bankid 0.1.2 → 1.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +4 -0
- data/Gemfile.lock +2 -2
- data/README.md +20 -0
- data/config/certs/development_client_certificate.key +33 -0
- data/config/certs/development_client_certificate.pem +32 -0
- data/lib/bankid/version.rb +1 -1
- data/lib/bankid.rb +5 -4
- metadata +4 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 9fca94ae716a23222cc841afe001128223f92ab1c7bb3ec9062d172438e065df
|
|
4
|
+
data.tar.gz: 6124c99b716cd7aa411d16615e1145e8518f53c043a359aa8011ab0bc49f4388
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: ea6b8806a339b2d06669b2eaec28959c9d07bde5d13d2d4635957a3b3aa7e6ea614c52de02f36b5495388897673253d70ff52b711fba5cc0c1059a072bc013a1
|
|
7
|
+
data.tar.gz: b62d199d0aab2f433f33bbbd6b8f02884d2ba32af7bcc2e0e1e22c149968bc73dd2b296e44dc82a40c89408adea702bd36486a67cf5097cfa834ea5850519f93
|
data/CHANGELOG.md
CHANGED
data/Gemfile.lock
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
PATH
|
|
2
2
|
remote: .
|
|
3
3
|
specs:
|
|
4
|
-
bankid (0.1.
|
|
4
|
+
bankid (0.1.2)
|
|
5
5
|
http (~> 5.0.4)
|
|
6
6
|
rqrcode (~> 2.1.0)
|
|
7
7
|
|
|
@@ -46,7 +46,7 @@ GEM
|
|
|
46
46
|
rake (13.0.6)
|
|
47
47
|
regexp_parser (2.2.0)
|
|
48
48
|
rexml (3.2.5)
|
|
49
|
-
rqrcode (2.1.
|
|
49
|
+
rqrcode (2.1.2)
|
|
50
50
|
chunky_png (~> 1.0)
|
|
51
51
|
rqrcode_core (~> 1.0)
|
|
52
52
|
rqrcode_core (1.2.0)
|
data/README.md
CHANGED
|
@@ -58,6 +58,26 @@ raise "logged in!" if response.status == "complete"
|
|
|
58
58
|
|
|
59
59
|
Keep polling until your response status changes to "complete", and the response object will be a struct containing the `completion_data` property you're ultimately looking for.
|
|
60
60
|
|
|
61
|
+
## Certificates
|
|
62
|
+
|
|
63
|
+
Your BankID provider will have given you a certificate. It might be in `.p12` format. If that's the case, you'll need to convert it to an OpenSSL X509 certificate - version 0.1.x of the BankID gem relied on PKCS12 which saw [big changes in OpenSSL v3](https://github.com/johanhalse/bankid/issues/3), so the implementation has been switched to X509 instead. The gem looks for a certificate and a key in these default locations:
|
|
64
|
+
|
|
65
|
+
```
|
|
66
|
+
./config/certs/#{environment}_client_certificate.pem
|
|
67
|
+
./config/certs/#{environment}_client_certificate.key
|
|
68
|
+
```
|
|
69
|
+
|
|
70
|
+
If you're upgrading from 0.1.x and want to convert an existing p12 key, it's pretty straightforward:
|
|
71
|
+
|
|
72
|
+
```
|
|
73
|
+
# Export certificate
|
|
74
|
+
openssl pkcs12 -legacy -in my_certificate.p12 -clcerts -nokeys -out my_certificate.pem
|
|
75
|
+
# Export key
|
|
76
|
+
openssl pkcs12 -legacy -in my_certificate.p12 -clcerts -nocerts -out my_certificate.key
|
|
77
|
+
```
|
|
78
|
+
|
|
79
|
+
That should hopefully get things running again.
