Skip to content

Commit

Permalink
[RPO-3152] Enable Support for GPP Consent (#12)
Browse files Browse the repository at this point in the history 
* Adds gpp consent integration to concert bid adapter

* Update tests to check for gpp consent string param

* removes user sync endpoint and tests

* updates comment

* cleans up consentAllowsPpid function

* comment fix

* rename variables for clarity
  • Loading branch information
@BrettBlox
BrettBlox authored Mar 22, 2023
1 parent 7c1969c commit 99b0664
Show file tree
Hide file tree
Showing 2 changed files with 30 additions and 122 deletions.
59 changes: 18 additions & 41 deletions modules/concertBidAdapter.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,6 @@ import { hasPurpose1Consent } from '../src/utils/gpdr.js';

const BIDDER_CODE = 'concert';
const CONCERT_ENDPOINT = 'https://bids.concert.io';
const USER_SYNC_URL = 'https://cdn.concert.io/lib/bids/sync.html';

export const spec = {
code: BIDDER_CODE,
Expand Down Expand Up @@ -47,10 +46,18 @@ export const spec = {
optedOut: hasOptedOutOfPersonalization(),
adapterVersion: '1.1.1',
uspConsent: bidderRequest.uspConsent,
gdprConsent: bidderRequest.gdprConsent
gdprConsent: bidderRequest.gdprConsent,
gppConsent: bidderRequest.gppConsent,
}
};

if (!payload.meta.gppConsent && bidderRequest.ortb2?.regs?.gpp) {
payload.meta.gppConsent = {
gppString: bidderRequest.ortb2.regs.gpp,
applicableSections: bidderRequest.ortb2.regs.gpp_sid
}
}

payload.slots = validBidRequests.map(bidRequest => {
collectEid(eids, bidRequest);
const adUnitElement = document.getElementById(bidRequest.adUnitCode)
Expand Down Expand Up @@ -124,38 +131,6 @@ export const spec = {
return bidResponses;
},

/**
* Register the user sync pixels which should be dropped after the auction.
*
* @param {SyncOptions} syncOptions Which user syncs are allowed?
* @param {ServerResponse[]} serverResponses List of server's responses.
* @param {gdprConsent} object GDPR consent object.
* @param {uspConsent} string US Privacy String.
* @return {UserSync[]} The user syncs which should be dropped.
*/
getUserSyncs: function(syncOptions, serverResponses, gdprConsent, uspConsent) {
const syncs = [];
if (syncOptions.iframeEnabled && !hasOptedOutOfPersonalization()) {
let params = [];

if (gdprConsent && (typeof gdprConsent.gdprApplies === 'boolean')) {
params.push(`gdpr_applies=${gdprConsent.gdprApplies ? '1' : '0'}`);
}
if (gdprConsent && (typeof gdprConsent.consentString === 'string')) {
params.push(`gdpr_consent=${gdprConsent.consentString}`);
}
if (uspConsent && (typeof uspConsent === 'string')) {
params.push(`usp_consent=${uspConsent}`);
}

syncs.push({
type: 'iframe',
url: USER_SYNC_URL + (params.length > 0 ? `?${params.join('&')}` : '')
});
}
return syncs;
},

/**
* Register bidder specific code, which will execute if bidder timed out after an auction
* @param {data} Containing timeout specific data
Expand Down Expand Up @@ -229,16 +204,18 @@ function hasOptedOutOfPersonalization() {
* @param {BidderRequest} bidderRequest Object which contains any data consent signals
*/
function consentAllowsPpid(bidderRequest) {
/* NOTE: We can't easily test GDPR consent, without the
* `consent-string` npm module; so will have to rely on that
* happening on the bid-server. */
const uspConsent = !(bidderRequest?.uspConsent === 'string' &&
const uspConsentAllows =
typeof bidderRequest?.uspConsent === 'string' &&
bidderRequest?.uspConsent[0] === '1' &&
bidderRequest?.uspConsent[2].toUpperCase() === 'Y');
bidderRequest?.uspConsent[2].toUpperCase() === 'N';

const gdprConsent = bidderRequest?.gdprConsent && hasPurpose1Consent(bidderRequest?.gdprConsent);
/*
* True if the gdprConsent is null-y; or GDPR does not apply; or if purpose 1 consent was given.
* Much more nuanced GDPR requirements are tested on the bid server using the @iabtcf/core npm module;
*/
const gdprConsentAllows = hasPurpose1Consent(bidderRequest?.gdprConsent);

return (uspConsent || gdprConsent);
return (uspConsentAllows && gdprConsentAllows);
}

