ruby_isds 0.12.0 → 0.13.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 786df93888ace6114b9f30bd39b48ffcb2dce0f2d8b5c1af94f89ddc2033bff5
-  data.tar.gz: 9cebb9baf35711920e1c43e3bb03233db93b1211983ccbaa472539a6801e927b
+  metadata.gz: 2499d07ffdb8aefc294f1de7201ef0c5fcee34d8b44575647b09db11feae1227
+  data.tar.gz: fb64e99eb613497520fb797e2d0896c0639a4caef968dbae09c1668845491e97
 SHA512:
-  metadata.gz: 9b3da9d6b2692d0192c88962d23aba6d1017fca12afbe02a62cabf98719ce7a06e99d5b65bd379f1340bdf37a9052c700d7d66d38b157e9f9d50a73312f4beda
-  data.tar.gz: 8cc6c106c7414a50a851f271e1f8f60a2d846328cfe563d11570547833a904d997cf20f82866b1ebd4f4aae43747ab44b4c4b0dc0273e4f911b7a3569b23f567
+  metadata.gz: abedc2bfcf4857ec5ac33936f6597d18ad24a59b1013b7c37ebe05a5fb1c5ba067d6059c8c4af0ef0bde990147622128d92a0c468efc496935720674d3ef0dec
+  data.tar.gz: d8dc750bbfbc8f7bf2ad59d10f7d0c7b07757dca0d649c999bac4b3a53f5760eb605ca927b4dd589e2f95c0659f9ba1cf5a5d47a87688f9d2db753a89e0b7a89

data/.gitignore

@@ -11,3 +11,5 @@
 .rspec_status
 
 bin/debug_console
+
+.DS_Store

data/.overcommit.yml

@@ -41,6 +41,8 @@ PreCommit:
 
   TrailingWhitespace:
     enabled: true
+    exclude:
+      - 'spec/**/*'
 
   BundleAudit:
     enabled: true

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    ruby_isds (0.12.0)
+    ruby_isds (0.13.0)
       activesupport
       nokogiri
 
@@ -136,4 +136,4 @@ DEPENDENCIES
   webmock (~> 3.0)
 
 BUNDLED WITH
-   1.16.4
+   1.17.3

data/README.md

@@ -22,7 +22,10 @@ Or install it yourself as:
 
 ## Usage
 
-Before usage please add config (for rails initializer) with following:
+Before usage please add config (for rails initializer) with one of supported
+auth strategies:
+
+### Username + password
 
 ```ruby
 RubyIsds.configure do |c|
@@ -32,6 +35,19 @@ RubyIsds.configure do |c|
   c.env = :development
 end
 ```
+### Server side system certificate
+
+```ruby
+RubyIsds.configure do |c|
+  c.data_box = 'data_box_id'
+  c.cert_file = 'spec/factories/files/certifikat.pem'
+  c.key_file = 'spec/factories/files/test-key.key'
+  c.pass_phrase = 'andrej'
+  c.env = :development
+end
+```
+here `data_box_id` if id of databox you will be accessing, you do not really
+need id of databox used as point from where you access
 
 you do not have to provide `env` in setup unless you go to production, gem
 defaults to `:development` anyway...
@@ -220,6 +236,19 @@ TODO
 
 If in doubt, or my so called 'README' seems not that helpful, please refer to [ISDS provozni rad](https://www.datoveschranky.info/dulezite-informace/provozni-rad-isds)
 
+#### Certificates
+
+Just some helpfull information when you want to use certificate to access
+databoxes:
+
+How to setup and what not in ISDS: [https://www.czebox.cz/static/ISDS/help/page8.html#8_4](https://www.czebox.cz/static/ISDS/help/page8.html#8_4)
+
+Working with DER/PEM and what not around the keys: [https://knowledge.digicert.com/solution/SO26449.html](https://knowledge.digicert.com/solution/SO26449.html)
+
+How to convert windows pfx file exported from keychain into key you need here: [https://www.markbrilman.nl/2011/08/howto-convert-a-pfx-to-a-seperate-key-crt-file/](https://www.markbrilman.nl/2011/08/howto-convert-a-pfx-to-a-seperate-key-crt-file/)
+
+Jus to note here, certificate accepted should be in PEM format and you have to add the private.key with the password to it.
+
 ## Development
 
 After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.

data/lib/ruby_isds.rb

@@ -41,6 +41,7 @@ require 'ruby_isds/web_services/db_search/p_d_z_info'
 require 'ruby_isds/web_services/db_search/p_d_z_send_info'
 
 require 'ruby_isds/web_services/db_access/change_isds_password'
+require 'ruby_isds/web_services/db_access/get_owner_info_from_login'
 
 require 'ruby_isds/web_services/dm_info/request'
 require 'ruby_isds/web_services/dm_info/response'

data/lib/ruby_isds/configuration.rb

@@ -1,6 +1,8 @@
 module RubyIsds
   class Configuration
-    attr_writer :data_box, :username, :password, :env, :api_url
+    attr_writer :data_box, :username, :password, :env, :api_url,
+                :cert_file, :key_file, :pass_phrase
+    attr_reader :pass_phrase
 
