omniauth-nwbbis 0.1.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/lib/omniauth-nwbbis.rb +257 -0
- metadata +101 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: f39dcb29ff8ba3dd079e2dc497c3c98f8d0e2ce3
|
4
|
+
data.tar.gz: 40787e35e860a1c12b2454d0f392b394b36ef9ed
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: c1aaefc087681fa706a05520b23682dbb6c99effac733c16b07084c5dbd3de7a861792e85adcd4974f7a16773dbe9b7dfa819abc90fa9ca8692e84dedf4a6185
|
7
|
+
data.tar.gz: 2fea561e490e7ca08455b829191178040b5bd22a4882b50f01f77023a891b7be4d4d8ce063a14d4314c967e9f1be91be21cca126d8de3fd3e31bf00f2479361b
|
@@ -0,0 +1,257 @@
|
|
1
|
+
require 'erb'
|
2
|
+
require 'time'
|
3
|
+
|
4
|
+
require 'faraday'
|
5
|
+
require 'multi_xml'
|
6
|
+
|
7
|
+
module OmniAuth
|
8
|
+
module Strategies
|
9
|
+
class NwbBis
|
10
|
+
include OmniAuth::Strategy
|
11
|
+
|
12
|
+
option :login_info_url, "http://service.nwb.de/bis/logininfo"
|
13
|
+
option :login_url, "http://service.nwb.de/bis/login"
|
14
|
+
|
15
|
+
option :fields, [:name, :email]
|
16
|
+
option :uid_field, :email
|
17
|
+
|
18
|
+
args [:callback_param, :bis_user, :bis_password]
|
19
|
+
|
20
|
+
def request_phase
|
21
|
+
response = Rack::Response.new
|
22
|
+
response.redirect "#{options.login_info_url}#{options.callback_param}"
|
23
|
+
response.finish
|
24
|
+
end
|
25
|
+
|
26
|
+
def callback_phase
|
27
|
+
secdata = request.params["secdata"]
|
28
|
+
|
29
|
+
# Decrypt secdata
|
30
|
+
logon_id = decrypt_logon_id(secdata)
|
31
|
+
|
32
|
+
if logon_id.length >= 0
|
33
|
+
# Check Login Status
|
34
|
+
logon_status = get_logon_status(logon_id)
|
35
|
+
|
36
|
+
login_type = logon_status.fetch("a:LoginTyp", "Unbekannt")
|
37
|
+
username = logon_status.fetch("a:Benutzername", nil)
|
38
|
+
|
39
|
+
if login_type == "Login" and not username.nil?
|
40
|
+
user_info = get_user_info(username)
|
41
|
+
|
42
|
+
env['omniauth.auth'] = auth_hash(user_info)
|
43
|
+
call_app!
|
44
|
+
|
45
|
+
# Create Auth Hash
|
46
|
+
else
|
47
|
+
# Redirect to NWB Login
|
48
|
+
response = Rack::Response.new
|
49
|
+
response.redirect "#{options.login_url}#{options.callback_param}"
|
50
|
+
response.finish
|
51
|
+
end
|
52
|
+
end
|
53
|
+
end
|
54
|
+
|
55
|
+
def auth_hash(user_info)
|
56
|
+
hash = AuthHash.new(:provider => name, :uid => user_info.fetch("a:EMail", nil))
|
57
|
+
|
58
|
+
puts user_info
|
59
|
+
|
60
|
+
first_name = user_info.fetch("a:Vorname", "")
|
61
|
+
last_name = user_info.fetch("a:Name", "")
|
62
|
+
|
63
|
+
hash.info = {
|
64
|
+
:name => "#{first_name} #{last_name}",
|
65
|
+
:email => user_info.fetch("a:EMail", nil)
|
66
|
+
}
|
67
|
+
|
68
|
+
hash
|
69
|
+
end
|
70
|
+
|
71
|
+
def bis_credentials
|
72
|
+
{:bis_user => options.bis_user,
|
73
|
+
:bis_password => options.bis_password}
|
74
|
+
end
|
75
|
+
|
76
|
+
def decrypt_logon_id(secdata)
|
77
|
+
xml_body = BisXmlDecryptLogonId.new(secdata).result()
|
78
|
+
envelope = BisXmlEnvelope.new(xml_body, bis_credentials).result()
|
79
|
+
|
80
|
+
logon_id = ""
|
81
|
+
|
82
|
+
res = BisClient.execute("http://tempuri.org/INWBService/EntschluesselLogonID", envelope)
|
83
|
+
|
84
|
+
if res.success?
