bankid 0.1.1 → 1.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +8 -0
- data/Gemfile.lock +4 -4
- data/README.md +20 -0
- data/config/certs/development_client_certificate.key +33 -0
- data/config/certs/development_client_certificate.pem +32 -0
- data/lib/bankid/poll.rb +4 -0
- data/lib/bankid/version.rb +1 -1
- data/lib/bankid.rb +5 -4
- metadata +5 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 9fca94ae716a23222cc841afe001128223f92ab1c7bb3ec9062d172438e065df
|
|
4
|
+
data.tar.gz: 6124c99b716cd7aa411d16615e1145e8518f53c043a359aa8011ab0bc49f4388
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: ea6b8806a339b2d06669b2eaec28959c9d07bde5d13d2d4635957a3b3aa7e6ea614c52de02f36b5495388897673253d70ff52b711fba5cc0c1059a072bc013a1
|
|
7
|
+
data.tar.gz: b62d199d0aab2f433f33bbbd6b8f02884d2ba32af7bcc2e0e1e22c149968bc73dd2b296e44dc82a40c89408adea702bd36486a67cf5097cfa834ea5850519f93
|
data/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,13 @@
|
|
|
1
1
|
## [Unreleased]
|
|
2
2
|
|
|
3
|
+
## [1.0.0] - 2022-09-30
|
|
4
|
+
|
|
5
|
+
- Deprecate the `PKCS12` algorithm in favor of `X509`: [issue #3](https://github.com/johanhalse/bankid/issues/3)
|
|
6
|
+
|
|
7
|
+
## [0.1.2] - 2022-09-08
|
|
8
|
+
|
|
9
|
+
- Add `pending?` method call for poll response object
|
|
10
|
+
|
|
3
11
|
## [0.1.1] - 2022-04-06
|
|
4
12
|
|
|
5
13
|
- Make Poll object accept error codes and details from [errors](https://www.bankid.com/utvecklare/guider/teknisk-integrationsguide/graenssnittsbeskrivning/felfall)
|
data/Gemfile.lock
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
PATH
|
|
2
2
|
remote: .
|
|
3
3
|
specs:
|
|
4
|
-
bankid (0.1.
|
|
4
|
+
bankid (0.1.2)
|
|
5
5
|
http (~> 5.0.4)
|
|
6
6
|
rqrcode (~> 2.1.0)
|
|
7
7
|
|
|
@@ -27,7 +27,7 @@ GEM
|
|
|
27
27
|
http-cookie (~> 1.0)
|
|
28
28
|
http-form_data (~> 2.2)
|
|
29
29
|
llhttp-ffi (~> 0.4.0)
|
|
30
|
-
http-cookie (1.0.
|
|
30
|
+
http-cookie (1.0.5)
|
|
31
31
|
domain_name (~> 0.5)
|
|
32
32
|
http-form_data (2.3.0)
|
|
33
33
|
llhttp-ffi (0.4.0)
|
|
@@ -46,7 +46,7 @@ GEM
|
|
|
46
46
|
rake (13.0.6)
|
|
47
47
|
regexp_parser (2.2.0)
|
|
48
48
|
rexml (3.2.5)
|
|
49
|
-
rqrcode (2.1.
|
|
49
|
+
rqrcode (2.1.2)
|
|
50
50
|
chunky_png (~> 1.0)
|
|
51
51
|
rqrcode_core (~> 1.0)
|
|
52
52
|
rqrcode_core (1.2.0)
|
|
@@ -64,7 +64,7 @@ GEM
|
|
|
64
64
|
ruby-progressbar (1.11.0)
|
|
65
65
|
unf (0.1.4)
|
|
66
66
|
unf_ext
|
|
67
|
-
unf_ext (0.0.8)
|
|
67
|
+
unf_ext (0.0.8.2)
|
|
68
68
|
unicode-display_width (2.1.0)
|
|
69
69
|
webmock (3.14.0)
|
|
70
70
|
addressable (>= 2.8.0)
|
data/README.md
CHANGED
|
@@ -58,6 +58,26 @@ raise "logged in!" if response.status == "complete"
|
|
|
58
58
|
|
|
59
59
|
Keep polling until your response status changes to "complete", and the response object will be a struct containing the `completion_data` property you're ultimately looking for.
