omniauth-swedbank 0.0.1

Sign up to get free protection for your applications and to get access to all the features.
data/.gitignore ADDED
@@ -0,0 +1,17 @@
1
+ *.gem
2
+ *.rbc
3
+ .bundle
4
+ .config
5
+ .yardoc
6
+ Gemfile.lock
7
+ InstalledFiles
8
+ _yardoc
9
+ coverage
10
+ doc/
11
+ lib/bundler/man
12
+ pkg
13
+ rdoc
14
+ spec/reports
15
+ test/tmp
16
+ test/version_tmp
17
+ tmp
data/Gemfile ADDED
@@ -0,0 +1,4 @@
1
+ source 'https://rubygems.org'
2
+
3
+ # Specify your gem's dependencies in omniauth-swedbank.gemspec
4
+ gemspec
data/LICENSE.txt ADDED
@@ -0,0 +1,22 @@
1
+ Copyright (c) 2013 Jānis Kiršteins
2
+
3
+ MIT License
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining
6
+ a copy of this software and associated documentation files (the
7
+ "Software"), to deal in the Software without restriction, including
8
+ without limitation the rights to use, copy, modify, merge, publish,
9
+ distribute, sublicense, and/or sell copies of the Software, and to
10
+ permit persons to whom the Software is furnished to do so, subject to
11
+ the following conditions:
12
+
13
+ The above copyright notice and this permission notice shall be
14
+ included in all copies or substantial portions of the Software.
15
+
16
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
17
+ EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
18
+ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
19
+ NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
20
+ LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
21
+ OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
22
+ WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
data/README.md ADDED
@@ -0,0 +1,29 @@
1
+ # Omniauth::Swedbank
2
+
3
+ TODO: Write a gem description
4
+
5
+ ## Installation
6
+
7
+ Add this line to your application's Gemfile:
8
+
9
+ gem 'omniauth-swedbank'
10
+
11
+ And then execute:
12
+
13
+ $ bundle
14
+
15
+ Or install it yourself as:
16
+
17
+ $ gem install omniauth-swedbank
18
+
19
+ ## Usage
20
+
21
+ TODO: Write usage instructions here
22
+
23
+ ## Contributing
24
+
25
+ 1. Fork it
26
+ 2. Create your feature branch (`git checkout -b my-new-feature`)
27
+ 3. Commit your changes (`git commit -am 'Add some feature'`)
28
+ 4. Push to the branch (`git push origin my-new-feature`)
29
+ 5. Create new Pull Request
data/Rakefile ADDED
@@ -0,0 +1 @@
1
+ require "bundler/gem_tasks"
@@ -0,0 +1,27 @@
1
+ -----BEGIN RSA PRIVATE KEY-----
2
+ MIIEowIBAAKCAQEArWS2KSiTXtehadkvxFcss9GhXT4QcIJ/u9OyVv2vBDNZtK68
3
+ jVG8GaUKmdsM5j8uq/w9d1LLCaRlYO+Pi0PBmSPpoIi/lO52PedddV4TkPwdufIu
4
+ NBwMH91hVagypooGMV1PjtIW7lMF5k+6j97ETYDSwoZ+gRQ1enNX/02JIkma0o+O
5
+ R0LKg3pAiGXcugr81fJuSCVd0yVrIaBI+BzySO2BJII3N588FLCoi4vZOhbC0or3
6
+ hQWpMvpoWAZSVLRE+yhMLq2h8Oy5Ap9RaAkqHYMXhxfSBQgsikyO1ShEweMNE2Cy
7
+ gmzDo7TjdInwsfh/8PC8D2K4V0xeq43HS9wPYwIDAQABAoIBADkSNA76Bv+pk7xm
8
+ Ox2x38nUDvvEyN5vZaGp/UI6v5dvW3BoLzGInJQISaP4gJdsZm0/We/jdWbYEHJG
9
+ h4W8KIXCV0x6lixsDMk1VQKjk2ceRJ6GgwSt0qPOVxI9iWZdecpXvy7wIZISC5gR
10
+ 2AMwvIYSB8z1PcA4qZ2DR4yFtcRt0IiU1UbvyNh0OXZNq/82K4qvrsQmWVkAQQuC
11
+ zjRUJk9pAIx5BXnbJNe1/uaTPncC9nT/ZEQDqQ9F76BjfWHlAOfskuOyDCvutFez
12
+ qrgfz5PznRo56WOWUud35vbVlHWSMnYF/5KGp9ugaVtjAUI4ab9LEGU+ajGZogSt
13
+ iyz1DNkCgYEA436AXppYZtErcVJEP9dlJJCcs2BTcwsG7UBelRdHoI/f857ALE+g
14
+ 0eX13HxsZo5NsZIy/nNlsZ5V+7UGNsEqO+hxEOpeASHEScy9UE4UtPrRQpZnz9Sa
