omniauth-idcard 0.0.1
Sign up to get free protection for your applications and to get access to all the features.
- data/.gitignore +4 -0
- data/Gemfile +4 -0
- data/Rakefile +1 -0
- data/lib/omniauth-idcard.rb +2 -0
- data/lib/omniauth-idcard/version.rb +5 -0
- data/lib/omniauth/strategies/idcard.rb +67 -0
- data/omniauth-idcard.gemspec +22 -0
- metadata +63 -0
data/.gitignore
ADDED
data/Gemfile
ADDED
data/Rakefile
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
require "bundler/gem_tasks"
|
@@ -0,0 +1,67 @@
|
|
1
|
+
require 'omniauth-oauth'
|
2
|
+
require 'openssl'
|
3
|
+
require 'yaml'
|
4
|
+
|
5
|
+
module OmniAuth
|
6
|
+
module Strategies
|
7
|
+
class Idcard < OmniAuth::Strategies::OAuth
|
8
|
+
|
9
|
+
option :name, 'idcard'
|
10
|
+
option :logger, nil
|
11
|
+
|
12
|
+
uid { @user_data['serialNumber'] }
|
13
|
+
|
14
|
+
info do
|
15
|
+
{
|
16
|
+
'user_info' => {
|
17
|
+
'personal_code' => @user_data['serialNumber'],
|
18
|
+
'first_name' => @user_data['GN'],
|
19
|
+
'last_name' => @user_data['SN'],
|
20
|
+
'name' => "#{@user_data['GN']} #{@user_data['SN']}"
|
21
|
+
}
|
22
|
+
}
|
23
|
+
end
|
24
|
+
|
25
|
+
def request_phase
|
26
|
+
if @env['SSL_CLIENT_CERT']
|
27
|
+
debug "Start authentication with ID-Card. Got certificate:"
|
28
|
+
debug @env['SSL_CLIENT_CERT']
|
29
|
+
|
30
|
+
@user_data = parse_client_certificate(@env['SSL_CLIENT_CERT'])
|
31
|
+
@env['REQUEST_METHOD'] = 'GET'
|
32
|
+
@env['PATH_INFO'] = "#{OmniAuth.config.path_prefix}/#{name}/callback"
|
33
|
+
|
34
|
+
debug "ID-Card request was authenticated successfully. User data: #{auth_hash.inspect}"
|
35
|
+
|
36
|
+
call_app!
|
37
|
+
else
|
38
|
+
debug "Could not authenticate with ID-Card. Certificate is missing."
|
39
|
+
fail!(:client_certificate_missing, {'error' => 'Client certificate is missing'})
|
40
|
+
end
|
41
|
+
end
|
42
|
+
|
43
|
+
def parse_client_certificate(data)
|
44
|
+
cert = OpenSSL::X509::Certificate.new(data)
|
45
|
+
subject_dn = YAML.unescape(cert.subject.to_s.scan(/./mu) {|s| s[0].chr })
|
46
|
+
|
47
|
+
debug "Subject DN: #{subject_dn}"
|
48
|
+
|
49
|
+
subject_dn.split('/').inject(Hash.new) do |memo, part|
|
50
|
+
item = part.split('=')
|
51
|
+
memo[item.first] = item.last
|
52
|
+
memo
|
53
|
+
end
|
54
|
+
end
|
55
|
+
|
56
|
+
def callback_phase
|
57
|
+
fail!(:invalid_credentials)
|
58
|
+
end
|
59
|
+
|
60
|
+
private
|
61
|
+
|
62
|
+
def debug(message)
|
63
|
+
options[:logger].debug("#{Time.now} #{message}") if options[:logger]
|
64
|
+
end
|
65
|
+
end
|
66
|
+
end
|
67
|
+
end
|
@@ -0,0 +1,22 @@
|
|
1
|
+
# -*- encoding: utf-8 -*-
|
2
|
+
$:.push File.expand_path("../lib", __FILE__)
|
3
|
+
require "omniauth-idcard/version"
|
4