|
|
60
60
|
|
|
61
|
+
## Certificates
|
|
62
|
+
|
|
63
|
+
Your BankID provider will have given you a certificate. It might be in `.p12` format. If that's the case, you'll need to convert it to an OpenSSL X509 certificate - version 0.1.x of the BankID gem relied on PKCS12 which saw [big changes in OpenSSL v3](https://github.com/johanhalse/bankid/issues/3), so the implementation has been switched to X509 instead. The gem looks for a certificate and a key in these default locations:
|
|
64
|
+
|
|
65
|
+
```
|
|
66
|
+
./config/certs/#{environment}_client_certificate.pem
|
|
67
|
+
./config/certs/#{environment}_client_certificate.key
|
|
68
|
+
```
|
|
69
|
+
|
|
70
|
+
If you're upgrading from 0.1.x and want to convert an existing p12 key, it's pretty straightforward:
|
|
71
|
+
|
|
72
|
+
```
|
|
73
|
+
# Export certificate
|
|
74
|
+
openssl pkcs12 -legacy -in my_certificate.p12 -clcerts -nokeys -out my_certificate.pem
|
|
75
|
+
# Export key
|
|
76
|
+
openssl pkcs12 -legacy -in my_certificate.p12 -clcerts -nocerts -out my_certificate.key
|
|
77
|
+
```
|
|
78
|
+
|
|
79
|
+
That should hopefully get things running again.
|
|
80
|
+
|
|
61
81
|
## Development
|
|
62
82
|
|
|
63
83
|
After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake test` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
|
|
@@ -0,0 +1,33 @@
|
|
|
1
|
+
Bag Attributes
|
|
2
|
+
localKeyID: 93 12 D6 E8 2C AA 74 2E 52 10 29 3F 33 3C 39 7B 02 73 34 25
|
|
3
|
+
Key Attributes: <No Attributes>
|
|
4
|
+
-----BEGIN ENCRYPTED PRIVATE KEY-----
|
|
5
|
+
MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIbee4rppk/vsCAggA
|
|
6
|
+
MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECOmlvppFUN4xBIIEyDfJxmEJ0/mb
|
|
7
|
+
OHFPRbWbcaGv1MggkjWYmeqJN/h8KPrY9MGQ3WS41qq1ox7ae32qZI1h3alvibeU
|
|
8
|
+
0lwtfVJAdtOgAk7HKVjO9MJAwn9UJgfd5W6Vlcx7Y0GWHQ2TLyw7XxUi9d4hDHeS
|
|
9
|
+
g/oV5hQ3kWKQMGHkUqoM7n2YKJ7yErU+hWrClzGc4l5sKSSzxf/1doZDnDJg3uR1
|
|
10
|
+
VaSazx26U2ocCbtp0Y86DtxDHVyzZu0m82vRcpivLUDpYZkcWiriYGAamA0DKUGd
|
|
11
|
+
CuZN+klPucTLjbrr1wxk+du8MkplBBh6jjVUeWmU8hw9Xon47B+0Qd7oW6s2d+AL
