identikey 0.8.2 → 0.9.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 66d43ba4ae2d3edfe361a94fe99fb85485fd90d804fd252bb03ab6d56541fc42
-  data.tar.gz: 723cf154216947148230acd05ba900b9ae4da15e06be73d2f2092a14034d3fbc
+  metadata.gz: 8b12db6aa0435e14bd281a73d2ab1c50edc993ecb41cfe8933d180607bb22c36
+  data.tar.gz: 322412ff65c22664df05aa4e6e7c69d9da9a7851e827b97519a19b22162ab387
 SHA512:
-  metadata.gz: e6f2c933ab1c131c879555fb1d34a51159ea4ff022782b9cd65d59fff7f1569b3c7ab7584035d8388ddc9ea153751216aafef622d59731168490aa4a686b9676
-  data.tar.gz: ebe4c8dbef838a97f21710350c345280750ba11bb25d070946d823e5d01b1ceb4425a73d3a9ae5a6e22755743288704694f8fca6ad6b73013e9ff68d9c1f49dd
+  metadata.gz: d71931f68cbca537fdecbe4771d1aa4ef393d365a1654cfc1864ea6e3a43926d80a2dfee770f7d493eb211bbfeef8010e6b4f0bdad15c47c53d527abce3d2340
+  data.tar.gz: f42408a94e658295522ddbfcfc9ffc90668c5e8a1d30cc0beac1f3463e2ecc12d1ade779df010236dbe9e682c476270d983f6b85774188f3db2eb095010713bb

data/bin/console

@@ -17,6 +17,13 @@ end
 
 puts "Configured Admin WSDL #{ENV.fetch('IK_WSDL_ADMIN')} against #{ENV.fetch('IK_HOST')}"
 
+Identikey::Provisioning.configure do
+  wsdl ENV.fetch('IK_WSDL_PROVN')
+  endpoint ENV.fetch('IK_HOST')
+end
+
+puts "Configured Provisioning WSDL #{ENV.fetch('IK_WSDL_PROVN')} against #{ENV.fetch('IK_HOST')}"
+
 $ik = Identikey::Administration::Session.new(
   username: ENV.fetch('IK_USER'),
   password: ENV.fetch('IK_PASS'),

data/identikey.gemspec

@@ -18,11 +18,10 @@ Gem::Specification.new do |spec|
   spec.files         = Dir.chdir(File.expand_path('..', __FILE__)) do
     `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
   end
-  spec.bindir        = "exe"
-  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
   spec.require_paths = ["lib"]
 
   spec.add_dependency "savon", "~> 2.0"
+  spec.add_dependency "wasabi", "~> 3.5.0"
 
   spec.add_development_dependency "bundler", "~> 2.0"
   spec.add_development_dependency "rake", ">= 12.3.3"

data/lib/identikey.rb

@@ -5,3 +5,4 @@ require 'identikey/error'
 require 'identikey/unsigned'
 require 'identikey/authentication'
 require 'identikey/administration'
+require 'identikey/provisioning'

data/lib/identikey/administration.rb

@@ -18,6 +18,10 @@ module Identikey
       :admin_session_query, :user_execute, :user_query,
       :digipass_execute, :digipass_query, :digipassappl_execute
 
+    ###
+    ## LOGON/LOGOFF/PING
+    ###
+
     def logon(username:, password:, domain:)
       resp = super(message: {
         attributeSet: {
@@ -95,6 +99,10 @@ module Identikey
       parse_response resp, :admin_session_query_response
     end
 
+    ###
+    ## USER_EXECUTE
+    ###
+
     def user_execute(session_id:, cmd:, attributes: [])
       resp = super(message: {
         sessionID: session_id,
@@ -180,6 +188,10 @@ module Identikey
       )
     end
 
+    ###
+    ## USER_QUERY
+    ###
+
     # Executes a userQuery command that searches users. By default, it doesn't
     # log anywhere. To enable logging to a specific destination, pass a logger
     # as the log: option. To log to the default destination, pass `true` as
@@ -199,6 +211,9 @@ module Identikey
       end
     end
 
+    ###
+    ## DIGIPASS_EXECUTE
+    ###
 
     def digipass_execute(session_id:, cmd:, attributes: [])
       resp = super(message: {
@@ -245,6 +260,9 @@ module Identikey
       )
     end
 
+    ###
+    ## DIGIPASS_QUERY
+    ###
 
     def digipass_query(session_id:, attributes:, query_options:)
       resp = super(message: {
@@ -258,6 +276,9 @@ module Identikey
       parse_response resp, :digipass_query_response
     end
 
