omniauth-nordea 0.0.2 → 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: d138bd311ca1b9406677d0876667508ceb221eab
+  data.tar.gz: 87856fbcb8cf3da31236a339bb617b0cd7e66d14
+SHA512:
+  metadata.gz: 1380fb65dc515b3bd9078b544b078630cec5e03f469f4fbc2a1c253c6e6805800b86202507e1ac32ac9178242962a287ec89e955153cd967ee874ea3f8cd3bb6
+  data.tar.gz: efcee3f5822466a29c3e63fb3efe426880a627dee5ea20b9b0570172f76e1b887eb8846d2752380df5fbf022006e0eb9be6e3d89c6099b41c8e7f719e30b74aa

data/.travis.yml

@@ -1,6 +1,6 @@
 language: ruby
 rvm:
-  - "1.9.2"
-  - "1.9.3"
-  - "2.0.0"
+  - 2.2.6
+  - 2.3.3
+  - 2.4.1
 script: bundle exec rspec

data/LICENSE.txt

@@ -1,4 +1,4 @@
-Copyright (c) 2013 Jānis Kiršteins
+Copyright (c) 2017 MAK IT, Jānis Kiršteins
 
 MIT License
 

data/README.md

@@ -1,11 +1,17 @@
-# Omniauth::Nordea
+# Omniauth Nordea
 
 Omniauth strategy for using Nordea Latvia as an authentication service provider.
 
-[![Gem Version](https://badge.fury.io/rb/omniauth-nordea.png)](http://badge.fury.io/rb/omniauth-nordea)
-[![Build Status](https://travis-ci.org/kirsis/omniauth-nordea.png?branch=master)](https://travis-ci.org/kirsis/omniauth-nordea)
+[![Gem Version](https://badge.fury.io/rb/omniauth-nordea.svg)](http://badge.fury.io/rb/omniauth-nordea)
+[![Build Status](https://travis-ci.org/mak-it/omniauth-nordea.svg?branch=master)](https://travis-ci.org/mak-it/omniauth-nordea)
 
-Supported Ruby versions: 1.9.2, 1.9.3 and 2.0.0
+Supported Ruby versions: 2.2+
+
+## Related projects
+- [omniauth-citadele](https://github.com/mak-it/omniauth-citadele) - strategy for authenticating with Citadele
+- [omniauth-dnb](https://github.com/mak-it/omniauth-dnb) - strategy for authenticating with DNB
+- [omniauth-seb-elink](https://github.com/mak-it/omniauth-seb-elink) - strategy for authenticating with SEB
+- [omniauth-swedbank](https://github.com/mak-it/omniauth-swedbank) - strategy for authenticating with Swedbank
 
 ## Installation
 
@@ -23,7 +29,45 @@ Or install it yourself as:
 
 ## Usage
 
-TODO: Write usage instructions here
+Here's a quick example, adding the middleware to a Rails app
+in `config/initializers/omniauth.rb`:
+
+```ruby
+Rails.application.config.middleware.use OmniAuth::Builder do
+  provider :nordea, ENV['NORDEA_RCVID'], ENV['NORDEA_MAC'],
+    endpoint: OmniAuth::Strategies::Nordea::PRODUCTION_ENDPOINT,
+    hash_algorithm: :sha1
+end
+```
+
+## Auth Hash
+
+Here's an example Auth Hash available in `request.env['omniauth.auth']`:
+
+```ruby
+{
+  provider: "nordea",
+  uid: "374042-80367",
+  info: {
+    full_name: "ARNIS RAITUMS"
+  },
+  extra: {
+    raw_info: {
+      B02K_ALG: "01",
+      B02K_CUSTID: "37404280367",
+      B02K_CUSTNAME: "RAITUMS ARNIS",
+      B02K_CUSTTYPE: "01",
+      B02K_IDNBR: "87654321LV",
+      B02K_KEYVERS: "0001",
+      B02K_MAC: "B2B82821F6EB9CA28E4D67F343914363",
+      B02K_STAMP: "yyyymmddhhmmssxxxxxx",
+      B02K_TIMESTMP: "20020170329134514398",
+      B02K_VERS: "0002",
+      omniauth_status: "success"
+    }
+  }
+}
+```
 
