omniauth-nordea 0.0.2 → 0.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.travis.yml +3 -3
- data/LICENSE.txt +1 -1
- data/README.md +49 -5
- data/lib/omniauth-nordea.rb +1 -2
- data/lib/omniauth/locales/omniauth.en.yml +2 -2
- data/lib/omniauth/locales/omniauth.lv.yml +2 -2
- data/lib/omniauth/nordea/version.rb +1 -1
- data/lib/omniauth/strategies/nordea.rb +43 -17
- data/lib/omniauth/strategies/nordea/message.rb +35 -0
- data/lib/omniauth/strategies/nordea/request.rb +34 -0
- data/lib/omniauth/strategies/nordea/response.rb +37 -0
- data/omniauth-nordea.gemspec +5 -5
- data/spec/omniauth/strategies/nordea_spec.rb +42 -21
- metadata +28 -54
- data/lib/omniauth/strategies/nordea/request_helpers.rb +0 -89
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: d138bd311ca1b9406677d0876667508ceb221eab
|
4
|
+
data.tar.gz: 87856fbcb8cf3da31236a339bb617b0cd7e66d14
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: 1380fb65dc515b3bd9078b544b078630cec5e03f469f4fbc2a1c253c6e6805800b86202507e1ac32ac9178242962a287ec89e955153cd967ee874ea3f8cd3bb6
|
7
|
+
data.tar.gz: efcee3f5822466a29c3e63fb3efe426880a627dee5ea20b9b0570172f76e1b887eb8846d2752380df5fbf022006e0eb9be6e3d89c6099b41c8e7f719e30b74aa
|
data/.travis.yml
CHANGED
data/LICENSE.txt
CHANGED
data/README.md
CHANGED
@@ -1,11 +1,17 @@
|
|
1
|
-
# Omniauth
|
1
|
+
# Omniauth Nordea
|
2
2
|
|
3
3
|
Omniauth strategy for using Nordea Latvia as an authentication service provider.
|
4
4
|
|
5
|
-
[![Gem Version](https://badge.fury.io/rb/omniauth-nordea.
|
6
|
-
[![Build Status](https://travis-ci.org/
|
5
|
+
[![Gem Version](https://badge.fury.io/rb/omniauth-nordea.svg)](http://badge.fury.io/rb/omniauth-nordea)
|
6
|
+
[![Build Status](https://travis-ci.org/mak-it/omniauth-nordea.svg?branch=master)](https://travis-ci.org/mak-it/omniauth-nordea)
|
7
7
|
|
8
|
-
Supported Ruby versions:
|
8
|
+
Supported Ruby versions: 2.2+
|
9
|
+
|
10
|
+
## Related projects
|
11
|
+
- [omniauth-citadele](https://github.com/mak-it/omniauth-citadele) - strategy for authenticating with Citadele
|
12
|
+
- [omniauth-dnb](https://github.com/mak-it/omniauth-dnb) - strategy for authenticating with DNB
|
13
|
+
- [omniauth-seb-elink](https://github.com/mak-it/omniauth-seb-elink) - strategy for authenticating with SEB
|
14
|
+
- [omniauth-swedbank](https://github.com/mak-it/omniauth-swedbank) - strategy for authenticating with Swedbank
|
9
15
|
|
10
16
|
## Installation
|
11
17
|
|
@@ -23,7 +29,45 @@ Or install it yourself as:
|
|
23
29
|
|
24
30
|
## Usage
|
25
31
|
|
26
|
-
|
32
|
+
Here's a quick example, adding the middleware to a Rails app
|
33
|
+
in `config/initializers/omniauth.rb`:
|
34
|
+
|
35
|
+
```ruby
|
36
|
+
Rails.application.config.middleware.use OmniAuth::Builder do
|
37
|
+
provider :nordea, ENV['NORDEA_RCVID'], ENV['NORDEA_MAC'],
|
38
|
+
endpoint: OmniAuth::Strategies::Nordea::PRODUCTION_ENDPOINT,
|
39
|
+
hash_algorithm: :sha1
|
40
|
+
end
|
41
|
+
```
|
42
|
+
|
43
|
+
## Auth Hash
|
44
|
+
|
45
|
+
Here's an example Auth Hash available in `request.env['omniauth.auth']`:
