omniauth-nordea 0.0.2 → 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/.travis.yml +3 -3
- data/LICENSE.txt +1 -1
- data/README.md +49 -5
- data/lib/omniauth-nordea.rb +1 -2
- data/lib/omniauth/locales/omniauth.en.yml +2 -2
- data/lib/omniauth/locales/omniauth.lv.yml +2 -2
- data/lib/omniauth/nordea/version.rb +1 -1
- data/lib/omniauth/strategies/nordea.rb +43 -17
- data/lib/omniauth/strategies/nordea/message.rb +35 -0
- data/lib/omniauth/strategies/nordea/request.rb +34 -0
- data/lib/omniauth/strategies/nordea/response.rb +37 -0
- data/omniauth-nordea.gemspec +5 -5
- data/spec/omniauth/strategies/nordea_spec.rb +42 -21
- metadata +28 -54
- data/lib/omniauth/strategies/nordea/request_helpers.rb +0 -89
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: d138bd311ca1b9406677d0876667508ceb221eab
|
4
|
+
data.tar.gz: 87856fbcb8cf3da31236a339bb617b0cd7e66d14
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: 1380fb65dc515b3bd9078b544b078630cec5e03f469f4fbc2a1c253c6e6805800b86202507e1ac32ac9178242962a287ec89e955153cd967ee874ea3f8cd3bb6
|
7
|
+
data.tar.gz: efcee3f5822466a29c3e63fb3efe426880a627dee5ea20b9b0570172f76e1b887eb8846d2752380df5fbf022006e0eb9be6e3d89c6099b41c8e7f719e30b74aa
|
data/.travis.yml
CHANGED
data/LICENSE.txt
CHANGED
data/README.md
CHANGED
@@ -1,11 +1,17 @@
|
|
1
|
-
# Omniauth
|
1
|
+
# Omniauth Nordea
|
2
2
|
|
3
3
|
Omniauth strategy for using Nordea Latvia as an authentication service provider.
|
4
4
|
|
5
|
-
[](http://badge.fury.io/rb/omniauth-nordea)
|
6
|
+
[](https://travis-ci.org/mak-it/omniauth-nordea)
|
7
7
|
|
8
|
-
Supported Ruby versions:
|
8
|
+
Supported Ruby versions: 2.2+
|
9
|
+
|
10
|
+
## Related projects
|
11
|
+
- [omniauth-citadele](https://github.com/mak-it/omniauth-citadele) - strategy for authenticating with Citadele
|
12
|
+
- [omniauth-dnb](https://github.com/mak-it/omniauth-dnb) - strategy for authenticating with DNB
|
13
|
+
- [omniauth-seb-elink](https://github.com/mak-it/omniauth-seb-elink) - strategy for authenticating with SEB
|
14
|
+
- [omniauth-swedbank](https://github.com/mak-it/omniauth-swedbank) - strategy for authenticating with Swedbank
|
9
15
|
|
10
16
|
## Installation
|
11
17
|
|
@@ -23,7 +29,45 @@ Or install it yourself as:
|
|
23
29
|
|
24
30
|
## Usage
|
25
31
|
|
26
|
-
|
32
|
+
Here's a quick example, adding the middleware to a Rails app
|
33
|
+
in `config/initializers/omniauth.rb`:
|
34
|
+
|
35
|
+
```ruby
|
36
|
+
Rails.application.config.middleware.use OmniAuth::Builder do
|
37
|
+
provider :nordea, ENV['NORDEA_RCVID'], ENV['NORDEA_MAC'],
|
38
|
+
endpoint: OmniAuth::Strategies::Nordea::PRODUCTION_ENDPOINT,
|
39
|
+
hash_algorithm: :sha1
|
40
|
+
end
|
41
|
+
```
|
42
|
+
|
43
|
+
## Auth Hash
|
44
|
+
|
45
|
+
Here's an example Auth Hash available in `request.env['omniauth.auth']`:
|
46
|
+
|
47
|
+
```ruby
|
48
|
+
{
|
49
|
+
provider: "nordea",
|
50
|
+
uid: "374042-80367",
|
51
|
+
info: {
|
52
|
+
