omniauth-dnb 0.1.0 → 0.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: afb3d17a4c695e6756e167b7c2dc0fb518dbcab3
-  data.tar.gz: d7fda4c9b2c7cfda35c02a83361a35c9b2d230ba
+SHA256:
+  metadata.gz: 18f838ca9c3df9c7d34b50a2b1c0660dfad728a95dc1625e379f874bb0cbaa3d
+  data.tar.gz: 75bcd75b5d49015de40ebc8e3cc7c09c36b8cf3665671912de39f620af9216b3
 SHA512:
-  metadata.gz: 4dc9f4bab2599bc0f5c98bc430983acb529c59e138bc5b3e59f552a103c5b157f2208656a47d7482da224b2923d12c6f1119f83620c9506509647ac1ef4a7348
-  data.tar.gz: 29c699729f0c7b4748fa600500e287e8e3424dcc1cfb91703b960784a722f0e3a86ee760df17de25d374b217d2676d3363f8a7a3ad2d1e9e1e88850612949cbe
+  metadata.gz: 3a12221292096135b63860ea5c61ea7678f7667478448680717e3f2d3649c0800a002dd5efd78e378ddf38f0aa1c8caee26f26061473a0da2cd47214dc5ffa3e
+  data.tar.gz: e6b82769967a12c2f161ac0f80f40583e50f09107be3fe5b4b0ce9feb0cca46f93b662cc79addffb43203009ae0216dfe6b4c629424901df5bb239250e528392

data/.github/workflows/ruby.yml

@@ -0,0 +1,24 @@
+name: Ruby
+
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        ruby-version: ['2.7', '3.0', '3.1', '3.2']
+
+    steps:
+    - uses: actions/checkout@v4
+    - name: Set up Ruby
+      uses: ruby/setup-ruby@v1
+      with:
+        ruby-version: ${{ matrix.ruby-version }}
+        bundler-cache: true # runs 'bundle install' and caches installed gems automatically
+    - name: Run tests
+      run: bundle exec rspec

data/LICENSE.txt

@@ -1,4 +1,4 @@
-Copyright (c) 2017 MAK IT
+Copyright (c) 2017 Mitigate
 
 MIT License
 

data/README.md

@@ -1,13 +1,21 @@
 # OmniAuth DNB
 
-[![Build Status](https://travis-ci.org/mak-it/omniauth-dnb.svg?branch=master)](https://travis-ci.org/mak-it/omniauth-dnb)
+Omniauth strategy for using [Luminor Link](https://www.luminor.lv/en/terms-conditions#luminor-link) as an authentication service provider.
 
-Omniauth strategy for using [DNB Link](https://www.dnb.lv/en/business/acceptance-payments-and-customer-authentication-online-dnb-link) as an authentication service provider.
+Supported Ruby versions: 2.7+
+
+## Related projects
+
+- [omniauth-citadele](https://github.com/mitigate-dev/omniauth-citadele) - strategy for authenticating with Citadele
+- [omniauth-nordea](https://github.com/mitigate-dev/omniauth-nordea) - strategy for authenticating with Nordea
+- [omniauth-seb-elink](https://github.com/mitigate-dev/omniauth-seb-elink) - strategy for authenticating with SEB
+- [omniauth-swedbank](https://github.com/mitigate-dev/omniauth-swedbank) - strategy for authenticating with Swedbank
 
 ## Installation
 
-Add this line to your application's Gemfile:
+Add this line to your application's Gemfile (omniauth-rails_csrf_protection is required if using Rails):
 
+    gem 'omniauth-rails_csrf_protection'
     gem 'omniauth-dnb'
 
 And then execute:
@@ -16,7 +24,7 @@ And then execute:
 
 Or install it yourself as:
 
-    $ gem install omniauth-dnb
+    $ gem install omniauth-rails_csrf_protection omniauth-dnb
 
 ## Usage
 

data/lib/omniauth/dnb/version.rb

@@ -1,5 +1,5 @@
 module Omniauth
   module Dnb
-    VERSION = '0.1.0'
+    VERSION = '0.2.0'
   end
 end

data/lib/omniauth/strategies/dnb.rb

@@ -12,6 +12,14 @@ module OmniAuth
       AUTH_SERVICE = '3001'
       AUTH_VERSION = '101'
 
+      def self.render_nonce?
+         defined?(ActionDispatch::ContentSecurityPolicy::Request) != nil
+      end
+      if render_nonce?
+        include ActionDispatch::ContentSecurityPolicy::Request
+        delegate :get_header, :set_header, to: :request
+      end
+
       args [:private_key, :public_key, :snd_id]
 
       option :private_key, nil
@@ -118,6 +126,8 @@ module OmniAuth
           return fail!(:private_key_load_err, e)
         end
 
+        set_locale_from_query_param
+
         form = OmniAuth::Form.new(:title => I18n.t('omniauth.dnb.please_wait'), :url => options.site)
 