|
46
|
+
|
47
|
+
```ruby
|
48
|
+
{
|
49
|
+
provider: "nordea",
|
50
|
+
uid: "374042-80367",
|
51
|
+
info: {
|
52
|
+
full_name: "ARNIS RAITUMS"
|
53
|
+
},
|
54
|
+
extra: {
|
55
|
+
raw_info: {
|
56
|
+
B02K_ALG: "01",
|
57
|
+
B02K_CUSTID: "37404280367",
|
58
|
+
B02K_CUSTNAME: "RAITUMS ARNIS",
|
59
|
+
B02K_CUSTTYPE: "01",
|
60
|
+
B02K_IDNBR: "87654321LV",
|
61
|
+
B02K_KEYVERS: "0001",
|
62
|
+
B02K_MAC: "B2B82821F6EB9CA28E4D67F343914363",
|
63
|
+
B02K_STAMP: "yyyymmddhhmmssxxxxxx",
|
64
|
+
B02K_TIMESTMP: "20020170329134514398",
|
65
|
+
B02K_VERS: "0002",
|
66
|
+
omniauth_status: "success"
|
67
|
+
}
|
68
|
+
}
|
69
|
+
}
|
70
|
+
```
|
27
71
|
|
28
72
|
## Contributing
|
29
73
|
|
data/lib/omniauth-nordea.rb
CHANGED
@@ -1,10 +1,13 @@
|
|
1
1
|
require 'omniauth'
|
2
|
-
|
3
|
-
|
2
|
+
require_relative 'nordea/message'
|
3
|
+
require_relative 'nordea/request'
|
4
|
+
require_relative 'nordea/response'
|
4
5
|
|
5
6
|
module OmniAuth
|
6
7
|
module Strategies
|
7
8
|
class Nordea
|
9
|
+
class ValidationError < StandardError; end
|
10
|
+
|
8
11
|
PRODUCTION_ENDPOINT = "https://netbank.nordea.com/pnbeid/eidn.jsp"
|
9
12
|
TEST_ENDPOINT = "https://netbank.nordea.com/pnbeidtest/eidn.jsp"
|
10
13
|
|
@@ -26,38 +29,61 @@ module OmniAuth
|
|
26
29
|
|
27
30
|
info do
|
28
31
|
{
|
29
|
-
full_name: request.params["B02K_CUSTNAME"].
|
32
|
+
full_name: request.params["B02K_CUSTNAME"].split(" ").reverse.join(" ")
|
30
33
|
}
|
31
34
|
end
|
32
35
|
|
36
|
+
extra do
|
37
|
+
{ raw_info: request.params }
|
38
|
+
end
|
39
|
+
|
33
40
|
def callback_phase
|
34
|
-
|
35
|
-
|
36
|
-
|
41
|
+
if request.params["B02K_CUSTID"] && !request.params["B02K_CUSTID"].empty?
|
42
|
+
message = OmniAuth::Strategies::Nordea::Response.new(request.params)
|
43
|
+
message.validate!(options.mac)
|
44
|
+
super
|
45
|
+
else
|
46
|
+
fail!(:invalid_credentials)
|
47
|
+
end
|
48
|
+
rescue ValidationError => e
|
49
|
+
fail!(:invalid_mac, e)
|
37
50
|
end
|
38
51
|
|
39
52
|
def request_phase
|
40
|
-
|
41
|
-
|
42
|
-
|
43
|
-
|
53
|
+
message = OmniAuth::Strategies::Nordea::Request.new(
|
54
|
+
"A01Y_ACTION_ID" => "701",
|
55
|
+
"A01Y_VERS" => "0002",
|
56
|
+
"A01Y_RCVID" => options.rcvid,
|
57
|
+
"A01Y_LANGCODE" => "LV",
|
58
|
+
"A01Y_STAMP" => "yyyymmddhhmmssxxxxxx",
|
59
|
+
"A01Y_IDTYPE" => "02",
|
60
|
+
"A01Y_RETLINK" => callback_with_status_url("success"),
|
61
|
+
"A01Y_CANLINK" => callback_with_status_url("cancelled"),
|
62
|
+
"A01Y_REJLINK" => callback_with_status_url("rejected")
|
63
|
+
)
|
64
|
+
message.sign!(options.mac, options.hash_algorithm)
|
44
65
|
|
45
66
|
# Build redirect form
|
46
|
-
OmniAuth.
|
47
|
-
form = OmniAuth::Form.new(title: I18n.t("omniauth.swedbank.please_wait"), url: options.endpoint)
|
67
|
+
form = OmniAuth::Form.new(title: I18n.t("omniauth.nordea.please_wait"), url: options.endpoint)
|
48
68
|
|
49
|
-
|
69
|
+
message.each_pair do |k,v|
|
50
70
|
form.html "<input type=\"hidden\" name=\"#{k}\" value=\"#{v}\" />"
|
51
71
|
end
|
52
72
|
|
53
|
-
form.button I18n.t("omniauth.
