bankid 1.0.1 → 3.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 34d2de71a8270e30e4fc403e9e8dec0719cb58d8f7e3545531ce378f254e364b
-  data.tar.gz: 2d8039bcc2abd1e9efab26f3c9c35cd9f50c796cc1feb1dcaef906a8bdcf1c59
+  metadata.gz: a863cfc790617c338984cc4cb33ea283dfb63cdb36f518607adf560f9bdae4ee
+  data.tar.gz: 8e5c5e43226d682372252724e910b5c3bed6c5ae11823f1046b27c83781e74d7
 SHA512:
-  metadata.gz: f394d00597819ff8edc988d1bbae42e91b1ad7c7cf4bd4a0e85e6b82d20c22f58d617d611d1d10cff0782ec34f97718bfe2407e562349a36053a32f7619d3099
-  data.tar.gz: 0a474c2a0c60b6335a3d20910574c140aab96bea4c87bce14d9ac22569bbd3cb9c3f224342d6278aaf3c6d438f6d4131399fa7bfdb2ad6097b2d3eb7f74140dc
+  metadata.gz: 3e3d064e3cb91da35373f8bf59460dafa2f9956ba277729e6df4b22f39de0ba672cc8d20eabae6b20812cbf91f30d429b5eba07af0560bfd69ea560ad48592ec
+  data.tar.gz: a37bf0af5b9843b36832e50ea461bea69a739f72f3cb8bcf91c5e0d3bfbfb746d05485385f49c1fe53625db7c5d3850ffb0fef087e6333a512db61c61b089048

data/MIT-LICENSE

@@ -0,0 +1,20 @@
+Copyright Johan Halse
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -1,93 +1,24 @@
 # Bankid
-
-Bankid authentication for Ruby!
+Bankid login for Rails!
 
 ## Installation
-
 Add this line to your application's Gemfile:
 
 ```ruby
-gem 'bankid'
+gem "bankid"
 ```
 
 And then execute:
-
-    $ bundle install
-
-Or install it yourself as:
-
-    $ gem install bankid
-
-## Usage
-
-Bankid authentication is done in the following steps:
-
-1. Generate an "authentication order" by hitting the `auth` endpoint
-2. You get an authentication object containing, among other things, an `orderRef` and a `startSecret` back
-3. Use the data contained in the authentication object to show the user a QR code
-4. Poll the `collect` endpoint every now and then using the `orderRef` you got back in the second step
-5. When user has scanned the QR code and logged in, the poll will return their data.
-
-This is step 1:
-
-```ruby
-client = Bankid::Auth.new
-auth = client.generate_authentication(ip: request.remote_ip) # user's ip address
-```
-
-Keep the values from that `auth` object around, you'll need them in later steps, as you'll see. Note that you should never reveal the `qr_start_secret` to users!
-
-Onward to step 3, showing a QR code:
-
-```ruby
-@qr_code = client.generate_qr(
-  start_token: auth.qr_start_token,
-  start_secret: auth.qr_start_secret,
-  seconds: seconds_elapsed_since_auth_response_received
-)
-```
-
-Bankid uses animated QR, which means the code is a SHA256 hex digest that includes elapsed seconds. You'll need some way to keep track of those as you refresh the QR code and poll for a response.
-
-Final step:
-
-```ruby
-response = client.poll(order_ref: auth.order_ref)
-raise "logged in!" if response.status == "complete"
-```
-
-Keep polling until your response status changes to "complete", and the response object will be a struct containing the `completion_data` property you're ultimately looking for.
-
-## Certificates
-
-Your BankID provider will have given you a certificate. It might be in `.p12` format. If that's the case, you'll need to convert it to an OpenSSL X509 certificate - version 0.1.x of the BankID gem relied on PKCS12 which saw [big changes in OpenSSL v3](https://github.com/johanhalse/bankid/issues/3), so the implementation has been switched to X509 instead. The gem looks for a certificate and a key in these default locations:
-
+```bash
+$ bundle
 ```
-./config/certs/#{environment}_client_certificate.pem
-./config/certs/#{environment}_client_certificate.key
-```
-
-If you're upgrading from 0.1.x and want to convert an existing p12 key, it's pretty straightforward:
 
+Or install it yourself as:
+```bash
+$ gem install bankid
 ```
-# Export certificate
-openssl pkcs12 -legacy -in my_certificate.p12 -clcerts -nokeys -out my_certificate.pem
-# Export key
-openssl pkcs12 -legacy -in my_certificate.p12 -clcerts -nocerts -out my_certificate.key
-```
-
-That should hopefully get things running again.
-
-## Development
-
-After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake test` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
-
-To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and the created tag, and push the `.gem` file to [rubygems.org](https://rubygems.org).
-
-## Contributing
-
-Bug reports and pull requests are welcome on GitHub at https://github.com/[USERNAME]/bankid.
+## Usage
+See [the wiki](https://github.com/johanhalse/bankid/wiki) for how to get started. The gem has seen a major overhaul from version 2 to version 3 and works very differently now.
 
 ## License
-
 The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).

data/Rakefile

@@ -1,16 +1,5 @@
 # frozen_string_literal: true
 
-require "bundler/gem_tasks"
-require "rake/testtask"
-
-Rake::TestTask.new(:test) do |t|
-  t.libs << "test"
-  t.libs << "lib"
-  t.test_files = FileList["test/**/*_test.rb"]
-end
-
-require "rubocop/rake_task"
+require "bundler/setup"
 