 ## Contributing
 

data/lib/omniauth-nordea.rb

@@ -1,5 +1,4 @@
 require 'omniauth/nordea'
 require 'i18n'
-require 'pry'
 
-I18n.load_path += Dir[File.join(File.dirname(__FILE__), 'omniauth', 'locales', '*.yml')]
+I18n.load_path += Dir[File.join(File.dirname(__FILE__), 'omniauth', 'locales', '*.yml')]

data/lib/omniauth/locales/omniauth.en.yml

@@ -1,5 +1,5 @@
 en:
   omniauth:
-    swedbank:
+    nordea:
       please_wait: Please wait...
-      click_here_if_not_redirected: Click here, if not redirected automatically
+      click_here_if_not_redirected: Click here, if not redirected automatically

data/lib/omniauth/locales/omniauth.lv.yml

@@ -1,5 +1,5 @@
 lv:
   omniauth:
-    swedbank:
+    nordea:
       please_wait: Lūdzu uzgaidiet...
-      click_here_if_not_redirected: Spiediet šeit, ja pāradresācija nenotiek automātiski
+      click_here_if_not_redirected: Spiediet šeit, ja pāradresācija nenotiek automātiski

data/lib/omniauth/nordea/version.rb

@@ -1,5 +1,5 @@
 module Omniauth
   module Nordea
-    VERSION = "0.0.2"
+    VERSION = '0.1.0'
   end
 end

data/lib/omniauth/strategies/nordea.rb

@@ -1,10 +1,13 @@
 require 'omniauth'
-require 'base64'
-require 'omniauth/strategies/nordea/request_helpers'
+require_relative 'nordea/message'
+require_relative 'nordea/request'
+require_relative 'nordea/response'
 
 module OmniAuth
   module Strategies
     class Nordea
+      class ValidationError < StandardError; end
+
       PRODUCTION_ENDPOINT = "https://netbank.nordea.com/pnbeid/eidn.jsp"
       TEST_ENDPOINT = "https://netbank.nordea.com/pnbeidtest/eidn.jsp"
 
@@ -26,38 +29,61 @@ module OmniAuth
 
       info do
         {
-          full_name: request.params["B02K_CUSTNAME"].dup.split(" ").reverse.join(" ")
+          full_name: request.params["B02K_CUSTNAME"].split(" ").reverse.join(" ")
         }
       end
 
+      extra do
+        { raw_info: request.params }
+      end
+
       def callback_phase
-        super
-      rescue Exception => e
-        fail!(:unknown_callback_err, e)
+        if request.params["B02K_CUSTID"] && !request.params["B02K_CUSTID"].empty?
+          message = OmniAuth::Strategies::Nordea::Response.new(request.params)
+          message.validate!(options.mac)
+          super
+        else
+          fail!(:invalid_credentials)
+        end
+      rescue ValidationError => e
+        fail!(:invalid_mac, e)
       end
 
       def request_phase
-
-        param_hash = OmniAuth::Strategies::Nordea.build_request_hash(options.rcvid, options.mac,
-          full_host + script_name + callback_path)
-        OmniAuth::Strategies::Nordea.sign_hash_in_place(param_hash)
+        message = OmniAuth::Strategies::Nordea::Request.new(
+          "A01Y_ACTION_ID" => "701",
+          "A01Y_VERS"      => "0002",
+          "A01Y_RCVID"     => options.rcvid,
+          "A01Y_LANGCODE"  => "LV",
+          "A01Y_STAMP"     => "yyyymmddhhmmssxxxxxx",
+          "A01Y_IDTYPE"    => "02",
+          "A01Y_RETLINK"   => callback_with_status_url("success"),
+          "A01Y_CANLINK"   => callback_with_status_url("cancelled"),
+          "A01Y_REJLINK"   => callback_with_status_url("rejected")
+        )
+        message.sign!(options.mac, options.hash_algorithm)
 
         # Build redirect form
-        OmniAuth.config.form_css = nil
-        form = OmniAuth::Form.new(title: I18n.t("omniauth.swedbank.please_wait"), url: options.endpoint)
+        form = OmniAuth::Form.new(title: I18n.t("omniauth.nordea.please_wait"), url: options.endpoint)
 
