devise_saml_authenticatable 1.1 → 1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (9) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +4 -4
  3. data/app/controllers/devise/saml_sessions_controller.rb +1 -1
  4. data/devise_saml_authenticatable.gemspec +1 -1
  5. data/lib/devise_saml_authenticatable/strategy.rb +3 -3
  6. data/lib/devise_saml_authenticatable/version.rb +1 -1
  7. data/spec/devise_saml_authenticatable/strategy_spec.rb +10 -2
  8. data/spec/support/saml_idp_controller.rb.erb +1 -1
  9. metadata +6 -6
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 11d475877b3a4f178413861a07e7fd030c65799b
4
- data.tar.gz: f73eaa27a49431b435b502185af337668fceaf8e
3
+ metadata.gz: 4e32069c983d434236aec40263991ce6d9bdd0ad
4
+ data.tar.gz: 8b5f3ee9018059f85338d6c2131a0bed9320af99
5
5
  SHA512:
6
- metadata.gz: 6770f46c7251efd2b1bc7a9c5ed08f665e1653c2abf86de21e66a3783dc0bccde72465975ccceefca619812fc9621726ed68b11f634e1ae4691147fc023d46c4
7
- data.tar.gz: 6ce53e6cc7a4b582e0801f595cdd7e42763841fb6c0606935886612692e2929323f29ec00f17e3625d04abdc7f2c22260dc2b3d9be4fffbc1e583cf18852ecf5
6
+ metadata.gz: 181201e680b151a438bf8a7a2e999a773a231951003ab4fc77d014e83340d40634645fdec3f5270ce7f26a0506c19e0d6f87b90627c160db85aa60646f06e6d4
7
+ data.tar.gz: 5fd315b55da27314594ca7cd152c85ddd74947a6d0dca2c2dce1e29999ca2ead9aa07873ce4f0e729d9c00e0dd77bb4ca03ec2803d11af585057ea99459f639b
data/README.md CHANGED
@@ -37,10 +37,10 @@ In config/initializers/devise.rb
37
37
  Devise.setup do |config|
38
38
  ...
39
39
  # ==> Configuration for :saml_authenticatable
40
-
40
+
41
41
  # Create user if the user does not exist. (Default is false)
42
42
  config.saml_create_user = true
43
-
43
+
44
44
  # Set the default user key. The user will be looked up by this key. Make
45
45
  # sure that the Authentication Response includes the attribute.
46
46
  config.saml_default_user_key = :email
@@ -58,7 +58,7 @@ In config/initializers/devise.rb
58
58
  settings.assertion_consumer_service_url = "http://localhost:3000/users/saml/auth"
59
59
  settings.assertion_consumer_service_binding = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
60
60
  settings.name_identifier_format = "urn:oasis:names:tc:SAML:2.0:nameid-format:transient"
61
- settings.issuer = "http://localhost:3000"
61
+ settings.issuer = "http://localhost:3000/saml/metadata"
62
62
  settings.authn_context = ""
63
63
  settings.idp_slo_target_url = "http://localhost/simplesaml/www/saml2/idp/SingleLogoutService.php"
64
64
  settings.idp_sso_target_url = "http://localhost/simplesaml/www/saml2/idp/SSOService.php"
@@ -88,7 +88,7 @@ In config directory create a YAML file (`attribute-map.yml`) that maps SAML attr
88
88
 
89
89
  ```yaml
90
90
  # attribute-map.yml
91
-
91
+
92
92
  "urn:mace:dir:attribute-def:uid": "user_name"
93
93
  "urn:mace:dir:attribute-def:email": "email"
94
94
  "urn:mace:dir:attribute-def:name": "last_name"
data/app/controllers/devise/saml_sessions_controller.rb CHANGED
@@ -19,7 +19,7 @@ class Devise::SamlSessionsController < Devise::SessionsController
19
19
 
20
20
  def idp_sign_out
21
21
  if params[:SAMLRequest] && Devise.saml_session_index_key
22
- logout_request = OneLogin::RubySaml::SloLogoutrequest.new(params[:SAMLRequest], @saml_config)
22
+ logout_request = OneLogin::RubySaml::SloLogoutrequest.new(params[:SAMLRequest], settings: @saml_config)
23
23
  resource_class.reset_session_key_for(logout_request.name_id)
24
24
 
25
25
  redirect_to generate_idp_logout_response(logout_request)
data/devise_saml_authenticatable.gemspec CHANGED
@@ -17,5 +17,5 @@ Gem::Specification.new do |gem|
17
17
  gem.test_files = gem.files.grep(%r{^(test|spec|features)/})
18
18
 
19
19
  gem.add_dependency("devise","> 2.0.0")
20
- gem.add_dependency("ruby-saml","0.9.2")
20
+ gem.add_dependency("ruby-saml","~> 1.0")
21
21
  end
data/lib/devise_saml_authenticatable/strategy.rb CHANGED
@@ -1,4 +1,5 @@
1
1
  require 'devise/strategies/authenticatable'
2
+
2
3
  module Devise
3
4
  module Strategies
4
5
  class SamlAuthenticatable < Authenticatable
@@ -13,10 +14,9 @@ module Devise
13
14
  end
14
15
 
15
16
  def authenticate!