-RuboCop::RakeTask.new
-
-task default: %i[test rubocop]
+require "bundler/gem_tasks"

data/config/certs/client_certificate.key

@@ -0,0 +1,33 @@
+Bag Attributes
+    localKeyID: 0D BD D8 B5 3E 15 A0 F1 F6 25 9E 9B D6 01 A6 0B 0F BB DC 5C 
+Key Attributes: <No Attributes>
+-----BEGIN ENCRYPTED PRIVATE KEY-----
+MIIFJDBWBgkqhkiG9w0BBQ0wSTAxBgkqhkiG9w0BBQwwJAQQzYI/YWH5XPd8Iw/3
+rMFG0wICCAAwDAYIKoZIhvcNAgkFADAUBggqhkiG9w0DBwQI1c3P7SboACQEggTI
+meakT/u5kwzbdwmfXI8lwxHlle4r8feP4SerRPFWVwEgLuEfkBiCP7lgSNwX1Tvy
+szia9wM8qlx+aWCCUnvzUaGY6C9Tx07vef/HdY1Kh33558y2wjWcn2A0TBvT5RG0
+oQAbKdhYP4+OZIQh3zngEzHIrXh28m4ewSYYqNBkq8NoWxALfiqQ9yrtPqqhP5YI
+MPYsn9bG1hdEHnj/Ey1SbFDMDhIsEhGmQWgqym5fQHgQfHTSg86aZHhTliKZtu9m
+uG5qtXzGm4L8W/YiRKXJHaKOB1UQ2NT91jQPXk5AVjmSlr2qOpZwBjpKPWFi5Zw9
+XPZe2/wWbB72yHAEmHcMsxQnPib2DywMQb3A1czAm04oTorp0miCCq3y7VVom8UK
+V25TOp1cP8h5rUKNwpUrJ5wm/xOYxGfUwLHLkcaE++bFrIlmUK+SQHsQAd2R8z/5
+6MIlzmKq2ctB2jQZ+UpmYt39cBSG+FC8rDa96avGnp0uS2Pq5ss6XEihO2zQGuju
+CiwIuZnmoy022Y8gc9qCbbSFdBlG6Y97fq10OQiDJpiMSh9gbu1R/dH6PGmnxbfI
++pspAeXWVb82zZTTZVIYqNtsa8hSzi8YZHjfDZdTNxO0SFSsmoerMCKh64Y6sSE8
+HuCDQ5Ze1+maaYTZKRnsrI0vnS2xR62doEyH9K1enUYpIZ6cWqnpVIWLi45IYkVa
+aQF+ZrpKeC+jnvK7+toZWtXjDfFRh07WTSE2Vpa+eEp8AetWihBuCGYK2ApBcyom
+6dKxuNpz4JuLY9ODbt23t4uGPEB+owexlQ+AzthZJOCjqsz3GPqP7ws0GXtZEPR3
+S/rakQYhAm+EJHhSmTFq9vho6xwh0OOFKLpcuZK1hPM4RAMU9kqJJFWAud7YVqSz
+K3bzbNfZaIGfx9rXNGFeTofFJoI64D5tpNxdVYcQnv3gvS1Id/kqaTX8T3bq5rmk
+xipcU/XohJSkB8xqOGrBKv2XKib/WILLRocc15wxE0Ul4F8es3YBuGkLF+oyWAFN
+f4ev44tY1eHNOOzOE+ItKq+yXNgyHAwD0VuCl5dA5aov+ZKR37t707wokjfuIg7j
+9wVRdEN/8JB+1UScRr9P+OmG1ypLvWNtjKgnQm8THzoqGAFwlnS0S5FzYmcwtFZ/
+RHDJRCNVwh0wFt7KyM9x8YUlOYrd2YRmNeZYuHaUMB991G+rKyTSey4cjeyD47Rt
+YvBcWTLwRaCX8NYznkdQ49srCK18Oav6WdL1/xHOVmxwye/YZ5/prd+P+/amoh/W
+7E/+a2r6dlHfWvkl11AFMaOydDxpfp01Hls8uLgpIKdNpLGV06pabN/PZnCGw7+1
+iSN/VY9zKg+BoLGp4kCUB8Qg6Q2YawdGIfXKDDLVh1Sd8zg2B8FF8Xkb76B3p81h
+1RtLJVw8rTarHSPe746KYQHY+60T+zaXRl3JbZiFXSKyTRC1IVOoI5Cr2mS0vIQk
+vIhCsF0jJIzyPaFa/fbdUMihJRfPe+uDRkbxufiWwZL9ApqyKzPj5UWz4Uit8/Re
+5okF79w7sGGmgdRnugacg745zx3Iut7yl5Ivv6n65xmSg/vVFcMOgLYbYS86JsYH
+/o16VJIexQtspdN1Li2EAJFMCgcZYO+l
+-----END ENCRYPTED PRIVATE KEY-----

