canonix 0.1.1 → 0.1.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/.rvmrc +2 -0
- data/VERSION +1 -1
- data/canonix.gemspec +8 -5
- data/lib/xml/util/xmlcanonicalizer.rb +13 -19
- data/test/saml_with_inclusive_ns_assertion.xml +39 -0
- data/test/saml_with_inclusive_ns_expected_canonical_form.xml +39 -0
- data/test/test_xmlcanonicalizer.rb +22 -0
- metadata +8 -17
data/.rvmrc
ADDED
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
0.1.
|
1
|
+
0.1.2
|
data/canonix.gemspec
CHANGED
@@ -5,11 +5,11 @@
|
|
5
5
|
|
6
6
|
Gem::Specification.new do |s|
|
7
7
|
s.name = %q{canonix}
|
8
|
-
s.version = "0.1.
|
8
|
+
s.version = "0.1.2"
|
9
9
|
|
10
10
|
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
11
|
-
s.authors = [
|
12
|
-
s.date = %q{2011-
|
11
|
+
s.authors = ["Brendon Muir"]
|
12
|
+
s.date = %q{2011-07-03}
|
13
13
|
s.description = %q{This is based on andrewferk's rewrite for Ruby 1.9 compatibility, but applies
|
14
14
|
relevance's fix to ensure proper canonicalisation. It is intended that this be the new official
|
15
15
|
Ruby Canonicaliser as the other project seems to be abandoned.}
|
@@ -20,6 +20,7 @@ Gem::Specification.new do |s|
|
|
20
20
|
]
|
21
21
|
s.files = [
|
22
22
|
".document",
|
23
|
+
".rvmrc",
|
23
24
|
"LICENSE",
|
24
25
|
"README.rdoc",
|
25
26
|
"Rakefile",
|
@@ -32,12 +33,14 @@ Gem::Specification.new do |s|
|
|
32
33
|
"test/helper.rb",
|
33
34
|
"test/saml_assertion.xml",
|
34
35
|
"test/saml_expected_canonical_form.xml",
|
36
|
+
"test/saml_with_inclusive_ns_assertion.xml",
|
37
|
+
"test/saml_with_inclusive_ns_expected_canonical_form.xml",
|
35
38
|
"test/test_xmlcanonicalizer.rb",
|
36
39
|
"tests.watchr"
|
37
40
|
]
|
38
41
|
s.homepage = %q{http://github.com/brendon/canonix}
|
39
|
-
s.require_paths = [
|
40
|
-
s.rubygems_version = %q{1.
|
42
|
+
s.require_paths = ["lib"]
|
43
|
+
s.rubygems_version = %q{1.5.0}
|
41
44
|
s.summary = %q{XML Canonicalizer for Ruby >= 1.92}
|
42
45
|
|
43
46
|
if s.respond_to? :specification_version then
|
@@ -86,7 +86,7 @@ module XML
|
|
86
86
|
end
|
87
87
|
|
88
88
|
class XmlCanonicalizer
|
89
|
-
attr_accessor :prefix_list, :logger
|
89
|
+
attr_accessor :prefix_list, :logger, :inclusive_namespaces
|
90
90
|
|
91
91
|
BEFORE_DOC_ELEMENT = 0
|
92
92
|
INSIDE_DOC_ELEMENT = 1
|
@@ -108,8 +108,6 @@ module XML
|
|
108
108
|
@prevVisibleNamespacesStart = 0
|
109
109
|
@prevVisibleNamespacesEnd = 0
|
110
110
|
@visibleNamespaces = Array.new()
|
111
|
-
@inclusive_namespaces = Array.new()
|
112
|
-
@prefix_list = nil
|
113
111
|
end
|
114
112
|
|
115
113
|
def add_inclusive_namespaces(prefix_list, element, visible_namespaces)
|
@@ -132,7 +130,6 @@ module XML
|
|
132
130
|
end
|
133
131
|
|
134
132
|
def canonicalize_element(element, logging = true)
|
135
|
-
@inclusive_namespaces = add_inclusive_namespaces(@prefix_list, element, @inclusive_namespaces) if (@prefix_list)
|
136
133
|
@preserve_document = element.document()
|
137
134
|
tmp_parent = element.parent()
|
138
135
|
body_string = remove_whitespace(element.to_s().gsub("\n","").gsub("\t","").gsub("\r",""))
|
@@ -176,7 +173,7 @@ module XML
|
|
176
173
|
end
|
177
174
|
if (node.node_type() == :element)
|
178
175
|
write_element_node(node, visible) if (!node.rendered?())
|
179
|
-
|
176
|
+
node.rendered=(true)
|
180
177
|
end
|
181
178
|
if (node.node_type() == :processing_instruction)
|
182
179
|
end
|
@@ -195,8 +192,8 @@ module XML
|
|
195
192
|
write_attribute_axis(node)
|
196
193
|
@res = @res + ">" if (visible)
|
197
194
|
