bankid 0.1.2 → 1.0.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +8 -0
- data/Gemfile.lock +2 -2
- data/README.md +20 -0
- data/config/certs/development_client_certificate.key +33 -0
- data/config/certs/development_client_certificate.p12 +0 -0
- data/config/certs/development_client_certificate.pem +32 -0
- data/lib/bankid/version.rb +1 -1
- data/lib/bankid.rb +5 -4
- metadata +7 -5
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 34d2de71a8270e30e4fc403e9e8dec0719cb58d8f7e3545531ce378f254e364b
|
|
4
|
+
data.tar.gz: 2d8039bcc2abd1e9efab26f3c9c35cd9f50c796cc1feb1dcaef906a8bdcf1c59
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: f394d00597819ff8edc988d1bbae42e91b1ad7c7cf4bd4a0e85e6b82d20c22f58d617d611d1d10cff0782ec34f97718bfe2407e562349a36053a32f7619d3099
|
|
7
|
+
data.tar.gz: 0a474c2a0c60b6335a3d20910574c140aab96bea4c87bce14d9ac22569bbd3cb9c3f224342d6278aaf3c6d438f6d4131399fa7bfdb2ad6097b2d3eb7f74140dc
|
data/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,13 @@
|
|
|
1
1
|
## [Unreleased]
|
|
2
2
|
|
|
3
|
+
## [1.0.1] - 2022-12-11
|
|
4
|
+
|
|
5
|
+
- Include new development client certificate instead of the old expired one
|
|
6
|
+
|
|
7
|
+
## [1.0.0] - 2022-09-30
|
|
8
|
+
|
|
9
|
+
- Deprecate the `PKCS12` algorithm in favor of `X509`: [issue #3](https://github.com/johanhalse/bankid/issues/3)
|
|
10
|
+
|
|
3
11
|
## [0.1.2] - 2022-09-08
|
|
4
12
|
|
|
5
13
|
- Add `pending?` method call for poll response object
|
data/Gemfile.lock
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
PATH
|
|
2
2
|
remote: .
|
|
3
3
|
specs:
|
|
4
|
-
bankid (0.1.
|
|
4
|
+
bankid (0.1.2)
|
|
5
5
|
http (~> 5.0.4)
|
|
6
6
|
rqrcode (~> 2.1.0)
|
|
7
7
|
|
|
@@ -46,7 +46,7 @@ GEM
|
|
|
46
46
|
rake (13.0.6)
|
|
47
47
|
regexp_parser (2.2.0)
|
|
48
48
|
rexml (3.2.5)
|
|
49
|
-
rqrcode (2.1.
|
|
49
|
+
rqrcode (2.1.2)
|
|
50
50
|
chunky_png (~> 1.0)
|
|
51
51
|
rqrcode_core (~> 1.0)
|
|
52
52
|
rqrcode_core (1.2.0)
|
data/README.md
CHANGED
|
@@ -58,6 +58,26 @@ raise "logged in!" if response.status == "complete"
|
|
|
58
58
|
|
|
59
59
|
Keep polling until your response status changes to "complete", and the response object will be a struct containing the `completion_data` property you're ultimately looking for.
|
|
60
60
|
|
|
61
|
+
## Certificates
|
|
62
|
+
|
|
63
|
+
Your BankID provider will have given you a certificate. It might be in `.p12` format. If that's the case, you'll need to convert it to an OpenSSL X509 certificate - version 0.1.x of the BankID gem relied on PKCS12 which saw [big changes in OpenSSL v3](https://github.com/johanhalse/bankid/issues/3), so the implementation has been switched to X509 instead. The gem looks for a certificate and a key in these default locations:
|
|
64
|
+
|
|
65
|
+
```
|
|
66
|
+
./config/certs/#{environment}_client_certificate.pem
|
|
67
|
+
./config/certs/#{environment}_client_certificate.key
|
|
68
|
+
```
|
|
69
|
+
|
|
70
|
+
If you're upgrading from 0.1.x and want to convert an existing p12 key, it's pretty straightforward:
|
|
71
|
+
|
|
72
|
+
```
|
|
73
|
+
# Export certificate
|
|
74
|
+
openssl pkcs12 -legacy -in my_certificate.p12 -clcerts -nokeys -out my_certificate.pem
|
|
75
|
+
# Export key
|
|
76
|
+
openssl pkcs12 -legacy -in my_certificate.p12 -clcerts -nocerts -out my_certificate.key
|
|
77
|
+
```
|
|
78
|
+
|
|
79
|
+
That should hopefully get things running again.