+    ###
+    ## DIGIPASSAPPL_EXECUTE
+    ###
 
     def digipassappl_execute(session_id:, cmd:, attributes:)
       resp = super(message: {
@@ -314,6 +335,5 @@ module Identikey
         client.globals[:log] = old_log
       end
 
-
   end
 end

data/lib/identikey/authentication.rb

@@ -54,5 +54,16 @@ module Identikey
     def self.otp_validated_ok?(status, result)
       status == 'STAT_SUCCESS' && !result.key?('CREDFLD_STATUS_MESSAGE')
     end
+
+
+    protected
+      def parse_result_root(body, root_element)
+        root = super
+
+        # The authentication API wraps the results with another element
+        #
+        results_key = root_element.to_s.sub(/_response$/, '_results').to_sym
+        return root[results_key]
+      end
   end
 end

data/lib/identikey/base.rb

@@ -100,7 +100,7 @@ module Identikey
 
       # Parse the generic response types that the API returns.
       #
-      # The returned attributes (up to now...) are always:
+      # The returned attributes in the Administration API are:
       #
       # - The given root element, whose name is derived from the SOAP command
       #   that was invoked
@@ -111,6 +111,11 @@ module Identikey
       #      or multiple ones.
       #   - :error_stack, a list of error that occurred
       #
+      # The authentication API wraps the results element in another one
+      #
+      # The provisioning API uses a status element for the result code and
+      # error stack, and a result element for the results.
+      #
       # The returned value is a three-elements array, containing:
       #
       #   [Response code, Attribute(s) list, Errors list]
@@ -129,11 +134,19 @@ module Identikey
       # formats. TODO maybe create a separate class for errors, that includes
       # the error code.
       #
-      # TODO refactor and split in separate methods
-      #
       def parse_response(resp, root_element)
-        body = resp.body
+        root = parse_result_root(resp.body, root_element)
+
+        results = parse_result_element(root, root_element)
+
+        result_code       = parse_result_code(results, root_element)
+        result_attributes = parse_result_attributes(results, root_element)
+        result_errors     = parse_result_errors(results, root_element)
 
+        return result_code, result_attributes, result_errors
+      end
+
+      def parse_result_root(body, root_element)
         if body.size.zero?
           raise Identikey::ParseError, "Empty response received"
         end
@@ -144,40 +157,35 @@ module Identikey
 
         # The root results element
         #
-        root = body[root_element]
-
-        # ... that the authentication API wraps with another element
-        #
-        results_key = root_element.to_s.sub(/_response$/, '_results').to_sym
-        if root.keys.size == 1 && root.key?(results_key)
-          root = root[results_key]
-        end
+        return body[root_element]
+      end
 
+      def parse_result_element(root, root_element)
         # The results element
         #
         unless root.key?(:results)
           raise Identikey::ParseError, "Results element not found below #{root_element}"
         end
 
-        results = root[:results]
+        return root[:results]
+      end
 
-        # Result code
-        #
+      def parse_result_code(results, root_element)
         unless results.key?(:result_codes)
           raise Identikey::ParseError, "Result codes not found below #{root_element}"
         end
 
-        result_code = results[:result_codes][:status_code_enum] || 'STAT_UNKNOWN'
+        results[:result_codes][:status_code_enum] || 'STAT_UNKNOWN'
+      end
 
-        # Result attributes
-        #
+      def parse_result_attributes(results, root_element)
         unless results.key?(:result_attribute)
           raise Identikey::ParseError, "Result attribute not found below #{root_element}"
         end
 
         results_attr = results[:result_attribute]
 
-        result_attributes = if results_attr.key?(:attributes)
+        if results_attr.key?(:attributes)
           entries = [ results_attr[:attributes] ].flatten
           parse_attributes entries
 
@@ -193,16 +201,14 @@ module Identikey
         else
           nil
         end
+      end
 
-        # Errors
-        #
-        errors = if results[:error_stack].key?(:errors)
+      def parse_result_errors(results, root_element)
+        if results[:error_stack].key?(:errors)
           parse_errors results[:error_stack][:errors]
         else
           nil
         end
-
-        return result_code, result_attributes, errors
       end
 
       def parse_attributes(attributes)