-        param_hash.each_pair do |k,v|
+        message.each_pair do |k,v|
           form.html "<input type=\"hidden\" name=\"#{k}\" value=\"#{v}\" />"
         end
 
-        form.button I18n.t("omniauth.swedbank.click_here_if_not_redirected")
+        form.button I18n.t("omniauth.nordea.click_here_if_not_redirected")
 
         form.instance_variable_set("@html",
           form.to_html.gsub("</form>", "</form><script type=\"text/javascript\">document.forms[0].submit();</script>"))
         form.to_response
-      rescue Exception => e
-        fail!(:unknown_request_err, e)
+      end
+
+      private
+
+      def callback_with_status_url(status)
+        url = URI(callback_url)
+        url.query = "omniauth_status=#{status}"
+        url
       end
     end
   end
-end
+end

data/lib/omniauth/strategies/nordea/message.rb

@@ -0,0 +1,35 @@
+require 'digest/sha1'
+require 'digest/md5'
+
+module OmniAuth
+  module Strategies
+    class Nordea
+      class Message
+        ALGORITHM_NAMES = { "01" => :md5, "02" => :sha1 }
+
+        def initialize(hash)
+          @hash = hash
+        end
+
+        def to_hash
+          @hash
+        end
+
+        def each_pair(&block)
+          @hash.each_pair(&block)
+        end
+
+        private
+
+        def find_digester(hash_algorithm)
+          case hash_algorithm
+          when :sha1
+            Digest::SHA1
+          when :md5
+            Digest::MD5
+          end
+        end
+      end
+    end
+  end
+end

data/lib/omniauth/strategies/nordea/request.rb

@@ -0,0 +1,34 @@
+module OmniAuth
+  module Strategies
+    class Nordea
+      class Request < Message
+        SIGNED_KEYS = [
+          'A01Y_ACTION_ID',
+          'A01Y_VERS',      # 0002 (standard), 0003 (with additional data) or 0004.
+          'A01Y_RCVID',
+          'A01Y_LANGCODE',  # ET, LV, LT, EN
+          'A01Y_STAMP',     # yyyymmddhhmmssxxxxxx
+          'A01Y_IDTYPE',
+          'A01Y_RETLINK',
+          'A01Y_CANLINK',
+          'A01Y_REJLINK',
+          'A01Y_KEYVERS',
+          'A01Y_ALG',       # 01 for md5, 02 for sha1
+          'A01Y_MAC',
+        ]
+
+        def sign!(mac, hash_algorithm)
+          @hash["A01Y_KEYVERS"] = "0001"
+          @hash["A01Y_ALG"]     = ALGORITHM_NAMES.key(hash_algorithm)
+          @hash["A01Y_MAC"]     = mac
+
+          digester = find_digester(hash_algorithm)
+          signable_string = SIGNED_KEYS.map { |k| @hash[k] }.join("&") + "&"
+          @hash["A01Y_MAC"] = digester.hexdigest(signable_string).upcase
+
+          self
+        end
+      end
+    end
+  end
+end

data/lib/omniauth/strategies/nordea/response.rb

@@ -0,0 +1,37 @@
+module OmniAuth
+  module Strategies
+    class Nordea
+      class Response < Message
+        SIGNED_KEYS = [
+          'B02K_VERS',      # 0002 (standard), 0003 (with additional data) or 0004.
+          'B02K_TIMESTMP',
+          'B02K_IDNBR',
+          'B02K_STAMP',
+          'B02K_CUSTNAME',
+          'B02K_KEYVERS',
+          'B02K_ALG',       # 01 for md5, 02 for sha1
+          'B02K_CUSTID',
+          'B02K_CUSTTYPE',
+          'B02K_MAC'
+        ]
+
+        def validate!(mac)
+          received_digest = @hash['B02K_MAC']
+
+          h = @hash.dup
+          h['B02K_MAC'] = mac
+
+          digester = find_digester(ALGORITHM_NAMES[h['B02K_ALG']])
+          signable_string = SIGNED_KEYS.map { |k| CGI.escape(h[k]) }.join("&") + '&'
+          expected_digest = digester.hexdigest(signable_string).upcase
+
+          if expected_digest != received_digest
+            raise ValidationError, "Digest mismatch"
+          end
+
+          self
+        end
+      end
+    end
+  end
+end