|
85
|
+
MultiXml.parser = :ox
|
86
|
+
xml = MultiXml.parse(res.body)
|
87
|
+
|
88
|
+
if xml != nil
|
89
|
+
logon_id = xml.fetch("s:Envelope", {}).fetch("s:Body", {}).fetch("EntschluesselLogonIDResponse", {}).fetch("EntschluesselLogonIDResult", "")
|
90
|
+
end
|
91
|
+
end
|
92
|
+
|
93
|
+
logon_id
|
94
|
+
end
|
95
|
+
|
96
|
+
def get_logon_status(logon_id)
|
97
|
+
xml_body = BisXmlGetLogonStatus.new(logon_id).result()
|
98
|
+
envelope = BisXmlEnvelope.new(xml_body, bis_credentials).result()
|
99
|
+
|
100
|
+
logon_status = {}
|
101
|
+
|
102
|
+
res = BisClient.execute("http://tempuri.org/INWBService/GibLogonStatus", envelope)
|
103
|
+
|
104
|
+
if res.success?
|
105
|
+
MultiXml.parser = :ox
|
106
|
+
xml = MultiXml.parse(res.body)
|
107
|
+
|
108
|
+
if xml != nil
|
109
|
+
logon_status = xml.fetch("s:Envelope", {}).fetch("s:Body", {}).fetch("GibLogonStatusResponse", {}).fetch("GibLogonStatusResult", "")
|
110
|
+
end
|
111
|
+
end
|
112
|
+
|
113
|
+
logon_status
|
114
|
+
end
|
115
|
+
|
116
|
+
def get_user_info(username)
|
117
|
+
xml_body = BisXmlGetUserInfo.new(username).result()
|
118
|
+
envelope = BisXmlEnvelope.new(xml_body, bis_credentials).result()
|
119
|
+
|
120
|
+
user_info = {}
|
121
|
+
|
122
|
+
res = BisClient.execute("http://tempuri.org/INWBService/GibBenutzer", envelope)
|
123
|
+
|
124
|
+
if res.success?
|
125
|
+
MultiXml.parser = :ox
|
126
|
+
xml = MultiXml.parse(res.body)
|
127
|
+
|
128
|
+
if xml != nil
|
129
|
+
user_info = xml.fetch("s:Envelope", {}).fetch("s:Body", {}).fetch("GibBenutzerResponse", {}).fetch("GibBenutzerResult", "")
|
130
|
+
end
|
131
|
+
end
|
132
|
+
|
133
|
+
user_info
|
134
|
+
end
|
135
|
+
|
136
|
+
end
|
137
|
+
|
138
|
+
class BisClient
|
139
|
+
# soap_msg = envelope(wss_header: wss_header(), body: body)
|
140
|
+
# HTTPotion.post @port, [body: soap_msg, headers: ["SOAPAction": soap_action, "Content-Type": "text/xml"]]
|
141
|
+
|
142
|
+
def self.execute(soap_action, body)
|
143
|
+
conn = Faraday.new
|
144
|
+
|
145
|
+
conn.post do |req|
|
146
|
+
req.url "https://service.nwb.de/customercare/NWBService.svc/interop"
|
147
|
+
req.headers['SOAPAction'] = soap_action
|
148
|
+
req.headers['Content-Type'] = 'text/xml'
|
149
|
+
req.body = body
|
150
|
+
end
|
151
|
+
end
|
152
|
+
end
|
153
|
+
|
154
|
+
class BisXmlEnvelope < ERB
|
155
|
+
def self.template
|
156
|
+
%{
|
157
|
+
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
|
158
|
+
<s:Header>
|
159
|
+
<o:Security s:mustUnderstand="1" xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
|
160
|
+
<u:Timestamp u:Id="_0">
|
161
|
+
<u:Created><%= Time.now.iso8601 %></u:Created>
|
162
|
+
<u:Expires><%= (Time.now + 5*60).iso8601 %></u:Expires>
|
163
|
+
</u:Timestamp>
|