full_name: "ARNIS RAITUMS"
|
53
|
+
},
|
54
|
+
extra: {
|
55
|
+
raw_info: {
|
56
|
+
B02K_ALG: "01",
|
57
|
+
B02K_CUSTID: "37404280367",
|
58
|
+
B02K_CUSTNAME: "RAITUMS ARNIS",
|
59
|
+
B02K_CUSTTYPE: "01",
|
60
|
+
B02K_IDNBR: "87654321LV",
|
61
|
+
B02K_KEYVERS: "0001",
|
62
|
+
B02K_MAC: "B2B82821F6EB9CA28E4D67F343914363",
|
63
|
+
B02K_STAMP: "yyyymmddhhmmssxxxxxx",
|
64
|
+
B02K_TIMESTMP: "20020170329134514398",
|
65
|
+
B02K_VERS: "0002",
|
66
|
+
omniauth_status: "success"
|
67
|
+
}
|
68
|
+
}
|
69
|
+
}
|
70
|
+
```
|
27
71
|
|
28
72
|
## Contributing
|
29
73
|
|
data/lib/omniauth-nordea.rb
CHANGED
@@ -1,10 +1,13 @@
|
|
1
1
|
require 'omniauth'
|
2
|
-
|
3
|
-
|
2
|
+
require_relative 'nordea/message'
|
3
|
+
require_relative 'nordea/request'
|
4
|
+
require_relative 'nordea/response'
|
4
5
|
|
5
6
|
module OmniAuth
|
6
7
|
module Strategies
|
7
8
|
class Nordea
|
9
|
+
class ValidationError < StandardError; end
|
10
|
+
|
8
11
|
PRODUCTION_ENDPOINT = "https://netbank.nordea.com/pnbeid/eidn.jsp"
|
9
12
|
TEST_ENDPOINT = "https://netbank.nordea.com/pnbeidtest/eidn.jsp"
|
10
13
|
|
@@ -26,38 +29,61 @@ module OmniAuth
|
|
26
29
|
|
27
30
|
info do
|
28
31
|
{
|
29
|
-
full_name: request.params["B02K_CUSTNAME"].
|
32
|
+
full_name: request.params["B02K_CUSTNAME"].split(" ").reverse.join(" ")
|
30
33
|
}
|
31
34
|
end
|
32
35
|
|
36
|
+
extra do
|
37
|
+
{ raw_info: request.params }
|
38
|
+
end
|
39
|
+
|
33
40
|
def callback_phase
|
34
|
-
|
35
|
-
|
36
|
-
|
41
|
+
if request.params["B02K_CUSTID"] && !request.params["B02K_CUSTID"].empty?
|
42
|
+
message = OmniAuth::Strategies::Nordea::Response.new(request.params)
|
43
|
+
message.validate!(options.mac)
|
44
|
+
super
|
45
|
+
else
|
46
|
+
fail!(:invalid_credentials)
|
47
|
+
end
|
48
|
+
rescue ValidationError => e
|
49
|
+
fail!(:invalid_mac, e)
|
37
50
|
end
|
38
51
|
|
39
52
|
def request_phase
|
40
|
-
|
41
|
-
|
42
|
-
|
43
|
-
|
53
|
+
message = OmniAuth::Strategies::Nordea::Request.new(
|
54
|
+
"A01Y_ACTION_ID" => "701",
|
55
|
+
"A01Y_VERS" => "0002",
|
56
|
+
"A01Y_RCVID" => options.rcvid,
|
57
|
+
"A01Y_LANGCODE" => "LV",
|
58
|
+
"A01Y_STAMP" => "yyyymmddhhmmssxxxxxx",
|
59
|
+
"A01Y_IDTYPE" => "02",
|
60
|
+
"A01Y_RETLINK" => callback_with_status_url("success"),
|
61
|
+
"A01Y_CANLINK" => callback_with_status_url("cancelled"),
|
62
|
+
"A01Y_REJLINK" => callback_with_status_url("rejected")
|
63
|
+
)
|
64
|
+
message.sign!(options.mac, options.hash_algorithm)
|
44
65
|
|
45
66
|
# Build redirect form
|
46
|
-
OmniAuth.
|
47
|
-
form = OmniAuth::Form.new(title: I18n.t("omniauth.swedbank.please_wait"), url: options.endpoint)
|
67
|
+
form = OmniAuth::Form.new(title: I18n.t("omniauth.nordea.please_wait"), url: options.endpoint)
|
48
68
|
|
49
|
-
|
69
|
+
message.each_pair do |k,v|
|
50
70
|
form.html "<input type=\"hidden\" name=\"#{k}\" value=\"#{v}\" />"
|
51
71
|
end
|
52
72
|
|
53
|
-
form.button I18n.t("omniauth.
