cie-es 0.0.1 → 0.0.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/cie-es.gemspec +1 -1
- data/lib/cie/ruby-saml/authrequest.rb +19 -25
- data/lib/cie/ruby-saml/metadata.rb +5 -3
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: aa8ffcd923c77d685ba34780714399f6c8d6e9319e40e2ba6306b4a67ef7bd68
|
|
4
|
+
data.tar.gz: 4ff68734ae1fcc20ead106bea204530ace83c3222fd9832af1cca77af4afb890
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 21ec147dcf6c26f1538f3938a5b1e8dfc9f016fcc187bb743acd0dfafa3468f022c245a0861ac8ac6313a480e027084675b84ad0193252cca723b3af2b4345eb
|
|
7
|
+
data.tar.gz: 1eff47e58ff23c9a80becc38b23fe00dd28f5b8678fc7b592589b55a0b80fd9078aa9ecf31c857c56dfd57400f885a150b964e642f26a2a449b5e43f24b8bdd9
|
data/cie-es.gemspec
CHANGED
|
@@ -2,7 +2,7 @@ $LOAD_PATH.push File.expand_path('../lib', __FILE__)
|
|
|
2
2
|
|
|
3
3
|
Gem::Specification.new do |s|
|
|
4
4
|
s.name = 'cie-es'
|
|
5
|
-
s.version = '0.0.
|
|
5
|
+
s.version = '0.0.6'
|
|
6
6
|
|
|
7
7
|
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
|
8
8
|
s.authors = ["Fabiano Pavan"]
|
|
@@ -29,24 +29,16 @@ module Cie::Saml
|
|
|
29
29
|
# Create AuthnRequest root element using REXML
|
|
30
30
|
request_doc = Cie::XMLSecurityNew::Document.new
|
|
31
31
|
request_doc.context[:attribute_quote] = :quote
|
|
32
|
-
root = request_doc.add_element "
|
|
32
|
+
root = request_doc.add_element "samlp:AuthnRequest", { "xmlns:samlp" => "urn:oasis:names:tc:SAML:2.0:protocol",
|
|
33
33
|
"xmlns:saml" => "urn:oasis:names:tc:SAML:2.0:assertion"
|
|
34
34
|
}
|
|
35
35
|
root.attributes['ID'] = uuid
|
|
36
36
|
root.attributes['IssueInstant'] = time
|
|
37
37
|
root.attributes['Version'] = "2.0"
|
|
38
|
-
|
|
38
|
+
root.attributes['ProtocolBinding'] = HTTP_POST
|
|
39
39
|
root.attributes['AttributeConsumingServiceIndex'] = @settings.assertion_consumer_service_index
|
|
40
40
|
root.attributes['ForceAuthn'] = "true"
|
|
41
|
-
|
|
42
|
-
#usato AssertionConsumerServiceURL e ProtocolBinding in alternativa, pag 8 regole tecniche
|
|
43
|
-
root.attributes['AssertionConsumerServiceIndex'] = @settings.attribute_consuming_service_index
|
|
44
|
-
|
|
45
|
-
#Tolto, utilizzo AssertionConsumerServiceIndex
|
|
46
|
-
# # Conditionally defined elements based on settings
|
|
47
|
-
# if @settings.assertion_consumer_service_url != nil
|
|
48
|
-
# root.attributes["AssertionConsumerServiceURL"] = @settings.assertion_consumer_service_url
|
|
49
|
-
# end
|
|
41
|
+
root.attributes["AssertionConsumerServiceURL"] = @settings.assertion_consumer_service_url
|
|
50
42
|
|
|
51
43
|
if @settings.destination_service_url != nil
|
|
52
44
|
root.attributes["Destination"] = @settings.destination_service_url
|
|
@@ -71,9 +63,9 @@ module Cie::Saml
|
|
|
71
63
|
|
|
72
64
|
|
|
73
65
|
if @settings.name_identifier_format != nil
|
|
74
|
-
root.add_element "
