canonix 0.1.1 → 0.1.2
Sign up to get free protection for your applications and to get access to all the features.
- data/.rvmrc +2 -0
- data/VERSION +1 -1
- data/canonix.gemspec +8 -5
- data/lib/xml/util/xmlcanonicalizer.rb +13 -19
- data/test/saml_with_inclusive_ns_assertion.xml +39 -0
- data/test/saml_with_inclusive_ns_expected_canonical_form.xml +39 -0
- data/test/test_xmlcanonicalizer.rb +22 -0
- metadata +8 -17
data/.rvmrc
ADDED
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
0.1.
|
1
|
+
0.1.2
|
data/canonix.gemspec
CHANGED
@@ -5,11 +5,11 @@
|
|
5
5
|
|
6
6
|
Gem::Specification.new do |s|
|
7
7
|
s.name = %q{canonix}
|
8
|
-
s.version = "0.1.
|
8
|
+
s.version = "0.1.2"
|
9
9
|
|
10
10
|
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
11
|
-
s.authors = [
|
12
|
-
s.date = %q{2011-
|
11
|
+
s.authors = ["Brendon Muir"]
|
12
|
+
s.date = %q{2011-07-03}
|
13
13
|
s.description = %q{This is based on andrewferk's rewrite for Ruby 1.9 compatibility, but applies
|
14
14
|
relevance's fix to ensure proper canonicalisation. It is intended that this be the new official
|
15
15
|
Ruby Canonicaliser as the other project seems to be abandoned.}
|
@@ -20,6 +20,7 @@ Gem::Specification.new do |s|
|
|
20
20
|
]
|
21
21
|
s.files = [
|
22
22
|
".document",
|
23
|
+
".rvmrc",
|
23
24
|
"LICENSE",
|
24
25
|
"README.rdoc",
|
25
26
|
"Rakefile",
|
@@ -32,12 +33,14 @@ Gem::Specification.new do |s|
|
|
32
33
|
"test/helper.rb",
|
33
34
|
"test/saml_assertion.xml",
|
34
35
|
"test/saml_expected_canonical_form.xml",
|
36
|
+
"test/saml_with_inclusive_ns_assertion.xml",
|
37
|
+
"test/saml_with_inclusive_ns_expected_canonical_form.xml",
|
35
38
|
"test/test_xmlcanonicalizer.rb",
|
36
39
|
"tests.watchr"
|
37
40
|
]
|
38
41
|
s.homepage = %q{http://github.com/brendon/canonix}
|
39
|
-
s.require_paths = [
|
40
|
-
s.rubygems_version = %q{1.
|
42
|
+
s.require_paths = ["lib"]
|
43
|
+
s.rubygems_version = %q{1.5.0}
|
41
44
|
s.summary = %q{XML Canonicalizer for Ruby >= 1.92}
|
42
45
|
|
43
46
|
if s.respond_to? :specification_version then
|
@@ -86,7 +86,7 @@ module XML
|
|
86
86
|
end
|
87
87
|
|
88
88
|
class XmlCanonicalizer
|
89
|
-
attr_accessor :prefix_list, :logger
|
89
|
+
attr_accessor :prefix_list, :logger, :inclusive_namespaces
|
90
90
|
|
91
91
|
BEFORE_DOC_ELEMENT = 0
|
92
92
|
INSIDE_DOC_ELEMENT = 1
|
@@ -108,8 +108,6 @@ module XML
|
|
108
108
|
@prevVisibleNamespacesStart = 0
|
109
109
|
@prevVisibleNamespacesEnd = 0
|
110
110
|
@visibleNamespaces = Array.new()
|
111
|
-
@inclusive_namespaces = Array.new()
|
112
|
-
@prefix_list = nil
|
113
111
|
end
|
114
112
|
|
115
113
|
def add_inclusive_namespaces(prefix_list, element, visible_namespaces)
|
@@ -132,7 +130,6 @@ module XML
|
|
132
130
|
end
|
133
131
|
|
134
132
|
def canonicalize_element(element, logging = true)
|
135
|
-
@inclusive_namespaces = add_inclusive_namespaces(@prefix_list, element, @inclusive_namespaces) if (@prefix_list)
|
136
133
|
@preserve_document = element.document()
|
137
134
|
tmp_parent = element.parent()
|
138
135
|
body_string = remove_whitespace(element.to_s().gsub("\n","").gsub("\t","").gsub("\r",""))
|
@@ -176,7 +173,7 @@ module XML
|
|
176
173
|
end
|
177
174
|
if (node.node_type() == :element)
|
178
175
|
write_element_node(node, visible) if (!node.rendered?())
|
179
|
-
|
176
|
+
node.rendered=(true)
|
180
177
|
end
|
181
178
|
if (node.node_type() == :processing_instruction)
|
182
179
|
end
|
@@ -195,8 +192,8 @@ module XML
|
|
195
192
|
write_attribute_axis(node)
|
196
193
|
