omniauth-swedbank 0.2.0 → 0.3.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/.github/workflows/ruby.yml +24 -0
- data/README.md +8 -10
- data/lib/omniauth/strategies/swedbank.rb +40 -3
- data/lib/omniauth/swedbank/version.rb +1 -1
- data/omniauth-swedbank.gemspec +11 -9
- data/spec/omniauth/strategies/swedbank_spec.rb +16 -5
- metadata +49 -22
- data/.travis.yml +0 -6
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
|
-
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
2
|
+
SHA256:
|
|
3
|
+
metadata.gz: '08dd6ff19fc5206753cdbaa5d52bd6e996bdc010c6a5ee5a2a1a3326c3b0377a'
|
|
4
|
+
data.tar.gz: e5f10b84a4bf54f2103b4b7ff2562e820934be35e390bae1e85dd4bd47703400
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 624179716be3b0ffc26462e1fd11cdc9b532cde86ec059d2ba2fb927ec4ac06e1df436ee5dd43a6b1643bb3daffa522b1b3b8822090805ba514dd6acbfebaffd
|
|
7
|
+
data.tar.gz: a7f24969ca3acf4c424c2b65af68b5c46687ef4a722e95ffc9ae0bb971bc03cee8e31f08d5a8e27408bedc5652957624d2b57947adc77b7f9a800fe25b80b6c6
|
|
@@ -0,0 +1,24 @@
|
|
|
1
|
+
name: Ruby
|
|
2
|
+
|
|
3
|
+
on:
|
|
4
|
+
push:
|
|
5
|
+
branches:
|
|
6
|
+
- main
|
|
7
|
+
pull_request:
|
|
8
|
+
|
|
9
|
+
jobs:
|
|
10
|
+
test:
|
|
11
|
+
runs-on: ubuntu-latest
|
|
12
|
+
strategy:
|
|
13
|
+
matrix:
|
|
14
|
+
ruby-version: ['2.7', '3.0', '3.1', '3.2']
|
|
15
|
+
|
|
16
|
+
steps:
|
|
17
|
+
- uses: actions/checkout@v4
|
|
18
|
+
- name: Set up Ruby
|
|
19
|
+
uses: ruby/setup-ruby@v1
|
|
20
|
+
with:
|
|
21
|
+
ruby-version: ${{ matrix.ruby-version }}
|
|
22
|
+
bundler-cache: true # runs 'bundle install' and caches installed gems automatically
|
|
23
|
+
- name: Run tests
|
|
24
|
+
run: bundle exec rspec
|
data/README.md
CHANGED
|
@@ -2,22 +2,20 @@
|
|
|
2
2
|
|
|
3
3
|
Omniauth strategy for using Swedbank as an authentication service provider.
|
|
4
4
|
|
|
5
|
-
|
|
6
|
-
[](https://travis-ci.org/mak-it/omniauth-swedbank)
|
|
7
|
-
|
|
8
|
-
Supported Ruby versions: 2.2+
|
|
5
|
+
Supported Ruby versions: 2.7+
|
|
9
6
|
|
|
10
7
|
## Related projects
|
|
11
8
|
|
|
12
|
-
- [omniauth-citadele](https://github.com/
|
|
13
|
-
- [omniauth-dnb](https://github.com/
|
|
14
|
-
- [omniauth-nordea](https://github.com/
|
|
15
|
-
- [omniauth-seb-elink](https://github.com/
|
|
9
|
+
- [omniauth-citadele](https://github.com/mitigate-dev/omniauth-citadele) - strategy for authenticating with Citadele
|
|
10
|
+
- [omniauth-dnb](https://github.com/mitigate-dev/omniauth-dnb) - strategy for authenticating with DNB
|
|
11
|
+
- [omniauth-nordea](https://github.com/mitigate-dev/omniauth-nordea) - strategy for authenticating with Nordea
|
|
12
|
+
- [omniauth-seb-elink](https://github.com/mitigate-dev/omniauth-seb-elink) - strategy for authenticating with SEB
|
|
16
13
|
|
|
17
14
|
## Installation
|
|
18
15
|
|
|
19
|
-
Add
|
|
16
|
+
Add these lines to your application's Gemfile (omniauth-rails_csrf_protection is required if using Rails):
|
|
20
17
|
|
|
18
|
+
gem 'omniauth-rails_csrf_protection'
|
|
21
19
|
gem 'omniauth-swedbank'
|
|
22
20
|
|
|
23
21
|
And then execute:
|
|
@@ -26,7 +24,7 @@ And then execute:
|
|
|
26
24
|
|
|
27
25
|
Or install it yourself as:
|
|
28
26
|
|
|
29
|
-
$ gem install omniauth-swedbank
|
|
27
|
+
$ gem install omniauth-rails_csrf_protection omniauth-swedbank
|
|
30
28
|
|
|
31
29
|
## Usage
|
|
32
30
|
|
|
@@ -9,6 +9,14 @@ module OmniAuth
|
|
|
9
9
|
AUTH_SERVICE = '4002'
|
|
10
10
|
AUTH_VERSION = '008'
|
|
11
11
|
|
|
12
|
+
def self.render_nonce?
