Class: OmniAuth::Strategies::Swedbank
- Inherits:
-
Object
- Object
- OmniAuth::Strategies::Swedbank
- Includes:
- ActionDispatch::ContentSecurityPolicy::Request, OmniAuth::Strategy
- Defined in:
- lib/omniauth/strategies/swedbank.rb
Constant Summary collapse
- AUTH_SERVICE =
'4002'
- AUTH_VERSION =
'008'
Class Method Summary collapse
Instance Method Summary collapse
- #callback_phase ⇒ Object
- #prepend_length(value) ⇒ Object
- #request_phase ⇒ Object
- #signature(priv_key) ⇒ Object
- #signature_input ⇒ Object
- #stamp ⇒ Object
Class Method Details
.render_nonce? ⇒ Boolean
12 13 14 |
# File 'lib/omniauth/strategies/swedbank.rb', line 12 def self.render_nonce? defined?(ActionDispatch::ContentSecurityPolicy::Request) != nil end |
Instance Method Details
#callback_phase ⇒ Object
69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 |
# File 'lib/omniauth/strategies/swedbank.rb', line 69 def callback_phase begin pub_key = OpenSSL::X509::Certificate.new(.public_key).public_key rescue => e return fail!(:public_key_load_err, e) end if request.params['VK_SERVICE'] != '3003' return fail!(:unsupported_response_service_err) end if request.params['VK_VERSION'] != '008' return fail!(:unsupported_response_version_err) end if request.params['VK_ENCODING'] != 'UTF-8' return fail!(:unsupported_response_encoding_err) end sig_str = [ request.params['VK_SERVICE'], request.params['VK_VERSION'], request.params['VK_SND_ID'], request.params['VK_REC_ID'], request.params['VK_NONCE'], request.params['VK_INFO'] ].map{|v| prepend_length(v)}.join raw_signature = Base64.decode64(request.params['VK_MAC']) if !pub_key.verify(OpenSSL::Digest::SHA1.new, raw_signature, sig_str) return fail!(:invalid_response_signature_err) end super end |
#prepend_length(value) ⇒ Object
35 36 37 38 |
# File 'lib/omniauth/strategies/swedbank.rb', line 35 def prepend_length(value) # prepend length to string in 0xx format [ value.to_s.length.to_s.rjust(3, '0'), value.dup.to_s.force_encoding('ascii')].join end |
#request_phase ⇒ Object
106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 |
# File 'lib/omniauth/strategies/swedbank.rb', line 106 def request_phase begin priv_key = OpenSSL::PKey::RSA.new(.private_key) rescue => e return fail!(:private_key_load_err, e) end set_locale_from_query_param form = OmniAuth::Form.new(:title => I18n.t('omniauth.swedbank.please_wait'), :url => .site) { 'VK_SERVICE' => AUTH_SERVICE, 'VK_VERSION' => AUTH_VERSION, 'VK_SND_ID' => .snd_id, 'VK_REC_ID' => .rec_id, 'VK_NONCE' => stamp, 'VK_RETURN' => callback_url, 'VK_MAC' => signature(priv_key), 'VK_LANG' => resolve_bank_ui_language, 'VK_ENCODING' => 'UTF-8' }.each do |name, val| form.html "<input type=\"hidden\" name=\"#{name}\" value=\"#{escape(val)}\" />" end form. I18n.t('omniauth.swedbank.click_here_if_not_redirected') nonce_attribute = nil if self.class.render_nonce? nonce_attribute = " nonce='#{escape(content_security_policy_nonce)}'" end form.instance_variable_set('@html', form.to_html.gsub('</form>', "</form><script type=\"text/javascript\"#{nonce_attribute}>document.forms[0].submit();</script>")) form.to_response end |
#signature(priv_key) ⇒ Object
51 52 53 |
# File 'lib/omniauth/strategies/swedbank.rb', line 51 def signature(priv_key) Base64.encode64(priv_key.sign(OpenSSL::Digest::SHA1.new, signature_input)) end |
#signature_input ⇒ Object
40 41 42 43 44 45 46 47 48 49 |
# File 'lib/omniauth/strategies/swedbank.rb', line 40 def signature_input [ AUTH_SERVICE, # VK_SERVICE AUTH_VERSION, # VK_VERSION .snd_id, # VK_SND_ID .rec_id, # VK_REC_ID stamp, # VK_NONCE callback_url # VK_RETURN ].map{|v| prepend_length(v)}.join end |
#stamp ⇒ Object
30 31 32 33 |
# File 'lib/omniauth/strategies/swedbank.rb', line 30 def stamp return @stamp if @stamp @stamp = Time.now.strftime('%Y%m%d%H%M%S') + SecureRandom.random_number(999999).to_s.rjust(6, '0') end |