devise_saml_authenticatable 1.1 → 1.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (9) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +4 -4
  3. data/app/controllers/devise/saml_sessions_controller.rb +1 -1
  4. data/devise_saml_authenticatable.gemspec +1 -1
  5. data/lib/devise_saml_authenticatable/strategy.rb +3 -3
  6. data/lib/devise_saml_authenticatable/version.rb +1 -1
  7. data/spec/devise_saml_authenticatable/strategy_spec.rb +10 -2
  8. data/spec/support/saml_idp_controller.rb.erb +1 -1
  9. metadata +6 -6
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 11d475877b3a4f178413861a07e7fd030c65799b
4
- data.tar.gz: f73eaa27a49431b435b502185af337668fceaf8e
3
+ metadata.gz: 4e32069c983d434236aec40263991ce6d9bdd0ad
4
+ data.tar.gz: 8b5f3ee9018059f85338d6c2131a0bed9320af99
5
5
  SHA512:
6
- metadata.gz: 6770f46c7251efd2b1bc7a9c5ed08f665e1653c2abf86de21e66a3783dc0bccde72465975ccceefca619812fc9621726ed68b11f634e1ae4691147fc023d46c4
7
- data.tar.gz: 6ce53e6cc7a4b582e0801f595cdd7e42763841fb6c0606935886612692e2929323f29ec00f17e3625d04abdc7f2c22260dc2b3d9be4fffbc1e583cf18852ecf5
6
+ metadata.gz: 181201e680b151a438bf8a7a2e999a773a231951003ab4fc77d014e83340d40634645fdec3f5270ce7f26a0506c19e0d6f87b90627c160db85aa60646f06e6d4
7
+ data.tar.gz: 5fd315b55da27314594ca7cd152c85ddd74947a6d0dca2c2dce1e29999ca2ead9aa07873ce4f0e729d9c00e0dd77bb4ca03ec2803d11af585057ea99459f639b
data/README.md CHANGED
@@ -37,10 +37,10 @@ In config/initializers/devise.rb
37
37
  Devise.setup do |config|
38
38
  ...
39
39
  # ==> Configuration for :saml_authenticatable
40
-
40
+
41
41
  # Create user if the user does not exist. (Default is false)
42
42
  config.saml_create_user = true
43
-
43
+
44
44
  # Set the default user key. The user will be looked up by this key. Make
45
45
  # sure that the Authentication Response includes the attribute.
46
46
  config.saml_default_user_key = :email
@@ -58,7 +58,7 @@ In config/initializers/devise.rb
58
58
  settings.assertion_consumer_service_url = "http://localhost:3000/users/saml/auth"
59
59
  settings.assertion_consumer_service_binding = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
60
60
  settings.name_identifier_format = "urn:oasis:names:tc:SAML:2.0:nameid-format:transient"
61
- settings.issuer = "http://localhost:3000"
61
+ settings.issuer = "http://localhost:3000/saml/metadata"
62
62
  settings.authn_context = ""
63
63
  settings.idp_slo_target_url = "http://localhost/simplesaml/www/saml2/idp/SingleLogoutService.php"
64
64
  settings.idp_sso_target_url = "http://localhost/simplesaml/www/saml2/idp/SSOService.php"
@@ -88,7 +88,7 @@ In config directory create a YAML file (`attribute-map.yml`) that maps SAML attr
88
88
 
89
89
  ```yaml
90
90
  # attribute-map.yml
91
-
91
+
92
92
  "urn:mace:dir:attribute-def:uid": "user_name"
93
93
  "urn:mace:dir:attribute-def:email": "email"
94
94
  "urn:mace:dir:attribute-def:name": "last_name"
data/app/controllers/devise/saml_sessions_controller.rb CHANGED
@@ -19,7 +19,7 @@ class Devise::SamlSessionsController < Devise::SessionsController
19
19
 
20
20
  def idp_sign_out
21
21
  if params[:SAMLRequest] && Devise.saml_session_index_key
22
- logout_request = OneLogin::RubySaml::SloLogoutrequest.new(params[:SAMLRequest], @saml_config)
22
+ logout_request = OneLogin::RubySaml::SloLogoutrequest.new(params[:SAMLRequest], settings: @saml_config)
23
23
  resource_class.reset_session_key_for(logout_request.name_id)
24
24
 
25
25
  redirect_to generate_idp_logout_response(logout_request)
data/devise_saml_authenticatable.gemspec CHANGED
@@ -17,5 +17,5 @@ Gem::Specification.new do |gem|
17
17
  gem.test_files = gem.files.grep(%r{^(test|spec|features)/})
18
18
 
19
19
  gem.add_dependency("devise","> 2.0.0")
20
- gem.add_dependency("ruby-saml","0.9.2")
20
+ gem.add_dependency("ruby-saml","~> 1.0")
21
21
  end
data/lib/devise_saml_authenticatable/strategy.rb CHANGED
@@ -1,4 +1,5 @@
1
1
  require 'devise/strategies/authenticatable'
2
+
2
3
  module Devise
3
4
  module Strategies
4
5
  class SamlAuthenticatable < Authenticatable
@@ -13,10 +14,9 @@ module Devise
13
14
  end
14
15
 
15
16
  def authenticate!