         {
@@ -127,17 +137,43 @@ module OmniAuth
           'VK_STAMP' => stamp,
           'VK_RETURN' => callback_url,
           'VK_MAC' => signature(priv_key),
-          'VK_LANG' => 'LAT',
+          'VK_LANG' => resolve_bank_ui_language,
         }.each do |name, val|
           form.html "<input type=\"hidden\" name=\"#{name}\" value=\"#{val}\" />"
         end
 
         form.button I18n.t('omniauth.dnb.click_here_if_not_redirected')
 
+        nonce_attribute = nil
+        if self.class.render_nonce?
+          nonce_attribute = " nonce='#{escape(content_security_policy_nonce)}'"
+        end
+
         form.instance_variable_set('@html',
-          form.to_html.gsub('</form>', '</form><script type="text/javascript">document.forms[0].submit();</script>'))
+          form.to_html.gsub('</form>', "</form><script type=\"text/javascript\"#{nonce_attribute}>document.forms[0].submit();</script>"))
         form.to_response
       end
+
+      private
+
+      def set_locale_from_query_param
+        locale = request.params['locale']
+        if (locale != nil && locale.strip != '' && I18n.locale_available?(locale))
+          I18n.locale = locale
+        end
+      end
+
+      def resolve_bank_ui_language
+        case I18n.locale
+        when :ru then 'RUS'
+        when :en then 'ENG'
+        else 'LAT'
+        end
+      end
+
+      def escape(html_attribute_value)
+         CGI.escapeHTML(html_attribute_value) unless html_attribute_value.nil?
+      end
     end
   end
 end

data/omniauth-dnb.gemspec

@@ -5,11 +5,11 @@ require 'omniauth/dnb/version'
 Gem::Specification.new do |spec|
   spec.name          = 'omniauth-dnb'
   spec.version       = Omniauth::Dnb::VERSION
-  spec.authors       = ['MAK IT']
-  spec.email         = ['admin@makit.lv']
-  spec.description   = %q{OmniAuth strategy for DNB Link}
-  spec.summary       = %q{OmniAuth strategy for DNB Link}
-  spec.homepage      = ''
+  spec.authors       = ['Mitigate']
+  spec.email         = ['admin@mitigate.dev']
+  spec.description   = %q{OmniAuth strategy for Luminor (DNB) Link}
+  spec.summary       = %q{OmniAuth strategy for Luminor (DNB) Link}
+  spec.homepage      = 'https://github.com/mitigate-dev/omniauth-dnb'
   spec.license       = 'MIT'
 
   spec.files         = `git ls-files`.split($/)
@@ -17,14 +17,16 @@ Gem::Specification.new do |spec|
   spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
   spec.require_paths = ['lib']
 
-  spec.required_ruby_version = '>= 2.2.2'
+  spec.required_ruby_version = '>= 2.7'
 
-  spec.add_runtime_dependency 'omniauth', '~> 1.0'
+  spec.add_runtime_dependency 'omniauth', '~> 2.1'
   spec.add_runtime_dependency 'i18n'
 
+  spec.add_development_dependency 'rack'
   spec.add_development_dependency 'rack-test'
-  spec.add_development_dependency 'rspec', '~> 3.0'
-  spec.add_development_dependency 'bundler', '~> 1.13'
-  spec.add_development_dependency 'rake', '~> 12.0'
+  spec.add_development_dependency 'rspec'
+  spec.add_development_dependency 'bundler'
+  spec.add_development_dependency 'rake'
   spec.add_development_dependency 'byebug'
+  spec.add_development_dependency 'rack-session'
 end

data/spec/omniauth/strategies/dnb_spec.rb

@@ -1,4 +1,6 @@
 require 'spec_helper'
+require 'rack-protection'
+require 'rack/session'
 
 describe OmniAuth::Strategies::Dnb do
 
@@ -6,15 +8,23 @@ describe OmniAuth::Strategies::Dnb do
   PUBLIC_KEY = File.read(File.join(RSpec.configuration.cert_folder, 'bank.crt'))
 
   let(:app){ Rack::Builder.new do |b|
-    b.use Rack::Session::Cookie, { secret: 'abc123'}
+    b.use Rack::Session::Cookie, { secret: '5242e6bd9daf0e9645c2d4e22b11ba8cee0bed44439906d5f1bd5dad409d8637'}
     b.use(OmniAuth::Strategies::Dnb, PRIVATE_KEY, PUBLIC_KEY, 'MY_SND_ID')
     b.run lambda{|env| [404, {}, ['Not Found']]}
   end.to_app }
+  let(:token){ Rack::Protection::AuthenticityToken.random_token }
   let(:last_response_stamp) { last_response.body.match(/name="VK_STAMP" value="([^"]*)"/)[1] }
   let(:last_response_mac)   { last_response.body.match(/name="VK_MAC" value="([^"]*)"/)[1] }
 
