Class: OmniAuth::Strategies::Seb::Response

Inherits:
Message
  • Object
show all
Defined in:
lib/omniauth/strategies/seb/response.rb

Constant Summary collapse

SIGNED_KEYS = 
[
  'IB_SND_ID',    # SEBUB
  'IB_SERVICE',   # 0001
  'IB_REC_ID',
  'IB_USER',
  'IB_DATE',
  'IB_TIME',
  'IB_USER_INFO',
  'IB_VERSION'
]

Instance Method Summary collapse

Methods inherited from Message

#each_pair, #initialize, #to_hash

Constructor Details

This class inherits a constructor from OmniAuth::Strategies::Seb::Message

Instance Method Details

#prepend_length(value) ⇒ Object 



16
17
18
19
 
# File 'lib/omniauth/strategies/seb/response.rb', line 16

def prepend_length(value)
  # prepend length to string in 0xx format
  [ value.to_s.length.to_s.rjust(3, '0'), value.dup.to_s.force_encoding('ascii')].join
end

#validate!(pub_key) ⇒ Object 



21
22
23
24
25
26
27
28
29
30
31
32
33
34
 
# File 'lib/omniauth/strategies/seb/response.rb', line 21

def validate!(pub_key)
  raw_str = SIGNED_KEYS.map{|k| prepend_length(@hash[k])}.join
  received_sig_str = Base64.decode64(@hash['IB_CRC'])

  if !pub_key.verify(OpenSSL::Digest::SHA512.new, received_sig_str, raw_str)
    if !pub_key.verify(OpenSSL::Digest::SHA1.new, received_sig_str, raw_str)
      raise ValidationError, 'Invalid signature'
    else
      OmniAuth.logger.debug('Received message with old SHA1 signature from SEB')
    end
  end

  self
end