RubyGems - omniauth-sberbusiness - Versions diffs - 1.0.0 → 1.0.4 - Mend

omniauth-sberbusiness 1.0.0 → 1.0.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

checksums.yaml +4 -4
data/.gitignore +1 -0
data/lib/omniauth/sberbusiness/version.rb +1 -1
data/lib/omniauth/strategies/sberbusiness.rb +28 -21
data/omniauth-sberbusiness-1.0.0.gem +0 -0
data/omniauth-sberbusiness-1.0.2.gem +0 -0
metadata +5 -3

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 937ea6016cb610ed9d296dc0f5f4938198c8b4ca192a1b29c53f5e1d208315af
-  data.tar.gz: ef2882ea928b375ef21196f8d0a6fb628d95a005b385dc2f72e55097173144bc
+  metadata.gz: fc6a24d6b570f4a4ee525fca24fb894a5a3bd732be93b89b15d21c01c8442e3c
+  data.tar.gz: 3557c296ec5f0b6b7fb08866f84565e5664bac34244bc77306f32fa41c71292a
 SHA512:
-  metadata.gz: cbc8e94db10462e42bffef58a0758eb9dbabf9a681faf56b0db9d782984bbc05974ddc50e64621acba339075e557a80eca1b7115983d4e28a1e375057bf43724
-  data.tar.gz: 647b58e4b718efcbd2fd3f32a45f99ab3cf2a28aa49b4bd8eae7fb29720a5ea13934cf4583b7f8189ffd55a8f621583dee83446cb373e4f5f645bd88f3db1744
+  metadata.gz: b720db90f54c0ef88124077f3681a0de7430ebe591a9429fb3bbf930ad2410014069d0968dd908885b8313cdbf456775425468ca08f9c20dc67403e20493a882
+  data.tar.gz: e9baea1e868b23932099630ae310af10ed9b197498b77aab832941974715e50a3135d717212576b70f3336c5b519d2af5f95a996435e5421900e93eb5dbe24a3

data/.gitignore CHANGED Viewed

@@ -3,3 +3,4 @@
 coverage
 Gemfile.lock
 .idea
+*.gem

data/lib/omniauth/sberbusiness/version.rb CHANGED Viewed

@@ -2,6 +2,6 @@
 module OmniAuth
   module Sberbusiness
-    VERSION = '1.0.0'
+    VERSION = '1.0.4'
   end
 end