data/config/certs/client_certificate.pem

@@ -0,0 +1,32 @@
+Bag Attributes
+    localKeyID: 0D BD D8 B5 3E 15 A0 F1 F6 25 9E 9B D6 01 A6 0B 0F BB DC 5C 
+subject=C=SE, O=Testbank A AB (publ), serialNumber=5566304928, name=Test av BankID, CN=FP Testcert 5
+issuer=C=SE, O=Testbank A AB (publ), serialNumber=111111111111, CN=Testbank A RP CA v1 for BankID Test
+-----BEGIN CERTIFICATE-----
+MIIEyjCCArKgAwIBAgIIG8/maByOzV4wDQYJKoZIhvcNAQELBQAwcTELMAkGA1UE
+BhMCU0UxHTAbBgNVBAoMFFRlc3RiYW5rIEEgQUIgKHB1YmwpMRUwEwYDVQQFEwwx
+MTExMTExMTExMTExLDAqBgNVBAMMI1Rlc3RiYW5rIEEgUlAgQ0EgdjEgZm9yIEJh
+bmtJRCBUZXN0MB4XDTI0MDcwMjIyMDAwMFoXDTI5MDUyODIxNTk1OVowcjELMAkG
+A1UEBhMCU0UxHTAbBgNVBAoMFFRlc3RiYW5rIEEgQUIgKHB1YmwpMRMwEQYDVQQF
+Ewo1NTY2MzA0OTI4MRcwFQYDVQQpDA5UZXN0IGF2IEJhbmtJRDEWMBQGA1UEAwwN
+RlAgVGVzdGNlcnQgNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANwG
+Te3TokhAIefirshdT4vGAhoVLi04zgizezOWTbGp7ll6Jj41VFFg2AnmwajhvIO4
+zxQVgDeHaalTSbknpXQK5kBNwLYHxwfQvQ80Qi/w5lq88WUSbF9XKeAkiOlePOvR
+iW2y+dUATKKL1HwFrMDnILhm2UXMI4eNLRj/j3nkC75hZWn0XlrQiJgeXpRPhP22
+Fo8LdnV0VowHhosZtxt3rbAjsD/If854GRDusIM9wiR0tWiYYGlPNjoRqoHFqDD3
+QLUJgKEQXdqCZmM2+QY0m/bAc++TUJpdPsqetGHx9NhtAb0oF0NKWBkiBgNiZ2xb
+lw17vq+ZSK2AbJPOUOECAwEAAaNlMGMwEQYDVR0gBAowCDAGBgQqAwQFMA4GA1Ud
+DwEB/wQEAwIHgDAfBgNVHSMEGDAWgBTiuVUIvGKgRjldgAxQSpIBy0zvizAdBgNV
+HQ4EFgQUgZHajGxfxKgmJv9TPTr+SMh51X4wDQYJKoZIhvcNAQELBQADggIBACXY
+y4NregbhFckEEJG7E7cTjSDXWrwCbZ4SToxa0JdYMEBoy/FkMi+UVcWBpTLHOvpu
+GSBCv9vpAKYOqclt9jAa0T/mLSb7R5Zm0YVU1LeP4sYJsxauoPyA9wc49rb64qk+
+vGkzZD8YV/Jsb/SbMM3JujFCRLVedHtonY+8xFBec/3SrTVcys8KO897WwRU/5UN
+dOnJCtp7e6lSOzFIsvutoaNIsEZq7kVDikQ3EgXsB0Cxol4/CLTGLae0znzWRAxn
+2pAusNmzInXCjTx57o4+KT5yhjqNIm9ra9XKqGBEqEayFOb2XMD59DelhXb6sX87
+H1yrtMSsKEginq0WZ7BBdZ57BuNA/X8YIKMT0UATA5zoAH+QEGXe2fjfPsvYx5Y6
+D7y2i9GgfyLXbToxMufYnU9MtZuV6ZjW0E32+NRJvtkNVziDHH6/eNx32LLIP0X5
++J6Ge2gLRnYT3hkKZKxtwR5TEoDCMjvmXTFQifdSjYC0hOn9oLXnjg2ZtQremCym
+3emqINt7LXTXb6qSscD5ZsTAkDqJ5WVgPLMimf8iHhvtTLvQE9b8c+FH6o1qzvV2
+YnzfYGANQU2VUwN3jR8IfIAw/4kwgDURQQkgoqEq1JFowv7L2h//of5dOO7SCHuv
+gH7GxzJbDS4wssRFBHZGpVgK6ZjyPmfemU/MuEnm
+-----END CERTIFICATE-----

data/config/locales/en.yml

@@ -0,0 +1,15 @@
+en:
+  bankid:
+    hints:
+      cancelled: Action cancelled. Please try again.
+      alreadyInProgress: An identification or signing for this personal number is already started. Please try again.
+      requestTimeout: Internal error. Please try again.
+      maintenance: Internal error. Please try again.
+      userCancel: Action cancelled.
+      expiredTransaction: The BankID app is not responding. Please check that it’s started and that you have internet access. If you don’t have a valid BankID you can get one from your bank. Try again.
+      userSign: Enter your security code in the BankID app and select Identify or Sign.
+      outstandingTransaction: Trying to start your BankID app.
+      started: "Searching for BankID, it may take a little while. If a few seconds have passed and still no BankID has been found, you probably don’t have a BankID which can be used for this identification/signing on this computer. If you have a BankID card, please insert it into your card reader. If you don’t have a BankID you can get one from your bank. If you have a BankID on another device you can start the BankID app on that device."
+      certificateErr: The BankID you are trying to use is blocked or too old. Please use another BankID or get a new one from your bank.
+      startFailed: The BankID app couldn’t be found on your computer or mobile device. Please install it and get a BankID from your bank. Install the app from your app store or https://install.bankid.com.
+      userMrtd: Process your machine-readable travel document using the BankID app.

data/config/locales/sv.yml

@@ -0,0 +1,15 @@
+sv:
+  bankid:
+    hints:
+      cancelled: Åtgärden avbruten. Försök igen.
+      alreadyInProgress: En identifiering eller underskrift för det här personnumret är redan påbörjad. Försök igen.
+      requestTimeout: Internt tekniskt fel. Försök igen.
+      maintenance: Internt tekniskt fel. Försök igen.
+      userCancel: Åtgärden avbruten.
+      expiredTransaction: BankID-appen svarar inte. Kontrollera att den är startad och att du har internetanslutning. Om du inte har något giltigt BankID kan du skaffa ett hos din bank. Försök sedan igen.
+      userSign: Skriv in din säkerhetskod i BankID-appen och välj Identifiera eller Skriv under.
+      outstandingTransaction: Försöker starta BankID-appen.
+      started: "Söker efter BankID, det kan ta en liten stund. Om det har gått några sekunder och inget BankID har hittats har du sannolikt inget BankID som går att använda för den aktuella identifieringen/underskriften i den här datorn. Om du har ett BankID-kort, sätt in det i kortläsaren. Om du inte har något BankID kan du skaffa ett hos din bank. Om du har ett BankID på en annan enhet kan du starta din BankID-app där."
+      certificateErr: Det BankID du försöker använda är för gammalt eller spärrat. Använd ett annat BankID eller skaffa ett nytt hos din bank.
+      startFailed: BankID-appen verkar inte finnas i din dator eller mobil. Installera den och skaffa ett BankID hos din bank. Installera appen från din appbutik eller https://install.bankid.com
+      userMrtd: Fotografera och läs av din ID-handling med BankID-appen.