@res = @res + ">" if (visible)
|
197
194
|
node.each_child{|child|
|
198
|
-
|
199
|
-
|
195
|
+
write_node(child)
|
196
|
+
}
|
200
197
|
@res = @res + "</" +node.expanded_name() + ">" if (visible)
|
201
198
|
@state = AFTER_DOC_ELEMENT if (visible && state == BEFORE_DOC_ELEMENT)
|
202
199
|
@prevVisibleNamespacesStart = savedPrevVisibleNamespacesStart
|
@@ -228,17 +225,14 @@ module XML
|
|
228
225
|
if (visible && !has_empty_namespace && !is_namespace_rendered(nil, nil))
|
229
226
|
@res = @res + ' xmlns=""'
|
230
227
|
end
|
231
|
-
|
232
|
-
|
233
|
-
if
|
234
|
-
|
235
|
-
|
236
|
-
prefix = ns.prefix().split(":")[1]
|
237
|
-
list.push(prefix) if (!list.include?(prefix) && (!node.attributes.prefixes.include?(prefix)))
|
228
|
+
|
229
|
+
#: ns of inclusive_list
|
230
|
+
if self.inclusive_namespaces && !self.inclusive_namespaces.empty?
|
231
|
+
self.inclusive_namespaces.each{|prefix|
|
232
|
+
list.push(prefix) if (!list.include?(prefix) && (node.attributes.prefixes.include?(prefix)))
|
238
233
|
}
|
239
|
-
@prefix_list = nil
|
240
234
|
end
|
241
|
-
|
235
|
+
|
242
236
|
list.sort!()
|
243
237
|
list.each{|prefix|
|
244
238
|
next if (prefix == "")
|
@@ -412,15 +406,15 @@ if __FILE__ == $0
|
|
412
406
|
puts("-----")
|
413
407
|
puts(result)
|
414
408
|
puts("-----")
|
415
|
-
puts(result.size())
|
409
|
+
puts(result.size())
|
416
410
|
puts("-----")
|
417
411
|
puts(CryptHash.new().digest_b64(result))
|
418
412
|
end
|
419
413
|
else
|
420
414
|
result = c.canonicalize(document)
|
421
415
|
end
|
422
|
-
|
416
|
+
|
423
417
|
file = File.new(ARGV[1], "wb")
|
424
418
|
file.write(result)
|
425
419
|
file.close()
|
426
|
-
end
|
420
|
+
end
|
@@ -0,0 +1,39 @@
|
|
1
|
+
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" Version="2.0" Destination="http://dev.example.com:8080/sessions/saml" ID="_400c66cfbb96b81e87d6bc96fefdb9b01308849650183" InResponseTo="_107c07d0-7feb-012e-8cc0-001ec2c1cafd" IssueInstant="2011-06-23T17:20:50.183Z">
|
2
|
+
<saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://dev.example.com:8080/sessions/saml</saml:Issuer>
|
3
|
+
<samlp:Status>
|
4
|
+
<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
|
5
|
+
</samlp:Status>
|
6
|
+
<saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" Version="2.0" ID="_b197baba4544550444357b2b18de57961308849650183" IssueInstant="2011-06-23T17:20:50.183Z">
|
7
|
+
<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://dev.example.com:8080/sessions/saml</saml:Issuer>
|
8
|
+
<saml:Subject>
|
9
|
+
<saml:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">mail@example.com</saml:NameID>
|
10
|
+
<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
|
11
|
+
<saml:SubjectConfirmationData InResponseTo="_107c07d0-7feb-012e-8cc0-001ec2c1cafd" NotOnOrAfter="2011-06-23T17:25:50.183Z" Recipient="http://bmls.screenstepslive.dev/sessions/saml"/>
|
12
|
+
</saml:SubjectConfirmation>
|
13
|
+
</saml:Subject>
|
14
|
+
<saml:Conditions NotOnOrAfter="2011-06-23T17:25:50.183Z" NotBefore="2011-06-23T17:20:50.183Z">
|
15
|
+
<saml:AudienceRestriction>
|
16
|
+
<saml:Audience>Audience</saml:Audience>
|
17
|
+
</saml:AudienceRestriction>
|
18
|
+
</saml:Conditions>
|
19
|
+
<saml:AuthnStatement AuthnInstant="2011-06-23T17:20:50.183Z">
|
20
|
+
<saml:AuthnContext>
|
21
|
+
<saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified</saml:AuthnContextClassRef>
|
22
|
+
</saml:AuthnContext>
|
23
|
+
</saml:AuthnStatement>
|
24
|
+
<saml:AttributeStatement>
|
25
|
+
<saml:Attribute Name="userId" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
