omniauth-idcard 0.0.1

data/.gitignore

@@ -0,0 +1,4 @@
+*.gem
+.bundle
+Gemfile.lock
+pkg/*

data/Gemfile

@@ -0,0 +1,4 @@
+source "http://rubygems.org"
+
+# Specify your gem's dependencies in omniauth-idcard.gemspec
+gemspec

data/Rakefile

@@ -0,0 +1 @@
+require "bundler/gem_tasks"

data/lib/omniauth-idcard.rb

@@ -0,0 +1,2 @@
+require "omniauth-idcard/version"
+require "omniauth/strategies/idcard"

data/lib/omniauth-idcard/version.rb

@@ -0,0 +1,5 @@
+module Omniauth
+  module Idcard
+    VERSION = "0.0.1"
+  end
+end

data/lib/omniauth/strategies/idcard.rb

@@ -0,0 +1,67 @@
+require 'omniauth-oauth'
+require 'openssl'
+require 'yaml'
+
+module OmniAuth
+  module Strategies
+    class Idcard < OmniAuth::Strategies::OAuth
+      
+      option :name, 'idcard'
+      option :logger, nil
+      
+      uid { @user_data['serialNumber'] }
+      
+      info do
+        {
+          'user_info' => {
+            'personal_code' => @user_data['serialNumber'],
+            'first_name' => @user_data['GN'],
+            'last_name' => @user_data['SN'],
+            'name' => "#{@user_data['GN']} #{@user_data['SN']}"
+          }
+        }
+      end
+      
+      def request_phase
+        if @env['SSL_CLIENT_CERT']
+          debug "Start authentication with ID-Card. Got certificate:"
+          debug @env['SSL_CLIENT_CERT']
+          
+          @user_data = parse_client_certificate(@env['SSL_CLIENT_CERT'])
+          @env['REQUEST_METHOD'] = 'GET'
+          @env['PATH_INFO'] = "#{OmniAuth.config.path_prefix}/#{name}/callback"
+          
+          debug "ID-Card request was authenticated successfully. User data: #{auth_hash.inspect}"
+          
+          call_app!
+        else
+          debug "Could not authenticate with ID-Card. Certificate is missing."
+          fail!(:client_certificate_missing, {'error' => 'Client certificate is missing'})
+        end
+      end
+      
+      def parse_client_certificate(data)
+        cert = OpenSSL::X509::Certificate.new(data)
+        subject_dn = YAML.unescape(cert.subject.to_s.scan(/./mu) {|s| s[0].chr })
+        
+        debug "Subject DN: #{subject_dn}"
+        
+        subject_dn.split('/').inject(Hash.new) do |memo, part|
+          item = part.split('=')
+          memo[item.first] = item.last
+          memo
+        end
+      end
+
+      def callback_phase
+        fail!(:invalid_credentials)
+      end
+
+      private 
+      
+      def debug(message)
+        options[:logger].debug("#{Time.now} #{message}") if options[:logger]
+      end
+    end
+  end
+end

data/omniauth-idcard.gemspec

@@ -0,0 +1,22 @@
+# -*- encoding: utf-8 -*-
+$:.push File.expand_path("../lib", __FILE__)
+require "omniauth-idcard/version"
+
+Gem::Specification.new do |s|
+  s.name        = "omniauth-idcard"
+  s.version     = Omniauth::Idcard::VERSION
+  s.authors     = ["Tarmo Talu"]
+  s.email       = ["tarmo.talu@gmail.com"]
+  s.homepage    = "http://github.com/tarmotalu/omniauth-idcard"
+  s.summary     = %q{OmniAuth strategy for Estonian ID-Card}
+  s.description = %q{OmniAuth strategy for Estonian ID-Card}
+
+  s.rubyforge_project = "omniauth-idcard"
+
+  s.files         = `git ls-files`.split("\n")
+  s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
+  s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
+  s.require_paths = ["lib"]
+
+  s.add_dependency 'omniauth-oauth', '~> 1.0'
+end

metadata

@@ -0,0 +1,63 @@
+--- !ruby/object:Gem::Specification
+name: omniauth-idcard
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+  prerelease: 
+platform: ruby
+authors:
+- Tarmo Talu
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2012-02-15 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: omniauth-oauth
+  requirement: &70168563340680 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: *70168563340680
+description: OmniAuth strategy for Estonian ID-Card
+email:
+- tarmo.talu@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- Gemfile
+- Rakefile
+- lib/omniauth-idcard.rb
+- lib/omniauth-idcard/version.rb
+- lib/omniauth/strategies/idcard.rb
+- omniauth-idcard.gemspec
+homepage: http://github.com/tarmotalu/omniauth-idcard
+licenses: []
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: omniauth-idcard
+rubygems_version: 1.8.11
+signing_key: 
+specification_version: 3
+summary: OmniAuth strategy for Estonian ID-Card
+test_files: []