|
|
80
|
+
|
|
61
81
|
## Development
|
|
62
82
|
|
|
63
83
|
After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake test` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
|
|
@@ -0,0 +1,33 @@
|
|
|
1
|
+
Bag Attributes
|
|
2
|
+
localKeyID: 93 12 D6 E8 2C AA 74 2E 52 10 29 3F 33 3C 39 7B 02 73 34 25
|
|
3
|
+
Key Attributes: <No Attributes>
|
|
4
|
+
-----BEGIN ENCRYPTED PRIVATE KEY-----
|
|
5
|
+
MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIbee4rppk/vsCAggA
|
|
6
|
+
MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECOmlvppFUN4xBIIEyDfJxmEJ0/mb
|
|
7
|
+
OHFPRbWbcaGv1MggkjWYmeqJN/h8KPrY9MGQ3WS41qq1ox7ae32qZI1h3alvibeU
|
|
8
|
+
0lwtfVJAdtOgAk7HKVjO9MJAwn9UJgfd5W6Vlcx7Y0GWHQ2TLyw7XxUi9d4hDHeS
|
|
9
|
+
g/oV5hQ3kWKQMGHkUqoM7n2YKJ7yErU+hWrClzGc4l5sKSSzxf/1doZDnDJg3uR1
|
|
10
|
+
VaSazx26U2ocCbtp0Y86DtxDHVyzZu0m82vRcpivLUDpYZkcWiriYGAamA0DKUGd
|
|
11
|
+
CuZN+klPucTLjbrr1wxk+du8MkplBBh6jjVUeWmU8hw9Xon47B+0Qd7oW6s2d+AL
|
|
12
|
+
I44X6AHImsnno/BddML4NytNCrIs2iLZXuOi6OiCtIxCxpS0evU5Lo8DpAG2Wmfu
|
|
13
|
+
uZ7vgFzSAGQDB1kZwelC8h/dQe1dgQBTp3Y6If1ZTEMND/YqqLRPDM/Rwtj+Cxbt
|
|
14
|
+
bnlY0IUTw7+KqSx7PKyB+P2dSFbwb9WcD3nbRdcKrjQpYGv5VQclTydICDAbuPyk
|
|
15
|
+
TYJlYcrjbbc9PfyaOmD7nbwymRNfB1tPG6QGgTVc5O7FgQqPKba3zUZzwhIzjG37
|
|
16
|
+
moiMatjdt2pYZbuhNXCiVS4I2th7Gu/WI5sVqq9OEBtsD/h+pKo3VeJJ/RQM3kO4
|
|
17
|
+
6X+obZqIdXiOL7K4YzzqrkE71rWNfKcSjmGGfCIcw9dWFG0/mBoeFRjBkaKW5xry
|
|
18
|
+
bk8K0iQvFThmdVQcXMGcXrc2l3efAwu5bK0j8o4C33DAqpOngcSBkrXsKPheXcHM
|
|
19
|
+
R+ConNg9QM4sMuXtSDJZOHzSEt0d9lkn7poiad6Fcr7cm3RaY4rLfB5/8h7jrB4e
|
|
20
|
+
WStcFjCVmENxkOc9rRqaFHWbD4Z7DambS4Nl7JfpjHOK0ifxAlIhIn0sRN5FKWGk
|
|
21
|
+
UbDEHNg8Wl9p44BglsV7AwHAl8etmY2RiKvhKsHwMsE0P5RdauXq6FMOOxwaZsRs
|
|
22
|
+
XN6lARqyQbPI4BM7/kySMKPQ7QUGsQ2oKUUBUSRxVQM5ULYRKZE4x3m6tMX8nNjF
|
|
23
|
+
TK/kTaZx2ZN4Lv8Zuy65KKd5eKRrl2hnBfN/Vl6yzdgJx22WjCufDLCpeNZcK7lN
|
|
24
|
+
Zca6UKebuCazunPUlJOTempn0Lfd4sXvnaR/mFEk01Rqwy3e6PvOTFRB3smWTIpM
|
|
25
|
+
bCNJ2kWwqEc+x12j/29YmQx6aWc+IKFTXIa7tt6QrV2xZBATlld9xxeUmwdLkYyd
|
|
26
|
+
K9GicnAovbaKwJBugdhkRDIsPLP9UQ/CE4C49GqzHa7sH2lWsST2h+ksWUptWUFl
|
|
27
|
+
Izx0MzVaUWZR7AkKrZk3dkDNva1gQTmRLC3eI7jZJ2bUgwMGqPgj4XQKF3AsIKth
|
|
28
|
+
RtMCV6N/GRH/0NWb+8GQHyShJhwIcqdI8Aimlgxrj4KuYeHTOe+bU8qgSbTgKlYp
|
|
29
|
+
k2+sAdKN8lP7mT1YYZyj/NENX/8WS3nwvlJ4mfmBvmAGRGgSofsVMFsAmSI3t8pJ