|
73
|
+
form.button I18n.t("omniauth.nordea.click_here_if_not_redirected")
|
54
74
|
|
55
75
|
form.instance_variable_set("@html",
|
56
76
|
form.to_html.gsub("</form>", "</form><script type=\"text/javascript\">document.forms[0].submit();</script>"))
|
57
77
|
form.to_response
|
58
|
-
|
59
|
-
|
78
|
+
end
|
79
|
+
|
80
|
+
private
|
81
|
+
|
82
|
+
def callback_with_status_url(status)
|
83
|
+
url = URI(callback_url)
|
84
|
+
url.query = "omniauth_status=#{status}"
|
85
|
+
url
|
60
86
|
end
|
61
87
|
end
|
62
88
|
end
|
63
|
-
end
|
89
|
+
end
|
@@ -0,0 +1,35 @@
|
|
1
|
+
require 'digest/sha1'
|
2
|
+
require 'digest/md5'
|
3
|
+
|
4
|
+
module OmniAuth
|
5
|
+
module Strategies
|
6
|
+
class Nordea
|
7
|
+
class Message
|
8
|
+
ALGORITHM_NAMES = { "01" => :md5, "02" => :sha1 }
|
9
|
+
|
10
|
+
def initialize(hash)
|
11
|
+
@hash = hash
|
12
|
+
end
|
13
|
+
|
14
|
+
def to_hash
|
15
|
+
@hash
|
16
|
+
end
|
17
|
+
|
18
|
+
def each_pair(&block)
|
19
|
+
@hash.each_pair(&block)
|
20
|
+
end
|
21
|
+
|
22
|
+
private
|
23
|
+
|
24
|
+
def find_digester(hash_algorithm)
|
25
|
+
case hash_algorithm
|
26
|
+
when :sha1
|
27
|
+
Digest::SHA1
|
28
|
+
when :md5
|
29
|
+
Digest::MD5
|
30
|
+
end
|
31
|
+
end
|
32
|
+
end
|
33
|
+
end
|
34
|
+
end
|
35
|
+
end
|
@@ -0,0 +1,34 @@
|
|
1
|
+
module OmniAuth
|
2
|
+
module Strategies
|
3
|
+
class Nordea
|
4
|
+
class Request < Message
|
5
|
+
SIGNED_KEYS = [
|
6
|
+
'A01Y_ACTION_ID',
|
7
|
+
'A01Y_VERS', # 0002 (standard), 0003 (with additional data) or 0004.
|
8
|
+
'A01Y_RCVID',
|
9
|
+
'A01Y_LANGCODE', # ET, LV, LT, EN
|
10
|
+
'A01Y_STAMP', # yyyymmddhhmmssxxxxxx
|
11
|
+
'A01Y_IDTYPE',
|
12
|
+
'A01Y_RETLINK',
|
13
|
+
'A01Y_CANLINK',
|
14
|
+
'A01Y_REJLINK',
|
15
|
+
'A01Y_KEYVERS',
|
16
|
+
'A01Y_ALG', # 01 for md5, 02 for sha1
|
17
|
+
'A01Y_MAC',
|
18
|
+
]
|
19
|
+
|
20
|
+
def sign!(mac, hash_algorithm)
|
21
|
+
@hash["A01Y_KEYVERS"] = "0001"
|
22
|
+
@hash["A01Y_ALG"] = ALGORITHM_NAMES.key(hash_algorithm)
|
23
|
+
@hash["A01Y_MAC"] = mac
|
24
|
+
|
25
|
+
digester = find_digester(hash_algorithm)
|
26
|
+
signable_string = SIGNED_KEYS.map { |k| @hash[k] }.join("&") + "&"
|
27
|
+
@hash["A01Y_MAC"] = digester.hexdigest(signable_string).upcase
|
28
|
+
|
29
|
+
self
|
30
|
+
end
|
31
|
+
end
|
32
|
+
end
|
33
|
+
end
|
34
|
+
end
|
@@ -0,0 +1,37 @@
|
|
1
|
+
module OmniAuth
|
2
|
+
module Strategies
|
3
|
+
class Nordea
|
4
|
+
class Response < Message
|
5
|
+
SIGNED_KEYS = [
|
6
|
+
'B02K_VERS', # 0002 (standard), 0003 (with additional data) or 0004.
