omniauth-nwbbis 0.1.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: f39dcb29ff8ba3dd079e2dc497c3c98f8d0e2ce3
+  data.tar.gz: 40787e35e860a1c12b2454d0f392b394b36ef9ed
+SHA512:
+  metadata.gz: c1aaefc087681fa706a05520b23682dbb6c99effac733c16b07084c5dbd3de7a861792e85adcd4974f7a16773dbe9b7dfa819abc90fa9ca8692e84dedf4a6185
+  data.tar.gz: 2fea561e490e7ca08455b829191178040b5bd22a4882b50f01f77023a891b7be4d4d8ce063a14d4314c967e9f1be91be21cca126d8de3fd3e31bf00f2479361b

data/lib/omniauth-nwbbis.rb

@@ -0,0 +1,257 @@
+require 'erb'
+require 'time'
+
+require 'faraday'
+require 'multi_xml'
+
+module OmniAuth
+    module Strategies
+        class NwbBis
+            include OmniAuth::Strategy
+
+            option :login_info_url, "http://service.nwb.de/bis/logininfo"
+            option :login_url, "http://service.nwb.de/bis/login"
+
+            option :fields, [:name, :email]
+            option :uid_field, :email
+
+            args [:callback_param, :bis_user, :bis_password]
+
+            def request_phase
+                response = Rack::Response.new
+                response.redirect "#{options.login_info_url}#{options.callback_param}"
+                response.finish
+            end
+
+            def callback_phase
+                secdata = request.params["secdata"]
+
+                # Decrypt secdata
+                logon_id = decrypt_logon_id(secdata)
+
+                if logon_id.length >= 0
+                    # Check Login Status
+                    logon_status = get_logon_status(logon_id)
+
+                    login_type = logon_status.fetch("a:LoginTyp", "Unbekannt")
+                    username = logon_status.fetch("a:Benutzername", nil)
+
+                    if login_type == "Login" and not username.nil?
+                        user_info = get_user_info(username)
+
+                        env['omniauth.auth'] = auth_hash(user_info)
+                        call_app!
+
+                        # Create Auth Hash
+                    else
+                        # Redirect to NWB Login
+                        response = Rack::Response.new
+                        response.redirect "#{options.login_url}#{options.callback_param}" 
+                        response.finish
+                    end
+                end
+            end
+
+            def auth_hash(user_info)
+                hash = AuthHash.new(:provider => name, :uid => user_info.fetch("a:EMail", nil))
+
+                puts user_info
+
+                first_name = user_info.fetch("a:Vorname", "")
+                last_name = user_info.fetch("a:Name", "")
+
+                hash.info = {
+                    :name  => "#{first_name} #{last_name}",
+                    :email => user_info.fetch("a:EMail", nil)
+                }
+
+                hash
+            end
+
+            def bis_credentials
+                {:bis_user => options.bis_user,
+                 :bis_password => options.bis_password}
+            end
+
+            def decrypt_logon_id(secdata)
+                xml_body = BisXmlDecryptLogonId.new(secdata).result()
+                envelope = BisXmlEnvelope.new(xml_body, bis_credentials).result()
+
+                logon_id = ""
+
+                res = BisClient.execute("http://tempuri.org/INWBService/EntschluesselLogonID", envelope)
+
+                if res.success?
+                    MultiXml.parser = :ox
+                    xml = MultiXml.parse(res.body)
+
+                    if xml != nil
+                        logon_id = xml.fetch("s:Envelope", {}).fetch("s:Body", {}).fetch("EntschluesselLogonIDResponse", {}).fetch("EntschluesselLogonIDResult", "")
+                    end
+                end
+
+                logon_id
+            end
+
+            def get_logon_status(logon_id)
+                xml_body = BisXmlGetLogonStatus.new(logon_id).result()
+                envelope = BisXmlEnvelope.new(xml_body, bis_credentials).result()
+
+                logon_status = {} 
+
+                res = BisClient.execute("http://tempuri.org/INWBService/GibLogonStatus", envelope)
+
+                if res.success?
+                    MultiXml.parser = :ox
+                    xml = MultiXml.parse(res.body)
+
+                    if xml != nil
+                        logon_status = xml.fetch("s:Envelope", {}).fetch("s:Body", {}).fetch("GibLogonStatusResponse", {}).fetch("GibLogonStatusResult", "")
+                    end
+                end
+
+                logon_status
+            end
+
+            def get_user_info(username)
+                xml_body = BisXmlGetUserInfo.new(username).result()
+                envelope = BisXmlEnvelope.new(xml_body, bis_credentials).result()
+
+                user_info = {} 
+
+                res = BisClient.execute("http://tempuri.org/INWBService/GibBenutzer", envelope)
+
+                if res.success?
+                    MultiXml.parser = :ox
+                    xml = MultiXml.parse(res.body)
+
+                    if xml != nil
+                        user_info = xml.fetch("s:Envelope", {}).fetch("s:Body", {}).fetch("GibBenutzerResponse", {}).fetch("GibBenutzerResult", "")
+                    end
+                end
+
+                user_info 
+            end
+
+        end
+
+        class BisClient
+            # soap_msg = envelope(wss_header: wss_header(), body: body)