node.each_child{|child|
|
198
|
-
|
199
|
-
|
195
|
+
write_node(child)
|
196
|
+
}
|
200
197
|
@res = @res + "</" +node.expanded_name() + ">" if (visible)
|
201
198
|
@state = AFTER_DOC_ELEMENT if (visible && state == BEFORE_DOC_ELEMENT)
|
202
199
|
@prevVisibleNamespacesStart = savedPrevVisibleNamespacesStart
|
@@ -228,17 +225,14 @@ module XML
|
|
228
225
|
if (visible && !has_empty_namespace && !is_namespace_rendered(nil, nil))
|
229
226
|
@res = @res + ' xmlns=""'
|
230
227
|
end
|
231
|
-
|
232
|
-
|
233
|
-
if
|
234
|
-
|
235
|
-
|
236
|
-
prefix = ns.prefix().split(":")[1]
|
237
|
-
list.push(prefix) if (!list.include?(prefix) && (!node.attributes.prefixes.include?(prefix)))
|
228
|
+
|
229
|
+
#: ns of inclusive_list
|
230
|
+
if self.inclusive_namespaces && !self.inclusive_namespaces.empty?
|
231
|
+
self.inclusive_namespaces.each{|prefix|
|
232
|
+
list.push(prefix) if (!list.include?(prefix) && (node.attributes.prefixes.include?(prefix)))
|
238
233
|
}
|
239
|
-
@prefix_list = nil
|
240
234
|
end
|
241
|
-
|
235
|
+
|
242
236
|
list.sort!()
|
243
237
|
list.each{|prefix|
|
244
238
|
next if (prefix == "")
|
@@ -412,15 +406,15 @@ if __FILE__ == $0
|
|
412
406
|
puts("-----")
|
413
407
|
puts(result)
|
414
408
|
puts("-----")
|
415
|
-
puts(result.size())
|
409
|
+
puts(result.size())
|
416
410
|
puts("-----")
|
417
411
|
puts(CryptHash.new().digest_b64(result))
|
418
412
|
end
|
419
413
|
else
|
420
414
|
result = c.canonicalize(document)
|
421
415
|
end
|
422
|
-
|
416
|
+
|
423
417
|
file = File.new(ARGV[1], "wb")
|
424
418
|
file.write(result)
|
425
419
|
file.close()
|
426
|
-
end
|
420
|
+
end
|
@@ -0,0 +1,39 @@
|
|
1
|
+
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" Version="2.0" Destination="http://dev.example.com:8080/sessions/saml" ID="_400c66cfbb96b81e87d6bc96fefdb9b01308849650183" InResponseTo="_107c07d0-7feb-012e-8cc0-001ec2c1cafd" IssueInstant="2011-06-23T17:20:50.183Z">
|
2
|
+
<saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://dev.example.com:8080/sessions/saml</saml:Issuer>
|
3
|
+
<samlp:Status>
|
4
|
+
<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
|
5
|
+
</samlp:Status>
|
6
|
+
<saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" Version="2.0" ID="_b197baba4544550444357b2b18de57961308849650183" IssueInstant="2011-06-23T17:20:50.183Z">
|
7
|
+
<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://dev.example.com:8080/sessions/saml</saml:Issuer>
|
8
|
+
<saml:Subject>
|
9
|
+
<saml:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">mail@example.com</saml:NameID>
|
10
|
+
<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
|
11
|
+
<saml:SubjectConfirmationData InResponseTo="_107c07d0-7feb-012e-8cc0-001ec2c1cafd" NotOnOrAfter="2011-06-23T17:25:50.183Z" Recipient="http://bmls.screenstepslive.dev/sessions/saml"/>
|
12
|
+
</saml:SubjectConfirmation>
|
13
|
+
</saml:Subject>
|
14
|
+
<saml:Conditions NotOnOrAfter="2011-06-23T17:25:50.183Z" NotBefore="2011-06-23T17:20:50.183Z">
|
15
|
+
<saml:AudienceRestriction>
|
16
|
+
<saml:Audience>Audience</saml:Audience>
|
17
|
+
</saml:AudienceRestriction>
|
18
|
+
</saml:Conditions>
|
19
|
+
<saml:AuthnStatement AuthnInstant="2011-06-23T17:20:50.183Z">
|
20
|
+
<saml:AuthnContext>
|
21
|
+
<saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified</saml:AuthnContextClassRef>
|
22
|
+
</saml:AuthnContext>
|
23
|
+
</saml:AuthnStatement>
|
24
|
+
<saml:AttributeStatement>
|
25
|
+
<saml:Attribute Name="userId" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