   context 'request phase' do
-    before(:each){ get '/auth/dnb' }
+    before(:each) do
+      post(
+        '/auth/dnb',
+        {},
+        'rack.session' => {csrf: token},
+        'HTTP_X_CSRF_TOKEN' => token
+      )
+    end
 
     it 'displays a single form' do
       expect(last_response.status).to eq(200)
@@ -61,13 +71,13 @@ describe OmniAuth::Strategies::Dnb do
       end
 
       it 'has the default VK_LANG value' do
-        expect(last_response.body.scan('<input type="hidden" name="VK_LANG" value="LAT"').size).to eq(1)
+        expect(last_response.body.scan('<input type="hidden" name="VK_LANG" value="ENG"').size).to eq(1)
       end
     end
 
     context 'with custom options' do
       let(:app){ Rack::Builder.new do |b|
-        b.use Rack::Session::Cookie, { secret: 'abc123' }
+        b.use Rack::Session::Cookie, { secret: '5242e6bd9daf0e9645c2d4e22b11ba8cee0bed44439906d5f1bd5dad409d8637' }
         b.use(OmniAuth::Strategies::Dnb, PRIVATE_KEY, PUBLIC_KEY, 'MY_SND_ID',
           site: 'https://test.lv/banklink')
         b.run lambda{|env| [404, {}, ['Not Found']]}
@@ -80,7 +90,7 @@ describe OmniAuth::Strategies::Dnb do
 
     context 'with non-existant private key files' do
       let(:app){ Rack::Builder.new do |b|
-        b.use Rack::Session::Cookie, { secret: 'abc123' }
+        b.use Rack::Session::Cookie, { secret: '5242e6bd9daf0e9645c2d4e22b11ba8cee0bed44439906d5f1bd5dad409d8637' }
         b.use(OmniAuth::Strategies::Dnb, 'invalid_key', PUBLIC_KEY, 'MY_SND_ID')
         b.run lambda{|env| [404, {}, ['Not Found']]}
       end.to_app }
@@ -124,7 +134,7 @@ describe OmniAuth::Strategies::Dnb do
 
     context 'with non-existant public key file' do
       let(:app){ Rack::Builder.new do |b|
-        b.use Rack::Session::Cookie, { secret: 'abc123' }
+        b.use Rack::Session::Cookie, { secret: '5242e6bd9daf0e9645c2d4e22b11ba8cee0bed44439906d5f1bd5dad409d8637' }
         b.use(OmniAuth::Strategies::Dnb, PRIVATE_KEY, 'invalid_crt', 'MY_SND_ID')
         b.run lambda{|env| [404, {}, ['Not Found']]}
       end.to_app }

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: omniauth-dnb
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.2.0
 platform: ruby
 authors:
-- MAK IT
-autorequire: 
+- Mitigate
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2017-04-10 00:00:00.000000000 Z
+date: 2023-09-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: omniauth
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: '2.1'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: '2.1'
 - !ruby/object:Gem::Dependency
   name: i18n
   requirement: !ruby/object:Gem::Requirement
@@ -38,6 +38,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: rack
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: rack-test
   requirement: !ruby/object:Gem::Requirement
@@ -56,44 +70,44 @@ dependencies:
   name: rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '3.0'
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '3.0'
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.13'
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.13'
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '12.0'
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '12.0'
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: byebug
   requirement: !ruby/object:Gem::Requirement
@@ -108,15 +122,29 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
-description: OmniAuth strategy for DNB Link
+- !ruby/object:Gem::Dependency
+  name: rack-session
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: OmniAuth strategy for Luminor (DNB) Link
 email:
-- admin@makit.lv
+- admin@mitigate.dev
 executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- ".github/workflows/ruby.yml"
 - ".gitignore"
-- ".travis.yml"
 - Gemfile
 - LICENSE.txt
 - README.md
@@ -132,11 +160,11 @@ files:
 - spec/certs/bank.key
 - spec/omniauth/strategies/dnb_spec.rb
 - spec/spec_helper.rb
-homepage: ''
+homepage: https://github.com/mitigate-dev/omniauth-dnb
 licenses:
 - MIT
 metadata: {}
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -144,18 +172,17 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 2.2.2
+      version: '2.7'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.6.8
-signing_key: 
+rubygems_version: 3.3.26
+signing_key:
 specification_version: 4
-summary: OmniAuth strategy for DNB Link
+summary: OmniAuth strategy for Luminor (DNB) Link
 test_files:
 - spec/certs/bank.crt
 - spec/certs/bank.key

data/.travis.yml

@@ -1,7 +0,0 @@
-language: ruby
-rvm:
-  - 2.2.6
-  - 2.3.3
-  - 2.4.1
-before_install:
-  - gem install bundler