ciam-es 0.0.6 → 0.0.7

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 3dad8a3cc1881093b5b571a3a6ff5ef017a580efd63eabe3a40551c365b2ed06
4
- data.tar.gz: a5f904d9fb491a5fa3e916f81ff3a85b86f93536fb32546e35605ca09a3b3530
3
+ metadata.gz: e1ce973bd3d499cd24750bfc8fbaec35056734fd284a1c2e2cc5e5ad4e97298e
4
+ data.tar.gz: 4d0ec7b507ccbd00422bd868460efeefb358de04ab4b92bb185591b7922bb2c4
5
5
  SHA512:
6
- metadata.gz: f15050be6418bf31b9b680e16de3646cd987d5142db14a9a07656e62b2916d0dd21c891d594cbf8ded5a288ab03162126480318c5fa0cc130ccc1483e03bfd48
7
- data.tar.gz: 5e49de6e43c66d2823efc1a472be655edca69deebec364d595aea1577eedd203ed272846ab76e252474502f28addd9b3dcc36949a8e51478aa8a6b46dff02a02
6
+ metadata.gz: 426e3b6ea6bac67c4f25f0ad0636519e8d24f93d5ac87f457ccf7e6a08c7f81d157ece5aa2be393c516c3b9e310edabbe10e8a278b55f68acf65df3295ba7bd8
7
+ data.tar.gz: 98c23881eb82db9f2c790d91347ba2c38e249b9c689dc44db07e1ce166f7db495cde8d4c73dc0d4d13e0ab2647dcf7c46981194de8a7f726371463df486f4d4c
@@ -2,7 +2,7 @@ $LOAD_PATH.push File.expand_path('../lib', __FILE__)
2
2
 
3
3
  Gem::Specification.new do |s|
4
4
  s.name = 'ciam-es'
5
- s.version = '0.0.6'
5
+ s.version = '0.0.7'
6
6
 
7
7
  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
8
8
  s.authors = ["Fabiano Pavan"]
@@ -5,13 +5,15 @@ require "rexml/document"
5
5
  module Ciam
6
6
  module Saml
7
7
  class LogoutResponse
8
- include Coding
9
- include Request
8
+ include Coding
9
+ include Response
10
10
  ASSERTION = "urn:oasis:names:tc:SAML:2.0:assertion"
11
11
  PROTOCOL = "urn:oasis:names:tc:SAML:2.0:protocol"
12
12
  DSIG = "http://www.w3.org/2000/09/xmldsig#"
13
13
 
14
- def initialize( options = { } )
14
+ attr_accessor :settings
15
+
16
+ def initialize( options = { } )
15
17
  opt = { :response => nil, :settings => nil }.merge(options)
16
18
  # We've recieved a LogoutResponse from the IdP
17
19
  if opt[:response]
@@ -32,7 +34,7 @@ module Ciam
32
34
  if opt[:settings]
33
35
  @settings = opt[:settings]
34
36
  end
35
- end
37
+ end
36
38
 
37
39
  # Create a LogoutResponse to to the IdP's LogoutRequest
38
40
  # (For IdP initiated SLO)
@@ -42,11 +44,12 @@ module Ciam
42
44
  :status => "urn:oasis:names:tc:SAML:2.0:status:Success",
43
45
  :extra_parameters => nil }.merge(options)
44
46
  return nil if opt[:transaction_id].nil?
45
- @response = REXML::Document.new
46
- @response.context[:attribute_quote] = :quote
47
+ response_doc = Ciam::XMLSecurityNew::Document.new
48
+ response_doc.context[:attribute_quote] = :quote
49
+
47
50
  uuid = "_" + UUID.new.generate
48
51
  time = Time.now.utc.strftime("%Y-%m-%dT%H:%M:%SZ")
49
- root = @response.add_element "saml2p:LogoutResponse", { "xmlns:saml2p" => PROTOCOL }
52
+ root = response_doc.add_element "saml2p:LogoutResponse", { "xmlns:saml2p" => PROTOCOL }
50
53
  root.attributes['ID'] = uuid
51
54
  root.attributes['IssueInstant'] = time
52
55
  root.attributes['Version'] = "2.0"
@@ -68,44 +71,56 @@ module Ciam
68
71
  }
69
72
  issuer.text = @settings.issuer
70
73
  end
71
- meta = Metadata.new( @settings )
72
- Logging.debug "Created LogoutResponse:\n#{@response}"
73
- return meta.create_slo_response( to_s, opt[:extra_parameters] )
74
+
75
+ response_doc << REXML::XMLDecl.new("1.0", "UTF-8")
76
+ #sign logout_response
77
+ cert = @settings.get_cert(@settings.sp_cert)
78
+
79
+ # embed signature
80
+ if @settings.metadata_signed && @settings.sp_private_key && @settings.sp_cert
81
+ private_key = @settings.get_sp_key
82
+ response_doc.sign_document(private_key, cert)
83
+ end
74
84
 
