Skip to content

standout/cgi-party

Repository files navigation

CGIParty

CGIParty is a gem made for integrating against the CGI Group GRP2 API. As of now you can only perform BankID authorization.

  • You will need an agreement with CGI group in order to user their API. We do not provide this.

NOTE: If you're still using the old GRP API, you'll need to install the old version (1.0.0) of this gem.

Installation

Add this line to your application's Gemfile:

gem 'cgi_party'

And then execute:

$ bundle

Or install it yourself as:

$ gem install cgi_party

Configuration

To use the gem you must configure some settings. Here is the settings available:

CGIParty.configure do |config|
  # (Optional) The number of seconds a poll operation will be active before timeout. Recommended is 180 seconds.
  config.collect_polling_timeout = 180

  # (Optional) The number of seconds a poll operation will wait between each call. Recommended is 3 seconds.
  config.collect_polling_delay = 3

  # (Optional) The path where the WSDL is located. Change to CGIParty::WSDL_TEST_PATH in development and testing
  config.wsdl_path = CGIParty::WSDL_PATH

  # (Required) The name that will be displayed in the BankID app. "Jag legitimerar mig mot #{display_name}"
  config.display_name = "display_name"

  # (Required) An identifier for your service provided by the CGI Group
  config.service_id = "service_id"
end

Usage

Before doing any consecutive requests you must first initiate a client and call the authenticate method. The authenticate response will contain information about the authentication order.

client = CGIParty::Client.new
authenticate_response = client.authenticate(ip_address)

Autostart on the same device

You can acquire an url for prompting the BankID application on the device.

authenticate_response.autostart_url(return_url)
#=> "bankid:///?autostarttoken=[token]&redirect=[return_url]"

QR code for BankID on another device

Generate an animated QR code. You'll need some way to keep track of elapsed seconds as you refresh the QR code.

client.generate_qr(start_token: authenticate_response.qr_start_token,
                   start_secret: authenticate_response.qr_start_secret,
                   seconds: seconds_elapsed)

Collect

To poll the collect action you can use the poll collect method. The block will be yielded every time the API responds. You can take appropriate action in your application by using the provided progress statuses.

You can read more about them in the CGI Group GRP API documentation: https://www.cgi.se/sites/default/files/files_se/pdf/grp_api.pdf

client.poll_collect(authenticate_response.order_ref,
                    authenticate_response.transaction_id) do |collect_response|
  case collect_response.progress_status
  when "OUTSTANDING_TRANSACTION"    # Awaiting BankID application to start. (Might need manual boot)
  when "EXPIRED_TRANSACTION"        # No activity from the user after 180s.
  when "ALREADY_IN_PROGRESS"        # An order for the user is already in progress.
  when "INVALID_PARAMETERS"         # Invalid parameters provided.
  when "ACCESS_DENIED_RP"           # Internal access problem. Contact CGI.
  when "CERTIFICATE_ERR"            # The users BankID are revoked or invalid.
  when "INTERNAL_ERROR"             # An internal BankID error occured.
  when "START_FAILED"               # BankID client did't start after 30s
  when "USER_CANCEL"                # The order was canceled by the user.
  when "CLIENT_ERR"                 # An internal BankID error occurred.
  when "CANCELLED"                  # The order was cancelled.
  when "NO_CLIENT"                  # Users BankID was not available
  when "COMPLETE"                   # The authentication is completed
  when "RETRY"                      # A temporary error has occurred. Prompt the user to try again.
  end
end

A successful collect response will contain attributes about the authenticated person.

collect_response.attributes
#=>
[
  { name: "cn", value: "Bob Basil" },
  { name: "serialnumber", value: "680916-1794" },
  # ...
]

Development and testing

When testing the functionality against the API it is preferable to not use the real endpoints. By changing the wsdl_path config variable in testing you can change all requests to enpoints made for testing.

CGIParty.configure do |config|
  config.wsdl_path = CGIParty::WSDL_TEST_PATH
  # ...
end

License

The gem is available as open source under the terms of the MIT License.