|
7
|
+
'B02K_TIMESTMP',
|
8
|
+
'B02K_IDNBR',
|
9
|
+
'B02K_STAMP',
|
10
|
+
'B02K_CUSTNAME',
|
11
|
+
'B02K_KEYVERS',
|
12
|
+
'B02K_ALG', # 01 for md5, 02 for sha1
|
13
|
+
'B02K_CUSTID',
|
14
|
+
'B02K_CUSTTYPE',
|
15
|
+
'B02K_MAC'
|
16
|
+
]
|
17
|
+
|
18
|
+
def validate!(mac)
|
19
|
+
received_digest = @hash['B02K_MAC']
|
20
|
+
|
21
|
+
h = @hash.dup
|
22
|
+
h['B02K_MAC'] = mac
|
23
|
+
|
24
|
+
digester = find_digester(ALGORITHM_NAMES[h['B02K_ALG']])
|
25
|
+
signable_string = SIGNED_KEYS.map { |k| CGI.escape(h[k]) }.join("&") + '&'
|
26
|
+
expected_digest = digester.hexdigest(signable_string).upcase
|
27
|
+
|
28
|
+
if expected_digest != received_digest
|
29
|
+
raise ValidationError, "Digest mismatch"
|
30
|
+
end
|
31
|
+
|
32
|
+
self
|
33
|
+
end
|
34
|
+
end
|
35
|
+
end
|
36
|
+
end
|
37
|
+
end
|
data/omniauth-nordea.gemspec
CHANGED
@@ -6,11 +6,11 @@ require 'omniauth/nordea/version'
|
|
6
6
|
Gem::Specification.new do |gem|
|
7
7
|
gem.name = 'omniauth-nordea'
|
8
8
|
gem.version = Omniauth::Nordea::VERSION
|
9
|
-
gem.authors = ['Jānis Kiršteins', 'Kristaps Ērglis']
|
10
|
-
gem.email = ['janis@montadigital.com', 'kristaps.erglis@gmail.com' ]
|
9
|
+
gem.authors = ['MAK IT', 'Jānis Kiršteins', 'Kristaps Ērglis']
|
10
|
+
gem.email = ['admin@makit.lv', 'janis@montadigital.com', 'kristaps.erglis@gmail.com' ]
|
11
11
|
gem.description = %q{OmniAuth strategy for Nordea bank}
|
12
12
|
gem.summary = %q{OmniAuth strategy for Nordea bank}
|
13
|
-
gem.homepage = ''
|
13
|
+
gem.homepage = 'https://github.com/mak-it/omniauth-nordea'
|
14
14
|
gem.license = 'MIT'
|
15
15
|
|
16
16
|
gem.files = `git ls-files`.split($/)
|
@@ -18,6 +18,8 @@ Gem::Specification.new do |gem|
|
|
18
18
|
gem.test_files = gem.files.grep(%r{^(test|spec|features)/})
|
19
19
|
gem.require_paths = ['lib']
|
20
20
|
|
21
|
+
gem.required_ruby_version = '>= 2.2.2'
|
22
|
+
|
21
23
|
gem.add_runtime_dependency 'omniauth', '~> 1.0'
|
22
24
|
gem.add_runtime_dependency 'i18n'
|
23
25
|
|
@@ -25,6 +27,4 @@ Gem::Specification.new do |gem|
|
|
25
27
|
gem.add_development_dependency 'rspec', '~> 2.7'
|
26
28
|
gem.add_development_dependency 'bundler', '~> 1.3'
|
27
29
|
gem.add_development_dependency 'rake'
|
28
|
-
gem.add_development_dependency 'pry'
|
29
|
-
|
30
30
|
end
|
@@ -1,13 +1,12 @@
|
|
1
1
|
require 'spec_helper'
|
2
2
|
|
3
3
|
describe OmniAuth::Strategies::Nordea do
|
4
|
-
|
5
|
-
|
6
|
-
MAC = 'AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA'
|
4
|
+
RCVID = '87654321LV'
|
5
|
+
MAC = 'LEHTI'
|
7
6
|
|
8
7
|
let(:app){ Rack::Builder.new do |b|
|
9
8
|
b.use Rack::Session::Cookie, {:secret => "abc123"}
|
10
|
-
b.use OmniAuth::Strategies::Nordea, RCVID, MAC
|
9
|
+
b.use OmniAuth::Strategies::Nordea, RCVID, MAC, hash_algorithm: :md5
|
11
10
|
b.run lambda{|env| [404, {}, ['Not Found']]}
|
12
11
|
end.to_app }
|
13
12
|
|
@@ -35,14 +34,15 @@ describe OmniAuth::Strategies::Nordea do
|
|
35
34
|
"A01Y_CANLINK" => "http://example.org/auth/nordea/callback?omniauth_status=cancelled",
|
36
35
|
"A01Y_REJLINK" => "http://example.org/auth/nordea/callback?omniauth_status=rejected",
|
37
36
|
"A01Y_KEYVERS" => "0001",
|
38
|
-
"A01Y_ALG" => "
|
39
|
-
"A01Y_MAC" => "
|
37
|
+
"A01Y_ALG" => "01",
|
38
|
+
"A01Y_MAC" => "5EF7613AA29E659456C47D0F9C471470"
|
40
39
|
}
|
41
40
|
|
42
41
|
EXPECTED_VALUES.each_pair do |k,v|
|
43
42
|
it "has hidden input field #{k} => #{v}" do
|
44
|
-
expect(last_response.body.