|
|
13
|
+
defined?(ActionDispatch::ContentSecurityPolicy::Request) != nil
|
|
14
|
+
end
|
|
15
|
+
if render_nonce?
|
|
16
|
+
include ActionDispatch::ContentSecurityPolicy::Request
|
|
17
|
+
delegate :get_header, :set_header, to: :request
|
|
18
|
+
end
|
|
19
|
+
|
|
12
20
|
args [:private_key, :public_key, :snd_id, :rec_id]
|
|
13
21
|
|
|
14
22
|
option :private_key, nil
|
|
@@ -102,6 +110,8 @@ module OmniAuth
|
|
|
102
110
|
return fail!(:private_key_load_err, e)
|
|
103
111
|
end
|
|
104
112
|
|
|
113
|
+
set_locale_from_query_param
|
|
114
|
+
|
|
105
115
|
form = OmniAuth::Form.new(:title => I18n.t('omniauth.swedbank.please_wait'), :url => options.site)
|
|
106
116
|
|
|
107
117
|
{
|
|
@@ -112,18 +122,45 @@ module OmniAuth
|
|
|
112
122
|
'VK_NONCE' => stamp,
|
|
113
123
|
'VK_RETURN' => callback_url,
|
|
114
124
|
'VK_MAC' => signature(priv_key),
|
|
115
|
-
'VK_LANG' =>
|
|
125
|
+
'VK_LANG' => resolve_bank_ui_language,
|
|
116
126
|
'VK_ENCODING' => 'UTF-8'
|
|
117
127
|
}.each do |name, val|
|
|
118
|
-
form.html "<input type=\"hidden\" name=\"#{name}\" value=\"#{val}\" />"
|
|
128
|
+
form.html "<input type=\"hidden\" name=\"#{name}\" value=\"#{escape(val)}\" />"
|
|
119
129
|
end
|
|
120
130
|
|
|
121
131
|
form.button I18n.t('omniauth.swedbank.click_here_if_not_redirected')
|
|
122
132
|
|
|
133
|
+
nonce_attribute = nil
|
|
134
|
+
if self.class.render_nonce?
|
|
135
|
+
nonce_attribute = " nonce='#{escape(content_security_policy_nonce)}'"
|
|
136
|
+
end
|
|
123
137
|
form.instance_variable_set('@html',
|
|
124
|
-
form.to_html.gsub('</form>',
|
|
138
|
+
form.to_html.gsub('</form>', "</form><script type=\"text/javascript\"#{nonce_attribute}>document.forms[0].submit();</script>"))
|
|
125
139
|
form.to_response
|
|
126
140
|
end
|
|
141
|
+
|
|
142
|
+
private
|
|
143
|
+
|
|
144
|
+
def set_locale_from_query_param
|
|
145
|
+
locale = request.params['locale']
|
|
146
|
+
if (locale != nil && locale.strip != '' && I18n.locale_available?(locale))
|
|
147
|
+
I18n.locale = locale
|
|
148
|
+
end
|
|
149
|
+
end
|
|
150
|
+
|
|
151
|
+
def resolve_bank_ui_language
|
|
152
|
+
case I18n.locale
|
|
153
|
+
when :ru then 'RUS'
|
|
154
|
+
when :en then 'ENG'
|
|
155
|
+
when :et then 'EST'
|
|
156
|
+
when :lt then 'LIT'
|
|
157
|
+
else 'LAT'
|
|
158
|
+
end
|
|
159
|
+
end
|
|
160
|
+
|
|
161
|
+
def escape(html_attribute_value)
|
|
162
|
+
CGI.escapeHTML(html_attribute_value) unless html_attribute_value.nil?