data/omniauth-nordea.gemspec

@@ -6,11 +6,11 @@ require 'omniauth/nordea/version'
 Gem::Specification.new do |gem|
   gem.name          = 'omniauth-nordea'
   gem.version       = Omniauth::Nordea::VERSION
-  gem.authors       = ['Jānis Kiršteins', 'Kristaps Ērglis']
-  gem.email         = ['janis@montadigital.com', 'kristaps.erglis@gmail.com' ]
+  gem.authors       = ['MAK IT', 'Jānis Kiršteins', 'Kristaps Ērglis']
+  gem.email         = ['admin@makit.lv', 'janis@montadigital.com', 'kristaps.erglis@gmail.com' ]
   gem.description   = %q{OmniAuth strategy for Nordea bank}
   gem.summary       = %q{OmniAuth strategy for Nordea bank}
-  gem.homepage      = ''
+  gem.homepage      = 'https://github.com/mak-it/omniauth-nordea'
   gem.license       = 'MIT'
 
   gem.files         = `git ls-files`.split($/)
@@ -18,6 +18,8 @@ Gem::Specification.new do |gem|
   gem.test_files    = gem.files.grep(%r{^(test|spec|features)/})
   gem.require_paths = ['lib']
 
+  gem.required_ruby_version = '>= 2.2.2'
+
   gem.add_runtime_dependency 'omniauth', '~> 1.0'
   gem.add_runtime_dependency 'i18n'
 
@@ -25,6 +27,4 @@ Gem::Specification.new do |gem|
   gem.add_development_dependency 'rspec', '~> 2.7'
   gem.add_development_dependency 'bundler', '~> 1.3'
   gem.add_development_dependency 'rake'
-  gem.add_development_dependency 'pry'
-
 end

data/spec/omniauth/strategies/nordea_spec.rb

@@ -1,13 +1,12 @@
 require 'spec_helper'
 
 describe OmniAuth::Strategies::Nordea do
-
-  RCVID = '11111111111'
-  MAC = 'AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA'
+  RCVID = '87654321LV'
+  MAC   = 'LEHTI'
 
   let(:app){ Rack::Builder.new do |b|
     b.use Rack::Session::Cookie, {:secret => "abc123"}
-    b.use OmniAuth::Strategies::Nordea, RCVID, MAC
+    b.use OmniAuth::Strategies::Nordea, RCVID, MAC, hash_algorithm: :md5
     b.run lambda{|env| [404, {}, ['Not Found']]}
   end.to_app }
 
@@ -35,14 +34,15 @@ describe OmniAuth::Strategies::Nordea do
       "A01Y_CANLINK" => "http://example.org/auth/nordea/callback?omniauth_status=cancelled",
       "A01Y_REJLINK" => "http://example.org/auth/nordea/callback?omniauth_status=rejected",
       "A01Y_KEYVERS" => "0001",
-      "A01Y_ALG" => "02",
-      "A01Y_MAC" => "c2e09d42e0eaf565ba1b14074f3bdae341b35bce"
+      "A01Y_ALG" => "01",
+      "A01Y_MAC" => "5EF7613AA29E659456C47D0F9C471470"
     }
 
     EXPECTED_VALUES.each_pair do |k,v|
       it "has hidden input field #{k} => #{v}" do
-        expect(last_response.body.scan(
-          "<input type=\"hidden\" name=\"#{k}\" value=\"#{v}\"").size).to eq(1)
+        expect(last_response.body).to include(
+          "<input type=\"hidden\" name=\"#{k}\" value=\"#{v}\""
+        )
       end
     end
 