|
45
|
-
"<input type=\"hidden\" name=\"#{k}\" value=\"#{v}\""
|
43
|
+
expect(last_response.body).to include(
|
44
|
+
"<input type=\"hidden\" name=\"#{k}\" value=\"#{v}\""
|
45
|
+
)
|
46
46
|
end
|
47
47
|
end
|
48
48
|
|
@@ -53,25 +53,46 @@ describe OmniAuth::Strategies::Nordea do
|
|
53
53
|
|
54
54
|
context "with valid response" do
|
55
55
|
before do
|
56
|
-
post
|
57
|
-
"
|
58
|
-
"
|
59
|
-
"
|
60
|
-
"
|
61
|
-
"
|
62
|
-
"B02K_KEYVERS"
|
63
|
-
"
|
64
|
-
"
|
65
|
-
"
|
66
|
-
"
|
56
|
+
post '/auth/nordea/callback',
|
57
|
+
"B02K_ALG": "01",
|
58
|
+
"B02K_CUSTID": "37404280367",
|
59
|
+
"B02K_CUSTNAME": "RAITUMS ARNIS",
|
60
|
+
"B02K_CUSTTYPE": "01",
|
61
|
+
"B02K_IDNBR": "87654321LV",
|
62
|
+
"B02K_KEYVERS": "0001",
|
63
|
+
"B02K_MAC": "B2B82821F6EB9CA28E4D67F343914363",
|
64
|
+
"B02K_STAMP": "yyyymmddhhmmssxxxxxx",
|
65
|
+
"B02K_TIMESTMP": "20020170329134514398",
|
66
|
+
"B02K_VERS": "0002"
|
67
67
|
end
|
68
68
|
|
69
69
|
it "sets the correct uid value in the auth hash" do
|
70
|
-
expect(auth_hash.uid).to eq("
|
70
|
+
expect(auth_hash.uid).to eq("374042-80367")
|
71
71
|
end
|
72
72
|
|
73
73
|
it "sets the correct info.full_name value in the auth hash" do
|
74
|
-
expect(auth_hash.info.full_name).to eq("
|
74
|
+
expect(auth_hash.info.full_name).to eq("ARNIS RAITUMS")
|
75
|
+
end
|
76
|
+
end
|
77
|
+
|
78
|
+
context "with invalid MAC" do
|
79
|
+
before do
|
80
|
+
post '/auth/nordea/callback',
|
81
|
+
"B02K_ALG": "01",
|
82
|
+
"B02K_CUSTID": "37404280367",
|
83
|
+
"B02K_CUSTNAME": "RAITUMS ARNIS",
|
84
|
+
"B02K_CUSTTYPE": "01",
|
85
|
+
"B02K_IDNBR": "87654321LV",
|
86
|
+
"B02K_KEYVERS": "0001",
|
87
|
+
"B02K_MAC": "B9CA28E4D67F343914B2B82821F6E363",
|
88
|
+
"B02K_STAMP": "yyyymmddhhmmssxxxxxx",
|
89
|
+
"B02K_TIMESTMP": "20020170329134514398",
|
90
|
+
"B02K_VERS": "0002"
|
91
|
+
end
|
92
|
+
|
93
|
+
it "fails with invalid_mac error" do
|
94
|
+
expect(auth_hash).to eq(nil)
|
95
|
+
expect(last_request.env['omniauth.error.type']).to eq(:invalid_mac)
|
75
96
|
end
|
76
97
|
end
|
77
98
|
|
metadata
CHANGED
@@ -1,139 +1,112 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: omniauth-nordea
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0
|
5
|
-
prerelease:
|
4
|
+
version: 0.1.0
|
6
5
|
platform: ruby
|
7
6
|
authors:
|
7
|
+
- MAK IT
|
8
8
|
- Jānis Kiršteins
|
9
9
|
- Kristaps Ērglis
|
10
10
|
autorequire:
|
11
11
|
bindir: bin
|
12
12
|
cert_chain: []
|
13
|
-
date:
|
13
|
+
date: 2019-02-14 00:00:00.000000000 Z
|
14
14
|
dependencies:
|
15
15
|
- !ruby/object:Gem::Dependency
|
16
16
|
name: omniauth
|
17
17
|
requirement: !ruby/object:Gem::Requirement
|
18
|
-
none: false
|
19
18
|
requirements:
|
20
|
-
- - ~>
|
19
|
+
- - "~>"