15
+ NxWBnGSRSbFVezZmqUbAiFiCfDadFGstd0AzWHprE6xnBhYHaHl2nV0CgYEAwx7H
16
+ zZ1bLvcRp90M1Cq4CoJF9t0UCdv6iCLvS87cetODr2xRjGixTS3ssaJ1rcUC4bWf
17
+ dhpfT397aRWbMts6WHs3v/4yaUezVOsjr//Z8s5rUxvHf9z0dmPrSBe9trRVIE9C
18
+ DflXTRqbYss7DLTPtdI1jdPbZIir1tqHhfe9078CgYEAt4/uYudlp2jmBeVcnqrd
19
+ uNhbKL3z9+MQ7sU+zExhhmQxT7Fr3RVPba6BaSyYh1QRytNuBDT2/JAHTzftUKci
20
+ vf47pWuG+KDXcrkalL68JKAx0+nq0B77ZLEcySW4ud62W9o0kig92Iaam0GyE7S7
21
+ lfqes6jr148H/jguOBWyKR0CgYA5bycLHCWKBon46nVrQoPX/A7SIrNST6FIT1g2
22
+ 7VYzBW2+xliexvZhrIH+q76N/u7hN5APuKWThgfyn7yGVMew4dxANHfsS4G7Hlfr
23
+ 55jlAuPOm9+2gHipHLJWDz71t9FS6GGeMWYEOS/B/eaMz/BQKec/rzvmNOC4Jq07
24
+ vvfuiwKBgHBGkRAkTTLwsqsUUwLSsCIp/1IJXvSwy0V2XVUQNDq5JPKA6CZuH9mX
25
+ G9CMofUbPBb+a7CGsUhpWuBc1Y0JHlLABuVptcLLFRDfZkgRCtn8PRmEHXTOwdcS
26
+ 9sI0N0rT1hKbDCjOVE78uGEBCpHIt7GOw/bxftSK7RXeRrW6paCh
27
+ -----END RSA PRIVATE KEY-----
@@ -0,0 +1,23 @@
1
+ Bag Attributes
2
+ localKeyID: F7 69 BA A0 A3 90 3C BC B5 0F 54 5E 76 1F CD 08 16 77 98 E4
3
+ subject=/C=LV/O=SIA OPEN ID/OU=FAKE SWEDBANK/CN=SWEDBANK
4
+ issuer=/C=LV/O=SIA OPEN ID/OU=FAKE SWEDBANK/CN=SWEDBANK
5
+ -----BEGIN CERTIFICATE-----
6
+ MIIDGDCCAgACCQDDEQNszepEcjANBgkqhkiG9w0BAQUFADBOMQswCQYDVQQGEwJM
7
+ VjEUMBIGA1UECgwLU0lBIE9QRU4gSUQxFjAUBgNVBAsMDUZBS0UgU1dFREJBTksx
8
+ ETAPBgNVBAMMCFNXRURCQU5LMB4XDTEyMDYxOTA4NDI0MloXDTEzMDYxOTA4NDI0
9
+ MlowTjELMAkGA1UEBhMCTFYxFDASBgNVBAoMC1NJQSBPUEVOIElEMRYwFAYDVQQL
10
+ DA1GQUtFIFNXRURCQU5LMREwDwYDVQQDDAhTV0VEQkFOSzCCASIwDQYJKoZIhvcN
11
+ AQEBBQADggEPADCCAQoCggEBAOD7R6oFRVwzkVKFbZPel3lKeIw8FEHyiNhnBvyQ
12
+ Ll9mYvzAfMiMS+izvx3yAGtVpQPW13eLl4SHseNxHbf9Ak4FSsjF3ops+gXpAOgV
13
+ fRJIJ9ODtV2qKqIqtex89OT9tbK2mpdPBmSXAqKaYAL44ppkY05O3NUY0y+EHoeU
14
+ 2rvXqhtbdKUIgFkGau8Kb25a0Jpw9h8IDG9VoTENnlNSM39ZZEN52Ot2P3vrbz7w
15
+ 4dW5G0GfGKTgVYsKi5YWbw6UhCitKxG7w4Bem7cVAKC+g/y17+wf2komrRDXIGUS
16
+ i9a3CEb7JdRDW+lFpG1LGG+Aoddk609FWR19AVd8ODrPsbcCAwEAATANBgkqhkiG
17
+ 9w0BAQUFAAOCAQEANHmzMyeR4q7bIZzRhqFWVgAFQvPc2HJFf9izE+FpTLzqkoN1
18
+ UsmwwyZnYfpFwwhE/JxCfECIcyHbDOydHRLCjAfLDOuPAUHAMAdsCgM+soYCnUyN
19
+ hjDjRMWFBmZ+hq/3hFeNSXc0SObuVBXvd4V4fbRq4xOvcipb0aJiZRYSQZOkuPNg
20
+ RY/+wMYu5g6lATgr+6rQf0U7xEjIWhzAqgiuW5SFuT0Tj0oo8IsI42LxCRkCC6Bk
21
+ wMRl/RTxQlI4uSUZhoCFAuZKW+Mf+ROz7jft5NexYVcyqtlurg+214hhSFyPXvO2
22
+ wxwCWV+cLHuXuqIYQ46+QUVC7P9E5G1TxebeuQ==
23
+ -----END CERTIFICATE-----
@@ -0,0 +1,129 @@
1
+ require 'omniauth'
2
+ require 'base64'
3
+
4
+ module OmniAuth
5
+ module Strategies
6
+ class Swedbank
7
+ # TODO add support for overriding the VK_LANG parameter
8
+ # TODO i18n for all texts
9
+
10
+ include OmniAuth::Strategy
11
+
12
+ AUTH_SERVICE_ID = :"4002"
13
+ AUTH_SERVICE_VERSION = :"008" # This value must not be used as a number, so as to not lose the padding
14
+ # Padding is important when generating the VK_MAC value
15
+
16
+ args [:private_key_file, :public_key_file, :snd_id, :rec_id]
17
+
18
+ option :private_key_file, nil
19
+ option :public_key_file, nil
20
+ option :snd_id, nil
21
+ option :rec_id, nil
22
+
23
+ option :name, "swedbank"
24
+ option :site, "https://ib.swedbank.lv/banklink"
25
+
26
+ def callback_url
27
+ full_host + script_name + callback_path
28
+ end
29
+
30
+ def nonce
31
+ return @nonce if @nonce
32
+ @nonce = ((full_host.gsub(/[\:\/]/, "X") + SecureRandom.uuid.gsub("-", "")).rjust 50, " ")[-50, 50]
33
+ end
34
+