|
26
|
+
<saml:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:anyType">00550000001b7Kf</saml:AttributeValue>
|
27
|
+
</saml:Attribute>
|
28
|
+
<saml:Attribute Name="username" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
|
29
|
+
<saml:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:anyType">mail@example.com</saml:AttributeValue>
|
30
|
+
</saml:Attribute>
|
31
|
+
<saml:Attribute Name="email" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
|
32
|
+
<saml:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:anyType">mail@example.com</saml:AttributeValue>
|
33
|
+
</saml:Attribute>
|
34
|
+
<saml:Attribute Name="is_portal_user" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
|
35
|
+
<saml:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:anyType">false</saml:AttributeValue>
|
36
|
+
</saml:Attribute>
|
37
|
+
</saml:AttributeStatement>
|
38
|
+
</saml:Assertion>
|
39
|
+
</samlp:Response>
|
@@ -0,0 +1,39 @@
|
|
1
|
+
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" Destination="http://dev.example.com:8080/sessions/saml" ID="_400c66cfbb96b81e87d6bc96fefdb9b01308849650183" InResponseTo="_107c07d0-7feb-012e-8cc0-001ec2c1cafd" IssueInstant="2011-06-23T17:20:50.183Z" Version="2.0">
|
2
|
+
<saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://dev.example.com:8080/sessions/saml</saml:Issuer>
|
3
|
+
<samlp:Status>
|
4
|
+
<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"></samlp:StatusCode>
|
5
|
+
</samlp:Status>
|
6
|
+
<saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_b197baba4544550444357b2b18de57961308849650183" IssueInstant="2011-06-23T17:20:50.183Z" Version="2.0">
|
7
|
+
<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://dev.example.com:8080/sessions/saml</saml:Issuer>
|
8
|
+
<saml:Subject>
|
9
|
+
<saml:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">mail@example.com</saml:NameID>
|
10
|
+
<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
|
11
|
+
<saml:SubjectConfirmationData InResponseTo="_107c07d0-7feb-012e-8cc0-001ec2c1cafd" NotOnOrAfter="2011-06-23T17:25:50.183Z" Recipient="http://bmls.screenstepslive.dev/sessions/saml"></saml:SubjectConfirmationData>
|
12
|
+
</saml:SubjectConfirmation>
|
13
|
+
</saml:Subject>
|
14
|
+
<saml:Conditions NotBefore="2011-06-23T17:20:50.183Z" NotOnOrAfter="2011-06-23T17:25:50.183Z">
|
15
|
+
<saml:AudienceRestriction>
|
16
|
+
<saml:Audience>Audience</saml:Audience>
|
17
|
+
</saml:AudienceRestriction>
|
18
|
+
</saml:Conditions>
|
19
|
+
<saml:AuthnStatement AuthnInstant="2011-06-23T17:20:50.183Z">
|
20
|
+
<saml:AuthnContext>
|
21
|
+
<saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified</saml:AuthnContextClassRef>
|
22
|
+
</saml:AuthnContext>
|
23
|
+
</saml:AuthnStatement>
|
24
|
+
<saml:AttributeStatement>
|
25
|
+
<saml:Attribute Name="userId" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
|
26
|
+
<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">00550000001b7Kf</saml:AttributeValue>
|
27
|
+
</saml:Attribute>
|
28
|
+
<saml:Attribute Name="username" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
|
29
|
+
<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">mail@example.com</saml:AttributeValue>
|
30
|
+
</saml:Attribute>
|
31
|
+
<saml:Attribute Name="email" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
|
32
|
+
<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">mail@example.com</saml:AttributeValue>
|
33
|
+
</saml:Attribute>
|
34
|
+
<saml:Attribute Name="is_portal_user" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
