Module: MyinfoRuby::Security

Included in:
Client
Defined in:
lib/myinfo_ruby/security.rb

Instance Method Summary collapse

Instance Method Details

#create_token_request(token_url, code, redirect_url, client_id, client_secret, auth_level, private_key) ⇒ Object 



6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
 
# File 'lib/myinfo_ruby/security.rb', line 6

def create_token_request(token_url, code, redirect_url, client_id, client_secret, auth_level, private_key)
  token_params = {
    grant_type: 'authorization_code',
    code: code,
    redirect_uri: redirect_url,
    client_id: client_id,
    client_secret: client_secret
  }
  token_header = {'Content-Type' => "application/x-www-form-urlencoded", 'Cache-Control' => "no-cache"}

  authorization_header = nil
  if auth_level == 'L2'
    authorization_header = generate_signature(token_url, token_params, 'POST', 'application/x-www-form-urlencoded', client_id, private_key)

    token_header.merge!({"Authorization" => authorization_header})
  end
  token_response = RestClient.post(token_url, token_params, token_header)
  JSON.parse(token_response)
end

#decrypt_JWE_response(personal_data_response, private_key) ⇒ Object

Decrypt JWE



58
59
60
61
62
63
 
# File 'lib/myinfo_ruby/security.rb', line 58

def decrypt_JWE_response(personal_data_response, private_key)
  jwk = JOSE::JWK.from_pem_file(private_key)
  decrypted_personal_JWE = jwk.block_decrypt(personal_data_response.body)
  decrypted_personal_JWT = jwk.verify(decrypted_personal_JWE[0])
  JSON.parse(decrypted_personal_JWT[1])
end

#get_personal_data(personal_url, uinfin, token_response, client_id, attributes, auth_level, private_key) ⇒ Object 



26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
 
# File 'lib/myinfo_ruby/security.rb', line 26

def get_personal_data(personal_url, uinfin, token_response, client_id, attributes, auth_level, private_key)
  puts '------ Fetching personal data ------'
  parameters = {
    :client_id => client_id,
    :attributes => attributes
  }
  authorization_header = token_response['token_type']+' '+token_response['access_token']
  url = personal_url + "/" + uinfin + "/"

  if auth_level == 'L2'
    auth_header = generate_signature(url, parameters, 'GET', 'application/x-www-form-urlencoded', client_id, private_key)

    authorization_header = auth_header+','+authorization_header
  end

  personal_header = {
    'Cache-Control' => "no-cache",
    :Authorization => authorization_header,
    :params => parameters
  }
  RestClient.get(url, personal_header)
end

#verify_JWS(token_response, private_key) ⇒ Object

Verify JWS



50
51
52
53
54
55
 
# File 'lib/myinfo_ruby/security.rb', line 50

def verify_JWS(token_response, private_key)
  jwk = JOSE::JWK.from_pem_file(private_key)
  decoded_JWS = jwk.verify(token_response["access_token"])
  decoded = JSON.parse(decoded_JWS[1])
  decoded
end