|
21
20
|
- !ruby/object:Gem::Version
|
22
21
|
version: '1.0'
|
23
22
|
type: :runtime
|
24
23
|
prerelease: false
|
25
24
|
version_requirements: !ruby/object:Gem::Requirement
|
26
|
-
none: false
|
27
25
|
requirements:
|
28
|
-
- - ~>
|
26
|
+
- - "~>"
|
29
27
|
- !ruby/object:Gem::Version
|
30
28
|
version: '1.0'
|
31
29
|
- !ruby/object:Gem::Dependency
|
32
30
|
name: i18n
|
33
31
|
requirement: !ruby/object:Gem::Requirement
|
34
|
-
none: false
|
35
32
|
requirements:
|
36
|
-
- -
|
33
|
+
- - ">="
|
37
34
|
- !ruby/object:Gem::Version
|
38
35
|
version: '0'
|
39
36
|
type: :runtime
|
40
37
|
prerelease: false
|
41
38
|
version_requirements: !ruby/object:Gem::Requirement
|
42
|
-
none: false
|
43
39
|
requirements:
|
44
|
-
- -
|
40
|
+
- - ">="
|
45
41
|
- !ruby/object:Gem::Version
|
46
42
|
version: '0'
|
47
43
|
- !ruby/object:Gem::Dependency
|
48
44
|
name: rack-test
|
49
45
|
requirement: !ruby/object:Gem::Requirement
|
50
|
-
none: false
|
51
46
|
requirements:
|
52
|
-
- -
|
47
|
+
- - ">="
|
53
48
|
- !ruby/object:Gem::Version
|
54
49
|
version: '0'
|
55
50
|
type: :development
|
56
51
|
prerelease: false
|
57
52
|
version_requirements: !ruby/object:Gem::Requirement
|
58
|
-
none: false
|
59
53
|
requirements:
|
60
|
-
- -
|
54
|
+
- - ">="
|
61
55
|
- !ruby/object:Gem::Version
|
62
56
|
version: '0'
|
63
57
|
- !ruby/object:Gem::Dependency
|
64
58
|
name: rspec
|
65
59
|
requirement: !ruby/object:Gem::Requirement
|
66
|
-
none: false
|
67
60
|
requirements:
|
68
|
-
- - ~>
|
61
|
+
- - "~>"
|
69
62
|
- !ruby/object:Gem::Version
|
70
63
|
version: '2.7'
|
71
64
|
type: :development
|
72
65
|
prerelease: false
|
73
66
|
version_requirements: !ruby/object:Gem::Requirement
|
74
|
-
none: false
|
75
67
|
requirements:
|
76
|
-
- - ~>
|
68
|
+
- - "~>"
|
77
69
|
- !ruby/object:Gem::Version
|
78
70
|
version: '2.7'
|
79
71
|
- !ruby/object:Gem::Dependency
|
80
72
|
name: bundler
|
81
73
|
requirement: !ruby/object:Gem::Requirement
|
82
|
-
none: false
|
83
74
|
requirements:
|
84
|
-
- - ~>
|
75
|
+
- - "~>"
|
85
76
|
- !ruby/object:Gem::Version
|
86
77
|
version: '1.3'
|
87
78
|
type: :development
|
88
79
|
prerelease: false
|
89
80
|
version_requirements: !ruby/object:Gem::Requirement
|
90
|
-
none: false
|
91
81
|
requirements:
|
92
|
-
- - ~>
|
82
|
+
- - "~>"
|
93
83
|
- !ruby/object:Gem::Version
|
94
84
|
version: '1.3'
|
95
85
|
- !ruby/object:Gem::Dependency
|
96
86
|
name: rake
|
97
87
|
requirement: !ruby/object:Gem::Requirement
|
98
|
-
none: false
|
99
88
|
requirements:
|
100
|
-
- -
|
89
|
+
- - ">="
|
101
90
|
- !ruby/object:Gem::Version
|
102
91
|
version: '0'
|
103
92
|
type: :development
|
104
93
|
prerelease: false
|
105
94
|