|
|
163
|
+
end
|
|
127
164
|
end
|
|
128
165
|
end
|
|
129
166
|
end
|
data/omniauth-swedbank.gemspec
CHANGED
|
@@ -6,11 +6,11 @@ require 'omniauth/swedbank/version'
|
|
|
6
6
|
Gem::Specification.new do |spec|
|
|
7
7
|
spec.name = 'omniauth-swedbank'
|
|
8
8
|
spec.version = Omniauth::Swedbank::VERSION
|
|
9
|
-
spec.authors = ['
|
|
10
|
-
spec.email = ['admin@
|
|
9
|
+
spec.authors = ['Mitigate', 'Jānis Kiršteins', 'Kristaps Ērglis']
|
|
10
|
+
spec.email = ['admin@mitigate.dev', 'janis@montadigital.com', 'kristaps.erglis@gmail.com' ]
|
|
11
11
|
spec.description = %q{OmniAuth strategy for Swedbank Banklink}
|
|
12
12
|
spec.summary = %q{OmniAuth strategy for Swedbank Banklink}
|
|
13
|
-
spec.homepage = 'https://github.com/
|
|
13
|
+
spec.homepage = 'https://github.com/mitigate-dev/omniauth-swedbank'
|
|
14
14
|
spec.license = 'MIT'
|
|
15
15
|
|
|
16
16
|
spec.files = `git ls-files`.split($/)
|
|
@@ -18,13 +18,15 @@ Gem::Specification.new do |spec|
|
|
|
18
18
|
spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
|
|
19
19
|
spec.require_paths = ['lib']
|
|
20
20
|
|
|
21
|
-
spec.required_ruby_version = '>= 2.
|
|
21
|
+
spec.required_ruby_version = '>= 2.7'
|
|
22
22
|
|
|
23
|
-
spec.add_runtime_dependency 'omniauth', '~> 1
|
|
24
|
-
spec.add_runtime_dependency
|
|
23
|
+
spec.add_runtime_dependency 'omniauth', '~> 2.1'
|
|
24
|
+
spec.add_runtime_dependency 'i18n'
|
|
25
25
|
|
|
26
|
+
spec.add_development_dependency 'rack'
|
|
26
27
|
spec.add_development_dependency 'rack-test'
|
|
27
|
-
spec.add_development_dependency 'rspec'
|
|
28
|
-
spec.add_development_dependency
|
|
29
|
-
spec.add_development_dependency
|
|
28
|
+
spec.add_development_dependency 'rspec'
|
|
29
|
+
spec.add_development_dependency 'bundler'
|
|
30
|
+
spec.add_development_dependency 'rake'
|
|
31
|
+
spec.add_development_dependency 'rack-session'
|
|
30
32
|
end
|
|
@@ -1,4 +1,6 @@
|
|
|
1
1
|
require 'spec_helper'
|
|
2
|
+
require 'rack-protection'
|
|
3
|
+
require 'rack/session'
|
|
2
4
|
|
|
3
5
|
describe OmniAuth::Strategies::Swedbank do
|
|
4
6
|
|
|
@@ -6,11 +8,13 @@ describe OmniAuth::Strategies::Swedbank do
|
|
|
6
8
|
PUBLIC_KEY = File.read(File.join(RSpec.configuration.cert_folder, 'response.public.pem'))
|
|
7
9
|
|
|
8
10
|
let(:app){ Rack::Builder.new do |b|
|
|
9
|
-
b.use Rack::Session::Cookie, {secret: '
|
|
11
|
+
b.use Rack::Session::Cookie, {secret: '5242e6bd9daf0e9645c2d4e22b11ba8cee0bed44439906d5f1bd5dad409d8637'}
|
|
10
12
|
b.use(OmniAuth::Strategies::Swedbank, PRIVATE_KEY, PUBLIC_KEY, 'MY_SND_ID', 'MY_REC_ID')
|
|
11
13
|
b.run lambda{|env| [404, {}, ['Not Found']]}
