omniauth-sberbusiness 1.0.1 → 1.0.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.gitignore +1 -0
- data/lib/omniauth/sberbusiness/version.rb +1 -1
- data/lib/omniauth/strategies/sberbusiness.rb +45 -21
- data/omniauth-sberbusiness-1.0.0.gem +0 -0
- data/omniauth-sberbusiness-1.0.2.gem +0 -0
- metadata +4 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: ba7fa11ea9bd25f870de1fe86b3b2be85ebb8bacbba832ca69bc37de2900fd63
|
|
4
|
+
data.tar.gz: c3d1e32dd2eaa7500d85fd5a615a06232b3298c109fa3655311e1846cf01fa15
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: f74419d268a369102133a3029bf3316332c67cdc3d6615c81d9594c6e0b727b88a7808266986e48015c5110b358638435170a0f2e96258335f80022379a0ac1e
|
|
7
|
+
data.tar.gz: dc509a2030e560af04bb05188ae9f5d47464e541c315f7e150871b7cfff4ce6fedf3ccb4bed083038ac19a7e610bc4e591b6a8a59620927cb1c37eae42e83545
|
data/.gitignore
CHANGED
|
@@ -1,12 +1,13 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
|
-
# ecoding: utf-8
|
|
3
2
|
|
|
4
3
|
require 'omniauth/strategies/oauth2'
|
|
5
4
|
require 'securerandom'
|
|
6
5
|
require 'base64'
|
|
6
|
+
require 'pry'
|
|
7
7
|
|
|
8
8
|
module OmniAuth
|
|
9
9
|
module Strategies
|
|
10
|
+
# https://developer.sberbank.ru/doc/v3/sbbol
|
|
10
11
|
class Sberbusiness < OmniAuth::Strategies::OAuth2
|
|
11
12
|
class NoRawData < StandardError; end
|
|
12
13
|
|
|
@@ -16,11 +17,14 @@ module OmniAuth
|
|
|
16
17
|
|
|
17
18
|
option :name, 'sberbusiness'
|
|
18
19
|
|
|
20
|
+
option :test, false
|
|
21
|
+
|
|
19
22
|
option :client_options,
|
|
20
|
-
site: 'https://
|
|
21
|
-
token_url: 'https://
|
|
22
|
-
authorize_url: 'https://
|
|
23
|
-
|
|
23
|
+
site: 'https://fintech.sberbank.ru:9443',
|
|
24
|
+
token_url: 'https://fintech.sberbank.ru:9443/ic/sso/api/v2/oauth/token',
|
|
25
|
+
authorize_url: 'https://sbi.sberbank.ru:9443/ic/sso/api/v2/oauth/authorize',
|
|
26
|
+
user_info_path: '/ic/sso/api/v2/oauth/user-info',
|
|
27
|
+
client_info_path: '/api/v1/client-info'
|
|
24
28
|
|
|
25
29
|
option :authorize_options, %i[scope response_type client_type client_id state nonce]
|
|
26
30
|
|
|
@@ -28,6 +32,11 @@ module OmniAuth
|
|
|
28
32
|
|
|
29
33
|
uid { raw_info['sub'].to_s }
|
|
30
34
|
|
|
35
|
+
def client
|
|
36
|
+
change_links if options.test
|
|
37
|
+
super
|
|
38
|
+
end
|
|
39
|
+
|
|
31
40
|
# https://github.com/intridea/omniauth/wiki/Auth-Hash-Schema
|
|
32
41
|
info do
|
|
33
42
|
{
|
|
@@ -43,28 +52,33 @@ module OmniAuth
|
|
|
43
52
|
accounts: raw_info['accounts'],
|
|
44
53
|
id: raw_info['sub'],
|
|
45
54
|
inn: raw_info['inn'],
|
|
46
|
-
|
|
47
|
-
provider: 'sberbusiness'
|
|
55
|
+
provider: options.name
|
|
48
56
|
}
|
|
49
57
|
end
|
|
50
58
|
|
|
51
59
|
extra do
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
60
|
+
if options.test
|
|
61
|
+
{
|
|
62
|
+
'raw_info' => raw_info,
|
|
63
|
+
'credentials' => credentials
|
|
64
|
+
}
|
|
65
|
+
else
|
|
66
|
+
{ 'raw_info' => raw_info }
|
|
67
|
+
end
|
|
55
68
|
end
|
|
56
69
|
|
|
57
|
-
# https://developer.sberbank.ru/doc/v1/sberbank-id/datareq
|
|
58
70
|
def raw_info
|
|
59
71
|
access_token.options[:mode] = :header
|
|
60
72
|
@raw_info ||= begin
|
|
61
|
-
|
|
62
|
-
result = access_token.get('/ic/sso/api/v2/oauth/user-info', headers: info_headers).body
|
|
73
|
+
result = access_token.get(options.client_options['user_info_path'], headers: info_headers).body
|
|
63
74
|
# декодируем ответ:
|
|
64
75
|
decoded_data = result.split('.').map { |code| decrypt(code) rescue {}}
|
|
65
76
|
result = decoded_data.reduce(:merge)