|
|
30
|
+
fWnjpacUXi9mF9gm8SgjUl2ekYU1r03ig1+cjMsaYkzTdVVMovwp0HRrL8Vs8pQf
|
|
31
|
+
3JhG+mws+sWkEofOiyOYeoPtdoD+HqtgIQ8w9AswpNdqnLARUQ/fMVKgyQXFTqHQ
|
|
32
|
+
YlQoSLz8brIM69Tp9W+frA==
|
|
33
|
+
-----END ENCRYPTED PRIVATE KEY-----
|
|
@@ -0,0 +1,32 @@
|
|
|
1
|
+
Bag Attributes
|
|
2
|
+
localKeyID: 93 12 D6 E8 2C AA 74 2E 52 10 29 3F 33 3C 39 7B 02 73 34 25
|
|
3
|
+
subject=C = SE, O = Testbank A AB (publ), serialNumber = 5566304928, name = Test av BankID, CN = FP Testcert 3
|
|
4
|
+
issuer=C = SE, O = Testbank A AB (publ), serialNumber = 111111111111, CN = Testbank A RP CA v1 for BankID Test
|
|
5
|
+
-----BEGIN CERTIFICATE-----
|
|
6
|
+
MIIEyjCCArKgAwIBAgIILFi5Qu2eUu4wDQYJKoZIhvcNAQELBQAwcTELMAkGA1UE
|
|
7
|
+
BhMCU0UxHTAbBgNVBAoMFFRlc3RiYW5rIEEgQUIgKHB1YmwpMRUwEwYDVQQFEwwx
|
|
8
|
+
MTExMTExMTExMTExLDAqBgNVBAMMI1Rlc3RiYW5rIEEgUlAgQ0EgdjEgZm9yIEJh
|
|
9
|
+
bmtJRCBUZXN0MB4XDTIwMDYxNzIyMDAwMFoXDTIyMDkwNTIxNTk1OVowcjELMAkG
|
|
10
|
+
A1UEBhMCU0UxHTAbBgNVBAoMFFRlc3RiYW5rIEEgQUIgKHB1YmwpMRMwEQYDVQQF
|
|
11
|
+
Ewo1NTY2MzA0OTI4MRcwFQYDVQQpDA5UZXN0IGF2IEJhbmtJRDEWMBQGA1UEAwwN
|
|
12
|
+
RlAgVGVzdGNlcnQgMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMCb
|
|
13
|
+
Fluh4O4TEl4vydPGIUc4kAFDSVk1RM5TDYn8UDlWVxHVbalbXaJbtNQFYFm7lmpk
|
|
14
|
+
FXiif50iupanvIq+k4DIGm01MnGasWl4EW9uoExCoZC4EemZry+Hk7hm2vbwGudf
|
|
15
|
+
uIR8P43AD1MV7kp/skJaTH16qEeWTKQSoVlC+XNP/7Tl6Z8JE1GOR3+oAXWs+f/o
|
|
16
|
+
5SxXq4kIlBPkSK3tiTbEAP0/dNnSqSprv5MFHnTTWZyl8TK02TGrazyVUp/em6e6
|
|
17
|
+
V/lTtJylBmHNJMpzl7PGixgXApRSMj4ltHwjqAizBMatDoXE6qXG0fEj+vhqSo/v
|
|
18
|
+
wajY9t6FHNovhNdI+CcCAwEAAaNlMGMwEQYDVR0gBAowCDAGBgQqAwQFMA4GA1Ud
|
|
19
|
+
DwEB/wQEAwIHgDAfBgNVHSMEGDAWgBTiuVUIvGKgRjldgAxQSpIBy0zvizAdBgNV
|
|
20
|
+
HQ4EFgQU8xDQD1mLJ7MpUSxGB4lUDC5pdgswDQYJKoZIhvcNAQELBQADggIBAGWn
|
|
21
|
+
PRoXUxPITv9Uo+4llmIHhHg5XR5ejenJOFyCvTAtteQozdFJ2rby+Q4WZNAdtP8Q
|
|
22
|
+
tWcDaDigylDZSwi9TBGTRPSLH2cDFEWCQZVHs8svsF5VyBfkdtaRomiSAsk9KKLf
|
|
23
|
+
6Vo6ik1hlh4+NTBMX3VW0LjUZrPXmQ14El/XiJmHOvs54kAYf9ZTcO332Gqo8RF+
|
|
24
|
+
M3CRDVxPSrU34u6fvvxQuAvXvPumWvHaSAkOhpsn+Idr+KQ0Rip6fmgTG7UMicUi
|
|
25
|
+
PxTE66xpaMsHDmuPaeC+cTK/iXAW60+X/Vv/ANn7UOz6tvrjo6Sd1DIpEEjqW/yE
|
|
26
|
+
L4F05lbXhixKS2IRY+mAejoC66N2tz+0bv1grK4147jsYw4i9Y/rGyggkSrRd+1k
|
|
27
|
+