|
|
80
|
+
|
|
61
81
|
## Development
|
|
62
82
|
|
|
63
83
|
After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake test` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
|
|
@@ -0,0 +1,33 @@
|
|
|
1
|
+
Bag Attributes
|
|
2
|
+
localKeyID: A9 F3 0C D7 04 B6 7D 23 86 84 71 C3 E9 42 62 8B 1B D7 75 C3
|
|
3
|
+
Key Attributes: <No Attributes>
|
|
4
|
+
-----BEGIN ENCRYPTED PRIVATE KEY-----
|
|
5
|
+
MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIri8H50NwDzMCAggA
|
|
6
|
+
MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECB8EBoVdZFjABIIEyKVg9eG/0Mw4
|
|
7
|
+
ZPLuiUQTvQqTMgbb9IbPZs8RO03I0AASSJ5aQ5K/kIdxJertX6gRKaFEgD0Dcqao
|
|
8
|
+
iNlVrHLQEqB+lDls9hLbZU6KLWC7OfHYdTfow/uLSvMM+m5lorw/48Qrr7iwXe4l
|
|
9
|
+
xA2/yXLu9zUKnQjRqL3hzqYI392EN/ZwNLNJqG+H0PZdUPjqQJG7KpduF6DdWRpI
|
|
10
|
+
oOsDbNfkFSV3IDVdG8hxxQVaFhR8oGcBLogetA7eDRqNRwMctJ/NmRa7YZGlLuHF
|
|
11
|
+
deF3fCetCUyWCMt4fmzME2KFXwepWBv4yF15MiIpkDydK2crF9X98D8IcNvMWBfB
|
|
12
|
+
UeHI+uvjFFcDklwSJQGUrOKkP9Zs34cr4Rwkis4EhZOL5GHcs60Wr3VFXjj8AaJf
|
|
13
|
+
5bBgwXw7wbh+baXx+LJvouFnZRrLSkWOBWynX6ljR6fCsTzwZodP1i0H3TZdBnrP
|
|
14
|
+
g7E8gjsck4CHAsX2boujUsvgSf6DdMfZPsBiCLE3EY4vmJgqq8INxdX/N5V0Ip97
|
|
15
|
+
OqLMzzg/bBKLaBmMIFSPamKsF0PfbxBTE4h22+CS0/tIfm78ae42VcBrgPm5b2tF
|
|
16
|
+
kNaRui093YXQNBJJ65DmrFf5134KPx0GaSKzKHLQrj/lRpfP2SpucfJM9q9jUxsp
|
|
17
|
+
LT4Dov6moMnA1Sn8t8gdsFLrhelZuhMMIuAr7QVRk9PX4ZrXpgcnUfmXGYKD/8rM
|
|
18
|
+
7LW0YXMpwlPVPtD5XS1pKUmD2esCcnMz1pdTKAxxWM8HnQ5jminhIS1IvENpEPae
|
|
19
|
+
ZJ8oaKZOxu8gVpsTlgj//Kbgf4qAAAOigKQlreYpZH3RPvbqgGcN/6vLe6RfG07H
|
|
20
|
+
zh01JDn5sZyMYeTVQqM4/4Hr8DYCC4HmBglIMSU3JqCpFWJXJplzACjotnZ9+lSr
|
|
21
|
+
eBAHv3F/5Ti5dd4tUe7QUUOx4XHC9ahc0Aln/mL90q6S21ylJK8En5Xg+prDBJ9D
|
|
22
|
+
R+uPUBBcefN6WkxerFLfeSzEjAeyyY+qqkL5VszQEXmh6otxFyRUnuPFad4mXaby
|
|
23
|
+
+JkxOxBB8k90VGId9mEqqZB1BnZ+ZkQY3LR/9Pq4eRIa8KGDjDy5oYdxjwvjBAfO
|
|
24
|
+
E4DKbxf4J3j9lV/Be0QO1emwx+6KupinGBbIH/RB9OY+rKtOE5ZxzYGJ9oKW3PAe
|
|
25
|
+
Py1/31EQDb6Y16c+Ahz7PbpZXXQEUZqXP4E02AkKIUMRa/gOWFUTDdR/qIokn3AA
|
|
26
|
+
/0v2HCsKfJuuFidjlSZv2aqNfwnozaguW5F2S7z9StE8hVPDRISGuSZPEEnHQp4r
|
|
27
|
+
3ZGEsfs1MvxfO+H4XqNr00eCAwVVcSZVXVzjWFGFrpRi99nGmDi80N5i6PpwbDOM
|
|
28
|
+
hP43TjfSD2y98wCGVqiGulIJ73q9cwuU3cApIw79MX7PKrdy2V0pWpmQQgapFRHq
|
|
29
|
+
dnCSuk76YO5bCoxju99wZvujuaHCgNahBGU1EWWzXVVQlCfp9sCz/KUCRkAgD5bB
|
|
30
|
+
71u9uleRbgQnndYUcN8oYCL+8JRcdWDcHOsLiTfLpIGoK7NTwmka7vLSB7WnKZwq
|
|
31
|
+
RPMYy8xDQ8NMh44URcDCWIOV/ngikFzAfp3SpQVY+YCOEaaRLyMkU0KhuZpZrfmZ
|
|
32
|
+
zbSRSx0NaQyeW+kr/3bPkw==
|
|
33
|
+
-----END ENCRYPTED PRIVATE KEY-----