|
|
12
|
+
I44X6AHImsnno/BddML4NytNCrIs2iLZXuOi6OiCtIxCxpS0evU5Lo8DpAG2Wmfu
|
|
13
|
+
uZ7vgFzSAGQDB1kZwelC8h/dQe1dgQBTp3Y6If1ZTEMND/YqqLRPDM/Rwtj+Cxbt
|
|
14
|
+
bnlY0IUTw7+KqSx7PKyB+P2dSFbwb9WcD3nbRdcKrjQpYGv5VQclTydICDAbuPyk
|
|
15
|
+
TYJlYcrjbbc9PfyaOmD7nbwymRNfB1tPG6QGgTVc5O7FgQqPKba3zUZzwhIzjG37
|
|
16
|
+
moiMatjdt2pYZbuhNXCiVS4I2th7Gu/WI5sVqq9OEBtsD/h+pKo3VeJJ/RQM3kO4
|
|
17
|
+
6X+obZqIdXiOL7K4YzzqrkE71rWNfKcSjmGGfCIcw9dWFG0/mBoeFRjBkaKW5xry
|
|
18
|
+
bk8K0iQvFThmdVQcXMGcXrc2l3efAwu5bK0j8o4C33DAqpOngcSBkrXsKPheXcHM
|
|
19
|
+
R+ConNg9QM4sMuXtSDJZOHzSEt0d9lkn7poiad6Fcr7cm3RaY4rLfB5/8h7jrB4e
|
|
20
|
+
WStcFjCVmENxkOc9rRqaFHWbD4Z7DambS4Nl7JfpjHOK0ifxAlIhIn0sRN5FKWGk
|
|
21
|
+
UbDEHNg8Wl9p44BglsV7AwHAl8etmY2RiKvhKsHwMsE0P5RdauXq6FMOOxwaZsRs
|
|
22
|
+
XN6lARqyQbPI4BM7/kySMKPQ7QUGsQ2oKUUBUSRxVQM5ULYRKZE4x3m6tMX8nNjF
|
|
23
|
+
TK/kTaZx2ZN4Lv8Zuy65KKd5eKRrl2hnBfN/Vl6yzdgJx22WjCufDLCpeNZcK7lN
|
|
24
|
+
Zca6UKebuCazunPUlJOTempn0Lfd4sXvnaR/mFEk01Rqwy3e6PvOTFRB3smWTIpM
|
|
25
|
+
bCNJ2kWwqEc+x12j/29YmQx6aWc+IKFTXIa7tt6QrV2xZBATlld9xxeUmwdLkYyd
|
|
26
|
+
K9GicnAovbaKwJBugdhkRDIsPLP9UQ/CE4C49GqzHa7sH2lWsST2h+ksWUptWUFl
|
|
27
|
+
Izx0MzVaUWZR7AkKrZk3dkDNva1gQTmRLC3eI7jZJ2bUgwMGqPgj4XQKF3AsIKth
|
|
28
|
+
RtMCV6N/GRH/0NWb+8GQHyShJhwIcqdI8Aimlgxrj4KuYeHTOe+bU8qgSbTgKlYp
|
|
29
|
+
k2+sAdKN8lP7mT1YYZyj/NENX/8WS3nwvlJ4mfmBvmAGRGgSofsVMFsAmSI3t8pJ
|
|
30
|
+
fWnjpacUXi9mF9gm8SgjUl2ekYU1r03ig1+cjMsaYkzTdVVMovwp0HRrL8Vs8pQf
|
|
31
|
+
3JhG+mws+sWkEofOiyOYeoPtdoD+HqtgIQ8w9AswpNdqnLARUQ/fMVKgyQXFTqHQ
|
|
32
|
+
YlQoSLz8brIM69Tp9W+frA==
|
|
33
|
+
-----END ENCRYPTED PRIVATE KEY-----
|
|
@@ -0,0 +1,32 @@
|
|
|
1
|
+
Bag Attributes
|
|
2
|
+
localKeyID: 93 12 D6 E8 2C AA 74 2E 52 10 29 3F 33 3C 39 7B 02 73 34 25
|
|
3
|
+
subject=C = SE, O = Testbank A AB (publ), serialNumber = 5566304928, name = Test av BankID, CN = FP Testcert 3
|
|
4
|
+
issuer=C = SE, O = Testbank A AB (publ), serialNumber = 111111111111, CN = Testbank A RP CA v1 for BankID Test
|
|
5
|
+
-----BEGIN CERTIFICATE-----
|
|
6
|
+
MIIEyjCCArKgAwIBAgIILFi5Qu2eUu4wDQYJKoZIhvcNAQELBQAwcTELMAkGA1UE
|
|
7
|
+