|
73
|
+
form.button I18n.t("omniauth.nordea.click_here_if_not_redirected")
|
54
74
|
|
55
75
|
form.instance_variable_set("@html",
|
56
76
|
form.to_html.gsub("</form>", "</form><script type=\"text/javascript\">document.forms[0].submit();</script>"))
|
57
77
|
form.to_response
|
58
|
-
|
59
|
-
|
78
|
+
end
|
79
|
+
|
80
|
+
private
|
81
|
+
|
82
|
+
def callback_with_status_url(status)
|
83
|
+
url = URI(callback_url)
|
84
|
+
url.query = "omniauth_status=#{status}"
|
85
|
+
url
|
60
86
|
end
|
61
87
|
end
|
62
88
|
end
|
63
|
-
end
|
89
|
+
end
|
@@ -0,0 +1,35 @@
|
|
1
|
+
require 'digest/sha1'
|
2
|
+
require 'digest/md5'
|
3
|
+
|
4
|
+
module OmniAuth
|
5
|
+
module Strategies
|
6
|
+
class Nordea
|
7
|
+
class Message
|
8
|
+
ALGORITHM_NAMES = { "01" => :md5, "02" => :sha1 }
|
9
|
+
|
10
|
+
def initialize(hash)
|
11
|
+
@hash = hash
|
12
|
+
end
|
13
|
+
|
14
|
+
def to_hash
|
15
|
+
@hash
|
16
|
+
end
|
17
|
+
|
18
|
+
def each_pair(&block)
|
19
|
+
@hash.each_pair(&block)
|
20
|
+
end
|
21
|
+
|
22
|
+
private
|
23
|
+
|
24
|
+
def find_digester(hash_algorithm)
|
25
|
+
case hash_algorithm
|
26
|
+
when :sha1
|
27
|
+
Digest::SHA1
|
28
|
+
when :md5
|
29
|
+
Digest::MD5
|
30
|
+
end
|
31
|
+
end
|
32
|
+
end
|
33
|
+
end
|
34
|
+
end
|
35
|
+
end
|
@@ -0,0 +1,34 @@
|
|
1
|
+
module OmniAuth
|
2
|
+
module Strategies
|
3
|
+
class Nordea
|
4
|
+
class Request < Message
|
5
|
+
SIGNED_KEYS = [
|
6
|
+
'A01Y_ACTION_ID',
|
7
|
+
'A01Y_VERS', # 0002 (standard), 0003 (with additional data) or 0004.
|
8
|
+
'A01Y_RCVID',
|
9
|
+
'A01Y_LANGCODE', # ET, LV, LT, EN
|
10
|
+
'A01Y_STAMP', # yyyymmddhhmmssxxxxxx
|
11
|
+
'A01Y_IDTYPE',
|
12
|
+
'A01Y_RETLINK',
|
13
|
+
'A01Y_CANLINK',
|
14
|
+
'A01Y_REJLINK',
|
15
|
+
'A01Y_KEYVERS',
|
16
|
+
'A01Y_ALG', # 01 for md5, 02 for sha1
|
17
|
+
'A01Y_MAC',
|
18
|
+
]
|
19
|
+
|
20
|
+
def sign!(mac, hash_algorithm)
|
21
|
+
@hash["A01Y_KEYVERS"] = "0001"
|
22
|
+
@hash["A01Y_ALG"] = ALGORITHM_NAMES.key(hash_algorithm)
|
23
|
+
@hash["A01Y_MAC"] = mac
|
24
|
+
|
25
|
+
digester = find_digester(hash_algorithm)
|
26
|
+
signable_string = SIGNED_KEYS.map { |k| @hash[k] }.join("&") + "&"
|
27
|
+
@hash["A01Y_MAC"] = digester.hexdigest(signable_string).upcase
|
28
|
+
|
29
|
+
self
|
30
|
+
end
|
31
|
+
end
|
32
|
+
end
|
33
|
+
end
|
34
|
+
end
|
@@ -0,0 +1,37 @@
|
|
1
|
+
module OmniAuth
|
2
|
+
module Strategies
|
3
|
+
class Nordea
|
4
|
+
class Response < Message
|
5
|
+
SIGNED_KEYS = [
|
6
|
+
'B02K_VERS', # 0002 (standard), 0003 (with additional data) or 0004.
