Class: OmniAuth::Strategies::Nordea

Inherits:
Object
  • Object
show all
Includes:
OmniAuth::Strategy
Defined in:
lib/omniauth/strategies/nordea.rb,
lib/omniauth/strategies/nordea/request_helpers.rb

Defined Under Namespace

Classes: ArgumentError

Constant Summary collapse

PRODUCTION_ENDPOINT = 
"https://netbank.nordea.com/pnbeid/eidn.jsp"
TEST_ENDPOINT = 
"https://netbank.nordea.com/pnbeidtest/eidn.jsp"
ALGORITHM_NAMES =

‘A01Y_ACTION_ID’, ‘A01Y_VERS’, # 0002 (standard), 0003 (with additional data) or 0004.

> Only 0002 supported

‘A01Y_RCVID’, ‘A01Y_LANGCODE’, # ET, LV, LT, EN ‘A01Y_STAMP’, # yyyymmddhhmmssxxxxxx ‘A01Y_IDTYPE’, ‘A01Y_RETLINK’, ‘A01Y_CANLINK’, ‘A01Y_REJLINK’, ‘A01Y_KEYVERS’, ‘A01Y_ALG’, 01 for md5, 02 for sha1 ‘A01Y_MAC’,

{ "01" => :md5, "02" => :sha1 }
SUPPORTED_LANG_CODES = 
[ :LV, :ET, :LT, :EN ]
SUPPORTED_VERSIONS = 
[ "0002" ]

Class Method Summary collapse

Instance Method Summary collapse

Class Method Details

.build_request_hash(rcvid, mac, callback_url, opts = {}) ⇒ Object 



52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
 
# File 'lib/omniauth/strategies/nordea/request_helpers.rb', line 52

def build_request_hash(rcvid, mac, callback_url, opts = {})
  opts = {
    algorithm: :sha1,
    version:   "0002",
    langcode:  :LV
  }.merge(opts)

  if !SUPPORTED_LANG_CODES.include?(opts[:langcode])
    raise ArgumentError.new (":langcode must be one of " + SUPPORTED_LANG_CODES.to_s)
  end

  if !ALGORITHM_NAMES.values.include?(opts[:algorithm])
    raise ArgumentError.new (":algorithm must be one of " + ALGORITHM_NAMES.values.to_s)
  end

  if !SUPPORTED_VERSIONS.include?(opts[:version])
    raise ArgumentError.new (":version must be one of " + SUPPORTED_VERSIONS.to_s)
  end

  {
    "A01Y_ACTION_ID" =>   "701",
    "A01Y_VERS" =>        opts[:version],
    "A01Y_RCVID" =>       rcvid,
    "A01Y_LANGCODE" =>    opts[:langcode],
    "A01Y_STAMP" =>       "yyyymmddhhmmssxxxxxx",
    "A01Y_IDTYPE" =>      "02",
    "A01Y_RETLINK" =>     self.callback_variation(callback_url, "success"),
    "A01Y_CANLINK" =>     self.callback_variation(callback_url, "cancelled"),
    "A01Y_REJLINK" =>     self.callback_variation(callback_url, "rejected"),
    "A01Y_KEYVERS" =>     "0001",
    "A01Y_ALG" =>         ALGORITHM_NAMES.key(opts[:algorithm]),
    "A01Y_MAC" =>         mac
  }
end

.callback_variation(callback_url, status) ⇒ Object 



29
30
31
32
33
 
# File 'lib/omniauth/strategies/nordea/request_helpers.rb', line 29

def callback_variation(callback_url, status)
  url = URI(callback_url)
  url.query = "omniauth_status=#{status}"
  url
end

.sign_hash_in_place(hash) ⇒ Object

We’re counting on receiving an ordered hash This method



37
38
39
40
41
42
43
44
45
46
47
48
49
50
 
# File 'lib/omniauth/strategies/nordea/request_helpers.rb', line 37

def sign_hash_in_place(hash)

  signable_string = hash.values.join("&") + "&"

  digest_class =
    case ALGORITHM_NAMES[ hash["A01Y_ALG"] ]
    when :sha1
      Digest::SHA1
    when :md5
      Digest::MD5
  end

  hash["A01Y_MAC"] = digest_class.send(:hexdigest, signable_string)
end

Instance Method Details

#callback_phaseObject 



33
34
35
36
37
 
# File 'lib/omniauth/strategies/nordea.rb', line 33

def callback_phase
  super
rescue Exception => e
  fail!(:unknown_callback_err, e)
end

#request_phaseObject 



39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
 
# File 'lib/omniauth/strategies/nordea.rb', line 39

def request_phase

  param_hash = OmniAuth::Strategies::Nordea.build_request_hash(options.rcvid, options.mac,
    full_host + script_name + callback_path)
  OmniAuth::Strategies::Nordea.sign_hash_in_place(param_hash)

  # Build redirect form
  OmniAuth.config.form_css = nil
  form = OmniAuth::Form.new(title: I18n.t("omniauth.swedbank.please_wait"), url: options.endpoint)

  param_hash.each_pair do |k,v|
    form.html "<input type=\"hidden\" name=\"#{k}\" value=\"#{v}\" />"
  end

  form.button I18n.t("omniauth.swedbank.click_here_if_not_redirected")

  form.instance_variable_set("@html",
    form.to_html.gsub("</form>", "</form><script type=\"text/javascript\">document.forms[0].submit();</script>"))
  form.to_response
rescue Exception => e
  fail!(:unknown_request_err, e)
end