@@ -53,25 +53,46 @@ describe OmniAuth::Strategies::Nordea do
 
     context "with valid response" do
       before do
-        post :'/auth/nordea/callback',
-          "B02K_VERS" => "0002",
-          "B02K_TIMESTMP" => "2002014020513320773",
-          "B02K_IDNBR" => "f26402f2250340dba8b24c8498fd8c58",
-          "B02K_STAMP" => "yyyymmddhhmmssxxxxxx",
-          "B02K_CUSTNAME" => "Last First",
-          "B02K_KEYVERS" => "0001",
-          "B02K_ALG" => "02",
-          "B02K_CUSTID" => "12345612345",
-          "B02K_CUSTTYPE" => "01",
-          "B02K_MAC" => "852E3207E143677B6E622DDF1D27B13979DB8C67"
+        post '/auth/nordea/callback',
+          "B02K_ALG": "01",
+          "B02K_CUSTID": "37404280367",
+          "B02K_CUSTNAME": "RAITUMS ARNIS",
+          "B02K_CUSTTYPE": "01",
+          "B02K_IDNBR": "87654321LV",
+          "B02K_KEYVERS": "0001",
+          "B02K_MAC": "B2B82821F6EB9CA28E4D67F343914363",
+          "B02K_STAMP": "yyyymmddhhmmssxxxxxx",
+          "B02K_TIMESTMP": "20020170329134514398",
+          "B02K_VERS": "0002"
       end
 
       it "sets the correct uid value in the auth hash" do
-        expect(auth_hash.uid).to eq("123456-12345")
+        expect(auth_hash.uid).to eq("374042-80367")
       end
 
       it "sets the correct info.full_name value in the auth hash" do
-        expect(auth_hash.info.full_name).to eq("First Last")
+        expect(auth_hash.info.full_name).to eq("ARNIS RAITUMS")
+      end
+    end
+
+    context "with invalid MAC" do
+      before do
+        post '/auth/nordea/callback',
+          "B02K_ALG": "01",
+          "B02K_CUSTID": "37404280367",
+          "B02K_CUSTNAME": "RAITUMS ARNIS",
+          "B02K_CUSTTYPE": "01",
+          "B02K_IDNBR": "87654321LV",
+          "B02K_KEYVERS": "0001",
+          "B02K_MAC": "B9CA28E4D67F343914B2B82821F6E363",
+          "B02K_STAMP": "yyyymmddhhmmssxxxxxx",
+          "B02K_TIMESTMP": "20020170329134514398",
+          "B02K_VERS": "0002"
+      end
+
+      it "fails with invalid_mac error" do
+        expect(auth_hash).to eq(nil)
+        expect(last_request.env['omniauth.error.type']).to eq(:invalid_mac)
       end
     end
 

metadata

@@ -1,139 +1,112 @@
 --- !ruby/object:Gem::Specification
 name: omniauth-nordea
 version: !ruby/object:Gem::Version
-  version: 0.0.2
-  prerelease: 
+  version: 0.1.0
 platform: ruby
 authors:
+- MAK IT
 - Jānis Kiršteins
 - Kristaps Ērglis
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-02-05 00:00:00.000000000 Z
+date: 2019-02-14 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: omniauth
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '1.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '1.0'
 - !ruby/object:Gem::Dependency
   name: i18n
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
   name: rack-test
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '2.7'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '2.7'
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '1.3'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '1.3'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: pry
-  requirement: !ruby/object:Gem::Requirement
-    none: false
-    requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    none: false
-    requirements:
-    - - ! '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
 description: OmniAuth strategy for Nordea bank
 email:
+- admin@makit.lv
 - janis@montadigital.com
 - kristaps.erglis@gmail.com
 executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- .gitignore
-- .travis.yml
+- ".gitignore"
+- ".travis.yml"
 - Gemfile
 - LICENSE.txt
 - README.md
@@ -144,34 +117,35 @@ files:
 - lib/omniauth/nordea.rb
 - lib/omniauth/nordea/version.rb
 - lib/omniauth/strategies/nordea.rb
-- lib/omniauth/strategies/nordea/request_helpers.rb
+- lib/omniauth/strategies/nordea/message.rb
+- lib/omniauth/strategies/nordea/request.rb
+- lib/omniauth/strategies/nordea/response.rb
 - omniauth-nordea.gemspec
 - spec/omniauth/strategies/nordea_spec.rb
 - spec/spec_helper.rb
-homepage: ''
+homepage: https://github.com/mak-it/omniauth-nordea
 licenses:
 - MIT
+metadata: {}
 post_install_message: 
 rdoc_options: []
 require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
-  none: false
   requirements:
-  - - ! '>='
+  - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 2.2.2
 required_rubygems_version: !ruby/object:Gem::Requirement
-  none: false
   requirements:
-  - - ! '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 1.8.25
+rubygems_version: 2.6.14
 signing_key: 
-specification_version: 3
+specification_version: 4
 summary: OmniAuth strategy for Nordea bank
 test_files:
 - spec/omniauth/strategies/nordea_spec.rb

