* Now construct the full server request
*/
Expand Down Expand Up @@ -104,11 +118,18 @@ function isBidRequestValid(bid) {
return true;
}

// NOTE: At this point, TTX only accepts request for a single impression
function buildRequests(bidRequests) {
// NOTE: With regards to gdrp consent data,
// - the server independently infers gdpr applicability therefore, setting the default value to false
// - the server, at this point, also doesn't need the consent string to handle gdpr compliance. So passing
// value whether set or not, for the sake of future dev.
function buildRequests(bidRequests, bidderRequest) {
const gdprConsent = Object.assign({ consentString: undefined, gdprApplies: false }, bidderRequest && bidderRequest.gdprConsent)
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah -- I guess this answers my earlier question about "can gdprConsent be undefined". So: the value will always be defined.


adapterState.uniqueSiteIds = bidRequests.map(req => req.params.siteId).filter(uniques);

return bidRequests.map(_createServerRequest);
return bidRequests.map((req) => {
return _createServerRequest(req, gdprConsent);
});
}

// NOTE: At this point, the response from 33exchange will only ever contain one bid i.e. the highest bid
Expand All @@ -124,8 +145,13 @@ function interpretResponse(serverResponse, bidRequest) {
}

// Register one sync per unique guid
function getUserSyncs(syncOptions) {
return (syncOptions.iframeEnabled) ? adapterState.uniqueSiteIds.map(_createSync) : ([]);
// NOTE: If gdpr applies do not sync
function getUserSyncs(syncOptions, responses, gdprConsent) {
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hmm... looks like the 33Across code is not calling this method. I assume it's being invoked via the top-level (Prebid) infrastructure, then?

(If so: hmm... I have a feeling that the method signature is going to change at some point in the future. There are quite a few args here, and it looks like things could be generalized)

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yea it's the part of the adapter API exposed to Prebid core. And that appears to be their signature http://prebid.org/dev-docs/modules/consentManagement.html#usersync-integration

if (gdprConsent && gdprConsent.gdprApplies === true) {
return []
} else {
return (syncOptions.iframeEnabled) ? adapterState.uniqueSiteIds.map(_createSync) : ([]);
}
}

const spec = {
Expand Down