35
+ def append_value_to_signature(value, signature = "")
36
+ signature << "#{value.to_s.bytesize.to_s.rjust(3, '0')}#{value}"
37
+ end
38
+
39
+ def signature_input
40
+ sig_str = append_value_to_signature(AUTH_SERVICE_ID) # VK_SERVICE
41
+ append_value_to_signature(AUTH_SERVICE_VERSION, sig_str) # VK_VERSION
42
+ append_value_to_signature(options.snd_id, sig_str) # VK_SND_ID
43
+ append_value_to_signature(options.rec_id, sig_str) # VK_REC_ID
44
+ append_value_to_signature(nonce, sig_str) # VK_NONCE
45
+ append_value_to_signature(callback_url, sig_str) # VK_RETURN
46
+ end
47
+
48
+ def signature (priv_key)
49
+ Base64.encode64(priv_key.sign(OpenSSL::Digest::SHA1.new, signature_input))
50
+ end
51
+
52
+ uid do
53
+ request.params[:VK_INFO.to_s].match(/ISIK:(\d{6}\-\d{5})/)[1]
54
+ end
55
+
56
+ info do
57
+ {
58
+ :full_name => request.params[:VK_INFO.to_s].match(/NIMI:(.+)/)[1]
59
+ }
60
+ end
61
+
62
+ def callback_phase
63
+ begin
64
+ pub_key = OpenSSL::X509::Certificate.new(File.read(options.public_key_file || "")).public_key
65
+ rescue => e
66
+ return fail!(:public_key_load_err, e)
67
+ end
68
+
69
+ if request.params[:VK_SERVICE.to_s] != "3003"
70
+ return fail!(:unsupported_response_service_err)
71
+ end
72
+
73
+ if request.params[:VK_VERSION.to_s] != "008"
74
+ return fail!(:unsupported_response_version_err)
75
+ end
76
+
77
+ if request.params[:VK_ENCODING.to_s] != "UTF-8"
78
+ return fail!(:unsupported_response_encoding_err)
79
+ end
80
+
81
+ sig_str = append_value_to_signature(request.params[:VK_SERVICE.to_s])
82
+ append_value_to_signature(request.params[:VK_VERSION.to_s], sig_str)
83
+ append_value_to_signature(request.params[:VK_SND_ID.to_s], sig_str)
84
+ append_value_to_signature(request.params[:VK_REC_ID.to_s], sig_str)
85
+ append_value_to_signature(request.params[:VK_NONCE.to_s], sig_str)
86
+ append_value_to_signature(request.params[:VK_INFO.to_s], sig_str)
87
+
88
+ raw_signature = Base64.decode64(request.params[:VK_MAC.to_s])
89
+
90
+ if !pub_key.verify(OpenSSL::Digest::SHA1.new, raw_signature, sig_str)
91
+ return fail!(:invalid_response_signature_err)
92
+ end
93
+
94
+ super
95
+ rescue Exception => e
96
+ fail!(:unknown_callback_err, e)
97
+ end
98
+
99
+ def request_phase
100
+ begin
101
+ priv_key = OpenSSL::PKey::RSA.new(File.read(options.private_key_file || ""))
102
+ rescue => e
103
+ return fail!(:private_key_load_err, e)
104
+ end
105
+
106
+ OmniAuth.config.form_css = nil
107
+ form = OmniAuth::Form.new(:title => "Please wait ...", :url => options.site)
108
+
109
+ form.html "<input type=\"hidden\" name=\"VK_SERVICE\" value=\"#{AUTH_SERVICE_ID}\" />"
110
+ form.html "<input type=\"hidden\" name=\"VK_VERSION\" value=\"#{AUTH_SERVICE_VERSION}\" />"
111
+ form.html "<input type=\"hidden\" name=\"VK_SND_ID\" value=\"#{options.snd_id}\" />"
112
+ form.html "<input type=\"hidden\" name=\"VK_REC_ID\" value=\"#{options.rec_id}\" />"
113
+ form.html "<input type=\"hidden\" name=\"VK_NONCE\" value=\"#{nonce}\" />"
114
+ form.html "<input type=\"hidden\" name=\"VK_RETURN\" value=\"#{callback_url}\" />"
115
+ form.html "<input type=\"hidden\" name=\"VK_LANG\" value=\"LAT\" />"
116
+ form.html "<input type=\"hidden\" name=\"VK_MAC\" value=\"#{signature priv_key}\" />"
117
+
118
+ form.button "Click here if not redirected automatically ..."
