libsaml 2.1.3 → 2.1.4

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 2504015222bc579e1825cb91a8494ac10a6f9de7
4
- data.tar.gz: 6941b75d531369162d63f231449df9ad1a40b5c7
3
+ metadata.gz: 8be02c920e8a39d14cd84660c6332f5d114266ef
4
+ data.tar.gz: e405dddd6b98273f414ae7c7bf2e1f16d6cbc915
5
5
  SHA512:
6
- metadata.gz: 40e7fdc415fd8c0dcf47bfce890771928e9d29041731fcb578d48867f24f44b367102f83fba41093a288f8a94fdd8129066ad3baa7c8dddae0cc263a49674ef8
7
- data.tar.gz: 72e25b192850943f4ff413f34affa35502cc8054c94029450bf8309cc62a5a1d38dabe400a0d10d569d976e66bc4640a576a86a688a94fa8aba62bb5124c7c42
6
+ metadata.gz: 39754e57b0eb30b97e685f2bb8d4fac05eab30c9b7996d2bfce0d425ea44c38cb627d213379d3c97f3a31eba180d353ba11203595600b1cea52089d0d584f701
7
+ data.tar.gz: 3bf81850cf0eca4640b308827a6238c9ff624f14319db3cfdac49cc176a6f0554e2834c1d15741a642bab8c6b9525e363f1f8d42abe4132c40a95abd0b693d70
@@ -1,4 +1,6 @@
1
1
  {<img src="https://travis-ci.org/digidentity/libsaml.png?branch=master" alt="Build Status" />}[https://travis-ci.org/digidentity/libsaml]
2
+ {<img src="https://gemnasium.com/digidentity/libsaml.png" alt="Dependency Status" />}[https://gemnasium.com/digidentity/libsaml]
3
+ {<img src="https://codeclimate.com/github/digidentity/libsaml.png" />}[https://codeclimate.com/github/digidentity/libsaml]
2
4
  = libsaml
3
5
  Libsaml is a Ruby gem to easily create SAML 2.0 messages. This gem was written because other SAML gems were missing functionality such as XML signing.
4
6
 
@@ -6,7 +6,8 @@ require 'saml/encoding'
6
6
  require 'saml/util'
7
7
  require 'xmlenc'
8
8
  require 'xmldsig'
9
- require 'httpi'
9
+ require "net/https"
10
+ require "uri"
10
11
 
11
12
  module Saml
12
13
  MD_NAMESPACE = 'urn:oasis:names:tc:SAML:2.0:metadata'
@@ -31,7 +31,7 @@ module Saml
31
31
 
32
32
  response = Saml::Util.post(location, Saml::Util.sign_xml(artifact_resolve, :soap))
33
33
 
34
- if response.code == 200
34
+ if response.code == "200"
35
35
  artifact_response = Saml::ArtifactResponse.parse(response.body, single: true)
36
36
  verified_artifact_response = Saml::Util.verify_xml(artifact_response, response.body)
37
37
 
@@ -14,7 +14,7 @@ module Saml
14
14
 
15
15
  http_response = Saml::Util.post(message.destination, signed_message, { 'SOAPAction' => SOAP_ACTION } )
16
16
 
17
- if http_response.code == 200
17
+ if http_response.code == "200"
18
18
  response = Saml.parse_message(http_response.body, response_type)
19
19
  Saml::Util.verify_xml(response, http_response.body)
20
20
  else
@@ -7,13 +7,10 @@ module Saml
7
7
  @@max_issue_instant_offset = 2
8
8
 
9
9
  mattr_accessor :ssl_private_key_file
10
- @@ssl_private_key_file = 'SSL_PRIVATE_KEY_FILE'
11
-
12
- mattr_accessor :ssl_certificate
13
- @@ssl_certificate = 'SSL_CERTIFICATE'
10
+ @@ssl_private_key_file = nil
14
11
 
15
12
  mattr_accessor :ssl_certificate_file
16
- @@ssl_certificate_file = 'SSL_CERTIFICATE_FILE'
13
+ @@ssl_certificate_file = nil
17
14
 
18
15
  mattr_accessor :registered_stores
19
16
  @@registered_stores = {}
@@ -14,16 +14,8 @@ module Saml
14
14
  end
15
15
  end
16
16
 
17
- def current_store(store_or_symbol = nil)
18
- case store_or_symbol
19
- when Symbol
20
- before_filter { Saml.current_store = store_or_symbol }
21
- else
22
- before_filter do
23
- Saml::Config.register_store klass.name.underscore, klass_or_symbol
24
- Saml.current_store = klass.name.underscore
25
- end
26
- end
17
+ def current_store(store)
18
+ before_filter { Saml.current_store = store }
27
19
  end
28
20
  end
29
21
  end
@@ -15,16 +15,27 @@ module Saml
15
15
  end
16
16
 
17
17
  def post(location, message, additional_headers = {})
18
- request = HTTPI::Request.new
18
+ uri = URI.parse(location)
19
19
 
20
- request.url = location
21
- request.headers.merge! additional_headers
22
- request.headers['Content-Type'] = 'text/xml'
23
- request.body = message
24
- request.auth.ssl.cert_file = Saml::Config.ssl_certificate_file
25
- request.auth.ssl.cert_key_file = Saml::Config.ssl_private_key_file
20
+ http = Net::HTTP.new(uri.host, uri.port)
21
+ http.use_ssl = true
22
+ http.verify_mode = OpenSSL::SSL::VERIFY_PEER
26
23
 
27
- HTTPI.post request
24
+ if Saml::Config.ssl_certificate_file.present? && Saml::Config.ssl_private_key_file.present?
25
+ cert = File.read(Saml::Config.ssl_certificate_file)
26
+ key = File.read(Saml::Config.ssl_private_key_file)
27
+
28
+ http.cert = OpenSSL::X509::Certificate.new(cert)
29
+ http.key = OpenSSL::PKey::RSA.new(key)
30
+ end
31
+
32
+ headers = { 'Content-Type' => 'text/xml' }
33
+ headers.merge! additional_headers
34
+
35
+ request = Net::HTTP::Post.new(uri.request_uri, headers)
36
+ request.body = message
37
+
38
+ http.request(request)
28
39
  end
29
40
 
30
41
  def sign_xml(message, format = :xml, &block)
@@ -1,3 +1,3 @@
1
1
  module Saml
2
- VERSION = "2.1.3"
2
+ VERSION = "2.1.4"
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: libsaml
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.1.3
4
+ version: 2.1.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - Benoist Claassen
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2013-11-27 00:00:00.000000000 Z
11
+ date: 2013-12-10 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activesupport
@@ -94,20 +94,6 @@ dependencies:
94
94
  - - '>='
95
95
  - !ruby/object:Gem::Version
96
96
  version: '0'
97
- - !ruby/object:Gem::Dependency
98
- name: httpi
99
- requirement: !ruby/object:Gem::Requirement
100
- requirements:
101
- - - '>='
102
- - !ruby/object:Gem::Version
103
- version: '0'
104
- type: :runtime
105
- prerelease: false
106
- version_requirements: !ruby/object:Gem::Requirement
107
- requirements:
108
- - - '>='
109
- - !ruby/object:Gem::Version
110
- version: '0'
111
97
  description: Libsaml makes the creation of SAML 2.0 messages easy. The object structure
112
98
  is modeled after the SAML Core 2.0 specification from OASIS. Supported bindings
113
99
  are HTTP-Post, HTTP-Redirect, HTTP-Artifact and SOAP. Features include XML signing,