|
+
|
5
|
+
Gem::Specification.new do |s|
|
6
|
+
s.name = "omniauth-idcard"
|
7
|
+
s.version = Omniauth::Idcard::VERSION
|
8
|
+
s.authors = ["Tarmo Talu"]
|
9
|
+
s.email = ["tarmo.talu@gmail.com"]
|
10
|
+
s.homepage = "http://github.com/tarmotalu/omniauth-idcard"
|
11
|
+
s.summary = %q{OmniAuth strategy for Estonian ID-Card}
|
12
|
+
s.description = %q{OmniAuth strategy for Estonian ID-Card}
|
13
|
+
|
14
|
+
s.rubyforge_project = "omniauth-idcard"
|
15
|
+
|
16
|
+
s.files = `git ls-files`.split("\n")
|
17
|
+
s.test_files = `git ls-files -- {test,spec,features}/*`.split("\n")
|
18
|
+
s.executables = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
|
19
|
+
s.require_paths = ["lib"]
|
20
|
+
|
21
|
+
s.add_dependency 'omniauth-oauth', '~> 1.0'
|
22
|
+
end
|
metadata
ADDED
@@ -0,0 +1,63 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: omniauth-idcard
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.0.1
|
5
|
+
prerelease:
|
6
|
+
platform: ruby
|
7
|
+
authors:
|
8
|
+
- Tarmo Talu
|
9
|
+
autorequire:
|
10
|
+
bindir: bin
|
11
|
+
cert_chain: []
|
12
|
+
date: 2012-02-15 00:00:00.000000000 Z
|
13
|
+
dependencies:
|
14
|
+
- !ruby/object:Gem::Dependency
|
15
|
+
name: omniauth-oauth
|
16
|
+
requirement: &70168563340680 !ruby/object:Gem::Requirement
|
17
|
+
none: false
|
18
|
+
requirements:
|
19
|
+
- - ~>
|
20
|
+
- !ruby/object:Gem::Version
|
21
|
+
version: '1.0'
|
22
|
+
type: :runtime
|
23
|
+
prerelease: false
|
24
|
+
version_requirements: *70168563340680
|
25
|
+
description: OmniAuth strategy for Estonian ID-Card
|
26
|
+
email:
|
27
|
+
- tarmo.talu@gmail.com
|
28
|
+
executables: []
|
29
|
+
extensions: []
|
30
|
+
extra_rdoc_files: []
|
31
|
+
files:
|
32
|
+
- .gitignore
|
33
|
+
- Gemfile
|
34
|
+
- Rakefile
|
35
|
+
- lib/omniauth-idcard.rb
|
36
|
+
- lib/omniauth-idcard/version.rb
|
37
|
+
- lib/omniauth/strategies/idcard.rb
|
38
|
+
- omniauth-idcard.gemspec
|
39
|
+
homepage: http://github.com/tarmotalu/omniauth-idcard
|
40
|
+
licenses: []
|
41
|
+
post_install_message:
|
42
|
+
rdoc_options: []
|
43
|
+
require_paths:
|
44
|
+
- lib
|
45
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
46
|
+
none: false
|
47
|
+
requirements:
|
48
|
+
- - ! '>='
|
49
|
+
- !ruby/object:Gem::Version
|
50
|
+
version: '0'
|
51
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
52
|
+
none: false
|
53
|
+
requirements:
|
54
|
+
- - ! '>='
|
55
|
+
- !ruby/object:Gem::Version
|
56
|
+
version: '0'
|
57
|
+
requirements: []
|
58
|
+
rubyforge_project: omniauth-idcard
|
59
|
+
rubygems_version: 1.8.11
|
60
|
+
signing_key:
|
61
|
+
specification_version: 3
|
62
|
+
summary: OmniAuth strategy for Estonian ID-Card
|
63
|
+
test_files: []
|