|
7
|
+
'B02K_TIMESTMP',
|
8
|
+
'B02K_IDNBR',
|
9
|
+
'B02K_STAMP',
|
10
|
+
'B02K_CUSTNAME',
|
11
|
+
'B02K_KEYVERS',
|
12
|
+
'B02K_ALG', # 01 for md5, 02 for sha1
|
13
|
+
'B02K_CUSTID',
|
14
|
+
'B02K_CUSTTYPE',
|
15
|
+
'B02K_MAC'
|
16
|
+
]
|
17
|
+
|
18
|
+
def validate!(mac)
|
19
|
+
received_digest = @hash['B02K_MAC']
|
20
|
+
|
21
|
+
h = @hash.dup
|
22
|
+
h['B02K_MAC'] = mac
|
23
|
+
|
24
|
+
digester = find_digester(ALGORITHM_NAMES[h['B02K_ALG']])
|
25
|
+
signable_string = SIGNED_KEYS.map { |k| CGI.escape(h[k]) }.join("&") + '&'
|
26
|
+
expected_digest = digester.hexdigest(signable_string).upcase
|
27
|
+
|
28
|
+
if expected_digest != received_digest
|
29
|
+
raise ValidationError, "Digest mismatch"
|
30
|
+
end
|
31
|
+
|
32
|
+
self
|
33
|
+
end
|
34
|
+
end
|
35
|
+
end
|
36
|
+
end
|
37
|
+
end
|
data/omniauth-nordea.gemspec
CHANGED
@@ -6,11 +6,11 @@ require 'omniauth/nordea/version'
|
|
6
6
|
Gem::Specification.new do |gem|
|
7
7
|
gem.name = 'omniauth-nordea'
|
8
8
|
gem.version = Omniauth::Nordea::VERSION
|
9
|
-
gem.authors = ['Jānis Kiršteins', 'Kristaps Ērglis']
|
10
|
-
gem.email = ['janis@montadigital.com', 'kristaps.erglis@gmail.com' ]
|
9
|
+
gem.authors = ['MAK IT', 'Jānis Kiršteins', 'Kristaps Ērglis']
|
10
|
+
gem.email = ['admin@makit.lv', 'janis@montadigital.com', 'kristaps.erglis@gmail.com' ]
|
11
11
|
gem.description = %q{OmniAuth strategy for Nordea bank}
|
12
12
|
gem.summary = %q{OmniAuth strategy for Nordea bank}
|
13
|
-
gem.homepage = ''
|
13
|
+
gem.homepage = 'https://github.com/mak-it/omniauth-nordea'
|
14
14
|
gem.license = 'MIT'
|
15
15
|
|
16
16
|
gem.files = `git ls-files`.split($/)
|
@@ -18,6 +18,8 @@ Gem::Specification.new do |gem|
|
|
18
18
|
gem.test_files = gem.files.grep(%r{^(test|spec|features)/})
|
19
19
|
gem.require_paths = ['lib']
|
20
20
|
|
21
|
+
gem.required_ruby_version = '>= 2.2.2'
|
22
|
+
|
21
23
|
gem.add_runtime_dependency 'omniauth', '~> 1.0'
|
22
24
|
gem.add_runtime_dependency 'i18n'
|
23
25
|
|
@@ -25,6 +27,4 @@ Gem::Specification.new do |gem|
|
|
25
27
|
gem.add_development_dependency 'rspec', '~> 2.7'
|
26
28
|
gem.add_development_dependency 'bundler', '~> 1.3'
|
27
29
|
gem.add_development_dependency 'rake'
|
28
|
-
gem.add_development_dependency 'pry'
|
29
|
-
|
30
30
|
end
|
@@ -1,13 +1,12 @@
|
|
1
1
|
require 'spec_helper'
|
2
2
|
|
3
3
|
describe OmniAuth::Strategies::Nordea do
|
4
|
-
|
5
|
-
|
6
|
-
MAC = 'AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA'
|
4
|
+
RCVID = '87654321LV'
|
5
|
+
MAC = 'LEHTI'
|
7
6
|
|
8
7
|
let(:app){ Rack::Builder.new do |b|
|
9
8
|
b.use Rack::Session::Cookie, {:secret => "abc123"}
|
10
|
-
b.use OmniAuth::Strategies::Nordea, RCVID, MAC
|
9
|
+
b.use OmniAuth::Strategies::Nordea, RCVID, MAC, hash_algorithm: :md5
|
11
10
|
b.run lambda{|env| [404, {}, ['Not Found']]}
|
12
11
|
end.to_app }
|
13
12
|
|
@@ -35,14 +34,15 @@ describe OmniAuth::Strategies::Nordea do
|
|
35
34
|
"A01Y_CANLINK" => "http://example.org/auth/nordea/callback?omniauth_status=cancelled",
|
36
35
|
"A01Y_REJLINK" => "http://example.org/auth/nordea/callback?omniauth_status=rejected",
|
37
36
|
"A01Y_KEYVERS" => "0001",
|
38
|
-
"A01Y_ALG" => "
|
39
|
-
"A01Y_MAC" => "
|
37
|
+
"A01Y_ALG" => "01",
|
38
|
+
"A01Y_MAC" => "5EF7613AA29E659456C47D0F9C471470"
|
40
39
|
}
|
41
40
|
|
42
41
|
EXPECTED_VALUES.each_pair do |k,v|
|
43
42
|
it "has hidden input field #{k} => #{v}" do
|
44
|
-
expect(last_response.body.