data/lib/bankid/client.rb

@@ -0,0 +1,76 @@
+# frozen_string_literal: true
+
+module Bankid
+  class Client
+    def initialize
+      @environment = Bankid.config.environment
+      raise EnvironmentNotSetError unless %i[development production].include?(@environment)
+
+      @url = @environment == :production ? Bankid::PRODUCTION_URL : Bankid::DEVELOPMENT_URL
+      @cert_password = Bankid.config.cert_password
+      @cert, @key, @root_cert = load_certificates
+    end
+
+    def auth(ip:, visible_data:)
+      request("auth", auth_data(ip:, visible_data:))
+    end
+
+    def cancel(id:)
+      request("cancel", orderRef: id)
+    end
+
+    def sign(ip:, visible_data:)
+      request("sign", auth_data(ip:, visible_data:))
+    end
+
+    def collect(order_ref:)
+      request("collect", orderRef: order_ref)
+    end
+
+    private
+
+    def request(endpoint, data)
+      HTTP
+        .headers("Content-Type": "application/json")
+        .post("#{@url}/#{endpoint}", ssl_context:, json: data)
+        .parse
+    end
+
+    def auth_data(ip:, visible_data:)
+      return { endUserIp: ip } if visible_data.nil?
+
+      { endUserIp: ip, userVisibleData: Base64.encode64(visible_data) }
+    end
+
+    def cert_path(file)
+      return File.absolute_path("./config/certs/#{file}") if @environment == :production
+
+      "#{Bundler.rubygems.find_name("bankid").first.full_gem_path}/config/certs/#{file}"
+    end
+
+    def intermediate_path
+      file = "#{@environment}_bankid_certificate.pem"
+      "#{Bundler.rubygems.find_name("bankid").first.full_gem_path}/config/certs/#{file}"
+    end
+
+    def load_certificates
+      [
+        OpenSSL::X509::Certificate.new(File.read(cert_path("client_certificate.pem"))),
+        OpenSSL::PKey::RSA.new(File.read(cert_path("client_certificate.key")), @cert_password),
+        OpenSSL::X509::Certificate.new(File.read(intermediate_path))
+      ]
+    rescue Errno::ENOENT => _e
+      raise MissingCertificatesError
+    end
+
+    def ssl_context
+      OpenSSL::SSL::SSLContext.new.tap do |ctx|
+        ctx.add_certificate(
+          @cert,
+          @key,
+          [@root_cert]
+        )
+      end
+    end
+  end
+end

data/lib/bankid/railtie.rb

@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+module Bankid
+  class Railtie < ::Rails::Railtie
+    config.bankid = ActiveSupport::OrderedOptions.new
+
+    initializer "bankid" do |app|
+      Bankid.config = app.config.bankid
+      path = "#{Bundler.rubygems.find_name("bankid").first.full_gem_path}/config/locales/"
+      I18n.load_path += ["#{path}sv.yml", "#{path}en.yml"]
+    end
+  end
+end

data/lib/bankid/result.rb

@@ -0,0 +1,75 @@
+# frozen_string_literal: true
+
+module Bankid
+  class User
+    attr_accessor :personal_number, :name, :given_name, :surname
+
+    def initialize(personalNumber:, name:, givenName:, surname:)
+      @personal_number = personalNumber
+      @name = name
+      @given_name = givenName
+      @surname = surname
+    end
+  end
+
+  class Device
+    attr_accessor :device, :bankid_issue_date, :signature, :ocsp_response
+
+    def initialize(device:, signature:, ocspResponse:)
+      @device = device
+      @signature = signature
+      @ocsp_response = ocspResponse
+    end
+
+    def to_json(*_args)
+      { device:, signature:, ocsp_response: }.to_json
+    end
+  end
+
+  class Result
+    attr_accessor :user, :device, :hint_code
+
+    def initialize(result_json:)
+      @result_json = result_json
+      if result_json["status"] == "complete"
+        set_device_and_user
+      else
+        set_hint_code
+      end
+    end
+
+    def set_device_and_user
+      @user = User.new(**@result_json.dig("completionData", "user").symbolize_keys)
+      @result_json["completionData"].symbolize_keys => {
+        device:,
+        signature:,
+        ocspResponse:
+      }
+      @device = Device.new(device:, signature:, ocspResponse:)
+    end
+
+    def set_hint_code
+      @hint_code = @result_json["hintCode"]
+    end
+
+    def success?
+      @result_json["status"] == "complete"
+    end
+
+    def failure?
+      @result_json["status"] == "failed"
+    end
+
+    def pending?
+      @result_json["status"] == "pending"
+    end
+
+    def user_sign?
+      @result_json["status"] == "userSign"
+    end
+
+    def started?
+      @result_json["status"] == "started"
+    end
+  end
+end

data/lib/bankid/secret.rb

@@ -0,0 +1,38 @@
+# frozen_string_literal: true
+
+module Bankid
+  class Secret
+    RESOLUTION = 1
+
+    attr_reader :result, :order_ref
+
+    def initialize(orderRef:, autoStartToken:, qrStartToken:, qrStartSecret:, created_at:)
+      @order_ref = orderRef
+      @auto_start_token = autoStartToken
+      @qr_start_token = qrStartToken
+      @qr_start_secret = qrStartSecret
+      @created_at = created_at
+    end
+
+    def autostart_link(return_url = nil)
+      if return_url
+        "https://app.bankid.com/?autostarttoken=#{@auto_start_token}&redirect=#{return_url}"
+      else
+        "https://app.bankid.com/?autostarttoken=#{@auto_start_token}"
+      end
+    end
+
+    def desktop_link(return_url)
+      "bankid:///?autostarttoken=#{@auto_start_token}&redirect=#{CGI.escape(return_url)}"
+    end
+
+    def elapsed_seconds
+      ((Time.zone.now - @created_at).to_f / RESOLUTION).floor * RESOLUTION
+    end
+
+    def qr_code
+      auth_code = OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new("SHA256"), @qr_start_secret, elapsed_seconds.to_s)
+      RQRCode::QRCode.new("bankid.#{@qr_start_token}.#{elapsed_seconds}.#{auth_code}")
+    end
+  end
+end

data/lib/bankid/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Bankid
-  VERSION = "1.0.1"
+  VERSION = "3.1.0"
 end

data/lib/bankid.rb

@@ -2,113 +2,56 @@
 
 require "http"
 require "rqrcode"
-require_relative "bankid/authentication"
-require_relative "bankid/poll"
-require_relative "bankid/version"
+require "bankid/version"
+require "bankid/client"
+require "bankid/result"
+require "bankid/secret"
+require "bankid/railtie" if defined?(Rails::Railtie)
 
 module Bankid
-  TEST_URL = "http://127.0.0.1"
-  DEVELOPMENT_URL = "https://appapi2.test.bankid.com/rp/v5.1"
-  PRODUCTION_URL = "https://appapi2.bankid.com/rp/v5.1"
+  DEVELOPMENT_URL = "https://appapi2.test.bankid.com/rp/v6.0"
+  PRODUCTION_URL = "https://appapi2.bankid.com/rp/v6.0"
 