BhMCU0UxHTAbBgNVBAoMFFRlc3RiYW5rIEEgQUIgKHB1YmwpMRUwEwYDVQQFEwwx
|
|
8
|
+
MTExMTExMTExMTExLDAqBgNVBAMMI1Rlc3RiYW5rIEEgUlAgQ0EgdjEgZm9yIEJh
|
|
9
|
+
bmtJRCBUZXN0MB4XDTIwMDYxNzIyMDAwMFoXDTIyMDkwNTIxNTk1OVowcjELMAkG
|
|
10
|
+
A1UEBhMCU0UxHTAbBgNVBAoMFFRlc3RiYW5rIEEgQUIgKHB1YmwpMRMwEQYDVQQF
|
|
11
|
+
Ewo1NTY2MzA0OTI4MRcwFQYDVQQpDA5UZXN0IGF2IEJhbmtJRDEWMBQGA1UEAwwN
|
|
12
|
+
RlAgVGVzdGNlcnQgMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMCb
|
|
13
|
+
Fluh4O4TEl4vydPGIUc4kAFDSVk1RM5TDYn8UDlWVxHVbalbXaJbtNQFYFm7lmpk
|
|
14
|
+
FXiif50iupanvIq+k4DIGm01MnGasWl4EW9uoExCoZC4EemZry+Hk7hm2vbwGudf
|
|
15
|
+
uIR8P43AD1MV7kp/skJaTH16qEeWTKQSoVlC+XNP/7Tl6Z8JE1GOR3+oAXWs+f/o
|
|
16
|
+
5SxXq4kIlBPkSK3tiTbEAP0/dNnSqSprv5MFHnTTWZyl8TK02TGrazyVUp/em6e6
|
|
17
|
+
V/lTtJylBmHNJMpzl7PGixgXApRSMj4ltHwjqAizBMatDoXE6qXG0fEj+vhqSo/v
|
|
18
|
+
wajY9t6FHNovhNdI+CcCAwEAAaNlMGMwEQYDVR0gBAowCDAGBgQqAwQFMA4GA1Ud
|
|
19
|
+
DwEB/wQEAwIHgDAfBgNVHSMEGDAWgBTiuVUIvGKgRjldgAxQSpIBy0zvizAdBgNV
|
|
20
|
+
HQ4EFgQU8xDQD1mLJ7MpUSxGB4lUDC5pdgswDQYJKoZIhvcNAQELBQADggIBAGWn
|
|
21
|
+
PRoXUxPITv9Uo+4llmIHhHg5XR5ejenJOFyCvTAtteQozdFJ2rby+Q4WZNAdtP8Q
|
|
22
|
+
tWcDaDigylDZSwi9TBGTRPSLH2cDFEWCQZVHs8svsF5VyBfkdtaRomiSAsk9KKLf
|
|
23
|
+
6Vo6ik1hlh4+NTBMX3VW0LjUZrPXmQ14El/XiJmHOvs54kAYf9ZTcO332Gqo8RF+
|
|
24
|
+
M3CRDVxPSrU34u6fvvxQuAvXvPumWvHaSAkOhpsn+Idr+KQ0Rip6fmgTG7UMicUi
|
|
25
|
+
PxTE66xpaMsHDmuPaeC+cTK/iXAW60+X/Vv/ANn7UOz6tvrjo6Sd1DIpEEjqW/yE
|
|
26
|
+
L4F05lbXhixKS2IRY+mAejoC66N2tz+0bv1grK4147jsYw4i9Y/rGyggkSrRd+1k
|
|
27
|
+
QM7uBxW3Cu5fSKOUZ/0UTcBGf82Ze8SlbFFvpagELy9cJHwMKarzTkuX92hJ9KG0
|
|
28
|
+
h26JBdOHzberG2tQiYzMPYVcch7WCAFWR++w6qInFs0WK7F7SBP0fyZew3hZZDoO
|
|
29
|
+
snqLWMgG+YagjAsMAcr99RvwqX7TJtISejdxz9lxxN2jKM0b1f2v8K88tzRekrGG
|
|
30
|
+
CPUQlnPu7sj7nPLVs5/sUEbaVRz8G8lKjYGsMuecRLpuVRQ/vPAd5whfiIzQFK76
|
|
31
|
+
boWGbSHS6OXfIfDrowTNlzAP+/H9f7DyBZTdwrVX
|
|
32
|
+
-----END CERTIFICATE-----
|
data/lib/bankid/poll.rb
CHANGED
data/lib/bankid/version.rb
CHANGED
data/lib/bankid.rb
CHANGED
|
@@ -36,7 +36,7 @@ module Bankid
|
|
|
36
36
|
@env = env
|
|
37
37
|
@url = Bankid.const_get("#{env.upcase}_URL")