164
|
+
<o:UsernameToken u:Id="uuid-b42663dd-caca-4fb4-b5f9-c65c34ac59b4-1">
|
165
|
+
<o:Username><%= @bis_user %></o:Username>
|
166
|
+
<o:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText"><%= @bis_password %></o:Password>
|
167
|
+
</o:UsernameToken>
|
168
|
+
</o:Security>
|
169
|
+
</s:Header>
|
170
|
+
<s:Body>
|
171
|
+
<%= @body %>
|
172
|
+
</s:Body>
|
173
|
+
</s:Envelope>
|
174
|
+
}
|
175
|
+
end
|
176
|
+
|
177
|
+
def initialize(body, options = {})
|
178
|
+
@body = body
|
179
|
+
@template = options.fetch(:template, self.class.template)
|
180
|
+
|
181
|
+
@bis_user = options.fetch(:bis_user)
|
182
|
+
@bis_password = options.fetch(:bis_password)
|
183
|
+
|
184
|
+
super(@template)
|
185
|
+
end
|
186
|
+
|
187
|
+
def result
|
188
|
+
super(binding)
|
189
|
+
end
|
190
|
+
end
|
191
|
+
|
192
|
+
class BisXmlGetUserInfo < ERB
|
193
|
+
def self.template
|
194
|
+
%{
|
195
|
+
<GibBenutzer xmlns="http://tempuri.org/">
|
196
|
+
<benutzername><%= @username %></benutzername>
|
197
|
+
</GibBenutzer>
|
198
|
+
}
|
199
|
+
end
|
200
|
+
|
201
|
+
def initialize(username, options = {})
|
202
|
+
@username = username
|
203
|
+
@template = options.fetch(:template, self.class.template)
|
204
|
+
|
205
|
+
super(@template)
|
206
|
+
end
|
207
|
+
|
208
|
+
def result
|
209
|
+
super(binding)
|
210
|
+
end
|
211
|
+
end
|
212
|
+
|
213
|
+
class BisXmlGetLogonStatus < ERB
|
214
|
+
def self.template
|
215
|
+
%{
|
216
|
+
<GibLogonStatus xmlns="http://tempuri.org/">
|
217
|
+
<guid><%= @logon_id %></guid>
|
218
|
+
</GibLogonStatus>
|
219
|
+
}
|
220
|
+
end
|
221
|
+
|
222
|
+
def initialize(logon_id, options = {})
|
223
|
+
@logon_id = logon_id
|
224
|
+
@template = options.fetch(:template, self.class.template)
|
225
|
+
|
226
|
+
super(@template)
|
227
|
+
end
|
228
|
+
|
229
|
+
def result
|
230
|
+
super(binding)
|
231
|
+
end
|
232
|
+
end
|
233
|
+
|
234
|
+
class BisXmlDecryptLogonId < ERB
|
235
|
+
def self.template
|
236
|
+
%{
|
237
|
+
<EntschluesselLogonID xmlns="http://tempuri.org/">
|
238
|
+
<sender>bis</sender>
|
239
|
+
<data><%= @logon_id %></data>
|
240
|
+
</EntschluesselLogonID>
|
241
|
+
}
|
242
|
+
end
|
243
|
+
|
244
|
+
def initialize(logon_id, options = {})
|
245
|
+
@logon_id = logon_id
|
246
|
+
@template = options.fetch(:template, self.class.template)
|
247
|
+
|
248
|
+
super(@template)
|
249
|
+
end
|
250
|
+
|
251
|
+
def result
|
252
|
+
super(binding)
|
253
|
+
end
|
254
|
+
end
|
255
|
+
|
256
|
+
end
|
257
|
+
end
|
metadata
ADDED
@@ -0,0 +1,101 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: omniauth-nwbbis
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.1.1
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Dennis Bücker
|
8
|
+