-  class Error < StandardError; end
+  class EnvironmentNotSetError < StandardError; end
+  class MissingCertificatesError < StandardError; end
+  class CachedSecretNotFoundError < StandardError; end
+  class NoSuchOrderError < StandardError; end
 
-  class Auth
-    def self.stub_endpoint(endpoint, data)
-      @stubs = {} unless defined?(@stubs)
-      @stubs[endpoint] = data
-    end
-
-    def self.endpoint_stub(endpoint)
-      unless defined?(@stubs)
-        raise "You should stub the endpoint `#{endpoint}` with the `Bankid::Auth.stub_endpoint` method"
-      end
-
-      @stubs[endpoint]
-    end
-
-    def self.clear_stubs
-      remove_instance_variable(:@stubs) if defined?(@stubs)
-    end
-
-    def initialize(env: "development", cert_password: "qwerty123")
-      @stubs = []
-      @env = env
-      @url = Bankid.const_get("#{env.upcase}_URL")
-      @cert_password = cert_password
-      @cert, @key, @root_cert = load_certificates
-    end
-
-    def generate_qr(start_token:, start_secret:, seconds:)
-      RQRCode::QRCode.new(
-        qr_auth_code(start_token, start_secret, seconds)
-      )
-    end
-
-    def poll(order_ref:)
-      response = request("collect", { orderRef: order_ref })
-      Poll.new(**camelize(JSON.parse(response)))
-    end
-
-    def generate_authentication(ip:, id_number: nil)
-      response = request("auth", auth_data(ip, id_number))
-      Authentication.new(**camelize(JSON.parse(response)))
-    end
-
-    private
-
-    def request(endpoint, data)
-      return Auth.endpoint_stub(endpoint) if @env == "test"
-
-      HTTP
-        .headers("Content-Type": "application/json")
-        .post("#{@url}/#{endpoint}", ssl_context: ssl_context, json: data).to_s
-    end
-
-    def auth_data(ip, id_number)
-      { endUserIp: ip }.merge(id_number ? { id_number: id_number } : {})
-    end
+  def self.config
+    @@config
+  end
 
-    def camelize(response)
-      response.transform_keys { |k| underscore(k.to_s).to_sym }
-    end
+  def self.config=(config)
+    @@config = config
+  end
 
-    def cert_path(file)
-      File.absolute_path("./config/certs/#{@env}_#{file}")
-    end
+  def self.cancel(id)
+    Client.new.cancel(id:)
+  end
 
-    def load_certificates
-      return if @env == "test"
+  def self.collect(id)
+    cached_secret = Rails.cache.read(id)
+    raise CachedSecretNotFoundError if cached_secret.nil?
 
-      [
-        OpenSSL::X509::Certificate.new(File.read(cert_path("client_certificate.pem"))),
-        OpenSSL::PKey::RSA.new(File.read(cert_path("client_certificate.key")), @cert_password),
-        OpenSSL::X509::Certificate.new(File.read(cert_path("bankid_certificate.pem")))
-      ]
-    end
+    result_json = Client.new.collect(order_ref: id)
+    raise NoSuchOrderError if result_json["errorCode"].present?
 
-    def qr_auth_code(start_token, start_secret, seconds)
-      auth_code = OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new("SHA256"), start_secret, seconds.to_s)
+    [Secret.new(**cached_secret.symbolize_keys), Result.new(result_json:)]
+  end
 
-      "bankid.#{start_token}.#{seconds}.#{auth_code}"
-    end
+  def self.generate_authentication(ip:, visible_data: nil)
+    response = Client.new.auth(ip:, visible_data:).merge(created_at: Time.zone.now)
+    Rails.cache.write(response["orderRef"], response, expires_in: 1.minute)
+    response["orderRef"]
+  end
 
-    def ssl_context
-      OpenSSL::SSL::SSLContext.new.tap do |ctx|
-        ctx.add_certificate(
-          @cert,
-          @key,
-          [@root_cert]
-        )
-      end
-    end
+  def self.generate_signature(ip:, visible_data: nil)
+    response = Client.new.sign(ip:, visible_data:).merge(created_at: Time.zone.now)
+    Rails.cache.write(response["orderRef"], response, expires_in: 1.minute)
+    response["orderRef"]
+  end
 
-    def underscore(str)
-      str.gsub(/::/, "/")
-         .gsub(/([A-Z]+)([A-Z][a-z])/, '\1_\2')
-         .gsub(/([a-z\d])([A-Z])/, '\1_\2')
-         .tr("-", "_")
-         .downcase
-    end
+  def self.translated_hint_code(hint_code)
+    I18n.translate("bankid.hints.#{hint_code}")
   end
 end

data/lib/tasks/bankid_tasks.rake

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+# desc "Explaining what the task does"
+# task :bankid do
+#   # Task goes here
+# end

