mobile_id 0.0.11 → 0.0.12
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +4 -0
- data/README.md +1 -1
- data/lib/mobile_id/auth.rb +16 -3
- data/lib/mobile_id/cert.rb +16 -3
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: b4176539bcbf710a8bf046e29e59ba85c61b3a74a9de1f5297fd054aa85fe7e6
|
4
|
+
data.tar.gz: b8fccf6b553ab081cde92ea6824d64b7b2486848478969e87d3b34b9bc66f4e5
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 652482955ea58b873aa56772830b98f65225b9370d0deeedba926461fbec5e55b22f323c9c22ad6aa2f13819266025ae3b0c9c0b465729ef78367763e75f33f1
|
7
|
+
data.tar.gz: c0e552ef60413221b435120ee59267f261707c34a3246c74448ec2c519b7df4968ff51452b6003cc826fc425f209f68eae37a47d3af51a0ad6c9e4fe6aa38c42
|
data/CHANGELOG.md
CHANGED
data/README.md
CHANGED
@@ -113,6 +113,7 @@ After checking out the repo, run `bundle` to install dependencies. For testing c
|
|
113
113
|
|
114
114
|
* Priit Tark
|
115
115
|
* Andri Möll for pointing out user signature issue
|
116
|
+
* Juri Linkov for pointing out unpack method issue
|
116
117
|
|
117
118
|
## Contributing
|
118
119
|
|
@@ -120,7 +121,6 @@ Bug reports and pull requests are welcome on GitHub at https://github.com/gitlab
|
|
120
121
|
|
121
122
|
## Roadmap
|
122
123
|
|
123
|
-
* Auth signature validation
|
124
124
|
* Document sign
|
125
125
|
* Rails generators
|
126
126
|
|
data/lib/mobile_id/auth.rb
CHANGED
@@ -82,11 +82,24 @@ module MobileId
|
|
82
82
|
)
|
83
83
|
end
|
84
84
|
|
85
|
-
def
|
85
|
+
def session_request(session_id)
|
86
86
|
response = HTTParty.get(url + "/authentication/session/#{session_id}")
|
87
87
|
raise Error, "#{I18n.t('mobile_id.some_error')} #{response.code} #{response}" if response.code != 200
|
88
|
+
response
|
89
|
+
end
|
90
|
+
|
91
|
+
def long_poll!(session_id:, doc:)
|
92
|
+
response = nil
|
93
|
+
|
94
|
+
# Retries until RUNNING state turns to COMPLETE
|
95
|
+
30.times do |i|
|
96
|
+
response = session_request(session_id)
|
97
|
+
break if response['state'] == 'COMPLETE'
|
98
|
+
sleep 1
|
99
|
+
end
|
100
|
+
raise Error, "#{I18n.t('mobile_id.some_error')} #{response.code} #{response}" if response['state'] != 'COMPLETE'
|
88
101
|
|
89
|
-
if response['
|
102
|
+
if response['result'] != 'OK'
|
90
103
|
message =
|
91
104
|
case response['result']
|
92
105
|
when "TIMEOUT"
|
@@ -104,7 +117,7 @@ module MobileId
|
|
104
117
|
when "SIM_ERROR"
|
105
118
|
I18n.t('mobile_id.sim_error')
|
106
119
|
end
|
107
|
-
|
120
|
+
raise Error, message
|
108
121
|
end
|
109
122
|
|
110
123
|
@user_cert = MobileId::Cert.new(response['cert'], live: live)
|
data/lib/mobile_id/cert.rb
CHANGED
@@ -65,10 +65,23 @@ module MobileId
|
|
65
65
|
signature = Base64.decode64(signature_base64)
|
66
66
|
digest = OpenSSL::Digest::SHA256.new(doc)
|
67
67
|
|
68
|
-
|
68
|
+
valid =
|
69
|
+
begin
|
70
|
+
cert.public_key.verify(digest, signature, doc)
|
71
|
+
rescue OpenSSL::PKey::PKeyError
|
72
|
+
der_signature = cvc_to_der(signature) # Probably signature is CVC encoded
|
73
|
+
cert.public_key.verify(digest, der_signature, doc)
|
74
|
+
end
|
75
|
+
|
76
|
+
raise Error, 'We could not verify user signature' unless valid
|
77
|
+
end
|
69
78
|
|
70
|
-
|
71
|
-
|
79
|
+
def cvc_to_der(cvc)
|
80
|
+
sign_hex = cvc.unpack('H*').first
|
81
|
+
half = sign_hex.size / 2
|
82
|
+
i = [OpenSSL::ASN1::Integer.new(sign_hex[0...half].to_i(16)), OpenSSL::ASN1::Integer.new(sign_hex[half..sign_hex.size].to_i(16))]
|
83
|
+
seq = OpenSSL::ASN1::Sequence.new(i)
|
84
|
+
seq.to_der
|
72
85
|
end
|
73
86
|
|
74
87
|
def given_name
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: mobile_id
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.12
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Priit Tark
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2020-
|
11
|
+
date: 2020-10-15 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: httparty
|