data/lib/identikey/provisioning.rb

@@ -0,0 +1,150 @@
+require 'identikey/base'
+
+module Identikey
+  # This class wraps the Provisioning API.
+  #
+  class Provisioning < Base
+    client wsdl: './sdk/wsdl/provisioning.wsdl'
+
+    operations :provisioning_execute, :dsapp_srp_register
+
+    ###
+    ## PROVISIONING_EXECUTE
+    ###
+
+    def provisioning_execute(cmd:, attributes:)
+      resp = super(message: {
+        cmd: cmd,
+        attributeSet: {
+          attributes: attributes
+        }
+      })
+
+      parse_response resp, :provisioning_execute_response
+    end
+
+    def provisioning_execute_MDL_REGISTER(component:, user:, domain:, password:)
+      provisioning_execute(
+        cmd: 'PROVISIONCMD_MDL_REGISTER',
+        attributes: typed_attributes_list_from(
+          PROVFLD_USERID:          user,
+          PROVFLD_DOMAIN:          domain,
+          PROVFLD_COMPONENT_TYPE:  component,
+          PROVFLD_STATIC_PASSWORD: password,
+          PROVFLD_ACTIVATION_TYPE: Unsigned(0),
+        )
+      )
+    end
+
+    ###
+    ## dsappSRPRegister
+    ###
+
+    def dsapp_srp_register(component:, user:, domain:, password:)
+      resp = super(message: {
+        componentType: component,
+        user: {
+          userID: user,
+          domain: domain,
+        },
+        credential: {
+          staticPassword: password
+        }
+      })
+
+      parse_response resp, :dsapp_srp_register_response
+    end
+
+    ###
+    ## Wraps dsapp_srp_register and returns directly the activation
+    ## message through which a CRONTO image can be generated, to be
+    ## used for push notifications setups in combination with a MDC
+    ## configured on your OneSpan control panel and on Identikey.
+    ##
+    ## You may want to look into https://github.com/ifad/cronto for
+    ## a generator to produce PNGs to deliver to your clients.
+    ####
+    def self.cronto_code_for_srp_registration(gateway:, **kwargs)
+      status, result, error = new.dsapp_srp_register(**kwargs)
+
+      if status != 'STAT_SUCCESS'
+        raise Identikey::OperationFailed, "Error while assigning DAL: #{status} - #{[error].flatten.join('; ')}"
+      end
+
+      # Compose proprietary string
+      message = '01;01;%s;%s;%s;%s;%s' % [
+        result[:user][:user_id],
+        result[:user][:domain],
+        result[:registration_id],
+        result[:activation_password],
+        gateway
+      ]
+
+      # Encode it as hex
+      return message.split(//).map {|c| '%x' % c.ord}.join
+    end
+
+    protected
+      # The provisioningExecute command has the same
+      # design as the rest of the API, with a single
+      # multi-purpose `results` element that carries
+      # key-value results.
+      #
+      # Instead, dsappSRPRegister and other commands
+      # use a different design with return types and
+      # values predefined in the WSDL.
+      #
+      # So if we have a `results` element, this is a
+      # old-style response, and we delegate parsing
+      # to the parent class, otherwise if we detect
+      # the `result` and `status` elements, we parse
+      # in this class, basically just returning the
+      # values that Savon parsed for us.
+      #
+      def parse_result_element(root, root_element)
+        if root.key?(:results)
+          root[:results]
+        else
+          root
+        end
+      end
+
+      def parse_result_code(root, root_element)
+        if root.key?(:status)
+          super root[:status], root_element
+        else
+          super
+        end
+      end
+
+      # This may be an old or a new style response.
+      #
+      # New style responses may have both `result`
+      # and `status` elements, or only a `status`
+      # element.
+      #
+      # If there is no `result` but there is a
+      # `status`, then consider this a new style
+      # response and return an empty result. Else,
+      # pass along to the superclass to parse the
+      # old style response.
+      #
+      def parse_result_attributes(root, root_element)
+        if root.key?(:result)
+          root[:result]
+        elsif root.key?(:status)
+          nil
+        else
+          super
+        end
+      end
+
+      def parse_result_errors(root, root_element)
+        if root.key?(:status)
+          super root[:status], root_element
+        else
+          super
+        end
+      end
+  end
+end

data/lib/identikey/version.rb

@@ -1,3 +1,3 @@
 module Identikey
-  VERSION = "0.8.2"
+  VERSION = "0.9.0"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: identikey
 version: !ruby/object:Gem::Version
-  version: 0.8.2
+  version: 0.9.0
 platform: ruby
 authors:
 - Marcello Barnaba
 autorequire: 
-bindir: exe
+bindir: bin
 cert_chain: []
-date: 2020-08-22 00:00:00.000000000 Z
+date: 2020-10-31 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: savon
@@ -24,6 +24,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '2.0'
+- !ruby/object:Gem::Dependency
+  name: wasabi
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 3.5.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 3.5.0
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
@@ -206,6 +220,7 @@ files:
 - lib/identikey/authentication.rb
 - lib/identikey/base.rb
 - lib/identikey/error.rb
+- lib/identikey/provisioning.rb
 - lib/identikey/unsigned.rb
 - lib/identikey/version.rb
 - log/.keep