|
|
66
|
+
root.add_element "samlp:NameIDPolicy", {
|
|
75
67
|
# Might want to make AllowCreate a setting?
|
|
76
|
-
|
|
68
|
+
"AllowCreate" => "1",
|
|
77
69
|
"Format" => @settings.name_identifier_format[0]
|
|
78
70
|
}
|
|
79
71
|
end
|
|
@@ -82,7 +74,7 @@ module Cie::Saml
|
|
|
82
74
|
# match required for authentication to succeed. If this is not defined,
|
|
83
75
|
# the IdP will choose default rules for authentication. (Shibboleth IdP)
|
|
84
76
|
if @settings.authn_context != nil
|
|
85
|
-
requested_context = root.add_element "
|
|
77
|
+
requested_context = root.add_element "samlp:RequestedAuthnContext", {
|
|
86
78
|
"Comparison" => "minimum"
|
|
87
79
|
}
|
|
88
80
|
context_class = []
|
|
@@ -94,12 +86,12 @@ module Cie::Saml
|
|
|
94
86
|
end
|
|
95
87
|
|
|
96
88
|
if @settings.requester_identificator != nil
|
|
97
|
-
requester_identificator = root.add_element "
|
|
89
|
+
requester_identificator = root.add_element "samlp:Scoping", {
|
|
98
90
|
"ProxyCount" => "0"
|
|
99
91
|
}
|
|
100
92
|
identificators = []
|
|
101
93
|
@settings.requester_identificator.each_with_index{ |requester, index|
|
|
102
|
-
identificators[index] = requester_identificator.add_element "
|
|
94
|
+
identificators[index] = requester_identificator.add_element "samlp:RequesterID"
|
|
103
95
|
identificators[index].text = requester
|
|
104
96
|
}
|
|
105
97
|
|
|
@@ -140,23 +132,25 @@ module Cie::Saml
|
|
|
140
132
|
metadata = Metadata::new
|
|
141
133
|
meta_doc = metadata.get_idp_metadata(@settings)
|
|
142
134
|
|
|
143
|
-
# first try
|
|
135
|
+
# first try GET
|
|
144
136
|
sso_element = REXML::XPath.first(meta_doc,
|
|
145
|
-
"/EntityDescriptor/IDPSSODescriptor/SingleSignOnService[@Binding='#{
|
|
137
|
+
"/EntityDescriptor/IDPSSODescriptor/SingleSignOnService[@Binding='#{HTTP_GET}']")
|
|
146
138
|
if sso_element
|
|
147
139
|
@URL = sso_element.attributes["Location"]
|
|
148
|
-
|
|
149
|
-
return "
|
|
140
|
+
Logging.debug "binding_select: GET from #{@URL}"
|
|
141
|
+
return "GET", content_get
|
|
150
142
|
end
|
|
151
|
-
|
|
152
|
-
#
|
|
143
|
+
|
|
144
|
+
# then try POST
|
|
153
145
|
sso_element = REXML::XPath.first(meta_doc,
|
|
154
|
-
"/EntityDescriptor/IDPSSODescriptor/SingleSignOnService[@Binding='#{
|
|
146
|
+
"/EntityDescriptor/IDPSSODescriptor/SingleSignOnService[@Binding='#{HTTP_POST}']")
|
|
155
147
|
if sso_element
|
|
156
148
|
@URL = sso_element.attributes["Location"]
|
|
157
|
-
Logging.debug "binding_select:
|
|
158
|
-
return "
|
|
149
|
+
#Logging.debug "binding_select: POST to #{@URL}"
|
|
150
|
+
return "POST", content_post
|
|
159
151
|
end
|
|
152
|
+
|
|
153
|
+
|
|
160
154
|
# other types we might want to add in the future: SOAP, Artifact
|
|
161
155
|
end
|
|
162
156
|
|
|
@@ -38,9 +38,11 @@ module Cie
|
|
|
38
38
|
if settings.issuer != nil
|
|
39
39
|
root.attributes["entityID"] = settings.issuer
|
|
40
40
|
end
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
41
|
+
|
|
42
|
+
#Tolgo attributo ID per avere il metadata uguale e non farlo cambiare continuamente
|
|
43
|
+
# uuid = "_" + UUID.new.generate
|
|
44
|
+
# self.uuid = uuid
|
|
45
|
+
# root.attributes["ID"] = uuid
|
|
44
46
|
|
|
45
47
|
sp_sso = root.add_element "md:SPSSODescriptor", {
|
|
46
48
|
"protocolSupportEnumeration" => "urn:oasis:names:tc:SAML:2.0:protocol",
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: cie-es
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
4
|
+
version: 0.0.6
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Fabiano Pavan
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2020-
|
|
11
|
+
date: 2020-06-16 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: canonix
|
|
@@ -112,7 +112,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
112
112
|
- !ruby/object:Gem::Version
|
|
113
113
|
version: '0'
|
|
114
114
|
requirements: []
|
|
115
|
-
rubygems_version: 3.0.
|
|
115
|
+
rubygems_version: 3.0.8
|
|
116
116
|
signing_key:
|
|
117
117
|
specification_version: 4
|
|
118
118
|
summary: SAML Ruby Toolkit Cie
|