metadata

@@ -1,14 +1,13 @@
 --- !ruby/object:Gem::Specification
 name: bankid
 version: !ruby/object:Gem::Version
-  version: 1.0.1
+  version: 3.1.0
 platform: ruby
 authors:
 - Johan Halse
-autorequire:
-bindir: exe
+bindir: bin
 cert_chain: []
-date: 2022-12-11 00:00:00.000000000 Z
+date: 1980-01-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: http
@@ -16,28 +15,42 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 5.0.4
+        version: 5.1.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 5.0.4
+        version: 5.1.1
+- !ruby/object:Gem::Dependency
+  name: rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 7.0.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 7.0.0
 - !ruby/object:Gem::Dependency
   name: rqrcode
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.1.0
+        version: 2.2.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.1.0
+        version: 2.2.0
 description: A simple and easy way to add Swedish BankID QR code login to your site.
 email:
 - johan@hal.se
@@ -45,24 +58,23 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- ".rubocop.yml"
-- CHANGELOG.md
-- Gemfile
-- Gemfile.lock
-- LICENSE.txt
+- MIT-LICENSE
 - README.md
 - Rakefile
-- bin/console
-- bin/setup
+- config/certs/client_certificate.key
+- config/certs/client_certificate.p12
+- config/certs/client_certificate.pem
 - config/certs/development_bankid_certificate.pem
-- config/certs/development_client_certificate.key
-- config/certs/development_client_certificate.p12
-- config/certs/development_client_certificate.pem
 - config/certs/production_bankid_certificate.pem
+- config/locales/en.yml
+- config/locales/sv.yml
 - lib/bankid.rb
-- lib/bankid/authentication.rb
-- lib/bankid/poll.rb
+- lib/bankid/client.rb
+- lib/bankid/railtie.rb
+- lib/bankid/result.rb
+- lib/bankid/secret.rb
 - lib/bankid/version.rb
+- lib/tasks/bankid_tasks.rake
 homepage: https://github.com/johanhalse/bankid
 licenses:
 - MIT
@@ -72,7 +84,6 @@ metadata:
   source_code_uri: https://github.com/johanhalse/bankid
   changelog_uri: https://github.com/johanhalse/bankid/CHANGELOG.md
   rubygems_mfa_required: 'true'
-post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -80,15 +91,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 3.0.0
+      version: 3.3.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.3.7
-signing_key:
+rubygems_version: 3.7.1
 specification_version: 4
 summary: BankID authentication for Ruby.
 test_files: []

data/.rubocop.yml

@@ -1,34 +0,0 @@
-AllCops:
-  TargetRubyVersion: 3.0.2
-  NewCops: enable
-  Exclude:
-    - "bin/**/*"
-    - "public/**/*"
-    - "log/**/*"
-    - "tmp/**/*"
-    - "vendor/**/*"
-    - "db/schema.rb"
-    - "db/migrate/**/*"
-
-Layout/LineLength:
-  Max: 120
-
-Metrics/AbcSize:
-  Max: 20
-
-Metrics/MethodLength:
-  Max: 16
-
-Metrics/BlockLength:
-  Max: 30
-
-Style/Documentation:
-  Enabled: false
-
-Style/StringLiterals:
-  Enabled: true
-  EnforcedStyle: double_quotes
-
-Style/StringLiteralsInInterpolation:
-  Enabled: true
-  EnforcedStyle: double_quotes

data/CHANGELOG.md

@@ -1,21 +0,0 @@
-## [Unreleased]
-
-## [1.0.1] - 2022-12-11
-
-- Include new development client certificate instead of the old expired one
-
-## [1.0.0] - 2022-09-30
-
-- Deprecate the `PKCS12` algorithm in favor of `X509`: [issue #3](https://github.com/johanhalse/bankid/issues/3)
-
-## [0.1.2] - 2022-09-08
-
-- Add `pending?` method call for poll response object
-
-## [0.1.1] - 2022-04-06
-
-- Make Poll object accept error codes and details from [errors](https://www.bankid.com/utvecklare/guider/teknisk-integrationsguide/graenssnittsbeskrivning/felfall)
-
-## [0.1.0] - 2021-10-25
-
-- Initial release

data/Gemfile

@@ -1,15 +0,0 @@
-# frozen_string_literal: true
-
-source "https://rubygems.org"
-
-# Specify your gem's dependencies in bankid.gemspec
-gemspec
-
-gem "minitest"
-gem "pry"
-gem "rake"
-gem "rubocop"
-
-group :test do
-  gem "webmock"
-end

data/Gemfile.lock

@@ -1,86 +0,0 @@
-PATH
-  remote: .
-  specs:
-    bankid (0.1.2)
-      http (~> 5.0.4)
-      rqrcode (~> 2.1.0)
-
-GEM
-  remote: https://rubygems.org/
-  specs:
-    addressable (2.8.0)
-      public_suffix (>= 2.0.2, < 5.0)
-    ast (2.4.2)
-    chunky_png (1.4.0)
-    coderay (1.1.3)
-    crack (0.4.5)
-      rexml
-    domain_name (0.5.20190701)
-      unf (>= 0.0.5, < 1.0.0)
-    ffi (1.15.5)
-    ffi-compiler (1.0.1)
-      ffi (>= 1.0.0)
-      rake
-    hashdiff (1.0.1)
-    http (5.0.4)
-      addressable (~> 2.8)
-      http-cookie (~> 1.0)
-      http-form_data (~> 2.2)
-      llhttp-ffi (~> 0.4.0)
-    http-cookie (1.0.5)
-      domain_name (~> 0.5)
-    http-form_data (2.3.0)
-    llhttp-ffi (0.4.0)
-      ffi-compiler (~> 1.0)
-      rake (~> 13.0)
-    method_source (1.0.0)
-    minitest (5.15.0)
-    parallel (1.21.0)
-    parser (3.1.0.0)
-      ast (~> 2.4.1)
-    pry (0.14.1)
-      coderay (~> 1.1)
-      method_source (~> 1.0)
-    public_suffix (4.0.6)
-    rainbow (3.1.1)
-    rake (13.0.6)
-    regexp_parser (2.2.0)
-    rexml (3.2.5)
-    rqrcode (2.1.2)
-      chunky_png (~> 1.0)
-      rqrcode_core (~> 1.0)
-    rqrcode_core (1.2.0)
-    rubocop (1.25.1)
-      parallel (~> 1.10)
-      parser (>= 3.1.0.0)
-      rainbow (>= 2.2.2, < 4.0)
-      regexp_parser (>= 1.8, < 3.0)
-      rexml
-      rubocop-ast (>= 1.15.1, < 2.0)
-      ruby-progressbar (~> 1.7)
-      unicode-display_width (>= 1.4.0, < 3.0)
-    rubocop-ast (1.15.1)
-      parser (>= 3.0.1.1)
-    ruby-progressbar (1.11.0)
-    unf (0.1.4)
-      unf_ext
-    unf_ext (0.0.8.2)
-    unicode-display_width (2.1.0)
-    webmock (3.14.0)
-      addressable (>= 2.8.0)
-      crack (>= 0.3.2)
-      hashdiff (>= 0.4.0, < 2.0.0)
-
-PLATFORMS
-  x86_64-linux
-
-DEPENDENCIES
-  bankid!
-  minitest
-  pry
-  rake
-  rubocop
-  webmock
-
-BUNDLED WITH
-   2.2.28

data/LICENSE.txt

@@ -1,21 +0,0 @@
-The MIT License (MIT)
-
-Copyright (c) 2021 Johan Halse
-
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in
-all copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-THE SOFTWARE.

