mobile_id 0.0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 4fe6d1fd810346d147526247e6caff4a425668840b1926efaae177151ffac96d
+  data.tar.gz: d3030278e561fa6959e92cf1fb4b928d3381a4a604e79e5e4b3ac0d95ed98525
+SHA512:
+  metadata.gz: 1ab4acaef19ceaea34fd9c28e55984a9b07bc220304dc1b92ba8c7f647a73f283256f0d4c7a30128ba1894fd56d8ed435a1c22cd92022a3add06995ac243be82
+  data.tar.gz: 60acfeb6677a3da2534ec390b2b991b1826ce0780c3d6334774619a2dd3b63b441eeed436d465f558b2f064151953a707ec0ec26a7285572d05fb0293029db55

data/lib/mobile_id.rb

@@ -0,0 +1,161 @@
+# frozen_string_literal: true
+
+require 'securerandom'
+require 'digest'
+require 'httparty'
+require 'active_support/core_ext/hash/indifferent_access'
+require 'i18n'
+if defined?(Rails)
+  require 'mobile_id/railtie' 
+else
+  I18n.load_path << Dir[File.expand_path("lib/mobile_id/locales") + "/*.yml"]
+end
+
+class MobileId
+  class Error < StandardError; end
+
+  # API documentation https://github.com/SK-EID/MID
+  LIVE_URL = "https://mid.sk.ee/mid-api"
+  TEST_URL = "https://tsp.demo.sk.ee/mid-api"
+
+  TEST_UUID  = "00000000-0000-0000-0000-000000000000"
+  TEST_NAME  = "DEMO"
+
+  attr_accessor :url, :uuid, :name, :hash, :cert, :cert_subject
+
+  def initialize(live:, uuid: nil, name: nil)
+    self.url = live == true ? LIVE_URL : TEST_URL
+    self.uuid = live == true ? uuid : TEST_UUID
+    self.name = live == true ? name : TEST_NAME
+    self.hash = Digest::SHA256.base64digest(SecureRandom.uuid)
+  end
+
+  def authenticate!(phone_calling_code: nil, phone:, personal_code:, language: nil, display_text: nil)
+    phone_calling_code ||= '+372'
+    full_phone = "#{phone_calling_code}#{phone}"
+    language ||= 
+      case I18n.locale
+      when :et
+        display_text ||= 'Autentimine' 
+        'EST'
+      when :ru
+        display_text ||= 'Аутентификация' 
+        'RUS'
+      else
+        display_text ||= 'Authentication' 
+        'ENG'
+      end
+    
+    options = {
+      headers: {
+        "Content-Type": "application/json"
+      },
+      query: {},
+      body: {
+        relyingPartyUUID: uuid,
+        relyingPartyName: name,
+        phoneNumber: full_phone.to_s.strip,
+        nationalIdentityNumber: personal_code.to_s.strip,
+        hash: hash,
+        hashType: 'SHA256',
+        language: language,
+        displayText: display_text,
+        displayTextFormat: 'GSM-7' # or "UCS-2”
+      }.to_json
+    }
+
+    response = HTTParty.post(url + '/authentication', options)
+    raise Error, "#{I18n.t('mobile_id.some_error')} #{response}" unless response.code == 200
+
+    ActiveSupport::HashWithIndifferentAccess.new(
+      session_id: response['sessionID'],
+      phone: phone,
+      phone_calling_code: phone_calling_code
+    )
+  end
+
+  def verify!(auth)
+    long_poll!(session_id: auth['session_id'])
+
+    ActiveSupport::HashWithIndifferentAccess.new(
+      personal_code: personal_code,
+      first_name: first_name,
+      last_name: last_name,
+      phone: auth['phone'],
+      phone_calling_code: auth['phone_calling_code'],
+      auth_provider: 'mobileid' # User::MOBILEID
+    )
+  end
+
+  def long_poll!(session_id:)
+    response = HTTParty.get(url + "/authentication/session/#{session_id}")
+    raise Error, "#{I18n.t('mobile_id.some_error')} #{response.code} #{response}" if response.code != 200
+
+    if response['state'] == 'COMPLETE' && response['result'] != 'OK'
+      message = 
+        case response['result']
+        when "TIMEOUT"
+          I18n.t('mobile_id.timeout')
+        when "NOT_MID_CLIENT"
+          I18n.t('mobile_id.user_is_not_mobile_id_client')
+        when "USER_CANCELLED"
+          I18n.t('mobile_id.user_cancelled')
+        when "SIGNATURE_HASH_MISMATCH"
+          I18n.t('mobile_id.signature_hash_mismatch')
+        when "PHONE_ABSENT"
+          I18n.t('mobile_id.phone_absent')
+        when "DELIVERY_ERROR"
+          I18n.t('mobile_id.delivery_error')
+        when "SIM_ERROR"
+          I18n.t('mobile_id.sim_error')
+        end
+      raise Error, message
+    end
+
+    self.cert = OpenSSL::X509::Certificate.new(Base64.decode64(response['cert']))
+    self.cert_subject = build_cert_subject
+    cert
+  end
+
+  def verification_code
+    format("%04d", (Digest::SHA2.new(256).digest(Base64.decode64(hash))[-2..-1].unpack1('n') % 10000))
+  end
+
+  def given_name
+    cert_subject["GN"].tr(",", " ")
+  end
+  alias first_name given_name
+
+  def surname
+    cert_subject["SN"].tr(",", " ")
+  end
+  alias last_name surname
+  
+  def country
+    cert_subject["C"].tr(",", " ")
+  end
+
+  def common_name
+    cert_subject["CN"]
+  end
+
+  def organizational_unit
+    cert_subject["OU"]
+  end
+
+  def serial_number
+    cert_subject["serialNumber"]
+  end
+  alias personal_code serial_number
+
+  private
+
+  def build_cert_subject
+    self.cert_subject = cert.subject.to_utf8.split(/(?<!\\)\,+/).each_with_object({}) do |c, result|
+      next unless c.include?("=")
+
+      key, val = c.split("=")
+      result[key] = val
+    end
+  end
+end

metadata

@@ -0,0 +1,127 @@
+--- !ruby/object:Gem::Specification
+name: mobile_id
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+platform: ruby
+authors:
+- Priit Tark
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2020-09-22 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: httparty
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: openssl
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 2.2.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 2.2.0
+- !ruby/object:Gem::Dependency
+  name: i18n
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: activesupport
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: pry
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Estonia Mobile ID authentication, more info at https://www.id.ee/en/
+email: priit@gitlab.eu
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- lib/mobile_id.rb
+homepage: https://github.com/gitlabeu/mobile_id
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.1.4
+signing_key: 
+specification_version: 4
+summary: Estonia Mobile ID authentication
+test_files: []