omniauth-idcard 0.3.0 → 0.3.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/omniauth-idcard/version.rb +1 -1
- data/lib/omniauth/strategies/idcard.rb +23 -4
- data/spec/omniauth/strategies/idcard_spec.rb +15 -7
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: b6d5775a04d6025ad5c6a177fb2ffd17e938eb7b
|
|
4
|
+
data.tar.gz: 49c787e62f460df73fe2066afbaf6dcdbaa1b019
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 9c82c0a3df2bf69eea29dcce2d36d585ddef3c6400cf186b07e0f4591f2e0a11c030272800af5ff41d13c71f013eb90fe6001f55cdd80840ce6ad8269b9ac8e6
|
|
7
|
+
data.tar.gz: 20c5c25385826271e0b93af02dfb4dcfcbdf3b6eabe93a6bdad3a3f0677a62b48b2367ab1e17e8926119084bdc3537493368421aa2ab88ed00a758d58c993cdc
|
|
@@ -25,11 +25,13 @@ module OmniAuth
|
|
|
25
25
|
end
|
|
26
26
|
|
|
27
27
|
def request_phase
|
|
28
|
-
|
|
28
|
+
client_cert = @env[cert_variable]
|
|
29
|
+
|
|
30
|
+
if client_cert && client_cert != ''
|
|
29
31
|
debug "Start authentication with ID-Card. Got certificate from request #{cert_variable}:"
|
|
30
|
-
debug
|
|
32
|
+
debug client_cert
|
|
31
33
|
|
|
32
|
-
@user_data = parse_client_certificate(
|
|
34
|
+
@user_data = parse_client_certificate(client_cert)
|
|
33
35
|
@env['REQUEST_METHOD'] = 'GET'
|
|
34
36
|
@env['omniauth.auth'] = info
|
|
35
37
|
@env['PATH_INFO'] = "#{OmniAuth.config.path_prefix}/#{name}/callback"
|
|
@@ -56,7 +58,24 @@ module OmniAuth
|
|
|
56
58
|
end
|
|
57
59
|
|
|
58
60
|
def parse_client_certificate(data)
|
|
59
|
-
|
|
61
|
+
cert_data = ''
|
|
62
|
+
|
|
63
|
+
# Try to avoid ASN1 parsing errors by concating PEM certificate again
|
|
64
|
+
data.split(' ').each_with_index do |line, index|
|
|
65
|
+
if line.index('-')
|
|
66
|
+
cert_data << "#{line}"
|
|
67
|
+
|
|
68
|
+
if line.end_with?('-')
|
|
69
|
+
cert_data << "\n"
|
|
70
|
+
else
|
|
71
|
+
cert_data << " "
|
|
72
|
+
end
|
|
73
|
+
else
|
|
74
|
+
cert_data << "#{line}\n"
|
|
75
|
+
end
|
|
76
|
+
end
|
|
77
|
+
|
|
78
|
+
cert = OpenSSL::X509::Certificate.new(cert_data)
|
|
60
79
|
|
|
61
80
|
# from 2011-07-01 Common Name is encoded in UTF-8
|
|
62
81
|
subject_dn = if cert.not_before.to_date >= Date.parse('2011-07-01')
|
|
@@ -5,28 +5,36 @@ describe OmniAuth::Strategies::Idcard do
|
|
|
5
5
|
subject do
|
|
6
6
|
OmniAuth::Strategies::Idcard.new({})
|
|
7
7
|
end
|
|
8
|
-
|
|
8
|
+
|
|
9
9
|
context '#parse_client_certificate' do
|
|
10
10
|
before do
|
|
11
11
|
@hash = subject.parse_client_certificate(File.read(File.join('spec', 'certificates', "#{ssl_client_cert}.pem")))
|
|
12
12
|
end
|
|
13
|
-
|
|
13
|
+
|
|
14
14
|
let(:ssl_client_cert) { '' }
|
|
15
|
-
|
|
15
|
+
|
|
16
16
|
context 'UCS2' do
|
|
17
17
|
let(:ssl_client_cert) {'UCS2'}
|
|
18
|
-
|
|
18
|
+
|
|
19
19
|
it 'parses lastname' do
|
|
20
20
|
@hash['SN'].should == 'JÄRV'
|
|
21
21
|
end
|
|
22
|
-
end
|
|
22
|
+
end
|
|
23
23
|
|
|
24
24
|
context 'UTF-8' do
|
|
25
25
|
let(:ssl_client_cert) {'UTF8'}
|
|
26
|
-
|
|
26
|
+
|
|
27
27
|
it 'parses firstname' do
|
|
28
28
|
@hash['GN'].should == 'ÜLLE'
|
|
29
29
|
end
|
|
30
|
-
end
|
|
30
|
+
end
|
|
31
|
+
|
|
32
|
+
context 'UTF-8' do
|
|
33
|
+
let(:ssl_client_cert) {'UTF8_asn1'}
|
|
34
|
+
|
|
35
|
+
it 'parses firstname' do
|
|
36
|
+
@hash['GN'].should == 'TARMO'
|
|
37
|
+
end
|
|
38
|
+
end
|
|
31
39
|
end
|
|
32
40
|
end
|