+            # HTTPotion.post @port, [body: soap_msg, headers: ["SOAPAction": soap_action, "Content-Type": "text/xml"]]
+
+            def self.execute(soap_action, body)
+                conn = Faraday.new
+
+                conn.post do |req|
+                    req.url "https://service.nwb.de/customercare/NWBService.svc/interop"
+                    req.headers['SOAPAction'] = soap_action
+                    req.headers['Content-Type'] = 'text/xml'
+                    req.body = body
+                end
+            end
+        end
+
+        class BisXmlEnvelope < ERB
+            def self.template
+                %{
+                        <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
+                          <s:Header>
+                            <o:Security s:mustUnderstand="1" xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
+                                <u:Timestamp u:Id="_0">
+                                    <u:Created><%= Time.now.iso8601 %></u:Created>
+                                    <u:Expires><%= (Time.now + 5*60).iso8601 %></u:Expires>
+                                </u:Timestamp>
+                                <o:UsernameToken u:Id="uuid-b42663dd-caca-4fb4-b5f9-c65c34ac59b4-1">
+                                    <o:Username><%= @bis_user %></o:Username>
+                                    <o:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText"><%= @bis_password %></o:Password>
+                                </o:UsernameToken>
+                            </o:Security>
+                          </s:Header>
+                          <s:Body>
+                            <%= @body %>
+                          </s:Body>
+                        </s:Envelope>
+                }
+            end
+
+            def initialize(body, options = {})
+                @body     = body
+                @template = options.fetch(:template, self.class.template)
+
+                @bis_user = options.fetch(:bis_user)
+                @bis_password = options.fetch(:bis_password)
+
+                super(@template)
+            end
+
+            def result
+                super(binding)
+            end
+        end
+
+        class BisXmlGetUserInfo < ERB
+            def self.template
+                %{
+                    <GibBenutzer xmlns="http://tempuri.org/">
+                      <benutzername><%= @username %></benutzername>
+                    </GibBenutzer>
+                }
+            end
+
+            def initialize(username, options = {})
+                @username = username
+                @template = options.fetch(:template, self.class.template)
+
+                super(@template)
+            end
+
+            def result
+                super(binding)
+            end
+        end
+
+        class BisXmlGetLogonStatus < ERB
+            def self.template
+                %{
+                    <GibLogonStatus xmlns="http://tempuri.org/">
+                      <guid><%= @logon_id %></guid>
+                    </GibLogonStatus>
+                }
+            end
+
+            def initialize(logon_id, options = {})
+                @logon_id = logon_id
+                @template = options.fetch(:template, self.class.template)
+
+                super(@template)
+            end
+
+            def result
+                super(binding)
+            end
+        end
+
+        class BisXmlDecryptLogonId < ERB
+            def self.template
+                %{
+                    <EntschluesselLogonID xmlns="http://tempuri.org/">
+                      <sender>bis</sender>
+                      <data><%= @logon_id %></data>
+                    </EntschluesselLogonID>
+                }
+            end
+
+            def initialize(logon_id, options = {})
+                @logon_id = logon_id
+                @template = options.fetch(:template, self.class.template)
+
+                super(@template)
+            end
+
+            def result
+                super(binding)
+            end
+        end
+
+    end
+end

metadata

@@ -0,0 +1,101 @@
+--- !ruby/object:Gem::Specification
+name: omniauth-nwbbis
+version: !ruby/object:Gem::Version
+  version: 0.1.1
+platform: ruby
+authors:
+- Dennis Bücker
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2017-04-05 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: omniauth
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1'
+- !ruby/object:Gem::Dependency
+  name: faraday
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.11'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.11'
+- !ruby/object:Gem::Dependency
+  name: multi_xml
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.6'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.6'
+- !ruby/object:Gem::Dependency
+  name: ox
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.4'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.4'
+description: A simple login strategy for OmniAuth to authenticate users against the
+  NWB BIS.
+email: d.buecker@spirit47.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- lib/omniauth-nwbbis.rb
+homepage: http://nwb.de/
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.5.1
+signing_key: 
+specification_version: 4
+summary: Omniauth strategy for the NWB BIS
+test_files: []