QM7uBxW3Cu5fSKOUZ/0UTcBGf82Ze8SlbFFvpagELy9cJHwMKarzTkuX92hJ9KG0
|
|
28
|
+
h26JBdOHzberG2tQiYzMPYVcch7WCAFWR++w6qInFs0WK7F7SBP0fyZew3hZZDoO
|
|
29
|
+
snqLWMgG+YagjAsMAcr99RvwqX7TJtISejdxz9lxxN2jKM0b1f2v8K88tzRekrGG
|
|
30
|
+
CPUQlnPu7sj7nPLVs5/sUEbaVRz8G8lKjYGsMuecRLpuVRQ/vPAd5whfiIzQFK76
|
|
31
|
+
boWGbSHS6OXfIfDrowTNlzAP+/H9f7DyBZTdwrVX
|
|
32
|
+
-----END CERTIFICATE-----
|
data/lib/bankid/version.rb
CHANGED
data/lib/bankid.rb
CHANGED
|
@@ -36,7 +36,7 @@ module Bankid
|
|
|
36
36
|
@env = env
|
|
37
37
|
@url = Bankid.const_get("#{env.upcase}_URL")
|
|
38
38
|
@cert_password = cert_password
|
|
39
|
-
@cert, @root_cert = load_certificates
|
|
39
|
+
@cert, @key, @root_cert = load_certificates
|
|
40
40
|
end
|
|
41
41
|
|
|
42
42
|
def generate_qr(start_token:, start_secret:, seconds:)
|
|
@@ -81,7 +81,8 @@ module Bankid
|
|
|
81
81
|
return if @env == "test"
|
|
82
82
|
|
|
83
83
|
[
|
|
84
|
-
OpenSSL::
|
|
84
|
+
OpenSSL::X509::Certificate.new(File.read(cert_path("client_certificate.pem"))),
|
|
85
|
+
OpenSSL::PKey::RSA.new(File.read(cert_path("client_certificate.key")), @cert_password),
|
|
85
86
|
OpenSSL::X509::Certificate.new(File.read(cert_path("bankid_certificate.pem")))
|
|
86
87
|
]
|
|
87
88
|
end
|
|
@@ -95,8 +96,8 @@ module Bankid
|
|
|
95
96
|
def ssl_context
|
|
96
97
|
OpenSSL::SSL::SSLContext.new.tap do |ctx|
|
|
97
98
|
ctx.add_certificate(
|
|
98
|
-
@cert
|
|
99
|
-
@
|
|
99
|
+
@cert,
|
|
100
|
+
@key,
|
|
100
101
|
[@root_cert]
|
|
101
102
|
)
|
|
102
103
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: bankid
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 1.0.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Johan Halse
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-09-
|
|
11
|
+
date: 2022-09-30 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: http
|
|
@@ -55,7 +55,9 @@ files:
|
|
|
55
55
|
- bin/console
|
|
56
56
|
- bin/setup
|
|
57
57
|
- config/certs/development_bankid_certificate.pem
|
|
58
|
+
- config/certs/development_client_certificate.key
|
|
58
59
|
- config/certs/development_client_certificate.p12
|
|
60
|
+
- config/certs/development_client_certificate.pem
|
|
59
61
|
- config/certs/production_bankid_certificate.pem
|
|
60
62
|
- lib/bankid.rb
|
|
61
63
|
- lib/bankid/authentication.rb
|