omniauth-healthvault 0.0.1

data/.gitignore

@@ -0,0 +1,18 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp
+.idea/

data/CHANGELOG.md

@@ -0,0 +1,3 @@
+## v0.0.1
+
+* Initial release. PKCS#12 key format (.p12 or .pfx) should be used as a container for public/private key pair.

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in omniauth-healthvault.gemspec
+gemspec

data/LICENSE.txt

@@ -0,0 +1,22 @@
+Copyright (c) 2013 Andrey Voronkov
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,47 @@
+# OmniAuth Healthvault
+
+This is the unofficial OmniAuth strategy for authenticating to Microsoft HealthVault. To use it, you'll need to sign up for an application id on the Microsoft HealthVault [Application Configuration Center](https://config.healthvault.com) and have a public and private keys packed in PKCS#12 file (.pfx or .p12).
+
+## Generating .cer file (public key in DER format) from a PKCS#12
+
+.cer file is one of the required conditions to register your application in Application Configuration Center:
+
+    openssl pkcs12 -in my.pfx -clcerts -nokeys | openssl x509 -inform PEM -outform DER -out my.cer
+
+## Basic Usage
+
+    use OmniAuth::Builder do
+      provider :healthvault, ENV['HEALTHVAULT_APP_ID'], ENV['HEALTHVAULT_PKCS12_CERT_LOCATION']
+    end
+
+## Preproduction Usage
+
+    provider :github, ENV['HEALTHVAULT_APP_ID'], ENV['HEALTHVAULT_PKCS12_FILE_LOCATION'], {
+      platform_url: 'https://platform.healthvault-ppe.com/platform/wildcat.ashx',
+      shell_url: 'https://account.healthvault-ppe.com/redirect.aspx'
+    }
+
+## License
+
+Copyright (c) 2013 Andrey Voronkov and Swissmed Mobile Inc.
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/Rakefile

@@ -0,0 +1 @@
+require "bundler/gem_tasks"

data/lib/omniauth/strategies/healthvault.rb

@@ -0,0 +1,151 @@
+require 'builder'
+require 'faraday'
+require 'multi_xml'
+
+module OmniAuth
+  module Strategies
+    # Authenticate to Microsoft HealthVault service and retrieve basic user information.
+    # Documentation available here:
+    # http://msdn.microsoft.com/library/jj863179
+    #
+    # @example Basic Usage
+    #   use OmniAuth::Builder do
+    #     provider :healthvault, ENV['HEALTHVAULT_APP_ID'], ENV['HEALTHVAULT_PKCS12_CERT_LOCATION']
+    #   end
+    #
+    class Healthvault
+      include OmniAuth::Strategy
+
+      PLATFORM_VERSION = '1.12.1002.8529'
+
+      args [:app_id, :pkcs_12_location]
+
+      option :name, 'healthvault'
+
+      option :app_id, nil
+
+      option :platform_url, 'https://platform.healthvault.com/platform/wildcat.ashx'
+      option :shell_url, 'https://account.healthvault.com/redirect.aspx'
+
+      def request_phase
+        url = "#{options[:shell_url]}?target=AUTH&targetqs=appid%3D#{options[:app_id]}"
+        redirect url
+      end
+
+      def callback_phase
+        if request.params['target'] == 'AppAuthSuccess'
+          @certificate = OpenSSL::PKCS12.new(File.read(options[:pkcs_12_location]), nil)
+          @wctoken = request.params['wctoken']
+          @shared_secret = Base64.strict_encode64(SecureRandom.hex)
+          @app_auth_token = create_authenticated_session_token
+          @raw_info = get_person_info
+        end
+        super
+      end
+
+      uid { @raw_info['person_id'] }
+      info { { name: @raw_info['name'] } }
+      extra { { raw_info: @raw_info } }
+
+      private
+
+      def send_request(body)
+        conn = ::Faraday.new(url: options[:platform_url]) do |faraday|
+          faraday.request  :url_encoded
+          faraday.response :logger
+          faraday.adapter  ::Faraday.default_adapter
+        end
+        conn.post do |i|
+          i.headers['Content-Type'] = 'text/xml'
+          i.body = body
+        end
+      end
+
+      def create_authenticated_session_token
+        response = send_request(build_create_authenticated_session_token_request)
+        parse_create_authenticated_session_token_response(response.body)
+      end
+
+      def get_person_info
+        if @app_auth_token.present?
+          body = build_get_person_info_request
+          response = send_request(body)
+          parse_get_person_info_response(response.body)
+        end
+      end
+
+      def build_get_person_info_request
+        info = ::Builder::XmlMarkup.new.info
+        header = ::Builder::XmlMarkup.new.header do |header|
+          header.method 'GetPersonInfo'
+          header.tag! 'method-version', 1
+          header.tag! 'auth-session' do
+            header.tag! 'auth-token', @app_auth_token
+            header.tag! 'user-auth-token', @wctoken
+          end
+          header.language 'en'
+          header.country 'US'
+          header.tag! 'msg-time', Time.now.to_datetime.rfc3339
+          header.tag! 'msg-ttl', 36000
+          header.version PLATFORM_VERSION
+          header.tag! 'info-hash' do
+            header.tag! 'hash-data', Base64.strict_encode64(OpenSSL::Digest::SHA1.digest(info)), 'algName' => 'SHA1'
+          end
+        end
+        body = ::Builder::XmlMarkup.new
+        body.tag!('wc-request:request', 'xmlns:wc-request' => 'urn:com.microsoft.wc.request') do
+          body.auth do
+            body.tag! 'hmac-data', Base64.strict_encode64(OpenSSL::HMAC.digest(OpenSSL::Digest::SHA1.new, Base64.decode64(@shared_secret), header)), 'algName' => 'HMACSHA1'
+          end
+          body << header
+          body << info
+        end
+      end
+
+      def parse_get_person_info_response(response_body)
+        result = ::MultiXml.parse(response_body)
+        result['response']['info']['person_info'] rescue nil
+      end
+
+      def build_create_authenticated_session_token_request
+        content = ::Builder::XmlMarkup.new
+        content = content.content do
+          content.tag! 'app-id', options[:app_id]
+          content.tag! 'shared-secret' do
+            content.tag! 'hmac-alg', @shared_secret, 'algName' => 'HMACSHA1'
+          end
+        end
+        body = ::Builder::XmlMarkup.new
+        body.tag!('wc-request:request', 'xmlns:wc-request' => 'urn:com.microsoft.wc.request') do
+          body.header do
+            body.method 'CreateAuthenticatedSessionToken'
+            body.tag! 'method-version', 1
+            body.tag! 'app-id', options[:app_id]
+            body.language 'en'
+            body.country 'US'
+            body.tag! 'msg-time', Time.now.to_datetime.rfc3339
+            body.tag! 'msg-ttl', 36000
+            body.version PLATFORM_VERSION
+          end
+          body.info do
+            body.tag! 'auth-info' do
+              body.tag! 'app-id', options[:app_id]
+              body.credential do
+                body.appserver do
+                  body.sig Base64.strict_encode64(@certificate.key.sign(OpenSSL::Digest::SHA1.new, content)), 'digestMethod' => 'SHA1',
+                           'sigMethod' => 'RSA-SHA1', 'thumbprint' => OpenSSL::Digest::SHA1.hexdigest(@certificate.certificate.to_der).upcase
+                  body << content
+                end
+              end
+            end
+          end
+        end
+      end
+
+      def parse_create_authenticated_session_token_response(response_body)
+        result = ::MultiXml.parse(response_body)
+        result['response']['info']['token']['__content__'] rescue nil
+      end
+    end
+  end
+end