|
|
12
14
|
end.to_app }
|
|
13
15
|
|
|
16
|
+
let(:token){ Rack::Protection::AuthenticityToken.random_token }
|
|
17
|
+
|
|
14
18
|
let(:last_response_nonce) { last_response.body.match(/name="VK_NONCE" value="([^"]*)"/)[1] }
|
|
15
19
|
let(:last_response_mac) { last_response.body.match(/name="VK_MAC" value="([^"]*)"/)[1] }
|
|
16
20
|
|
|
@@ -23,7 +27,14 @@ describe OmniAuth::Strategies::Swedbank do
|
|
|
23
27
|
'VK_RETURN' => 'http://example.org/auth/swedbank/callback'
|
|
24
28
|
}
|
|
25
29
|
|
|
26
|
-
before(:each)
|
|
30
|
+
before(:each) do
|
|
31
|
+
post(
|
|
32
|
+
'/auth/swedbank',
|
|
33
|
+
{},
|
|
34
|
+
'rack.session' => {csrf: token},
|
|
35
|
+
'HTTP_X_CSRF_TOKEN' => token
|
|
36
|
+
)
|
|
37
|
+
end
|
|
27
38
|
|
|
28
39
|
it 'displays a single form' do
|
|
29
40
|
expect(last_response.status).to eq(200)
|
|
@@ -71,7 +82,7 @@ describe OmniAuth::Strategies::Swedbank do
|
|
|
71
82
|
|
|
72
83
|
context 'with custom options' do
|
|
73
84
|
let(:app){ Rack::Builder.new do |b|
|
|
74
|
-
b.use Rack::Session::Cookie, {secret: '
|
|
85
|
+
b.use Rack::Session::Cookie, {secret: '5242e6bd9daf0e9645c2d4e22b11ba8cee0bed44439906d5f1bd5dad409d8637'}
|
|
75
86
|
b.use(OmniAuth::Strategies::Swedbank, PRIVATE_KEY, PUBLIC_KEY, 'MY_SND_ID', 'MY_REC_ID',
|
|
76
87
|
site: 'https://test.lv/banklink')
|
|
77
88
|
b.run lambda{|env| [404, {}, ['Not Found']]}
|
|
@@ -84,7 +95,7 @@ describe OmniAuth::Strategies::Swedbank do
|
|
|
84
95
|
|
|
85
96
|
context 'with non-existant private key files' do
|
|
86
97
|
let(:app){ Rack::Builder.new do |b|
|
|
87
|
-
b.use Rack::Session::Cookie, {secret: '
|
|
98
|
+
b.use Rack::Session::Cookie, {secret: '5242e6bd9daf0e9645c2d4e22b11ba8cee0bed44439906d5f1bd5dad409d8637'}
|
|
88
99
|
b.use(OmniAuth::Strategies::Swedbank, 'missing-private-key-file.pem', PUBLIC_KEY, 'MY_SND_ID', 'MY_REC_ID')
|
|
89
100
|
b.run lambda{|env| [404, {}, ['Not Found']]}
|
|
90
101
|
end.to_app }
|
|
@@ -124,7 +135,7 @@ describe OmniAuth::Strategies::Swedbank do
|
|
|
124
135
|
|
|
125
136
|
context 'with non-existant public key file' do
|
|
126
137
|
let(:app){ Rack::Builder.new do |b|
|
|
127
|
-
b.use Rack::Session::Cookie, {secret: '
|
|
138
|
+
b.use Rack::Session::Cookie, {secret: '5242e6bd9daf0e9645c2d4e22b11ba8cee0bed44439906d5f1bd5dad409d8637'}
|
|
128
139
|
b.use(OmniAuth::Strategies::Swedbank, PRIVATE_KEY, 'missing-public-key-file.pem', 'MY_SND_ID', 'MY_REC_ID')
|
|
129
140
|
b.run lambda{|env| [404, {}, ['Not Found']]}
|
|
130
141
|
end.to_app }
|
metadata
CHANGED
|
@@ -1,16 +1,16 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: omniauth-swedbank