version_requirements: !ruby/object:Gem::Requirement
|
106
|
-
none: false
|
107
95
|
requirements:
|
108
|
-
- -
|
109
|
-
- !ruby/object:Gem::Version
|
110
|
-
version: '0'
|
111
|
-
- !ruby/object:Gem::Dependency
|
112
|
-
name: pry
|
113
|
-
requirement: !ruby/object:Gem::Requirement
|
114
|
-
none: false
|
115
|
-
requirements:
|
116
|
-
- - ! '>='
|
117
|
-
- !ruby/object:Gem::Version
|
118
|
-
version: '0'
|
119
|
-
type: :development
|
120
|
-
prerelease: false
|
121
|
-
version_requirements: !ruby/object:Gem::Requirement
|
122
|
-
none: false
|
123
|
-
requirements:
|
124
|
-
- - ! '>='
|
96
|
+
- - ">="
|
125
97
|
- !ruby/object:Gem::Version
|
126
98
|
version: '0'
|
127
99
|
description: OmniAuth strategy for Nordea bank
|
128
100
|
email:
|
101
|
+
- admin@makit.lv
|
129
102
|
- janis@montadigital.com
|
130
103
|
- kristaps.erglis@gmail.com
|
131
104
|
executables: []
|
132
105
|
extensions: []
|
133
106
|
extra_rdoc_files: []
|
134
107
|
files:
|
135
|
-
- .gitignore
|
136
|
-
- .travis.yml
|
108
|
+
- ".gitignore"
|
109
|
+
- ".travis.yml"
|
137
110
|
- Gemfile
|
138
111
|
- LICENSE.txt
|
139
112
|
- README.md
|
@@ -144,34 +117,35 @@ files:
|
|
144
117
|
- lib/omniauth/nordea.rb
|
145
118
|
- lib/omniauth/nordea/version.rb
|
146
119
|
- lib/omniauth/strategies/nordea.rb
|
147
|
-
- lib/omniauth/strategies/nordea/
|
120
|
+
- lib/omniauth/strategies/nordea/message.rb
|
121
|
+
- lib/omniauth/strategies/nordea/request.rb
|
122
|
+
- lib/omniauth/strategies/nordea/response.rb
|
148
123
|
- omniauth-nordea.gemspec
|
149
124
|
- spec/omniauth/strategies/nordea_spec.rb
|
150
125
|
- spec/spec_helper.rb
|
151
|
-
homepage:
|
126
|
+
homepage: https://github.com/mak-it/omniauth-nordea
|
152
127
|
licenses:
|
153
128
|
- MIT
|
129
|
+
metadata: {}
|
154
130
|
post_install_message:
|
155
131
|
rdoc_options: []
|
156
132
|
require_paths:
|
157
133
|
- lib
|
158
134
|
required_ruby_version: !ruby/object:Gem::Requirement
|
159
|
-
none: false
|
160
135
|
requirements:
|
161
|
-
- -
|
136
|
+
- - ">="
|
162
137
|
- !ruby/object:Gem::Version
|
163
|
-
version:
|
138
|
+
version: 2.2.2
|
164
139
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
165
|
-
none: false
|
166
140
|
requirements:
|
167
|
-
- -
|
141
|
+
- - ">="
|
168
142
|
- !ruby/object:Gem::Version
|
169
143
|
version: '0'
|
170
144
|
requirements: []
|
171
145
|
rubyforge_project:
|
172
|
-
rubygems_version:
|
146
|
+
rubygems_version: 2.6.14
|
173
147
|
signing_key:
|
174
|
-
specification_version:
|
148
|
+
specification_version: 4
|
175
149
|
summary: OmniAuth strategy for Nordea bank
|
176
150
|
test_files:
|
177
151
|
- spec/omniauth/strategies/nordea_spec.rb
|
@@ -1,89 +0,0 @@
|
|
1
|
-
require 'digest/sha1'
|
2
|
-
require 'digest/md5'