data/lib/omniauth/strategies/nordea/request_helpers.rb

@@ -1,89 +0,0 @@
-require 'digest/sha1'
-require 'digest/md5'
-
-module OmniAuth
-  module Strategies
-    class Nordea
-      class ArgumentError < StandardError; end
-
-      # 'A01Y_ACTION_ID',
-      # 'A01Y_VERS', # 0002 (standard), 0003 (with additional data) or 0004.
-      # => Only 0002 supported
-      # 'A01Y_RCVID',
-      # 'A01Y_LANGCODE', # ET, LV, LT, EN
-      # 'A01Y_STAMP', # yyyymmddhhmmssxxxxxx
-      # 'A01Y_IDTYPE',
-      # 'A01Y_RETLINK',
-      # 'A01Y_CANLINK',
-      # 'A01Y_REJLINK',
-      # 'A01Y_KEYVERS',
-      # 'A01Y_ALG',     01 for md5, 02 for sha1
-      # 'A01Y_MAC',
-
-      ALGORITHM_NAMES = { "01" => :md5, "02" => :sha1 }
-      SUPPORTED_LANG_CODES = [ :LV, :ET, :LT, :EN ]
-      SUPPORTED_VERSIONS = [ "0002" ]
-
-      class << self
-
-        def callback_variation(callback_url, status)
-          url = URI(callback_url)
-          url.query = "omniauth_status=#{status}"
-          url
-        end
-
-        # We're counting on receiving an ordered hash
-        # This method
-        def sign_hash_in_place(hash)
-
-          signable_string = hash.values.join("&") + "&"
-
-          digest_class =
-            case ALGORITHM_NAMES[ hash["A01Y_ALG"] ]
-            when :sha1
-              Digest::SHA1
-            when :md5
-              Digest::MD5
-          end
-
-          hash["A01Y_MAC"] = digest_class.send(:hexdigest, signable_string)
-        end
-
-        def build_request_hash(rcvid, mac, callback_url, opts = {})
-          opts = {
-            algorithm: :sha1,
-            version:   "0002",
-            langcode:  :LV
-          }.merge(opts)
-
-          if !SUPPORTED_LANG_CODES.include?(opts[:langcode])
-            raise ArgumentError.new (":langcode must be one of " + SUPPORTED_LANG_CODES.to_s)
-          end
-
-          if !ALGORITHM_NAMES.values.include?(opts[:algorithm])
-            raise ArgumentError.new (":algorithm must be one of " + ALGORITHM_NAMES.values.to_s)
-          end
-
-          if !SUPPORTED_VERSIONS.include?(opts[:version])
-            raise ArgumentError.new (":version must be one of " + SUPPORTED_VERSIONS.to_s)
-          end
-
-          {
-            "A01Y_ACTION_ID" =>   "701",
-            "A01Y_VERS" =>        opts[:version],
-            "A01Y_RCVID" =>       rcvid,
-            "A01Y_LANGCODE" =>    opts[:langcode],
-            "A01Y_STAMP" =>       "yyyymmddhhmmssxxxxxx",
-            "A01Y_IDTYPE" =>      "02",
-            "A01Y_RETLINK" =>     self.callback_variation(callback_url, "success"),
-            "A01Y_CANLINK" =>     self.callback_variation(callback_url, "cancelled"),
-            "A01Y_REJLINK" =>     self.callback_variation(callback_url, "rejected"),
-            "A01Y_KEYVERS" =>     "0001",
-            "A01Y_ALG" =>         ALGORITHM_NAMES.key(opts[:algorithm]),
-            "A01Y_MAC" =>         mac
-          }
-        end
-      end
-    end
-  end
-end