|
26
|
+
<saml:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:anyType">00550000001b7Kf</saml:AttributeValue>
|
27
|
+
</saml:Attribute>
|
28
|
+
<saml:Attribute Name="username" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
|
29
|
+
<saml:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:anyType">mail@example.com</saml:AttributeValue>
|
30
|
+
</saml:Attribute>
|
31
|
+
<saml:Attribute Name="email" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
|
32
|
+
<saml:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:anyType">mail@example.com</saml:AttributeValue>
|
33
|
+
</saml:Attribute>
|
34
|
+
<saml:Attribute Name="is_portal_user" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
|
35
|
+
<saml:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:anyType">false</saml:AttributeValue>
|
36
|
+
</saml:Attribute>
|
37
|
+
</saml:AttributeStatement>
|
38
|
+
</saml:Assertion>
|
39
|
+
</samlp:Response>
|
@@ -0,0 +1,39 @@
|
|
1
|
+
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" Destination="http://dev.example.com:8080/sessions/saml" ID="_400c66cfbb96b81e87d6bc96fefdb9b01308849650183" InResponseTo="_107c07d0-7feb-012e-8cc0-001ec2c1cafd" IssueInstant="2011-06-23T17:20:50.183Z" Version="2.0">
|
2
|
+
<saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://dev.example.com:8080/sessions/saml</saml:Issuer>
|
3
|
+
<samlp:Status>
|
4
|
+
<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"></samlp:StatusCode>
|
5
|
+
</samlp:Status>
|
6
|
+
<saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_b197baba4544550444357b2b18de57961308849650183" IssueInstant="2011-06-23T17:20:50.183Z" Version="2.0">
|
7
|
+
<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://dev.example.com:8080/sessions/saml</saml:Issuer>
|
8
|
+
<saml:Subject>
|
9
|
+
<saml:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">mail@example.com</saml:NameID>
|
10
|
+
<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
|
11
|
+
<saml:SubjectConfirmationData InResponseTo="_107c07d0-7feb-012e-8cc0-001ec2c1cafd" NotOnOrAfter="2011-06-23T17:25:50.183Z" Recipient="http://bmls.screenstepslive.dev/sessions/saml"></saml:SubjectConfirmationData>
|
12
|
+
</saml:SubjectConfirmation>
|
13
|
+
</saml:Subject>
|
14
|
+
<saml:Conditions NotBefore="2011-06-23T17:20:50.183Z" NotOnOrAfter="2011-06-23T17:25:50.183Z">
|
15
|
+
<saml:AudienceRestriction>
|
16
|
+
<saml:Audience>Audience</saml:Audience>
|
17
|
+
</saml:AudienceRestriction>
|
18
|
+
</saml:Conditions>
|
19
|
+
<saml:AuthnStatement AuthnInstant="2011-06-23T17:20:50.183Z">
|
20
|
+
<saml:AuthnContext>
|
21
|
+
<saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified</saml:AuthnContextClassRef>
|
22
|
+
</saml:AuthnContext>
|
23
|
+
</saml:AuthnStatement>
|
24
|
+
<saml:AttributeStatement>
|
25
|
+
<saml:Attribute Name="userId" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
|
26
|
+
<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">00550000001b7Kf</saml:AttributeValue>
|
27
|
+
</saml:Attribute>
|
28
|
+
<saml:Attribute Name="username" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
|
29
|
+
<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">mail@example.com</saml:AttributeValue>
|
30
|
+
</saml:Attribute>
|
31
|
+
<saml:Attribute Name="email" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
|
32
|
+
<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">mail@example.com</saml:AttributeValue>
|
33
|
+
</saml:Attribute>
|
34
|
+
<saml:Attribute Name="is_portal_user" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