     ALLOWED_PRODUCTION_SYNTAX = [:production, 'production'].freeze
 
@@ -9,6 +11,9 @@ module RubyIsds
       @password = nil
       @data_box = nil
       @env = nil
+      @cert_file = nil
+      @key_file = nil
+      @pass_phrase = nil
     end
 
     def data_box
@@ -26,6 +31,25 @@ module RubyIsds
       @password
     end
 
+    def cert_file
+      if @cert_file && (!@key_file && !@pass_phrase)
+        raise ConfigNotSet, 'pass_phrase and key_file'
+      end
+      return unless @cert_file
+      OpenSSL::X509::Certificate.new(File.read(@cert_file))
+    end
+
+    def key_file
+      return nil unless @key_file
+      File.read(@key_file)
+    end
+
+    def private_key
+      raise ConfigNotSet, 'pass_phrase' if @key_file && !@pass_phrase
+      raise ConfigNotSet, 'key_file' if !@key_file && @pass_phrase
+      OpenSSL::PKey::RSA.new(File.read(@key_file), @pass_phrase)
+    end
+
     ##
     # env values:
     #   :development (default)
@@ -37,8 +61,13 @@ module RubyIsds
     end
 
     def api_domain
-      return 'https://ws1.mojedatovaschranka.cz' if production?
-      'https://ws1.czebox.cz'
+      if production?
+        return 'https://ws1c.mojedatovaschranka.cz/cert' if @cert_file
+        'https://ws1.mojedatovaschranka.cz'
+      else
+        return 'https://ws1c.czebox.cz/hspis' if @cert_file
+        'https://ws1.czebox.cz'
+      end
     end
 
     def xml_url

data/lib/ruby_isds/data_box.rb

@@ -10,6 +10,10 @@ module RubyIsds
         .call(options)
     end
 
+    def self.owner_info
+      ::RubyIsds::WebServices::DbAccess::GetOwnerInfoFromLogin.call
+    end
+
     def self.credit_info(options = {})
       ::RubyIsds::WebServices::DbSearch::DataBoxCreditInfo
         .call(options.merge(dbID: ::RubyIsds.configuration.data_box))

data/lib/ruby_isds/request.rb

@@ -11,20 +11,33 @@ module RubyIsds
     end
 
     # rubocop:disable Metrics/AbcSize
+    # rubocop:disable Metrics/MethodLength
     def call
       uri = URI(full_url)
 
       request = Net::HTTP::Post.new(uri)
       default_headers.each { |k, v| request[k] = v }
       request.body = to_xml
-      request.basic_auth RubyIsds.configuration.username, RubyIsds.configuration.password
 
       https = Net::HTTP.new(uri.hostname, uri.port)
       https.use_ssl = true
       https.ssl_version = :TLSv1_2_client
+      if RubyIsds.configuration.cert_file
+        https.verify_mode = OpenSSL::SSL::VERIFY_PEER
+        https.cert = RubyIsds.configuration.cert_file
+        https.key = RubyIsds.configuration.private_key
+        https.verify_depth = 5
+        request.basic_auth(RubyIsds.configuration.data_box, '')
+      else
+        request.basic_auth(
+          RubyIsds.configuration.username,
+          RubyIsds.configuration.password
+        )
+      end
       response = https.request(request)
       call_reponse_wrapper(response)
     end
+    # rubocop:enable Metrics/MethodLength
     # rubocop:enable Metrics/AbcSize
 
     def call_reponse_wrapper(response)

data/lib/ruby_isds/response.rb

@@ -7,6 +7,7 @@ module RubyIsds
     end
 
     def parsed_body
+      raise HtmlResponseReceived, @response.inspect unless @response['Envelope'].present?
       @response['Envelope']['Body'][result_key]
     end
 

data/lib/ruby_isds/utils/errors.rb

@@ -7,4 +7,12 @@ module RubyIsds
       super(msg)
     end
   end
+
+  class HtmlResponseReceived < Error
+    def initialize(param)
+      msg = 'Please check if you set credentials correctly, '\
+        "seems like a typo or something:\n #{param}"
+      super(msg)
+    end
+  end
 end

data/lib/ruby_isds/version.rb

@@ -1,3 +1,3 @@
 module RubyIsds
-  VERSION = '0.12.0'.freeze
+  VERSION = '0.13.0'.freeze
 end

data/lib/ruby_isds/web_services/db_access/get_owner_info_from_login.rb

@@ -0,0 +1,19 @@
+module RubyIsds
+  module WebServices
+    module DbAccess
+      class GetOwnerInfoFromLogin < ::RubyIsds::WebServices::DbSearch::Request
+        ATTRS = [].freeze
+
+        attr_accessor(*ATTRS)
+
+        def body(xml)
+          xml[:v20].GetOwnerInfoFromLogin {}
+        end
+
+        def api_url
+          '/DS/DsManage'
+        end
+      end
+    end
+  end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: ruby_isds
 version: !ruby/object:Gem::Version
-  version: 0.12.0
+  version: 0.13.0
 platform: ruby
 authors:
 - Andrej Antas
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2019-02-18 00:00:00.000000000 Z
+date: 2019-02-28 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -238,6 +238,7 @@ files:
 - lib/ruby_isds/version.rb
 - lib/ruby_isds/web_services/db_access/.gitkeep
 - lib/ruby_isds/web_services/db_access/change_isds_password.rb
+- lib/ruby_isds/web_services/db_access/get_owner_info_from_login.rb
 - lib/ruby_isds/web_services/db_search/check_data_box.rb
 - lib/ruby_isds/web_services/db_search/d_t_info.rb
 - lib/ruby_isds/web_services/db_search/data_box_credit_info.rb
@@ -295,8 +296,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.7.7
+rubygems_version: 3.0.2
 signing_key: 
 specification_version: 4
 summary: Ruby client to access ISDS