119
+
120
+ form.instance_variable_set("@html",
121
+ form.to_html.gsub("</form>", "</form><script type=\"text/javascript\">document.forms[0].submit();</script>"))
122
+ #puts form.to_html
123
+ form.to_response
124
+ rescue Exception => e
125
+ fail!(:unknown_request_err, e)
126
+ end
127
+ end
128
+ end
129
+ end
@@ -0,0 +1,5 @@
1
+ module Omniauth
2
+ module Swedbank
3
+ VERSION = "0.0.1"
4
+ end
5
+ end
@@ -0,0 +1,2 @@
1
+ require 'omniauth/swedbank/version'
2
+ require 'omniauth/strategies/swedbank'
@@ -0,0 +1 @@
1
+ require 'omniauth/swedbank'
@@ -0,0 +1,28 @@
1
+ # coding: utf-8
2
+ lib = File.expand_path('../lib', __FILE__)
3
+ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
4
+ require 'omniauth/swedbank/version'
5
+
6
+ Gem::Specification.new do |spec|
7
+ spec.name = "omniauth-swedbank"
8
+ spec.version = Omniauth::Swedbank::VERSION
9
+ spec.authors = ["Jānis Kiršteins"]
10
+ spec.email = ["janis@montadigital.com"]
11
+ spec.description = %q{OmniAuth strategy for Swedbank Banklink}
12
+ spec.summary = %q{OmniAuth strategy for Swedbank Banklink}
13
+ spec.homepage = ""
14
+ spec.license = "MIT"
15
+
16
+ spec.files = `git ls-files`.split($/)
17
+ spec.executables = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
18
+ spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
19
+ spec.require_paths = ["lib"]
20
+
21
+ spec.add_runtime_dependency 'omniauth-oauth', '~> 1.0'
22
+ spec.add_development_dependency 'rack'
23
+ spec.add_development_dependency 'rack-test'
24
+ spec.add_development_dependency 'rspec', '~> 2.7'
25
+ spec.add_development_dependency 'simplecov'
26
+ spec.add_development_dependency "bundler", "~> 1.3"
27
+ spec.add_development_dependency "rake"
28
+ end
@@ -0,0 +1,208 @@
1
+ require 'spec_helper'
2
+
3
+ describe OmniAuth::Strategies::Swedbank do
4
+
5
+ PRIVATE_KEY_FILE = File.join RSpec.configuration.cert_folder, "request.private.pem"
6
+ PUBLIC_KEY_FILE = File.join RSpec.configuration.cert_folder, "response.public.pem"
7
+
8
+ let(:app){ Rack::Builder.new do |b|
9
+ b.use Rack::Session::Cookie, {:secret => "abc123"}
10
+ b.use(OmniAuth::Strategies::Swedbank, PRIVATE_KEY_FILE, PUBLIC_KEY_FILE, :"MY_SND_ID", :"MY_REC_ID")
11
+ b.run lambda{|env| [404, {}, ['Not Found']]}
12
+ end.to_app }
13
+
14
+ let(:private_key) { OpenSSL::PKey::RSA.new(File.read(PRIVATE_KEY_FILE)) }
15
+ let(:public_key) { OpenSSL::PKey::RSA.new(File.read(PUBLIC_KEY_FILE)) }
16
+ let(:last_response_nonce) { last_response.body.match(/name="VK_NONCE" value="([^"]*)"/)[1] }
17
+ let(:last_response_mac) { last_response.body.match(/name="VK_MAC" value="([^"]*)"/)[1] }
18
+
19
+ context "request phase" do
20
+ EXPECTED_VALUES = {
21
+ :VK_SERVICE => :"4002",
22
+ :VK_VERSION => :"008",
23
+ :VK_SND_ID => :MY_SND_ID,
24
+ :VK_REC_ID => :MY_REC_ID,
25
+ :VK_RETURN => :"http://example.org/auth/swedbank/callback"
26
+ }
27
+
28
+ before(:each){ get '/auth/swedbank' }
29
+
30
+ it "displays a single form" do
31
+ expect(last_response.status).to eq(200)
32
+ expect(last_response.body.scan('<form').size).to eq(1)
33
+ end
34
+
35
+ it "has JavaScript code to submit the form after it's created" do
36
+ expect(last_response.body).to be_include("</form><script type=\"text/javascript\">document.forms[0].submit();</script>")