|
45
|
-
"<input type=\"hidden\" name=\"#{k}\" value=\"#{v}\""
|
43
|
+
expect(last_response.body).to include(
|
44
|
+
"<input type=\"hidden\" name=\"#{k}\" value=\"#{v}\""
|
45
|
+
)
|
46
46
|
end
|
47
47
|
end
|
48
48
|
|
@@ -53,25 +53,46 @@ describe OmniAuth::Strategies::Nordea do
|
|
53
53
|
|
54
54
|
context "with valid response" do
|
55
55
|
before do
|
56
|
-
post
|
57
|
-
"
|
58
|
-
"
|
59
|
-
"
|
60
|
-
"
|
61
|
-
"
|
62
|
-
"B02K_KEYVERS"
|
63
|
-
"
|
64
|
-
"
|
65
|
-
"
|
66
|
-
"
|
56
|
+
post '/auth/nordea/callback',
|
57
|
+
"B02K_ALG": "01",
|
58
|
+
"B02K_CUSTID": "37404280367",
|
59
|
+
"B02K_CUSTNAME": "RAITUMS ARNIS",
|
60
|
+
"B02K_CUSTTYPE": "01",
|
61
|
+
"B02K_IDNBR": "87654321LV",
|
62
|
+
"B02K_KEYVERS": "0001",
|
63
|
+
"B02K_MAC": "B2B82821F6EB9CA28E4D67F343914363",
|
64
|
+
"B02K_STAMP": "yyyymmddhhmmssxxxxxx",
|
65
|
+
"B02K_TIMESTMP": "20020170329134514398",
|
66
|
+
"B02K_VERS": "0002"
|
67
67
|
end
|
68
68
|
|
69
69
|
it "sets the correct uid value in the auth hash" do
|
70
|
-
expect(auth_hash.uid).to eq("
|
70
|
+
expect(auth_hash.uid).to eq("374042-80367")
|
71
71
|
end
|
72
72
|
|
73
73
|
it "sets the correct info.full_name value in the auth hash" do
|
74
|
-
expect(auth_hash.info.full_name).to eq("
|
74
|
+
expect(auth_hash.info.full_name).to eq("ARNIS RAITUMS")
|
75
|
+
end
|
76
|
+
end
|
77
|
+
|
78
|
+
context "with invalid MAC" do
|
79
|
+
before do
|
80
|
+
post '/auth/nordea/callback',
|
81
|
+
"B02K_ALG": "01",
|
82
|
+
"B02K_CUSTID": "37404280367",
|
83
|
+
"B02K_CUSTNAME": "RAITUMS ARNIS",
|
84
|
+
"B02K_CUSTTYPE": "01",
|
85
|
+
"B02K_IDNBR": "87654321LV",
|
86
|
+
"B02K_KEYVERS": "0001",
|
87
|
+
"B02K_MAC": "B9CA28E4D67F343914B2B82821F6E363",
|
88
|
+
"B02K_STAMP": "yyyymmddhhmmssxxxxxx",
|
89
|
+
"B02K_TIMESTMP": "20020170329134514398",
|
90
|
+
"B02K_VERS": "0002"
|
91
|
+
end
|
92
|
+
|
93
|
+
it "fails with invalid_mac error" do
|
94
|
+
expect(auth_hash).to eq(nil)
|
95
|
+
expect(last_request.env['omniauth.error.type']).to eq(:invalid_mac)
|
75
96
|
end
|
76
97
|
end
|
77
98
|
|
metadata
CHANGED
@@ -1,139 +1,112 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: omniauth-nordea
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0
|
5
|
-
prerelease:
|
4
|
+
version: 0.1.0
|
6
5
|
platform: ruby
|
7
6
|
authors:
|
7
|
+
- MAK IT
|
8
8
|
- Jānis Kiršteins
|
9
9
|
- Kristaps Ērglis
|
10
10
|
autorequire:
|
11
11
|
bindir: bin
|
12
12
|
cert_chain: []
|
13
|
-
date:
|
13
|
+
date: 2019-02-14 00:00:00.000000000 Z
|
14
14
|
dependencies:
|
15
15
|
- !ruby/object:Gem::Dependency
|
16
16
|
name: omniauth
|
17
17
|
requirement: !ruby/object:Gem::Requirement
|
18
|
-
none: false
|
19
18
|
requirements:
|
20
|
-
- - ~>
|
19
|
+
- - "~>"