|
|
Binary file
|
|
@@ -0,0 +1,32 @@
|
|
|
1
|
+
Bag Attributes
|
|
2
|
+
localKeyID: A9 F3 0C D7 04 B6 7D 23 86 84 71 C3 E9 42 62 8B 1B D7 75 C3
|
|
3
|
+
subject=C = SE, O = Testbank A AB (publ), serialNumber = 5566304928, name = Test av BankID, CN = FP Testcert 4
|
|
4
|
+
issuer=C = SE, O = Testbank A AB (publ), serialNumber = 111111111111, CN = Testbank A RP CA v1 for BankID Test
|
|
5
|
+
-----BEGIN CERTIFICATE-----
|
|
6
|
+
MIIEyjCCArKgAwIBAgIIMLbIMaRHjMMwDQYJKoZIhvcNAQELBQAwcTELMAkGA1UE
|
|
7
|
+
BhMCU0UxHTAbBgNVBAoMFFRlc3RiYW5rIEEgQUIgKHB1YmwpMRUwEwYDVQQFEwwx
|
|
8
|
+
MTExMTExMTExMTExLDAqBgNVBAMMI1Rlc3RiYW5rIEEgUlAgQ0EgdjEgZm9yIEJh
|
|
9
|
+
bmtJRCBUZXN0MB4XDTIyMDgxNzIyMDAwMFoXDTI0MDgxODIxNTk1OVowcjELMAkG
|
|
10
|
+
A1UEBhMCU0UxHTAbBgNVBAoMFFRlc3RiYW5rIEEgQUIgKHB1YmwpMRMwEQYDVQQF
|
|
11
|
+
Ewo1NTY2MzA0OTI4MRcwFQYDVQQpDA5UZXN0IGF2IEJhbmtJRDEWMBQGA1UEAwwN
|
|
12
|
+
RlAgVGVzdGNlcnQgNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL4L
|
|
13
|
+
8ERHNSi7Jph9gj4ah7Ieok5lZHZbNyW1AiJJ1OfeD1lbAzxSidtTu6NfC83zxCjL
|
|
14
|
+
q091lHY5G7dpNDt1rN5Y+jQvrtcLc8nUpgqLfEUnbGKzZaHlO97jh6pqO8nj/mal
|
|
15
|
+
TrWI70Fr6SO3SxbsgxuwJXlRUAQxI0mPvD1gOd+uymA+EqdYS39ijC2eICHSf7bU
|
|
16
|
+
wvmscy8TAyEcT4GYmcjai1vbIjlhemmAv+NKJiSpD+zqvuHGIzBm71/Fd6cTAXqk
|
|
17
|
+
HkqTlJsxF2m6eojKCfcm5uAvSTXhVbGM155wmpzLskzkQ0dx6LbRNtA+BDe1MsAA
|
|
18
|
+
v8aE2FQ0j31ALgZePY0CAwEAAaNlMGMwEQYDVR0gBAowCDAGBgQqAwQFMA4GA1Ud
|
|
19
|
+
DwEB/wQEAwIHgDAfBgNVHSMEGDAWgBTiuVUIvGKgRjldgAxQSpIBy0zvizAdBgNV
|
|
20
|
+
HQ4EFgQUoiM2SwR2MdMVjaZz04J9LbOEau8wDQYJKoZIhvcNAQELBQADggIBAGBA
|
|
21
|
+
X1IC7mg1blaeqrTW+TtPkF7GvsbsWIh0RgG9DYRtXXofad3bn6kbDrfFXKZzv4JH
|
|
22
|
+
ERmJSyLXzMLoiwJB16V8Vz/kHT7AK94ZpLPjedPr2O4U2DGQXu1TwP5nkfgQxTeP
|
|
23
|
+
K/XnDVHNsMKqTnc+YNX6mj/UyLnbs8eq/a9uHOBJR30e0OPAdlc2fTbBT2Cui29E
|
|
24
|
+
ctcNH4LrcH4au9vO+RpEUm1hqZy3mHrx1p8Six6+qJSERNYIWTID8gklyp8MSyG5
|
|
25
|
+
q7dk0WcyvytM1dmVf/q+KriljaZ8x2zLhQRz9vpgnfwJ6Qh3cLVoPItVdQ03WpKW
|
|
26
|
+
WAB1NCMMyNcszkLZ9OO3IRz8iyWV/KWGI07ngVuGa7dHuTje6ZjcObBCr2e4uuU+
|
|
27
|
+
CLENcretUAv0BtCsOBhQLXZ0qzqrgsVebTRQzm2zTM0yfBpcTtPd3MOMFeMQTHJJ
|
|
28
|
+
8QH6twAKeJfY1lUCTXJYy1ZcrKnrNehksST8tk98Km9t5M2X59QZk7mJzzsUbnWr
|
|
29
|
+
t+izid7xF7FAgDYj9XJgQHz04a4RjRSw5/6dgexAgvGoeOkG7uUhYd5DEYQCyQyR
|
|
30
|
+
Zy69pJN32L0nM2dC2e3NFU5BOBwocoKza3hdtSqqvIkj2kzyeU38uaJUco/Vk3OU
|
|
31
|
+
s+sQNZbk5C1pxkLLwzu815tKg77Om4Nwbi+bgDvI
|
|
32
|
+
-----END CERTIFICATE-----
|
data/lib/bankid/version.rb
CHANGED
data/lib/bankid.rb
CHANGED
|
@@ -36,7 +36,7 @@ module Bankid
|
|
|
36