|
3
|
-
|
4
|
-
module OmniAuth
|
5
|
-
module Strategies
|
6
|
-
class Nordea
|
7
|
-
class ArgumentError < StandardError; end
|
8
|
-
|
9
|
-
# 'A01Y_ACTION_ID',
|
10
|
-
# 'A01Y_VERS', # 0002 (standard), 0003 (with additional data) or 0004.
|
11
|
-
# => Only 0002 supported
|
12
|
-
# 'A01Y_RCVID',
|
13
|
-
# 'A01Y_LANGCODE', # ET, LV, LT, EN
|
14
|
-
# 'A01Y_STAMP', # yyyymmddhhmmssxxxxxx
|
15
|
-
# 'A01Y_IDTYPE',
|
16
|
-
# 'A01Y_RETLINK',
|
17
|
-
# 'A01Y_CANLINK',
|
18
|
-
# 'A01Y_REJLINK',
|
19
|
-
# 'A01Y_KEYVERS',
|
20
|
-
# 'A01Y_ALG', 01 for md5, 02 for sha1
|
21
|
-
# 'A01Y_MAC',
|
22
|
-
|
23
|
-
ALGORITHM_NAMES = { "01" => :md5, "02" => :sha1 }
|
24
|
-
SUPPORTED_LANG_CODES = [ :LV, :ET, :LT, :EN ]
|
25
|
-
SUPPORTED_VERSIONS = [ "0002" ]
|
26
|
-
|
27
|
-
class << self
|
28
|
-
|
29
|
-
def callback_variation(callback_url, status)
|
30
|
-
url = URI(callback_url)
|
31
|
-
url.query = "omniauth_status=#{status}"
|
32
|
-
url
|
33
|
-
end
|
34
|
-
|
35
|
-
# We're counting on receiving an ordered hash
|
36
|
-
# This method
|
37
|
-
def sign_hash_in_place(hash)
|
38
|
-
|
39
|
-
signable_string = hash.values.join("&") + "&"
|
40
|
-
|
41
|
-
digest_class =
|
42
|
-
case ALGORITHM_NAMES[ hash["A01Y_ALG"] ]
|
43
|
-
when :sha1
|
44
|
-
Digest::SHA1
|
45
|
-
when :md5
|
46
|
-
Digest::MD5
|
47
|
-
end
|
48
|
-
|
49
|
-
hash["A01Y_MAC"] = digest_class.send(:hexdigest, signable_string)
|
50
|
-
end
|
51
|
-
|
52
|
-
def build_request_hash(rcvid, mac, callback_url, opts = {})
|
53
|
-
opts = {
|
54
|
-
algorithm: :sha1,
|
55
|
-
version: "0002",
|
56
|
-
langcode: :LV
|
57
|
-
}.merge(opts)
|
58
|
-
|
59
|
-
if !SUPPORTED_LANG_CODES.include?(opts[:langcode])
|
60
|
-
raise ArgumentError.new (":langcode must be one of " + SUPPORTED_LANG_CODES.to_s)
|
61
|
-
end
|
62
|
-
|
63
|
-
if !ALGORITHM_NAMES.values.include?(opts[:algorithm])
|
64
|
-
raise ArgumentError.new (":algorithm must be one of " + ALGORITHM_NAMES.values.to_s)
|
65
|
-
end
|
66
|
-
|
67
|
-
if !SUPPORTED_VERSIONS.include?(opts[:version])
|
68
|
-
raise ArgumentError.new (":version must be one of " + SUPPORTED_VERSIONS.to_s)
|
69
|
-
end
|
70
|
-
|
71
|
-
{
|
72
|
-
"A01Y_ACTION_ID" => "701",
|
73
|
-
"A01Y_VERS" => opts[:version],
|
74
|
-
"A01Y_RCVID" => rcvid,
|
75
|
-
"A01Y_LANGCODE" => opts[:langcode],
|
76
|
-
"A01Y_STAMP" => "yyyymmddhhmmssxxxxxx",
|
77
|
-
"A01Y_IDTYPE" => "02",
|
78
|
-
"A01Y_RETLINK" => self.callback_variation(callback_url, "success"),
|
79
|
-
"A01Y_CANLINK" => self.callback_variation(callback_url, "cancelled"),
|
80
|
-
"A01Y_REJLINK" => self.callback_variation(callback_url, "rejected"),
|
81
|
-
"A01Y_KEYVERS" => "0001",
|
82
|
-
"A01Y_ALG" => ALGORITHM_NAMES.key(opts[:algorithm]),
|
83
|
-
"A01Y_MAC" => mac
|
84
|
-
}
|
85
|
-
end
|
86
|
-
end
|
87
|
-
end
|
88
|
-
end
|
89
|
-
end
|