|
21
20
|
- !ruby/object:Gem::Version
|
22
21
|
version: '1.0'
|
23
22
|
type: :runtime
|
24
23
|
prerelease: false
|
25
24
|
version_requirements: !ruby/object:Gem::Requirement
|
26
|
-
none: false
|
27
25
|
requirements:
|
28
|
-
- - ~>
|
26
|
+
- - "~>"
|
29
27
|
- !ruby/object:Gem::Version
|
30
28
|
version: '1.0'
|
31
29
|
- !ruby/object:Gem::Dependency
|
32
30
|
name: i18n
|
33
31
|
requirement: !ruby/object:Gem::Requirement
|
34
|
-
none: false
|
35
32
|
requirements:
|
36
|
-
- -
|
33
|
+
- - ">="
|
37
34
|
- !ruby/object:Gem::Version
|
38
35
|
version: '0'
|
39
36
|
type: :runtime
|
40
37
|
prerelease: false
|
41
38
|
version_requirements: !ruby/object:Gem::Requirement
|
42
|
-
none: false
|
43
39
|
requirements:
|
44
|
-
- -
|
40
|
+
- - ">="
|
45
41
|
- !ruby/object:Gem::Version
|
46
42
|
version: '0'
|
47
43
|
- !ruby/object:Gem::Dependency
|
48
44
|
name: rack-test
|
49
45
|
requirement: !ruby/object:Gem::Requirement
|
50
|
-
none: false
|
51
46
|
requirements:
|
52
|
-
- -
|
47
|
+
- - ">="
|
53
48
|
- !ruby/object:Gem::Version
|
54
49
|
version: '0'
|
55
50
|
type: :development
|
56
51
|
prerelease: false
|
57
52
|
version_requirements: !ruby/object:Gem::Requirement
|
58
|
-
none: false
|
59
53
|
requirements:
|
60
|
-
- -
|
54
|
+
- - ">="
|
61
55
|
- !ruby/object:Gem::Version
|
62
56
|
version: '0'
|
63
57
|
- !ruby/object:Gem::Dependency
|
64
58
|
name: rspec
|
65
59
|
requirement: !ruby/object:Gem::Requirement
|
66
|
-
none: false
|
67
60
|
requirements:
|
68
|
-
- - ~>
|
61
|
+
- - "~>"
|
69
62
|
- !ruby/object:Gem::Version
|
70
63
|
version: '2.7'
|
71
64
|
type: :development
|
72
65
|
prerelease: false
|
73
66
|
version_requirements: !ruby/object:Gem::Requirement
|
74
|
-
none: false
|
75
67
|
requirements:
|
76
|
-
- - ~>
|
68
|
+
- - "~>"
|
77
69
|
- !ruby/object:Gem::Version
|
78
70
|
version: '2.7'
|
79
71
|
- !ruby/object:Gem::Dependency
|
80
72
|
name: bundler
|
81
73
|
requirement: !ruby/object:Gem::Requirement
|
82
|
-
none: false
|
83
74
|
requirements:
|
84
|
-
- - ~>
|
75
|
+
- - "~>"
|
85
76
|
- !ruby/object:Gem::Version
|
86
77
|
version: '1.3'
|
87
78
|
type: :development
|
88
79
|
prerelease: false
|
89
80
|
version_requirements: !ruby/object:Gem::Requirement
|
90
|
-
none: false
|
91
81
|
requirements:
|
92
|
-
- - ~>
|
82
|
+
- - "~>"
|
93
83
|
- !ruby/object:Gem::Version
|
94
84
|
version: '1.3'
|
95
85
|
- !ruby/object:Gem::Dependency
|
96
86
|
name: rake
|
97
87
|
requirement: !ruby/object:Gem::Requirement
|
98
|
-
none: false
|
99
88
|
requirements:
|
100
|
-
- -
|
89
|
+
- - ">="
|
101
90
|
- !ruby/object:Gem::Version
|
102
91
|
version: '0'
|
103
92
|
type: :development
|
104
93
|
prerelease: false
|
105
94
|