36
|
@env = env
|
|
37
37
|
@url = Bankid.const_get("#{env.upcase}_URL")
|
|
38
38
|
@cert_password = cert_password
|
|
39
|
-
@cert, @root_cert = load_certificates
|
|
39
|
+
@cert, @key, @root_cert = load_certificates
|
|
40
40
|
end
|
|
41
41
|
|
|
42
42
|
def generate_qr(start_token:, start_secret:, seconds:)
|
|
@@ -81,7 +81,8 @@ module Bankid
|
|
|
81
81
|
return if @env == "test"
|
|
82
82
|
|
|
83
83
|
[
|
|
84
|
-
OpenSSL::
|
|
84
|
+
OpenSSL::X509::Certificate.new(File.read(cert_path("client_certificate.pem"))),
|
|
85
|
+
OpenSSL::PKey::RSA.new(File.read(cert_path("client_certificate.key")), @cert_password),
|
|
85
86
|
OpenSSL::X509::Certificate.new(File.read(cert_path("bankid_certificate.pem")))
|
|
86
87
|
]
|
|
87
88
|
end
|
|
@@ -95,8 +96,8 @@ module Bankid
|
|
|
95
96
|
def ssl_context
|
|
96
97
|
OpenSSL::SSL::SSLContext.new.tap do |ctx|
|
|
97
98
|
ctx.add_certificate(
|
|
98
|
-
@cert
|
|
99
|
-
@
|
|
99
|
+
@cert,
|
|
100
|
+
@key,
|
|
100
101
|
[@root_cert]
|
|
101
102
|
)
|
|
102
103
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: bankid
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1
|
|
4
|
+
version: 1.0.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Johan Halse
|
|
8
|
-
autorequire:
|
|
8
|
+
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-
|
|
11
|
+
date: 2022-12-11 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: http
|
|
@@ -55,7 +55,9 @@ files:
|
|
|
55
55
|
- bin/console
|
|
56
56
|
- bin/setup
|
|
57
57
|
- config/certs/development_bankid_certificate.pem
|
|
58
|
+
- config/certs/development_client_certificate.key
|
|
58
59
|
- config/certs/development_client_certificate.p12
|
|
60
|
+
- config/certs/development_client_certificate.pem
|
|
59
61
|
- config/certs/production_bankid_certificate.pem
|
|
60
62
|
- lib/bankid.rb
|
|
61
63
|
- lib/bankid/authentication.rb
|
|
@@ -70,7 +72,7 @@ metadata:
|
|
|
70
72
|
source_code_uri: https://github.com/johanhalse/bankid
|
|
71
73
|
changelog_uri: https://github.com/johanhalse/bankid/CHANGELOG.md
|
|
72
74
|
rubygems_mfa_required: 'true'
|
|
73
|
-
post_install_message:
|
|
75
|
+
post_install_message:
|
|
74
76
|
rdoc_options: []
|
|
75
77
|
require_paths:
|
|
76
78
|
- lib
|
|
@@ -86,7 +88,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
86
88
|
version: '0'
|
|
87
89
|
requirements: []
|
|
88
90
|
rubygems_version: 3.3.7
|
|
89
|
-
signing_key:
|
|
91
|
+
signing_key:
|
|
90
92
|
specification_version: 4
|
|
91
93
|
summary: BankID authentication for Ruby.
|
|
92
94
|
test_files: []
|