|
|
66
|
-
|
|
67
|
-
result
|
|
77
|
+
# здесь нужен скоп специальный, а на тесте мы его задать не можем
|
|
78
|
+
return result unless options.test
|
|
79
|
+
|
|
80
|
+
org_info = access_token.get(options.client_options['client_info_path'], headers: info_headers).body
|
|
81
|
+
result.merge(client_info: org_info.force_encoding('UTF-8'))
|
|
68
82
|
end
|
|
69
83
|
end
|
|
70
84
|
|
|
@@ -72,8 +86,10 @@ module OmniAuth
|
|
|
72
86
|
JSON.parse(Base64.urlsafe_decode64(msg).force_encoding(Encoding::UTF_8))
|
|
73
87
|
end
|
|
74
88
|
|
|
75
|
-
# https://developer.sberbank.ru/doc/v1/sberbank-id/authcodereq
|
|
76
89
|
def authorize_params
|
|
90
|
+
# add links in options
|
|
91
|
+
change_links if options.test
|
|
92
|
+
|
|
77
93
|
super.tap do |params|
|
|
78
94
|
%w[state scope response_type client_type client_id nonce].each do |v|
|
|
79
95
|
next unless request.params[v]
|
|
@@ -81,10 +97,6 @@ module OmniAuth
|
|
|
81
97
|
params[v.to_sym] = request.params[v]
|
|
82
98
|
end
|
|
83
99
|
params[:scope] ||= DEFAULT_SCOPE
|
|
84
|
-
# if you want redirect to other host and save old host
|
|
85
|
-
state = session['omniauth.origin'] || env['HTTP_REFERER']
|
|
86
|
-
params[:state] = state
|
|
87
|
-
session['omniauth.state'] = state
|
|
88
100
|
params[:nonce] = SecureRandom.hex(16)
|
|
89
101
|
end
|
|
90
102
|
end
|
|
@@ -100,12 +112,24 @@ module OmniAuth
|
|
|
100
112
|
}
|
|
101
113
|
end
|
|
102
114
|
|
|
115
|
+
def change_links
|
|
116
|
+
options.client_options[:site] = options.client_options[:test_site] ||
|
|
117
|
+
'https://edupirfintech.sberbank.ru:9443'
|
|
118
|
+
options.client_options[:token_url] = options.client_options[:test_token_url] ||
|
|
119
|
+
'https://edupirfintech.sberbank.ru:9443/ic/sso/api/v1/oauth/token'
|
|
120
|
+
options.client_options[:authorize_url] = options.client_options[:test_authorize_url] ||
|
|
121
|
+
'https://edupir.testsbi.sberbank.ru:9443/ic/sso/api/v1/oauth/authorize'
|
|
122
|
+
options.client_options[:user_info_path] = options.client_options[:test_user_info_path] ||
|
|
123
|
+
'/ic/sso/api/v1/oauth/user-info'
|
|
124
|
+
options.client_options[:client_info_path] = options.client_options[:test_client_info_path] ||
|
|
125
|
+
'/fintech/api/v1/client-info'
|
|
126
|
+
end
|
|
127
|
+
|
|
103
128
|
def callback_url
|
|
104
129
|
options.redirect_url || (full_host + script_name + callback_path)
|
|
105
130
|
end
|
|
106
131
|
|
|
107
132
|
def info_options
|
|
108
|
-
# https://developer.sberbank.ru/doc/v1/sberbank-id/dataanswerparametrs
|
|
109
133
|
fields = %w[
|
|
110
134
|
sub family_name given_name middle_name birthdate email phone_number
|
|
111
135
|
address_reg identification inn snils gender
|
|
Binary file
|
|
Binary file
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: omniauth-sberbusiness
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.0.
|
|
4
|
+
version: 1.0.5
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Sergei Baksheev
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2021-
|
|
11
|
+
date: 2021-08-02 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: omniauth-oauth2
|
|
@@ -45,6 +45,8 @@ files:
|
|
|
45
45
|
- lib/omniauth-sberbusiness.rb
|
|
46
46
|
- lib/omniauth/sberbusiness/version.rb
|
|
47
47
|
- lib/omniauth/strategies/sberbusiness.rb
|
|
48
|
+
- omniauth-sberbusiness-1.0.0.gem
|
|
49
|
+
- omniauth-sberbusiness-1.0.2.gem
|
|
48
50
|
- omniauth-sberbusiness.gemspec
|
|
49
51
|
homepage: https://github.com/insales/omniauth-sberbusiness
|
|
50
52
|
licenses:
|