|
35
|
+
<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">false</saml:AttributeValue>
|
36
|
+
</saml:Attribute>
|
37
|
+
</saml:AttributeStatement>
|
38
|
+
</saml:Assertion>
|
39
|
+
</samlp:Response>
|
@@ -54,5 +54,27 @@ class TestXmlcanonicalizer < Test::Unit::TestCase
|
|
54
54
|
|
55
55
|
assert_equal xml_expect, xml_canonicalized
|
56
56
|
end
|
57
|
+
|
58
|
+
should "canonicalize a saml file with inclusive namespaces" do
|
59
|
+
fp = File.new(File.dirname(File.expand_path(__FILE__))+'/saml_with_inclusive_ns_assertion.xml','r')
|
60
|
+
xml = ''
|
61
|
+
while (l = fp.gets)
|
62
|
+
xml += l
|
63
|
+
end
|
64
|
+
fp.close
|
65
|
+
|
66
|
+
xml_canonicalizer = XML::Util::XmlCanonicalizer.new(false,true)
|
67
|
+
rexml = REXML::Document.new(xml);
|
68
|
+
xml_canonicalizer.inclusive_namespaces = %w(ds saml samlp xs)
|
69
|
+
xml_canonicalized = xml_canonicalizer.canonicalize(rexml);
|
70
|
+
|
71
|
+
fp = File.new(File.dirname(File.expand_path(__FILE__))+'/saml_with_inclusive_ns_expected_canonical_form.xml','r')
|
72
|
+
xml_expect = ''
|
73
|
+
while (l = fp.gets)
|
74
|
+
xml_expect += l
|
75
|
+
end
|
76
|
+
fp.close
|
77
|
+
assert_equal xml_expect, xml_canonicalized #, (xml_canonicalized.to_s + "\n\n" + xml_expect)
|
78
|
+
end
|
57
79
|
|
58
80
|
end
|
metadata
CHANGED
@@ -1,13 +1,8 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: canonix
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
hash: 25
|
5
4
|
prerelease:
|
6
|
-
|
7
|
-
- 0
|
8
|
-
- 1
|
9
|
-
- 1
|
10
|
-
version: 0.1.1
|
5
|
+
version: 0.1.2
|
11
6
|
platform: ruby
|
12
7
|
authors:
|
13
8
|
- Brendon Muir
|
@@ -15,7 +10,8 @@ autorequire:
|
|
15
10
|
bindir: bin
|
16
11
|
cert_chain: []
|
17
12
|
|
18
|
-
date: 2011-
|
13
|
+
date: 2011-07-03 00:00:00 +12:00
|
14
|
+
default_executable:
|
19
15
|
dependencies:
|
20
16
|
- !ruby/object:Gem::Dependency
|
21
17
|
name: thoughtbot-shoulda
|
@@ -25,9 +21,6 @@ dependencies:
|
|
25
21
|
requirements:
|
26
22
|
- - ">="
|
27
23
|
- !ruby/object:Gem::Version
|
28
|
-
hash: 3
|
29
|
-
segments:
|
30
|
-
- 0
|
31
24
|
version: "0"
|
32
25
|
type: :development
|
33
26
|
version_requirements: *id001
|
@@ -45,6 +38,7 @@ extra_rdoc_files:
|
|
45
38
|
- README.rdoc
|
46
39
|
files:
|
47
40
|
- .document
|
41
|
+
- .rvmrc
|
48
42
|
- LICENSE
|
49
43
|
- README.rdoc
|
50
44
|
- Rakefile
|
@@ -57,8 +51,11 @@ files:
|
|
57
51
|
- test/helper.rb
|
58
52
|
- test/saml_assertion.xml
|
59
53
|
- test/saml_expected_canonical_form.xml
|
54
|
+
- test/saml_with_inclusive_ns_assertion.xml
|
55
|
+
- test/saml_with_inclusive_ns_expected_canonical_form.xml
|
60
56
|
- test/test_xmlcanonicalizer.rb
|
61
57
|
- tests.watchr
|
58
|
+
has_rdoc: true
|
62
59
|
homepage: http://github.com/brendon/canonix
|
63
60
|
licenses: []
|
64
61
|
|
@@ -72,23 +69,17 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
72
69
|
requirements:
|
73
70
|
- - ">="
|
74
71
|
- !ruby/object:Gem::Version
|
75
|
-
hash: 3
|
76
|
-
segments:
|
77
|
-
- 0
|
78
72
|
version: "0"
|
79
73
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
80
74
|
none: false
|
81
75
|
requirements:
|
82
76
|
- - ">="
|
83
77
|
- !ruby/object:Gem::Version
|
84
|
-
hash: 3
|
85
|
-
segments:
|
86
|
-
- 0
|
87
78
|
version: "0"
|
88
79
|
requirements: []
|
89
80
|
|
90
81
|
rubyforge_project:
|
91
|
-
rubygems_version: 1.
|
82
|
+
rubygems_version: 1.5.0
|
92
83
|
signing_key:
|
93
84
|
specification_version: 3
|
94
85
|
summary: XML Canonicalizer for Ruby >= 1.92
|