data/lib/omniauth-healthvault/version.rb

@@ -0,0 +1,5 @@
+module Omniauth
+  module Healthvault
+    VERSION = "0.0.1"
+  end
+end

data/lib/omniauth-healthvault.rb

@@ -0,0 +1,7 @@
+require 'omniauth-healthvault/version'
+require 'omniauth/strategies/healthvault'
+
+module Omniauth
+  module Healthvault
+  end
+end

data/omniauth-healthvault.gemspec

@@ -0,0 +1,23 @@
+# -*- encoding: utf-8 -*-
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'omniauth-healthvault/version'
+
+Gem::Specification.new do |gem|
+  gem.name          = "omniauth-healthvault"
+  gem.version       = Omniauth::Healthvault::VERSION
+  gem.authors       = ["Andrey Voronkov"]
+  gem.email         = ["andrey.voronkov@medm.com"]
+  gem.description   = %q{This is the unofficial OmniAuth strategy for authenticating to Microsoft HealthVault.}
+  gem.summary       = %q{This is the unofficial OmniAuth strategy for authenticating to Microsoft HealthVault.}
+  gem.homepage      = "https://github.com/Antiarchitect/omniauth-healthvault"
+  gem.files         = `git ls-files`.split($/)
+  gem.executables   = gem.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
+  gem.test_files    = gem.files.grep(%r{^(test|spec|features)/})
+  gem.require_paths = ["lib"]
+
+  gem.add_dependency 'builder', '~> 3.0'
+  gem.add_dependency 'faraday', '~> 0.8'
+  gem.add_dependency 'multi_xml', '~> 0.5'
+  gem.add_dependency 'omniauth', '~> 1.1.0'
+end

metadata

@@ -0,0 +1,122 @@
+--- !ruby/object:Gem::Specification
+name: omniauth-healthvault
+version: !ruby/object:Gem::Version
+  prerelease: 
+  version: 0.0.1
+platform: ruby
+authors:
+- Andrey Voronkov
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2013-02-21 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '3.0'
+    none: false
+  name: builder
+  type: :runtime
+  prerelease: false
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '3.0'
+    none: false
+- !ruby/object:Gem::Dependency
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '0.8'
+    none: false
+  name: faraday
+  type: :runtime
+  prerelease: false
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '0.8'
+    none: false
+- !ruby/object:Gem::Dependency
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '0.5'
+    none: false
+  name: multi_xml
+  type: :runtime
+  prerelease: false
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '0.5'
+    none: false
+- !ruby/object:Gem::Dependency
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 1.1.0
+    none: false
+  name: omniauth
+  type: :runtime
+  prerelease: false
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 1.1.0
+    none: false
+description: This is the unofficial OmniAuth strategy for authenticating to Microsoft
+  HealthVault.
+email:
+- andrey.voronkov@medm.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- CHANGELOG.md
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- lib/omniauth-healthvault.rb
+- lib/omniauth-healthvault/version.rb
+- lib/omniauth/strategies/healthvault.rb
+- omniauth-healthvault.gemspec
+homepage: https://github.com/Antiarchitect/omniauth-healthvault
+licenses: []
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+  none: false
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+  none: false
+requirements: []
+rubyforge_project: 
+rubygems_version: 1.8.24
+signing_key: 
+specification_version: 3
+summary: This is the unofficial OmniAuth strategy for authenticating to Microsoft
+  HealthVault.
+test_files: []
+has_rdoc: