omniauth-privatbank-ua 1.0.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 50e5c27788a4dfe1874385244a11ee309187e4cf
+  data.tar.gz: 64b971ac19382f00f6262dd171a0d043bff8a168
+SHA512:
+  metadata.gz: ae2c6029f6e789faca8ddd6ed0456ba90e00f6dbeba3ce22d5372343095691e250bc35186d7ed9297c1e7310b9f8e3d638f45ceb9dfcd4b81714a3472f0fbed0
+  data.tar.gz: a01f79ba1f76cca4dc5e3f64033c7ac94f59a3ac9c14cf9f1936f124478986190fcad1676955366d80b2135b9efd2d6d1ae7b0d81ec152c0e3ffa07190b648e2

data/Gemfile

@@ -0,0 +1,5 @@
+source "https://rubygems.org"
+
+gem 'rake'
+# Specify your gem's dependencies in omniauth-twitter.gemspec
+gemspec

data/README.md

@@ -0,0 +1,27 @@
+# OmniAuth privatbank.ua
+
+## Using This Strategy
+
+First start by adding this gem to your Gemfile:
+
+```ruby
+gem 'omniauth-privatbank-ua'
+```
+
+Next, tell OmniAuth about this provider. For a Rails app, your `config/initializers/omniauth.rb` file should look like this:
+
+```ruby
+Rails.application.config.middleware.use OmniAuth::Builder do
+  if Rails.env.production?
+    provider :'privatbank-ua', ENV['ua_privatbank_client_id'], ENV['ua_privatbank_client_secret'],
+      private_key_path: ENV['ua_privatbank_client_private_key_path']
+  else
+    #for some reason in development we get ssl verification errors
+    require 'openssl'
+    OpenSSL::SSL::VERIFY_PEER = OpenSSL::SSL::VERIFY_NONE
+    provider OmniAuth::Strategies::PrivatbankUaSandbox, ENV['ua_privatbank_client_id'], ENV['ua_privatbank_client_secret'],
+      private_key_path: ENV['ua_privatbank_client_private_key_path']
+  end
+end
+```
+

data/Rakefile

@@ -0,0 +1,8 @@
+require "bundler/gem_tasks"
+require 'rspec/core/rake_task'
+
+desc "Run specs"
+RSpec::Core::RakeTask.new
+
+desc 'Default: run specs.'
+task :default => :spec

data/lib/omniauth-privatbank-ua.rb

@@ -0,0 +1,2 @@
+require "omniauth-privatbank-ua/version"
+require 'omniauth/strategies/privatbank-ua'

data/lib/omniauth-privatbank-ua/version.rb

@@ -0,0 +1,5 @@
+module OmniAuth
+  module PrivatbankUa
+    VERSION = "1.0.0"
+  end
+end

data/lib/omniauth/strategies/privatbank-ua.rb

@@ -0,0 +1,140 @@
+require 'omniauth-oauth2'
+require 'multi_json'
+
+module OmniAuth
+  module Strategies
+    class PrivatbankUa < OmniAuth::Strategies::OAuth2
+      class NoCustomerError < StandardError; end
+      option :name, 'privatbank-ua'
+
+      OAUTH_DOMAIN = 'https://bankid.org.ua'
+      DATA_DOMAIN = 'https://biprocessing.org.ua'
+
+      option :client_options, {
+        site: OAUTH_DOMAIN,
+        authorize_url: '/DataAccessService/das/authorize',
+        token_url: '/DataAccessService/oauth/token',
+        token_method: :get
+      }
+
+      option :data_site, DATA_DOMAIN
+
+      uid { raw_info['inn'] }
+
+      info do
+        {
+          :inn => raw_info['inn'],
+          :first_name => raw_info['firstName'],
+          :last_name => raw_info['lastName'],
+          :middle_name => raw_info['middleName'],
+          :email => raw_info['email'],
+          :phone => raw_info['phone']
+        }
+      end
+
+      extra do
+        { :raw_info => raw_info }
+      end
+
+      def raw_info
+        @raw_info ||= customer_data
+      end
+
+      def callback_url
+        full_host + script_name + callback_path # + query_string
+      end
+
+      protected
+
+      def build_access_token
+        verifier = request.params['code']
+        calculated_secret = Digest::SHA1.hexdigest "#{options.client_id}#{options.client_secret}#{verifier}"
+        client = ::OAuth2::Client.new(options.client_id, calculated_secret, deep_symbolize(options.client_options))
+        client.auth_code.get_token(verifier,
+          {:redirect_uri => callback_url}.merge(token_params.to_hash(:symbolize_keys => true)),
+          deep_symbolize({header_format: "Bearer %s, Id #{options.client_id}"}))
+      end
+
+      private
+
+      def customer_data
+        data = request_customer_data
+        if data['state'] == 'ok'
+          person = data['customer']
+          if person['type'] == 'physical'
+            decrypt_customer_data(person)
+          end
+          person
+        else
+          raise NoCustomerError.new(data.to_s)
+        end
+      end
+
+      def request_customer_data
+        access_token.post("#{options.data_site}/ResourceService/checked/data",
+          {
+            headers: {
+              'Content-Type' => "application/json",
+              'Accept' => "application/json"
+            },
+            body: customer_data_post_params.to_json
+          }
+        ).parsed
+      rescue ::Errno::ETIMEDOUT
+        raise ::Timeout::Error
+      end
+
+      def decrypt_customer_data(person)
+        if person['signature'].present?
+          fields = ['inn', 'firstName', 'middleName', 'lastName', 'phone', 'email']
+          fields.each do |field_name|
+            begin
+              person[field_name] = decrypt(person[field_name])
+            rescue Exception => e
+              OmniAuth.config.logger.error("#{self.class} could not decrypt field: #{field_name}, because: #{e.message}")
+            end
+          end
+        end
+      end
+
+      def decrypt(field_value)
+        private_key.private_decrypt(Base64::decode64(field_value))
+      end
+
+      def private_key
+        @private_key ||= OpenSSL::PKey::RSA.new(File.read(options.private_key_path))
+      end
+
+      def customer_data_post_params
+        {
+          "type" => "physical",
+          "fields" => [
+            "firstName",
+            "middleName",
+            "lastName",
+            "phone",
+            "inn",
+            "clId",
+            "clIdText",
+            "birthDay",
+            "email",
+            "sex",
+            "resident",
+            "dateModification"
+          ]
+        }
+      end
+    end
+
+    class PrivatbankUaSandbox < OmniAuth::Strategies::PrivatbankUa
+      # for testing against their test servers,
+      # to test data decryption make sure you have the PrivatBank public/secret keys from  production
+      SANDBOX_OAUTH_DOMAIN = 'https://bankid.privatbank.ua'
+      SANDBOX_DATA_DOMAIN =  'https://bankid.privatbank.ua'
+      default_options[:client_options][:site] = SANDBOX_OAUTH_DOMAIN
+      default_options[:data_site] = SANDBOX_DATA_DOMAIN
+    end
+  end
+end
+
+OmniAuth.config.add_camelization "privatbank-ua", "PrivatbankUa"

data/omniauth-privatbank-ua.gemspec

@@ -0,0 +1,26 @@
+# -*- encoding: utf-8 -*-
+$:.push File.expand_path("../lib", __FILE__)
+require "omniauth-privatbank-ua/version"
+
+Gem::Specification.new do |s|
+  s.name        = "omniauth-privatbank-ua"
+  s.version     = OmniAuth::PrivatbankUa::VERSION
+  s.authors     = ["Aivils Stoss"]
+  s.email       = ["aivils@ithouse.lv"]
+  s.homepage    = "https://github.com/ithouse/omniauth-privatbank-ua"
+  s.summary     = %q{OmniAuth strategy for privatbank.ua}
+  s.description = %q{OmniAuth strategy for privatbank.ua}
+  s.license     = "MIT"
+
+  s.files         = `git ls-files`.split("\n")
+  s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
+  s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
+  s.require_paths = ["lib"]
+
+  s.add_dependency 'multi_json', '~> 1.3'
+  s.add_runtime_dependency 'omniauth-oauth2', '~> 1.0'
+  s.add_development_dependency 'rspec', '~> 2.7'
+  s.add_development_dependency 'rack-test'
+  s.add_development_dependency 'simplecov'
+  s.add_development_dependency 'webmock'
+end

metadata

@@ -0,0 +1,135 @@
+--- !ruby/object:Gem::Specification
+name: omniauth-privatbank-ua
+version: !ruby/object:Gem::Version
+  version: 1.0.0
+platform: ruby
+authors:
+- Aivils Stoss
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2016-11-07 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: multi_json
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.3'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.3'
+- !ruby/object:Gem::Dependency
+  name: omniauth-oauth2
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.7'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.7'
+- !ruby/object:Gem::Dependency
+  name: rack-test
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: simplecov
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: webmock
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: OmniAuth strategy for privatbank.ua
+email:
+- aivils@ithouse.lv
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- Gemfile
+- README.md
+- Rakefile
+- lib/omniauth-privatbank-ua.rb
+- lib/omniauth-privatbank-ua/version.rb
+- lib/omniauth/strategies/privatbank-ua.rb
+- omniauth-privatbank-ua.gemspec
+homepage: https://github.com/ithouse/omniauth-privatbank-ua
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.4.5
+signing_key: 
+specification_version: 4
+summary: OmniAuth strategy for privatbank.ua
+test_files: []