version_requirements: !ruby/object:Gem::Requirement
|
106
|
-
none: false
|
107
95
|
requirements:
|
108
|
-
- -
|
109
|
-
- !ruby/object:Gem::Version
|
110
|
-
version: '0'
|
111
|
-
- !ruby/object:Gem::Dependency
|
112
|
-
name: pry
|
113
|
-
requirement: !ruby/object:Gem::Requirement
|
114
|
-
none: false
|
115
|
-
requirements:
|
116
|
-
- - ! '>='
|
117
|
-
- !ruby/object:Gem::Version
|
118
|
-
version: '0'
|
119
|
-
type: :development
|
120
|
-
prerelease: false
|
121
|
-
version_requirements: !ruby/object:Gem::Requirement
|
122
|
-
none: false
|
123
|
-
requirements:
|
124
|
-
- - ! '>='
|
96
|
+
- - ">="
|
125
97
|
- !ruby/object:Gem::Version
|
126
98
|
version: '0'
|
127
99
|
description: OmniAuth strategy for Nordea bank
|
128
100
|
email:
|
101
|
+
- admin@makit.lv
|
129
102
|
- janis@montadigital.com
|
130
103
|
- kristaps.erglis@gmail.com
|
131
104
|
executables: []
|
132
105
|
extensions: []
|
133
106
|
extra_rdoc_files: []
|
134
107
|
files:
|
135
|
-
- .gitignore
|
136
|
-
- .travis.yml
|
108
|
+
- ".gitignore"
|
109
|
+
- ".travis.yml"
|
137
110
|
- Gemfile
|
138
111
|
- LICENSE.txt
|
139
112
|
- README.md
|
@@ -144,34 +117,35 @@ files:
|
|
144
117
|
- lib/omniauth/nordea.rb
|
145
118
|
- lib/omniauth/nordea/version.rb
|
146
119
|
- lib/omniauth/strategies/nordea.rb
|
147
|
-
- lib/omniauth/strategies/nordea/
|
120
|
+
- lib/omniauth/strategies/nordea/message.rb
|
121
|
+
- lib/omniauth/strategies/nordea/request.rb
|
122
|
+
- lib/omniauth/strategies/nordea/response.rb
|
148
123
|
- omniauth-nordea.gemspec
|
149
124
|
- spec/omniauth/strategies/nordea_spec.rb
|
150
125
|
- spec/spec_helper.rb
|
151
|
-
homepage:
|
126
|
+
homepage: https://github.com/mak-it/omniauth-nordea
|
152
127
|
licenses:
|
153
128
|
- MIT
|
129
|
+
metadata: {}
|
154
130
|
post_install_message:
|
155
131
|
rdoc_options: []
|
156
132
|
require_paths:
|
157
133
|
- lib
|
158
134
|
required_ruby_version: !ruby/object:Gem::Requirement
|
159
|
-
none: false
|
160
135
|
requirements:
|
161
|
-
- -
|
136
|
+
- - ">="
|
162
137
|
- !ruby/object:Gem::Version
|
163
|
-
version:
|
138
|
+
version: 2.2.2
|
164
139
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
165
|
-
none: false
|
166
140
|
requirements:
|
167
|
-
- -
|
141
|
+
- - ">="
|
168
142
|
- !ruby/object:Gem::Version
|
169
143
|
version: '0'
|
170
144
|
requirements: []
|
171
145
|
rubyforge_project:
|
172
|
-
rubygems_version:
|
146
|
+
rubygems_version: 2.6.14
|
173
147
|
signing_key:
|
174
|
-
specification_version:
|
148
|
+
specification_version: 4
|
175
149
|
summary: OmniAuth strategy for Nordea bank
|
176
150
|
test_files:
|
177
151
|
- spec/omniauth/strategies/nordea_spec.rb
|
@@ -1,89 +0,0 @@
|
|
1
|
-
require 'digest/sha1'
|
2
|
-
require 'digest/md5'