37
+ end
38
+
39
+ EXPECTED_VALUES.each_pair do |k,v|
40
+ it "has hidden input field #{k} => #{v}" do
41
+ expect(last_response.body.scan(
42
+ "<input type=\"hidden\" name=\"#{k}\" value=\"#{v}\"").size).to eq(1)
43
+ end
44
+ end
45
+
46
+ it "has a 50 byte long nonce field value" do
47
+ expect(last_response_nonce.bytesize).to eq(50)
48
+ end
49
+
50
+ it "has a correct VK_MAC signature" do
51
+ sig_str =
52
+ "0044002" + # VK_SERVICE
53
+ "003008" + # VK_VERSION
54
+ "009MY_SND_ID" + # VK_SND_ID
55
+ "009MY_REC_ID" + # VK_REC_ID
56
+ "050" + last_response_nonce + # VK_NONCE
57
+ "041#{EXPECTED_VALUES[:VK_RETURN]}" # V_RETURN
58
+
59
+ expected_mac = Base64.encode64(private_key.sign(OpenSSL::Digest::SHA1.new, sig_str))
60
+ expect(last_response_mac).to eq(expected_mac)
61
+ end
62
+
63
+ context "with default options" do
64
+ it "has the default action tag value" do
65
+ expect(last_response.body).to be_include("action='https://ib.swedbank.lv/banklink'")
66
+ end
67
+
68
+ it "has the default VK_LANG value" do
69
+ expect(last_response.body).to be_include("action='https://ib.swedbank.lv/banklink'")
70
+ end
71
+ end
72
+
73
+ context "with custom options" do
74
+ let(:app){ Rack::Builder.new do |b|
75
+ b.use Rack::Session::Cookie, {:secret => "abc123"}
76
+ b.use(OmniAuth::Strategies::Swedbank, PRIVATE_KEY_FILE, PUBLIC_KEY_FILE, :"MY_SND_ID", :"MY_REC_ID",
77
+ :site => "https://test.lv/banklink")
78
+ b.run lambda{|env| [404, {}, ['Not Found']]}
79
+ end.to_app }
80
+
81
+ it "has the custom action tag value" do
82
+ expect(last_response.body).to be_include("action='https://test.lv/banklink'")
83
+ end
84
+ end
85
+
86
+ context "with non-existant private key files" do
87
+ let(:app){ Rack::Builder.new do |b|
88
+ b.use Rack::Session::Cookie, {:secret => "abc123"}
89
+ b.use(OmniAuth::Strategies::Swedbank, "missing-private-key-file.pem", PUBLIC_KEY_FILE, :"MY_SND_ID", :"MY_REC_ID")
90
+ b.run lambda{|env| [404, {}, ['Not Found']]}
91
+ end.to_app }
92
+
93
+ it "redirects to /auth/failure with appropriate query params" do
94
+ expect(last_response.status).to eq(302)
95
+ expect(last_response.headers["Location"]).to eq("/auth/failure?message=private_key_load_err&strategy=swedbank")
96
+ end
97
+ end
98
+ end
99
+
100
+ context "callback phase" do
101
+ let(:auth_hash){ last_request.env['omniauth.auth'] }
102
+
103
+ context "with valid response" do
104
+ before do
105
+ post :'/auth/swedbank/callback',
106
+ :VK_SERVICE => :'3003',
107
+ :VK_VERSION => :'008',
108
+ :VK_SND_ID => :"HP",
109
+ :VK_REC_ID => :"MY_REC_ID",
110
+ :VK_NONCE => :"pXXXlocalhostX3000b41292810c0345a7b3770b1c807bed7a",
111
+ :VK_INFO => :'ISIK:123456-12345;NIMI:Example User',
112
+ :VK_MAC => :"cmXyp2My7P9pTgrzqJeg7qH+NPCuyaiGNpQIrcCr6S44w0bH+Ao4WDViqytaPH2vENooVPXDSgOcBqHTg44gJ9FlrhI5StiouHVhjpCcWg+h/ERcyc8w58PjsEmdsd4BIpaGXNyhvcIKdWfNwYA1UCIrmFsPAPWfVeorNxp81E7pvY4p4zsqMF80YZ7/RdOpjrtuXJ4nYJ7d+2fXJKKmUlqArCc786DJdb/z8wVDSNA9BZxnf8EE6s//p9gzqLPAg/T9Xp/2024n2JtC6kwsWF614bn64LEZz5c8owZth6FV+2fjnzHxOiifOe+jc9SRstCLITK6Y0j+6n8auiEZ5g==",
113
+ :VK_ENCODING => :'UTF-8',
114
+ :VK_LANG => :'LAT'
115
+ end
116
+
117
+ it "sets the correct uid value in the auth hash" do