75
- #root.attributes['Destination'] = action
85
+ Logging.debug "Created LogoutResponse:\n #{response_doc}"
76
86
 
87
+ return request_doc.to_s
88
+
77
89
  end
90
+
78
91
  # function to return the created request as an XML document
79
92
  def to_xml
80
93
  text = ""
81
94
  @response.write(text, 1)
82
95
  return text
83
96
  end
97
+
84
98
  def to_s
85
99
  @response.to_s
86
100
  end
87
101
 
88
- def issuer
89
- element = REXML::XPath.first(@response, "/p:LogoutResponse/a:Issuer", {
90
- "p" => PROTOCOL, "a" => ASSERTION} )
91
- return nil if element.nil?
92
- element.text
93
- end
102
+ def issuer
103
+ element = REXML::XPath.first(@response, "/p:LogoutResponse/a:Issuer", {
104
+ "p" => PROTOCOL, "a" => ASSERTION} )
105
+ return nil if element.nil?
106
+ element.text
107
+ end
94
108
 
95
- def in_response_to
109
+ def in_response_to
96
110
  element = REXML::XPath.first(@response, "/p:LogoutResponse", {
97
111
  "p" => PROTOCOL })
98
112
  return nil if element.nil?
99
- element.attributes["InResponseTo"]
100
- end
113
+ element.attributes["InResponseTo"]
114
+ end
101
115
 
102
- def success?
116
+ def success?
103
117
  element = REXML::XPath.first(@response, "/p:LogoutResponse/p:Status/p:StatusCode", {
104
118
  "p" => PROTOCOL })
105
119
  return false if element.nil?
106
- element.attributes["Value"] == "urn:oasis:names:tc:SAML:2.0:status:Success"
107
-
108
- end
120
+ element.attributes["Value"] == "urn:oasis:names:tc:SAML:2.0:status:Success"
121
+
122
+ end
123
+
109
124
  def is_valid?
110
125
  validate(soft = true)
111
126
  end
@@ -113,6 +128,7 @@ module Ciam
113
128
  def validate!
114
129
  validate( soft = false )
115
130
  end
131
+
116
132
  def validate( soft = true )
117
133
  return false if @response.nil?
118
134
  # Skip validation with a failed response if we don't have settings
@@ -123,10 +139,12 @@ module Ciam
123
139
 
124
140
  end
125
141
 
126
- protected
142
+ protected
143
+
127
144
  def document
128
145
  REXML::Document.new(@response)
129
146
  end
130
- end
147
+
148
+ end
131
149
  end
132
150
  end
@@ -1,5 +1,5 @@
1
1
  module Ciam
2
2
  module Saml
3
- VERSION = '0.6.0'
3
+ VERSION = '0.7.0'
4
4
  end
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: ciam-es
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.6
4
+ version: 0.0.7
5
5
  platform: ruby
6
6
  authors:
7
7
  - Fabiano Pavan
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-09-18 00:00:00.000000000 Z
11
+ date: 2020-09-22 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: canonix