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.3.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
|
-
-
|
|
7
|
+
- Mitigate
|
|
8
8
|
- Jānis Kiršteins
|
|
9
9
|
- Kristaps Ērglis
|
|
10
|
-
autorequire:
|
|
10
|
+
autorequire:
|
|
11
11
|
bindir: bin
|
|
12
12
|
cert_chain: []
|
|
13
|
-
date:
|
|
13
|
+
date: 2023-09-27 00:00:00.000000000 Z
|
|
14
14
|
dependencies:
|
|
15
15
|
- !ruby/object:Gem::Dependency
|
|
16
16
|
name: omniauth
|
|
@@ -18,14 +18,14 @@ dependencies:
|
|
|
18
18
|
requirements:
|
|
19
19
|
- - "~>"
|
|
20
20
|
- !ruby/object:Gem::Version
|
|
21
|
-
version: '1
|
|
21
|
+
version: '2.1'
|
|
22
22
|
type: :runtime
|
|
23
23
|
prerelease: false
|
|
24
24
|
version_requirements: !ruby/object:Gem::Requirement
|
|
25
25
|
requirements:
|
|
26
26
|
- - "~>"
|
|
27
27
|
- !ruby/object:Gem::Version
|
|
28
|
-
version: '1
|
|
28
|
+
version: '2.1'
|
|
29
29
|
- !ruby/object:Gem::Dependency
|
|
30
30
|
name: i18n
|
|
31
31
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -40,6 +40,20 @@ dependencies:
|
|
|
40
40
|
- - ">="
|
|
41
41
|
- !ruby/object:Gem::Version
|
|
42
42
|
version: '0'
|
|
43
|
+
- !ruby/object:Gem::Dependency
|
|
44
|
+
name: rack
|
|
45
|
+
requirement: !ruby/object:Gem::Requirement
|
|
46
|
+
requirements:
|
|
47
|
+
- - ">="
|
|
48
|
+
- !ruby/object:Gem::Version
|
|
49
|
+
version: '0'
|
|
50
|
+
type: :development
|
|
51
|
+
prerelease: false
|
|
52
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
53
|
+
requirements:
|
|
54
|
+
- - ">="
|
|
55
|
+
- !ruby/object:Gem::Version
|
|
56
|
+
version: '0'
|
|
43
57
|
- !ruby/object:Gem::Dependency
|
|
44
58
|
name: rack-test
|
|
45
59
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -58,30 +72,30 @@ dependencies:
|
|
|
58
72
|
name: rspec
|
|
59
73
|
requirement: !ruby/object:Gem::Requirement
|
|
60
74
|
requirements:
|
|
61
|
-
- - "
|
|
75
|
+
- - ">="
|
|
62
76
|
- !ruby/object:Gem::Version
|
|
63
|
-
version: '
|
|
77
|
+
version: '0'
|
|
64
78
|
type: :development
|
|
65
79
|
prerelease: false
|
|
66
80
|
version_requirements: !ruby/object:Gem::Requirement
|
|
67
81
|
requirements:
|
|
68
|
-
- - "
|
|
82
|
+
- - ">="
|
|
69
83
|
- !ruby/object:Gem::Version
|
|
70
|
-
version: '
|
|
84
|
+
version: '0'
|
|
71
85
|
- !ruby/object:Gem::Dependency
|
|
72
86
|
name: bundler
|
|
73
87
|
requirement: !ruby/object:Gem::Requirement
|
|
74
88
|
requirements:
|
|
75
|
-
- - "
|
|
89
|
+
- - ">="
|
|
76
90
|
- !ruby/object:Gem::Version
|
|
77
|
-
version: '
|
|
91
|
+
version: '0'
|
|
78
92
|
type: :development
|
|
79
93
|
prerelease: false
|
|
80
94
|