118
+ expect(auth_hash.uid).to eq("123456-12345")
119
+ end
120
+
121
+ it "sets the correct info.full_name value in the auth hash" do
122
+ expect(auth_hash.info.full_name).to eq("Example User")
123
+ end
124
+ end
125
+
126
+ context "with non-existant public key file" do
127
+ let(:app){ Rack::Builder.new do |b|
128
+ b.use Rack::Session::Cookie, {:secret => "abc123"}
129
+ b.use(OmniAuth::Strategies::Swedbank, PRIVATE_KEY_FILE, "missing-public-key-file.pem", "MY_SND_ID", "MY_REC_ID")
130
+ b.run lambda{|env| [404, {}, ['Not Found']]}
131
+ end.to_app }
132
+
133
+ it "redirects to /auth/failure with appropriate query params" do
134
+ post :'/auth/swedbank/callback' # Params are not important, because we're testing public key loading
135
+ expect(last_response.status).to eq(302)
136
+ expect(last_response.headers["Location"]).to eq("/auth/failure?message=public_key_load_err&strategy=swedbank")
137
+ end
138
+ end
139
+
140
+ context "with invalid response" do
141
+
142
+ it "detects invalid signature" do
143
+ post :'/auth/swedbank/callback',
144
+ :VK_SERVICE => :'3003',
145
+ :VK_VERSION => :'008',
146
+ :VK_SND_ID => :"HP",
147
+ :VK_REC_ID => :"MY_REC_ID",
148
+ :VK_NONCE => :'pXXXlocalhostX3000df346e9e453d43cd9c3c4076030d9e54',
149
+ :VK_INFO => :'ISIK:123456-12345;NIMI:Example User',
150
+ :VK_MAC => "invalid signature",
151
+ :VK_ENCODING => :'UTF-8',
152
+ :VK_LANG => :'LAT'
153
+
154
+ expect(last_response.status).to eq(302)
155
+ expect(last_response.headers["Location"]).to eq("/auth/failure?message=invalid_response_signature_err&strategy=swedbank")
156
+ end
157
+
158
+ it "detects unsupported VK_SERVICE values" do
159
+ post :'/auth/swedbank/callback',
160
+ :VK_SERVICE => :'3004',
161
+ :VK_VERSION => :'008',
162
+ :VK_SND_ID => :"HP",
163
+ :VK_REC_ID => :"MY_REC_ID",
164
+ :VK_NONCE => :'pXXXlocalhostX3000df2afdbd66ee4c3a998b72cfd3d7d131',
165
+ :VK_INFO => :'ISIK:123456-12345;NIMI:Example User',
166
+ :VK_MAC => :"tzGu5AxwaEMwAjkY8zh796NQ45QSEshuFiT0VnOdDN3gZPYlAcmm5jPs+j17U1rCKvz6tdKn9I8u+OUcV95+1Sa34dZ/09KrUgwDrOej/djJZ2lg5MgGLAftDsRomcCCuBppQvjdzhCvNeA2OAWPbl7Enn6HVjvb3esJY6D80bYIPm48DHDhhHbdcSwHubFeizyw9syviFsN3xVkhr5YS7W1/owXh/jeHSf8cqLVSzRyShU/JnJfevNsXDpSHbphA5Q4n5q5y0EcuA6/wW2qc2o5nKQjDDhZgxkWYKz6YpVj8zC2x/LXUkmJ+r1K0Slw2lhwEcP2tgIdThkAaT8MYQ==",
167
+ :VK_ENCODING => :'UTF-8',
168
+ :VK_LANG => :'LAT'
169
+
170
+ expect(last_response.status).to eq(302)
171
+ expect(last_response.headers["Location"]).to eq("/auth/failure?message=unsupported_response_service_err&strategy=swedbank")
172
+ end
173
+
174
+ it "detects unsupported VK_VERSION values" do
175
+ post :'/auth/swedbank/callback',
176
+ :VK_SERVICE => :'3003',
177
+ :VK_VERSION => :'009',
178
+ :VK_SND_ID => :"HP",
179
+ :VK_REC_ID => :"MY_REC_ID",
180
+ :VK_NONCE => :'pXXXlocalhostX300023f78258d685424584f4e859b5d480f5',
181
+ :VK_INFO => :'ISIK:123456-12345;NIMI:Example User',
182
+ :VK_MAC => :"0KACnfCZZW2pQnFGttOXMrQRnmYQj45SwqIa5SbKhybJlP1GaXaoa5VYa+xGAnizx+YKbYQsXchXbeNIlQNrQ8/gedByzJtNFI4s4VIaU0tp7P83BjbzYfSMwvIImZvlFyVPgey8Va06fPGi+jdoUp7Dr8vwf6eAzxQhyVjEEYVR+axkAJP9+driMqTKQaxMlctWnivxf8stjI1ElmcdurndLbVnmHLTw6AichmzqUfvfXE3wh4XCVZtD+7VBPvbn4eKXif61cNfkOO/+nNap1buW8RLQirL7Eis//MmWoGSW8H5605DAAK9Ui7CNoB279Ww05pY4wsP7KZdiJ4WCA==",