data/bin/console

@@ -1,15 +0,0 @@
-#!/usr/bin/env ruby
-# frozen_string_literal: true
-
-require "bundler/setup"
-require "bankid"
-
-# You can add fixtures and/or initialization code here to make experimenting
-# with your gem easier. You can also use a different console, if you like.
-
-# (If you use this, don't forget to add pry to your Gemfile!)
-# require "pry"
-# Pry.start
-
-require "irb"
-IRB.start(__FILE__)

data/bin/setup

@@ -1,8 +0,0 @@
-#!/usr/bin/env bash
-set -euo pipefail
-IFS=$'\n\t'
-set -vx
-
-bundle install
-
-# Do any other automated setup that you need to do here

data/config/certs/development_client_certificate.key

@@ -1,33 +0,0 @@
-Bag Attributes
-    localKeyID: A9 F3 0C D7 04 B6 7D 23 86 84 71 C3 E9 42 62 8B 1B D7 75 C3 
-Key Attributes: <No Attributes>
------BEGIN ENCRYPTED PRIVATE KEY-----
-MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIri8H50NwDzMCAggA
-MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECB8EBoVdZFjABIIEyKVg9eG/0Mw4
-ZPLuiUQTvQqTMgbb9IbPZs8RO03I0AASSJ5aQ5K/kIdxJertX6gRKaFEgD0Dcqao
-iNlVrHLQEqB+lDls9hLbZU6KLWC7OfHYdTfow/uLSvMM+m5lorw/48Qrr7iwXe4l
-xA2/yXLu9zUKnQjRqL3hzqYI392EN/ZwNLNJqG+H0PZdUPjqQJG7KpduF6DdWRpI
-oOsDbNfkFSV3IDVdG8hxxQVaFhR8oGcBLogetA7eDRqNRwMctJ/NmRa7YZGlLuHF
-deF3fCetCUyWCMt4fmzME2KFXwepWBv4yF15MiIpkDydK2crF9X98D8IcNvMWBfB
-UeHI+uvjFFcDklwSJQGUrOKkP9Zs34cr4Rwkis4EhZOL5GHcs60Wr3VFXjj8AaJf
-5bBgwXw7wbh+baXx+LJvouFnZRrLSkWOBWynX6ljR6fCsTzwZodP1i0H3TZdBnrP
-g7E8gjsck4CHAsX2boujUsvgSf6DdMfZPsBiCLE3EY4vmJgqq8INxdX/N5V0Ip97
-OqLMzzg/bBKLaBmMIFSPamKsF0PfbxBTE4h22+CS0/tIfm78ae42VcBrgPm5b2tF
-kNaRui093YXQNBJJ65DmrFf5134KPx0GaSKzKHLQrj/lRpfP2SpucfJM9q9jUxsp
-LT4Dov6moMnA1Sn8t8gdsFLrhelZuhMMIuAr7QVRk9PX4ZrXpgcnUfmXGYKD/8rM
-7LW0YXMpwlPVPtD5XS1pKUmD2esCcnMz1pdTKAxxWM8HnQ5jminhIS1IvENpEPae
-ZJ8oaKZOxu8gVpsTlgj//Kbgf4qAAAOigKQlreYpZH3RPvbqgGcN/6vLe6RfG07H
-zh01JDn5sZyMYeTVQqM4/4Hr8DYCC4HmBglIMSU3JqCpFWJXJplzACjotnZ9+lSr
-eBAHv3F/5Ti5dd4tUe7QUUOx4XHC9ahc0Aln/mL90q6S21ylJK8En5Xg+prDBJ9D
-R+uPUBBcefN6WkxerFLfeSzEjAeyyY+qqkL5VszQEXmh6otxFyRUnuPFad4mXaby
-+JkxOxBB8k90VGId9mEqqZB1BnZ+ZkQY3LR/9Pq4eRIa8KGDjDy5oYdxjwvjBAfO
-E4DKbxf4J3j9lV/Be0QO1emwx+6KupinGBbIH/RB9OY+rKtOE5ZxzYGJ9oKW3PAe
-Py1/31EQDb6Y16c+Ahz7PbpZXXQEUZqXP4E02AkKIUMRa/gOWFUTDdR/qIokn3AA
-/0v2HCsKfJuuFidjlSZv2aqNfwnozaguW5F2S7z9StE8hVPDRISGuSZPEEnHQp4r
-3ZGEsfs1MvxfO+H4XqNr00eCAwVVcSZVXVzjWFGFrpRi99nGmDi80N5i6PpwbDOM
-hP43TjfSD2y98wCGVqiGulIJ73q9cwuU3cApIw79MX7PKrdy2V0pWpmQQgapFRHq
-dnCSuk76YO5bCoxju99wZvujuaHCgNahBGU1EWWzXVVQlCfp9sCz/KUCRkAgD5bB
-71u9uleRbgQnndYUcN8oYCL+8JRcdWDcHOsLiTfLpIGoK7NTwmka7vLSB7WnKZwq
-RPMYy8xDQ8NMh44URcDCWIOV/ngikFzAfp3SpQVY+YCOEaaRLyMkU0KhuZpZrfmZ
-zbSRSx0NaQyeW+kr/3bPkw==
------END ENCRYPTED PRIVATE KEY-----