autorequire:
|
9
|
+
bindir: bin
|
10
|
+
cert_chain: []
|
11
|
+
date: 2017-04-05 00:00:00.000000000 Z
|
12
|
+
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: omniauth
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - "~>"
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: '1'
|
20
|
+
type: :runtime
|
21
|
+
prerelease: false
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - "~>"
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: '1'
|
27
|
+
- !ruby/object:Gem::Dependency
|
28
|
+
name: faraday
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
30
|
+
requirements:
|
31
|
+
- - "~>"
|
32
|
+
- !ruby/object:Gem::Version
|
33
|
+
version: '0.11'
|
34
|
+
type: :runtime
|
35
|
+
prerelease: false
|
36
|
+
version_requirements: !ruby/object:Gem::Requirement
|
37
|
+
requirements:
|
38
|
+
- - "~>"
|
39
|
+
- !ruby/object:Gem::Version
|
40
|
+
version: '0.11'
|
41
|
+
- !ruby/object:Gem::Dependency
|
42
|
+
name: multi_xml
|
43
|
+
requirement: !ruby/object:Gem::Requirement
|
44
|
+
requirements:
|
45
|
+
- - "~>"
|
46
|
+
- !ruby/object:Gem::Version
|
47
|
+
version: '0.6'
|
48
|
+
type: :runtime
|
49
|
+
prerelease: false
|
50
|
+
version_requirements: !ruby/object:Gem::Requirement
|
51
|
+
requirements:
|
52
|
+
- - "~>"
|
53
|
+
- !ruby/object:Gem::Version
|
54
|
+
version: '0.6'
|
55
|
+
- !ruby/object:Gem::Dependency
|
56
|
+
name: ox
|
57
|
+
requirement: !ruby/object:Gem::Requirement
|
58
|
+
requirements:
|
59
|
+
- - "~>"
|
60
|
+
- !ruby/object:Gem::Version
|
61
|
+
version: '2.4'
|
62
|
+
type: :runtime
|
63
|
+
prerelease: false
|
64
|
+
version_requirements: !ruby/object:Gem::Requirement
|
65
|
+
requirements:
|
66
|
+
- - "~>"
|
67
|
+
- !ruby/object:Gem::Version
|
68
|
+
version: '2.4'
|
69
|
+
description: A simple login strategy for OmniAuth to authenticate users against the
|
70
|
+
NWB BIS.
|
71
|
+
email: d.buecker@spirit47.com
|
72
|
+
executables: []
|
73
|
+
extensions: []
|
74
|
+
extra_rdoc_files: []
|
75
|
+
files:
|
76
|
+
- lib/omniauth-nwbbis.rb
|
77
|
+
homepage: http://nwb.de/
|
78
|
+
licenses:
|
79
|
+
- MIT
|
80
|
+
metadata: {}
|
81
|
+
post_install_message:
|
82
|
+
rdoc_options: []
|
83
|
+
require_paths:
|
84
|
+
- lib
|
85
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
86
|
+
requirements:
|
87
|
+
- - ">="
|
88
|
+
- !ruby/object:Gem::Version
|
89
|
+
version: '0'
|
90
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
91
|
+
requirements:
|
92
|
+
- - ">="
|
93
|
+
- !ruby/object:Gem::Version
|
94
|
+
version: '0'
|
95
|
+
requirements: []
|
96
|
+
rubyforge_project:
|
97
|
+
rubygems_version: 2.5.1
|
98
|
+
signing_key:
|
99
|
+
specification_version: 4
|
100
|
+
summary: Omniauth strategy for the NWB BIS
|
101
|
+
test_files: []
|