183
+ :VK_ENCODING => :'UTF-8',
184
+ :VK_LANG => :'LAT'
185
+
186
+ expect(last_response.status).to eq(302)
187
+ expect(last_response.headers["Location"]).to eq("/auth/failure?message=unsupported_response_version_err&strategy=swedbank")
188
+ end
189
+
190
+ it "detects unsupported VK_ENCODING values" do
191
+ post :'/auth/swedbank/callback',
192
+ :VK_SERVICE => :'3003',
193
+ :VK_VERSION => :'008',
194
+ :VK_SND_ID => :"HP",
195
+ :VK_REC_ID => :"MY_REC_ID",
196
+ :VK_NONCE => :"pXXXlocalhostX3000b41292810c0345a7b3770b1c807bed7a",
197
+ :VK_INFO => :'ISIK:123456-12345;NIMI:Example User',
198
+ :VK_MAC => :"cmXyp2My7P9pTgrzqJeg7qH+NPCuyaiGNpQIrcCr6S44w0bH+Ao4WDViqytaPH2vENooVPXDSgOcBqHTg44gJ9FlrhI5StiouHVhjpCcWg+h/ERcyc8w58PjsEmdsd4BIpaGXNyhvcIKdWfNwYA1UCIrmFsPAPWfVeorNxp81E7pvY4p4zsqMF80YZ7/RdOpjrtuXJ4nYJ7d+2fXJKKmUlqArCc786DJdb/z8wVDSNA9BZxnf8EE6s//p9gzqLPAg/T9Xp/2024n2JtC6kwsWF614bn64LEZz5c8owZth6FV+2fjnzHxOiifOe+jc9SRstCLITK6Y0j+6n8auiEZ5g==",
199
+ :VK_ENCODING => :'ASCII',
200
+ :VK_LANG => :'LAT'
201
+
202
+ expect(last_response.status).to eq(302)
203
+ expect(last_response.headers["Location"]).to eq("/auth/failure?message=unsupported_response_encoding_err&strategy=swedbank")
204
+ end
205
+
206
+ end
207
+ end
208
+ end
@@ -0,0 +1,17 @@
1
+ $:.unshift File.expand_path('..', __FILE__)
2
+ $:.unshift File.expand_path('../../lib', __FILE__)
3
+ require 'rspec'
4
+ require 'rack/test'
5
+ require 'omniauth'
6
+ require 'omniauth-swedbank'
7
+
8
+ RSpec.configure do |config|
9
+ config.add_setting('cert_folder')
10
+ config.cert_folder = File.expand_path('../../certs', __FILE__)
11
+
12
+ config.include Rack::Test::Methods
13
+ config.extend OmniAuth::Test::StrategyMacros, :type => :strategy
14
+ config.expect_with :rspec do |c|
15
+ c.syntax = :expect
16
+ end
17
+ end
metadata ADDED
@@ -0,0 +1,174 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: omniauth-swedbank
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.0.1
5
+ prerelease:
6
+ platform: ruby
7
+ authors:
8
+ - Jānis Kiršteins
9
+ autorequire:
10
+ bindir: bin
11
+ cert_chain: []
12
+ date: 2013-04-29 00:00:00.000000000 Z
13
+ dependencies:
14
+ - !ruby/object:Gem::Dependency
15
+ name: omniauth-oauth
16
+ requirement: !ruby/object:Gem::Requirement
17
+ none: false
18
+ requirements:
19
+ - - ~>
20
+ - !ruby/object:Gem::Version
21
+ version: '1.0'
22
+ type: :runtime
23
+ prerelease: false
24
+ version_requirements: !ruby/object:Gem::Requirement
25
+ none: false
26
+ requirements:
27
+ - - ~>
28
+ - !ruby/object:Gem::Version
29
+ version: '1.0'
30
+ - !ruby/object:Gem::Dependency
31
+ name: rack
32
+ requirement: !ruby/object:Gem::Requirement
33
+ none: false
34
+ requirements:
35
+ - - ! '>='
36
+ - !ruby/object:Gem::Version
37
+ version: '0'
38
+ type: :development
39
+ prerelease: false
40
+ version_requirements: !ruby/object:Gem::Requirement
41
+ none: false
42
+ requirements:
43
+ - - ! '>='
44
+ - !ruby/object:Gem::Version
45
+ version: '0'
46
+ - !ruby/object:Gem::Dependency
47
+ name: rack-test
48
+ requirement: !ruby/object:Gem::Requirement
49
+ none: false
50
+ requirements:
51
+ - - ! '>='
52
+ - !ruby/object:Gem::Version
53
+ version: '0'