16
- @response = OneLogin::RubySaml::Response.new(params[:SAMLResponse])
17
- @response.settings = get_saml_config
17
+ @response = OneLogin::RubySaml::Response.new(params[:SAMLResponse], settings: get_saml_config)
18
18
  resource = mapping.to.authenticate_with_saml(@response)
19
- if @response.is_valid?
19
+ if @response.is_valid? && resource
20
20
  resource.after_saml_authentication(@response.sessionindex)
21
21
  success!(resource)
22
22
  else
data/lib/devise_saml_authenticatable/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module DeviseSamlAuthenticatable
2
- VERSION = "1.1"
2
+ VERSION = "1.2"
3
3
  end
data/spec/devise_saml_authenticatable/strategy_spec.rb CHANGED
@@ -35,8 +35,7 @@ describe Devise::Strategies::SamlAuthenticatable do
35
35
  end
36
36
 
37
37
  it "authenticates with the response" do
38
- expect(OneLogin::RubySaml::Response).to receive(:new).with(params[:SAMLResponse])
39
- expect(response).to receive(:settings=).with(saml_config)
38
+ expect(OneLogin::RubySaml::Response).to receive(:new).with(params[:SAMLResponse], settings: saml_config)
40
39
  expect(user_class).to receive(:authenticate_with_saml).with(response)
41
40
  expect(user).to receive(:after_saml_authentication).with(response.sessionindex)
42
41
 
@@ -44,6 +43,15 @@ describe Devise::Strategies::SamlAuthenticatable do
44
43
  strategy.authenticate!
45
44
  end
46
45
 
46
+ context "and the resource cannot does not exist" do
47
+ let(:user) { nil }
48
+
49
+ it "fails to authenticate" do
50
+ expect(strategy).to receive(:fail!).with(:invalid)
51
+ strategy.authenticate!
52
+ end
53
+ end
54
+
47
55
  context "and the SAML response is not valid" do
48
56
  before do
49
57
  allow(response).to receive(:is_valid?).and_return(false)
data/spec/support/saml_idp_controller.rb.erb CHANGED
@@ -37,7 +37,7 @@ class SamlIdpController < SamlIdp::IdpController
37
37
  def encode_SAMLResponse(nameID, opts = {})
38
38
  now = Time.now.utc
39
39
  response_id = UUID.generate
40
- audience_uri = opts[:audience_uri] || saml_acs_url[/^(.*?\/\/.*?\/)/, 1]
40
+ audience_uri = opts[:audience_uri] || "#{saml_acs_url[/^(.*?\/\/.*?\/)/, 1]}saml/metadata"
41
41
  issuer_uri = opts[:issuer_uri] || (defined?(request) && request.url) || "http://example.com"
42
42
 
43
43
  attributes = opts.fetch(:attributes, {})
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: devise_saml_authenticatable
3
3
  version: !ruby/object:Gem::Version
4
- version: '1.1'
4
+ version: '1.2'
5
5
  platform: ruby
6
6
  authors:
7
7
  - Josef Sauter
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-07-20 00:00:00.000000000 Z
11
+ date: 2015-08-25 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: devise
@@ -28,16 +28,16 @@ dependencies:
28
28
  name: ruby-saml
29
29
  requirement: !ruby/object:Gem::Requirement
30
30
  requirements:
31
- - - '='
31
+ - - "~>"
32
32
  - !ruby/object:Gem::Version
33
- version: 0.9.2
33
+ version: '1.0'
34
34
  type: :runtime
35
35
  prerelease: false
36
36
  version_requirements: !ruby/object:Gem::Requirement
37
37
  requirements:
38
- - - '='
38
+ - - "~>"
39
39
  - !ruby/object:Gem::Version
40
- version: 0.9.2
40
+ version: '1.0'
41
41
  description: SAML Authentication for devise
42
42
  email:
43
43
  - Josef.Sauter@gmail.com