function collectEid(eids, bid) {
Expand Down
93 changes: 12 additions & 81 deletions test/spec/modules/concertBidAdapter_spec.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -57,8 +57,9 @@ describe('ConcertAdapter', function () {
refererInfo: {
page: 'https://www.google.com'
},
uspConsent: '1YYY',
gdprConsent: {}
uspConsent: '1YN-',
gdprConsent: {},
gppConsent: {}
};

bidResponse = {
Expand Down Expand Up @@ -111,7 +112,7 @@ describe('ConcertAdapter', function () {
expect(payload).to.have.property('meta');
expect(payload).to.have.property('slots');

const metaRequiredFields = ['prebidVersion', 'pageUrl', 'screen', 'debug', 'uid', 'optedOut', 'adapterVersion', 'uspConsent', 'gdprConsent'];
const metaRequiredFields = ['prebidVersion', 'pageUrl', 'screen', 'debug', 'uid', 'optedOut', 'adapterVersion', 'uspConsent', 'gdprConsent', 'gppConsent'];
const slotsRequiredFields = ['name', 'bidId', 'transactionId', 'sizes', 'partnerId', 'slotType'];

metaRequiredFields.forEach(function(field) {
Expand All @@ -138,6 +139,14 @@ describe('ConcertAdapter', function () {
expect(payload.meta.uid).to.not.equal(false);
});

it('should not generate uid if USP consent disallows', function() {
storage.removeDataFromLocalStorage('c_nap');
const request = spec.buildRequests(bidRequests, { ...bidRequest, uspConsent: '1YY' });
const payload = JSON.parse(request.data);

expect(payload.meta.uid).to.equal(false);
});

it('should use sharedid if it exists', function() {
storage.removeDataFromLocalStorage('c_nap');
const request = spec.buildRequests(bidRequests, {
Expand Down Expand Up @@ -213,82 +222,4 @@ describe('ConcertAdapter', function () {
expect(bids).to.have.lengthOf(0);
});
});

describe('spec.getUserSyncs', function() {
it('should not register syncs when iframe is not enabled', function() {
const opts = {
iframeEnabled: false
}
const sync = spec.getUserSyncs(opts, [], bidRequest.gdprConsent, bidRequest.uspConsent);
expect(sync).to.have.lengthOf(0);
});

it('should not register syncs when the user has opted out', function() {
const opts = {
iframeEnabled: true
};
storage.setDataInLocalStorage('c_nap', 'true');

const sync = spec.getUserSyncs(opts, [], bidRequest.gdprConsent, bidRequest.uspConsent);
expect(sync).to.have.lengthOf(0);
});

it('should set gdprApplies flag to 1 if the user is in area where GDPR applies', function() {
const opts = {
iframeEnabled: true
};
storage.removeDataFromLocalStorage('c_nap');

bidRequest.gdprConsent = {
gdprApplies: true
};

const sync = spec.getUserSyncs(opts, [], bidRequest.gdprConsent, bidRequest.uspConsent);
expect(sync[0].url).to.have.string('gdpr_applies=1');
});

it('should set gdprApplies flag to 1 if the user is in area where GDPR applies', function() {
const opts = {
iframeEnabled: true
};
storage.removeDataFromLocalStorage('c_nap');

bidRequest.gdprConsent = {
gdprApplies: false
};

const sync = spec.getUserSyncs(opts, [], bidRequest.gdprConsent, bidRequest.uspConsent);
expect(sync[0].url).to.have.string('gdpr_applies=0');
});

it('should set gdpr consent param with the user\'s choices on consent', function() {
const opts = {
iframeEnabled: true
};
storage.removeDataFromLocalStorage('c_nap');

bidRequest.gdprConsent = {
gdprApplies: false,
consentString: 'BOJ/P2HOJ/P2HABABMAAAAAZ+A=='
};

const sync = spec.getUserSyncs(opts, [], bidRequest.gdprConsent, bidRequest.uspConsent);
expect(sync[0].url).to.have.string('gdpr_consent=BOJ/P2HOJ/P2HABABMAAAAAZ+A==');
});

it('should set ccpa consent param with the user\'s choices on consent', function() {
const opts = {
iframeEnabled: true
};
storage.removeDataFromLocalStorage('c_nap');

bidRequest.gdprConsent = {
gdprApplies: false,
uspConsent: '1YYY'
};

const sync = spec.getUserSyncs(opts, [], bidRequest.gdprConsent, bidRequest.uspConsent);
expect(sync[0].url).to.have.string('usp_consent=1YY');
});
});
});

0 comments on commit 99b0664

Please sign in to comment.