16
- @response = OneLogin::RubySaml::Response.new(params[:SAMLResponse])
17
- @response.settings = get_saml_config
17
+ @response = OneLogin::RubySaml::Response.new(params[:SAMLResponse], settings: get_saml_config)
18
18
  resource = mapping.to.authenticate_with_saml(@response)
19
- if @response.is_valid?
19
+ if @response.is_valid? && resource
20
20
  resource.after_saml_authentication(@response.sessionindex)
21
21
  success!(resource)
22
22
  else
data/lib/devise_saml_authenticatable/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module DeviseSamlAuthenticatable
2
- VERSION = "1.1"
2
+ VERSION = "1.2"
3
3
  end
data/spec/devise_saml_authenticatable/strategy_spec.rb CHANGED
@@ -35,8 +35,7 @@ describe Devise::Strategies::SamlAuthenticatable do
35
35
  end
36
36
 
37
37
  it "authenticates with the response" do
38
- expect(OneLogin::RubySaml::Response).to receive(:new).with(params[:SAMLResponse])
39
- expect(response).to receive(:settings=).with(saml_config)
38
+ expect(OneLogin::RubySaml::Response).to receive(:new).with(params[:SAMLResponse], settings: saml_config)
40
39
  expect(user_class).to receive(:authenticate_with_saml).with(response)
41
40
  expect(user).to receive(:after_saml_authentication).with(response.sessionindex)
42
41
 
@@ -44,6 +43,15 @@ describe Devise::Strategies::SamlAuthenticatable do
44
43
  strategy.authenticate!
45
44
  end
46
45
 
46
+ context "and the resource cannot does not exist" do
47
+ let(:user) { nil }
48
+
49
+ it "fails to authenticate" do
50
+ expect(strategy).to receive(:fail!).with(:invalid)
51
+ strategy.authenticate!
52
+ end
53
+ end
54
+
47
55
  context "and the SAML response is not valid" do
48
56
  before do
49
57
  allow(response).to receive(:is_valid?).and_return(false)
data/spec/support/saml_idp_controller.rb.erb CHANGED
@@ -37,7 +37,7 @@ class SamlIdpController < SamlIdp::IdpController
37
37
  def encode_SAMLResponse(nameID, opts = {})
38
38
  now = Time.now.utc
39
39
  response_id = UUID.generate
40
- audience_uri = opts[:audience_uri] || saml_acs_url[/^(.*?\/\/.*?\/)/, 1]
40
+ audience_uri = opts[:audience_uri] || "#{saml_acs_url[/^(.*?\/\/.*?\/)/, 1]}saml/metadata"
41
41
  issuer_uri = opts[:issuer_uri] || (defined?(request) && request.url) || "http://example.com"
42
42
 
43
43
  attributes = opts.fetch(:attributes, {})
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: devise_saml_authenticatable
3
3
  version: !ruby/object:Gem::Version
4
- version: '1.1'
4
+ version: '1.2'
5
5
  platform: ruby
6
6
  authors:
7
7
  - Josef Sauter
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-07-20 00:00:00.000000000 Z
11
+ date: 2015-08-25 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: devise
@@ -28,16 +28,16 @@ dependencies:
28
28
  name: ruby-saml
29
29
  requirement: !ruby/object:Gem::Requirement
30
30
  requirements:
31
- - - '='
31
+ - - "~>"
32
32
  - !ruby/object:Gem::Version
33
- version: 0.9.2
33
+ version: '1.0'
34
34
  type: :runtime
35
35
  prerelease: false
36
36
  version_requirements: !ruby/object:Gem::Requirement
37
37
  requirements:
38
- - - '='
38
+ - - "~>"
39
39
  - !ruby/object:Gem::Version
40
- version: 0.9.2
40
+ version: '1.0'
41
41
  description: SAML Authentication for devise
42
42
  email:
43
43
  - Josef.Sauter@gmail.com