|
|
38
38
|
@cert_password = cert_password
|
|
39
|
-
@cert, @root_cert = load_certificates
|
|
39
|
+
@cert, @key, @root_cert = load_certificates
|
|
40
40
|
end
|
|
41
41
|
|
|
42
42
|
def generate_qr(start_token:, start_secret:, seconds:)
|
|
@@ -81,7 +81,8 @@ module Bankid
|
|
|
81
81
|
return if @env == "test"
|
|
82
82
|
|
|
83
83
|
[
|
|
84
|
-
OpenSSL::
|
|
84
|
+
OpenSSL::X509::Certificate.new(File.read(cert_path("client_certificate.pem"))),
|
|
85
|
+
OpenSSL::PKey::RSA.new(File.read(cert_path("client_certificate.key")), @cert_password),
|
|
85
86
|
OpenSSL::X509::Certificate.new(File.read(cert_path("bankid_certificate.pem")))
|
|
86
87
|
]
|
|
87
88
|
end
|
|
@@ -95,8 +96,8 @@ module Bankid
|
|
|
95
96
|
def ssl_context
|
|
96
97
|
OpenSSL::SSL::SSLContext.new.tap do |ctx|
|
|
97
98
|
ctx.add_certificate(
|
|
98
|
-
@cert
|
|
99
|
-
@
|
|
99
|
+
@cert,
|
|
100
|
+
@key,
|
|
100
101
|
[@root_cert]
|
|
101
102
|
)
|
|
102
103
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: bankid
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 1.0.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Johan Halse
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-
|
|
11
|
+
date: 2022-09-30 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: http
|
|
@@ -55,7 +55,9 @@ files:
|
|
|
55
55
|
- bin/console
|
|
56
56
|
- bin/setup
|
|
57
57
|
- config/certs/development_bankid_certificate.pem
|
|
58
|
+
- config/certs/development_client_certificate.key
|
|
58
59
|
- config/certs/development_client_certificate.p12
|
|
60
|
+
- config/certs/development_client_certificate.pem
|
|
59
61
|
- config/certs/production_bankid_certificate.pem
|
|
60
62
|
- lib/bankid.rb
|
|
61
63
|
- lib/bankid/authentication.rb
|
|
@@ -85,7 +87,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
85
87
|
- !ruby/object:Gem::Version
|
|
86
88
|
version: '0'
|
|
87
89
|
requirements: []
|
|
88
|
-
rubygems_version: 3.3.
|
|
90
|
+
rubygems_version: 3.3.7
|
|
89
91
|
signing_key:
|
|
90
92
|
specification_version: 4
|
|
91
93
|
summary: BankID authentication for Ruby.
|