version_requirements: !ruby/object:Gem::Requirement
|
|
81
95
|
requirements:
|
|
82
|
-
- - "
|
|
96
|
+
- - ">="
|
|
83
97
|
- !ruby/object:Gem::Version
|
|
84
|
-
version: '
|
|
98
|
+
version: '0'
|
|
85
99
|
- !ruby/object:Gem::Dependency
|
|
86
100
|
name: rake
|
|
87
101
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -96,17 +110,31 @@ dependencies:
|
|
|
96
110
|
- - ">="
|
|
97
111
|
- !ruby/object:Gem::Version
|
|
98
112
|
version: '0'
|
|
113
|
+
- !ruby/object:Gem::Dependency
|
|
114
|
+
name: rack-session
|
|
115
|
+
requirement: !ruby/object:Gem::Requirement
|
|
116
|
+
requirements:
|
|
117
|
+
- - ">="
|
|
118
|
+
- !ruby/object:Gem::Version
|
|
119
|
+
version: '0'
|
|
120
|
+
type: :development
|
|
121
|
+
prerelease: false
|
|
122
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
123
|
+
requirements:
|
|
124
|
+
- - ">="
|
|
125
|
+
- !ruby/object:Gem::Version
|
|
126
|
+
version: '0'
|
|
99
127
|
description: OmniAuth strategy for Swedbank Banklink
|
|
100
128
|
email:
|
|
101
|
-
- admin@
|
|
129
|
+
- admin@mitigate.dev
|
|
102
130
|
- janis@montadigital.com
|
|
103
131
|
- kristaps.erglis@gmail.com
|
|
104
132
|
executables: []
|
|
105
133
|
extensions: []
|
|
106
134
|
extra_rdoc_files: []
|
|
107
135
|
files:
|
|
136
|
+
- ".github/workflows/ruby.yml"
|
|
108
137
|
- ".gitignore"
|
|
109
|
-
- ".travis.yml"
|
|
110
138
|
- Gemfile
|
|
111
139
|
- LICENSE.txt
|
|
112
140
|
- README.md
|
|
@@ -122,11 +150,11 @@ files:
|
|
|
122
150
|
- spec/certs/response.public.pem
|
|
123
151
|
- spec/omniauth/strategies/swedbank_spec.rb
|
|
124
152
|
- spec/spec_helper.rb
|
|
125
|
-
homepage: https://github.com/
|
|
153
|
+
homepage: https://github.com/mitigate-dev/omniauth-swedbank
|
|
126
154
|
licenses:
|
|
127
155
|
- MIT
|
|
128
156
|
metadata: {}
|
|
129
|
-
post_install_message:
|
|
157
|
+
post_install_message:
|
|
130
158
|
rdoc_options: []
|
|
131
159
|
require_paths:
|
|
132
160
|
- lib
|
|
@@ -134,16 +162,15 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
134
162
|
requirements:
|
|
135
163
|
- - ">="
|
|
136
164
|
- !ruby/object:Gem::Version
|
|
137
|
-
version: 2.
|
|
165
|
+
version: '2.7'
|
|
138
166
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
139
167
|
requirements:
|
|
140
168
|
- - ">="
|
|
141
169
|
- !ruby/object:Gem::Version
|
|
142
170
|
version: '0'
|
|
143
171
|
requirements: []
|
|
144
|
-
|
|
145
|
-
|
|
146
|
-
signing_key:
|
|
172
|
+
rubygems_version: 3.3.26
|
|
173
|
+
signing_key:
|
|
147
174
|
specification_version: 4
|
|
148
175
|
summary: OmniAuth strategy for Swedbank Banklink
|
|
149
176
|
test_files:
|