54
+ type: :development
55
+ prerelease: false
56
+ version_requirements: !ruby/object:Gem::Requirement
57
+ none: false
58
+ requirements:
59
+ - - ! '>='
60
+ - !ruby/object:Gem::Version
61
+ version: '0'
62
+ - !ruby/object:Gem::Dependency
63
+ name: rspec
64
+ requirement: !ruby/object:Gem::Requirement
65
+ none: false
66
+ requirements:
67
+ - - ~>
68
+ - !ruby/object:Gem::Version
69
+ version: '2.7'
70
+ type: :development
71
+ prerelease: false
72
+ version_requirements: !ruby/object:Gem::Requirement
73
+ none: false
74
+ requirements:
75
+ - - ~>
76
+ - !ruby/object:Gem::Version
77
+ version: '2.7'
78
+ - !ruby/object:Gem::Dependency
79
+ name: simplecov
80
+ requirement: !ruby/object:Gem::Requirement
81
+ none: false
82
+ requirements:
83
+ - - ! '>='
84
+ - !ruby/object:Gem::Version
85
+ version: '0'
86
+ type: :development
87
+ prerelease: false
88
+ version_requirements: !ruby/object:Gem::Requirement
89
+ none: false
90
+ requirements:
91
+ - - ! '>='
92
+ - !ruby/object:Gem::Version
93
+ version: '0'
94
+ - !ruby/object:Gem::Dependency
95
+ name: bundler
96
+ requirement: !ruby/object:Gem::Requirement
97
+ none: false
98
+ requirements:
99
+ - - ~>
100
+ - !ruby/object:Gem::Version
101
+ version: '1.3'
102
+ type: :development
103
+ prerelease: false
104
+ version_requirements: !ruby/object:Gem::Requirement
105
+ none: false
106
+ requirements:
107
+ - - ~>
108
+ - !ruby/object:Gem::Version
109
+ version: '1.3'
110
+ - !ruby/object:Gem::Dependency
111
+ name: rake
112
+ requirement: !ruby/object:Gem::Requirement
113
+ none: false
114
+ requirements:
115
+ - - ! '>='
116
+ - !ruby/object:Gem::Version
117
+ version: '0'
118
+ type: :development
119
+ prerelease: false
120
+ version_requirements: !ruby/object:Gem::Requirement
121
+ none: false
122
+ requirements:
123
+ - - ! '>='
124
+ - !ruby/object:Gem::Version
125
+ version: '0'
126
+ description: OmniAuth strategy for Swedbank Banklink
127
+ email:
128
+ - janis@montadigital.com
129
+ executables: []
130
+ extensions: []
131
+ extra_rdoc_files: []
132
+ files:
133
+ - .gitignore
134
+ - Gemfile
135
+ - LICENSE.txt
136
+ - README.md
137
+ - Rakefile
138
+ - certs/request.private.pem
139
+ - certs/response.public.pem
140
+ - lib/omniauth-swedbank.rb
141
+ - lib/omniauth/strategies/swedbank.rb
142
+ - lib/omniauth/swedbank.rb
143
+ - lib/omniauth/swedbank/version.rb
144
+ - omniauth-swedbank.gemspec
145
+ - spec/omniauth/strategies/swedbank_spec.rb
146
+ - spec/spec_helper.rb
147
+ homepage: ''
148
+ licenses:
149
+ - MIT
150
+ post_install_message:
151
+ rdoc_options: []
152
+ require_paths:
153
+ - lib
154
+ required_ruby_version: !ruby/object:Gem::Requirement
155
+ none: false
156
+ requirements:
157
+ - - ! '>='
158
+ - !ruby/object:Gem::Version
159
+ version: '0'
160
+ required_rubygems_version: !ruby/object:Gem::Requirement
161
+ none: false
162
+ requirements:
163
+ - - ! '>='
164
+ - !ruby/object:Gem::Version
165
+ version: '0'
166
+ requirements: []
167
+ rubyforge_project:
168
+ rubygems_version: 1.8.25
169
+ signing_key:
170
+ specification_version: 3
171
+ summary: OmniAuth strategy for Swedbank Banklink
172
+ test_files:
173
+ - spec/omniauth/strategies/swedbank_spec.rb
174
+ - spec/spec_helper.rb