data/config/certs/development_client_certificate.pem

@@ -1,32 +0,0 @@
-Bag Attributes
-    localKeyID: A9 F3 0C D7 04 B6 7D 23 86 84 71 C3 E9 42 62 8B 1B D7 75 C3 
-subject=C = SE, O = Testbank A AB (publ), serialNumber = 5566304928, name = Test av BankID, CN = FP Testcert 4
-issuer=C = SE, O = Testbank A AB (publ), serialNumber = 111111111111, CN = Testbank A RP CA v1 for BankID Test
------BEGIN CERTIFICATE-----
-MIIEyjCCArKgAwIBAgIIMLbIMaRHjMMwDQYJKoZIhvcNAQELBQAwcTELMAkGA1UE
-BhMCU0UxHTAbBgNVBAoMFFRlc3RiYW5rIEEgQUIgKHB1YmwpMRUwEwYDVQQFEwwx
-MTExMTExMTExMTExLDAqBgNVBAMMI1Rlc3RiYW5rIEEgUlAgQ0EgdjEgZm9yIEJh
-bmtJRCBUZXN0MB4XDTIyMDgxNzIyMDAwMFoXDTI0MDgxODIxNTk1OVowcjELMAkG
-A1UEBhMCU0UxHTAbBgNVBAoMFFRlc3RiYW5rIEEgQUIgKHB1YmwpMRMwEQYDVQQF
-Ewo1NTY2MzA0OTI4MRcwFQYDVQQpDA5UZXN0IGF2IEJhbmtJRDEWMBQGA1UEAwwN
-RlAgVGVzdGNlcnQgNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL4L
-8ERHNSi7Jph9gj4ah7Ieok5lZHZbNyW1AiJJ1OfeD1lbAzxSidtTu6NfC83zxCjL
-q091lHY5G7dpNDt1rN5Y+jQvrtcLc8nUpgqLfEUnbGKzZaHlO97jh6pqO8nj/mal
-TrWI70Fr6SO3SxbsgxuwJXlRUAQxI0mPvD1gOd+uymA+EqdYS39ijC2eICHSf7bU
-wvmscy8TAyEcT4GYmcjai1vbIjlhemmAv+NKJiSpD+zqvuHGIzBm71/Fd6cTAXqk
-HkqTlJsxF2m6eojKCfcm5uAvSTXhVbGM155wmpzLskzkQ0dx6LbRNtA+BDe1MsAA
-v8aE2FQ0j31ALgZePY0CAwEAAaNlMGMwEQYDVR0gBAowCDAGBgQqAwQFMA4GA1Ud
-DwEB/wQEAwIHgDAfBgNVHSMEGDAWgBTiuVUIvGKgRjldgAxQSpIBy0zvizAdBgNV
-HQ4EFgQUoiM2SwR2MdMVjaZz04J9LbOEau8wDQYJKoZIhvcNAQELBQADggIBAGBA
-X1IC7mg1blaeqrTW+TtPkF7GvsbsWIh0RgG9DYRtXXofad3bn6kbDrfFXKZzv4JH
-ERmJSyLXzMLoiwJB16V8Vz/kHT7AK94ZpLPjedPr2O4U2DGQXu1TwP5nkfgQxTeP
-K/XnDVHNsMKqTnc+YNX6mj/UyLnbs8eq/a9uHOBJR30e0OPAdlc2fTbBT2Cui29E
-ctcNH4LrcH4au9vO+RpEUm1hqZy3mHrx1p8Six6+qJSERNYIWTID8gklyp8MSyG5
-q7dk0WcyvytM1dmVf/q+KriljaZ8x2zLhQRz9vpgnfwJ6Qh3cLVoPItVdQ03WpKW
-WAB1NCMMyNcszkLZ9OO3IRz8iyWV/KWGI07ngVuGa7dHuTje6ZjcObBCr2e4uuU+
-CLENcretUAv0BtCsOBhQLXZ0qzqrgsVebTRQzm2zTM0yfBpcTtPd3MOMFeMQTHJJ
-8QH6twAKeJfY1lUCTXJYy1ZcrKnrNehksST8tk98Km9t5M2X59QZk7mJzzsUbnWr
-t+izid7xF7FAgDYj9XJgQHz04a4RjRSw5/6dgexAgvGoeOkG7uUhYd5DEYQCyQyR
-Zy69pJN32L0nM2dC2e3NFU5BOBwocoKza3hdtSqqvIkj2kzyeU38uaJUco/Vk3OU
-s+sQNZbk5C1pxkLLwzu815tKg77Om4Nwbi+bgDvI
------END CERTIFICATE-----

data/lib/bankid/authentication.rb

@@ -1,23 +0,0 @@
-# frozen_string_literal: true
-
-module Bankid
-  class Authentication
-    ATTRS = %i[order_ref auto_start_token qr_start_token qr_start_secret].freeze
-    attr_accessor(*ATTRS)
-
-    def initialize(order_ref:, auto_start_token:, qr_start_token:, qr_start_secret:)
-      @order_ref = order_ref
-      @auto_start_token = auto_start_token
-      @qr_start_token = qr_start_token
-      @qr_start_secret = qr_start_secret
-    end
-
-    def to_h
-      ATTRS.to_h { |a| [a, send(a)] }
-    end
-
-    def ==(other)
-      ATTRS.all? { |a| send(a) == other.send(a) }
-    end
-  end
-end

data/lib/bankid/poll.rb

@@ -1,43 +0,0 @@
-# frozen_string_literal: true
-
-module Bankid
-  class Poll
-    ATTRS = %i[order_ref status hint_code completion_data error_code details].freeze
-    attr_accessor(*ATTRS)
-
-    # rubocop:disable Metrics/ParameterLists
-    def initialize(order_ref: nil, status: nil, hint_code: nil, completion_data: {}, error_code: nil, details: nil)
-      @order_ref = order_ref
-      @status = status
-      @hint_code = hint_code
-      @completion_data = completion_data
-      @error_code = error_code
-      @details = details
-    end
-    # rubocop:enable Metrics/ParameterLists
-
-    def completed?
-      status == "complete"
-    end
-
-    def failed?
-      status == "failed" || error_code
-    end
-
-    def pending?
-      status == "pending"
-    end
-
-    def timed_out?
-      hint_code == "startFailed"
-    end
-
-    def to_h
-      ATTRS.to_h { |a| [a, send(a)] }
-    end
-
-    def ==(other)
-      ATTRS.all? { |a| send(a) == other.send(a) }
-    end
-  end
-end