data/lib/omniauth/strategies/sberbusiness.rb CHANGED Viewed

@@ -6,6 +6,7 @@ require 'base64'
 module OmniAuth
   module Strategies
+    # https://developer.sberbank.ru/doc/v3/sbbol
     class Sberbusiness < OmniAuth::Strategies::OAuth2
       class NoRawData < StandardError; end
@@ -15,11 +16,14 @@ module OmniAuth
       option :name, 'sberbusiness'
+      option :test, false
       option :client_options,
-             site: 'https://edupirfintech.sberbank.ru:9443', # 'https://edupir.testsbi.sberbank.ru:9443', # 'https://sbi.sberbank.ru:9443',
-             token_url: 'https://edupirfintech.sberbank.ru:9443/ic/sso/api/v2/oauth/token', # https://edupirfintech.sberbank.ru:9443 https://sbi.sberbank.ru:9443/ic/sso/api/v2/oauth/token
-             authorize_url: 'https://edupir.testsbi.sberbank.ru:9443/ic/sso/api/v2/oauth/authorize'
-             # 'https://edupir.testsbi.sberbank.ru:9443/ic/sso/api/v2/oauth/authorize' # 'https://sbi.sberbank.ru:9443/ic/sso/api/v2/oauth/authorize'
+             site: 'https://fintech.sberbank.ru:9443',
+             token_url: 'https://fintech.sberbank.ru:9443/ic/sso/api/v2/oauth/token',
+             authorize_url: 'https://sbi.sberbank.ru:9443/ic/sso/api/v2/oauth/authorize',
+             user_info_path: '/ic/sso/api/v2/oauth/user-info',
+             client_info_path: '/api/v1/client-info'
       option :authorize_options, %i[scope response_type client_type client_id state nonce]
@@ -42,32 +46,40 @@ module OmniAuth
           accounts: raw_info['accounts'],
           id: raw_info['sub'],
           inn: raw_info['inn'],
-          client_host: raw_info['state'],
-          provider: 'sberbusiness'
+          provider: options.name
         }
       end
       extra do
-        {
-          'raw_info' => raw_info
-        }
+        if options.test
+          {
+            'raw_info' => raw_info,
+            'credentials' => credentials
+          }
+        else
+          { 'raw_info' => raw_info }
+        end
       end
-      # https://developer.sberbank.ru/doc/v1/sberbank-id/datareq
       def raw_info
         access_token.options[:mode] = :header
         @raw_info ||= begin
-          state = request.params['state']
-          result = access_token.get('/ic/sso/api/v2/oauth/user-info', headers: info_headers).body
+          result = access_token.get(options.client_options['user_info_path'], headers: info_headers).body
           # декодируем ответ:
-          decoded_data = result.split('.').map { |code| JSON.parse(Base64.decode64(code)) rescue {}}
+          decoded_data = result.split('.').map { |code| decrypt(code) rescue {}}
           result = decoded_data.reduce(:merge)
-          result['state'] = state
-          result
+          # здесь нужен скоп специальный, а на тесте мы его задать не можем
+          return result unless options.test
+          org_info = access_token.get(options.client_options['client_info_path'], headers: info_headers).body
+          result.merge({ client_info: org_info.force_encoding('UTF-8') })
         end
       end
-      # https://developer.sberbank.ru/doc/v1/sberbank-id/authcodereq
+      def decrypt(msg)
+        JSON.parse(Base64.urlsafe_decode64(msg).force_encoding(Encoding::UTF_8))
+      end
       def authorize_params
         super.tap do |params|
           %w[state scope response_type client_type client_id nonce].each do |v|
@@ -76,10 +88,6 @@ module OmniAuth
             params[v.to_sym] = request.params[v]
           end
           params[:scope] ||= DEFAULT_SCOPE
-          # if you want redirect to other host and save old host
-          state = session['omniauth.origin'] || env['HTTP_REFERER']
-          params[:state] = state
-          session['omniauth.state'] = state
           params[:nonce] = SecureRandom.hex(16)
         end
       end
@@ -100,7 +108,6 @@ module OmniAuth
       end
       def info_options
-        # https://developer.sberbank.ru/doc/v1/sberbank-id/dataanswerparametrs
         fields = %w[
           sub family_name given_name middle_name birthdate email phone_number
           address_reg identification inn snils gender

data/omniauth-sberbusiness-1.0.0.gem ADDED Viewed

Binary file

data/omniauth-sberbusiness-1.0.2.gem ADDED Viewed

Binary file

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: omniauth-sberbusiness
 version: !ruby/object:Gem::Version
-  version: 1.0.0
+  version: 1.0.4
 platform: ruby
 authors:
 - Sergei Baksheev
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-07-16 00:00:00.000000000 Z
+date: 2021-07-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: omniauth-oauth2
@@ -45,6 +45,8 @@ files:
 - lib/omniauth-sberbusiness.rb
 - lib/omniauth/sberbusiness/version.rb
 - lib/omniauth/strategies/sberbusiness.rb
+- omniauth-sberbusiness-1.0.0.gem
+- omniauth-sberbusiness-1.0.2.gem
 - omniauth-sberbusiness.gemspec
 homepage: https://github.com/insales/omniauth-sberbusiness
 licenses:
@@ -65,7 +67,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.2.19
+rubygems_version: 3.1.2
 signing_key:
 specification_version: 4
 summary: Sberbusiness OAuth2 Strategy for OmniAuth