|
3
|
-
|
4
|
-
module OmniAuth
|
5
|
-
module Strategies
|
6
|
-
class Nordea
|
7
|
-
class ArgumentError < StandardError; end
|
8
|
-
|
9
|
-
# 'A01Y_ACTION_ID',
|
10
|
-
# 'A01Y_VERS', # 0002 (standard), 0003 (with additional data) or 0004.
|
11
|
-
# => Only 0002 supported
|
12
|
-
# 'A01Y_RCVID',
|
13
|
-
# 'A01Y_LANGCODE', # ET, LV, LT, EN
|
14
|
-
# 'A01Y_STAMP', # yyyymmddhhmmssxxxxxx
|
15
|
-
# 'A01Y_IDTYPE',
|
16
|
-
# 'A01Y_RETLINK',
|
17
|
-
# 'A01Y_CANLINK',
|
18
|
-
# 'A01Y_REJLINK',
|
19
|
-
# 'A01Y_KEYVERS',
|
20
|
-
# 'A01Y_ALG', 01 for md5, 02 for sha1
|
21
|
-
# 'A01Y_MAC',
|
22
|
-
|
23
|
-
ALGORITHM_NAMES = { "01" => :md5, "02" => :sha1 }
|
24
|
-
SUPPORTED_LANG_CODES = [ :LV, :ET, :LT, :EN ]
|
25
|
-
SUPPORTED_VERSIONS = [ "0002" ]
|
26
|
-
|
27
|
-
class << self
|
28
|
-
|
29
|
-
def callback_variation(callback_url, status)
|
30
|
-
url = URI(callback_url)
|
31
|
-
url.query = "omniauth_status=#{status}"
|
32
|
-
url
|
33
|
-
end
|
34
|
-
|
35
|
-
# We're counting on receiving an ordered hash
|
36
|
-
# This method
|
37
|
-
def sign_hash_in_place(hash)
|
38
|
-
|
39
|
-
signable_string = hash.values.join("&") + "&"
|
40
|
-
|
41
|
-
digest_class =
|
42
|
-
case ALGORITHM_NAMES[ hash["A01Y_ALG"] ]
|
43
|
-
when :sha1
|
44
|
-
Digest::SHA1
|
45
|
-
when :md5
|
46
|
-
Digest::MD5
|
47
|
-
end
|
48
|
-
|
49
|
-
hash["A01Y_MAC"] = digest_class.send(:hexdigest, signable_string)
|
50
|
-
end
|
51
|
-
|
52
|
-
def build_request_hash(rcvid, mac, callback_url, opts = {})
|
53
|
-
opts = {
|
54
|
-
algorithm: :sha1,
|
55
|
-
version: "0002",
|
56
|
-
langcode: :LV
|
57
|
-
}.merge(opts)
|
58
|
-
|
59
|
-
if !SUPPORTED_LANG_CODES.include?(opts[:langcode])
|
60
|
-
raise ArgumentError.new (":langcode must be one of " + SUPPORTED_LANG_CODES.to_s)
|
61
|
-
end
|
62
|
-
|
63
|
-
if !ALGORITHM_NAMES.values.include?(opts[:algorithm])
|
64
|
-
raise ArgumentError.new (":algorithm must be one of " + ALGORITHM_NAMES.values.to_s)
|
65
|
-
end
|
66
|
-
|
67
|
-
if !SUPPORTED_VERSIONS.include?(opts[:version])
|
68
|
-
raise ArgumentError.new (":version must be one of " + SUPPORTED_VERSIONS.to_s)
|
69
|
-
end
|
70
|
-
|
71
|
-
{
|
72
|
-
"A01Y_ACTION_ID" => "701",
|
73
|
-
"A01Y_VERS" => opts[:version],
|
74
|
-
"A01Y_RCVID" => rcvid,
|
75
|
-
"A01Y_LANGCODE" => opts[:langcode],
|
76
|
-
"A01Y_STAMP" => "yyyymmddhhmmssxxxxxx",
|
77
|
-
"A01Y_IDTYPE" => "02",
|
78
|
-
"A01Y_RETLINK" => self.callback_variation(callback_url, "success"),
|
79
|
-
"A01Y_CANLINK" => self.callback_variation(callback_url, "cancelled"),
|
80
|
-
"A01Y_REJLINK" => self.callback_variation(callback_url, "rejected"),
|
81
|
-
"A01Y_KEYVERS" => "0001",
|
82
|
-
"A01Y_ALG" => ALGORITHM_NAMES.key(opts[:algorithm]),
|
83
|
-
"A01Y_MAC" => mac
|
84
|
-
}
|
85
|
-
end
|
86
|
-
end
|
87
|
-
end
|
88
|
-
end
|
89
|
-
end
|