|
35
|
+
<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">false</saml:AttributeValue>
|
36
|
+
</saml:Attribute>
|
37
|
+
</saml:AttributeStatement>
|
38
|
+
</saml:Assertion>
|
39
|
+
</samlp:Response>
|
@@ -54,5 +54,27 @@ class TestXmlcanonicalizer < Test::Unit::TestCase
|
|
54
54
|
|
55
55
|
assert_equal xml_expect, xml_canonicalized
|
56
56
|
end
|
57
|
+
|
58
|
+
should "canonicalize a saml file with inclusive namespaces" do
|
59
|
+
fp = File.new(File.dirname(File.expand_path(__FILE__))+'/saml_with_inclusive_ns_assertion.xml','r')
|
60
|
+
xml = ''
|
61
|
+
while (l = fp.gets)
|
62
|
+
xml += l
|
63
|
+
end
|
64
|
+
fp.close
|
65
|
+
|
66
|
+
xml_canonicalizer = XML::Util::XmlCanonicalizer.new(false,true)
|
67
|
+
rexml = REXML::Document.new(xml);
|
68
|
+
xml_canonicalizer.inclusive_namespaces = %w(ds saml samlp xs)
|
69
|
+
xml_canonicalized = xml_canonicalizer.canonicalize(rexml);
|
70
|
+
|
71
|
+
fp = File.new(File.dirname(File.expand_path(__FILE__))+'/saml_with_inclusive_ns_expected_canonical_form.xml','r')
|
72
|
+
xml_expect = ''
|
73
|
+
while (l = fp.gets)
|
74
|
+
xml_expect += l
|
75
|
+
end
|
76
|
+
fp.close
|
77
|
+
assert_equal xml_expect, xml_canonicalized #, (xml_canonicalized.to_s + "\n\n" + xml_expect)
|
78
|
+
end
|
57
79
|
|
58
80
|
end
|
metadata
CHANGED
@@ -1,13 +1,8 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: canonix
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
hash: 25
|
5
4
|
prerelease:
|
6
|
-
|
7
|
-
- 0
|
8
|
-
- 1
|
9
|
-
- 1
|
10
|
-
version: 0.1.1
|
5
|
+
version: 0.1.2
|
11
6
|
platform: ruby
|
12
7
|
authors:
|
13
8
|
- Brendon Muir
|
@@ -15,7 +10,8 @@ autorequire:
|
|
15
10
|
bindir: bin
|
16
11
|
cert_chain: []
|
17
12
|
|
18
|
-
date: 2011-
|
13
|
+
date: 2011-07-03 00:00:00 +12:00
|
14
|
+
default_executable:
|
19
15
|
dependencies:
|
20
16
|
- !ruby/object:Gem::Dependency
|
21
17
|
name: thoughtbot-shoulda
|
@@ -25,9 +21,6 @@ dependencies:
|
|
25
21
|
requirements:
|
26
22
|
- - ">="
|
27
23
|
- !ruby/object:Gem::Version
|
28
|
-
hash: 3
|
29
|
-
segments:
|
30
|
-
- 0
|
31
24
|
version: "0"
|
32
25
|
type: :development
|
33
26
|
version_requirements: *id001
|
@@ -45,6 +38,7 @@ extra_rdoc_files:
|
|
45
38
|
- README.rdoc
|
46
39
|
files:
|
47
40
|
- .document
|
41
|
+
- .rvmrc
|
48
42
|
- LICENSE
|
49
43
|
- README.rdoc
|
50
44
|
- Rakefile
|
@@ -57,8 +51,11 @@ files:
|
|
57
51
|
- test/helper.rb
|
58
52
|
- test/saml_assertion.xml
|
59
53
|
- test/saml_expected_canonical_form.xml
|
54
|
+
- test/saml_with_inclusive_ns_assertion.xml
|
55
|
+
- test/saml_with_inclusive_ns_expected_canonical_form.xml
|
60
56
|
- test/test_xmlcanonicalizer.rb
|
61
57
|
- tests.watchr
|
58
|
+
has_rdoc: true
|
62
59
|
homepage: http://github.com/brendon/canonix
|
63
60
|
licenses: []
|
64
61
|
|
@@ -72,23 +69,17 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
72
69
|
requirements:
|
73
70
|
- - ">="
|
74
71
|
- !ruby/object:Gem::Version
|
75
|
-
hash: 3
|
76
|
-
segments:
|
77
|
-
- 0
|
78
72
|
version: "0"
|
79
73
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
80
74
|
none: false
|
81
75
|
requirements:
|
82
76
|
- - ">="
|
83
77
|
- !ruby/object:Gem::Version
|
84
|
-
hash: 3
|
85
|
-
segments:
|
86
|
-
- 0
|
87
78
|
version: "0"
|
88
79
|
requirements: []
|
89
80
|
|
90
81
|
rubyforge_project:
|
91
|
-
rubygems_version: 1.
|
82
|
+
rubygems_version: 1.5.0
|
92
83
|
signing_key:
|
93
84
|
specification_version: 3
|
94
85
|
summary: XML Canonicalizer for Ruby >= 1.92
|