libsaml 2.13.1 → 2.14.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/lib/saml.rb +2 -0
  3. data/lib/saml/bindings/http_redirect.rb +5 -1
  4. data/lib/saml/provider.rb +1 -1
  5. data/lib/saml/version.rb +1 -1
  6. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 5359f70cb191c9ed46d66b875efca2c5a456eef1
4
- data.tar.gz: 1c6d0fa41102a3c807c05fdf3d7d21f7b5e6a5ed
3
+ metadata.gz: 68cc374f731a02daa6a0f13462a40dc0fb5187f5
4
+ data.tar.gz: ad65e6af3a361ae5266dfcbf26625433b134f8ae
5
5
  SHA512:
6
- metadata.gz: 8379e0e7114a14b779325201a333226b803135d5ff417ad48e601e47d20f087bdce965a26cf29fab9adb48d81be00f6fe5d3bd86aac74e27c202a4c5306d9823
7
- data.tar.gz: 6bce47311f98cdc0aba1ceaee744e76005c5465ef013a3e9410f72b170d21049ff52c898e5c32810f05d5de930b3258a366fe22a74d8fd7e9c7fedf73c739580
6
+ metadata.gz: b2768e1991f8909d74c673c2819b71194a617a171952c4fbc65ca261e259fe99f4c5bf7832b8f46fe3916fa627b5adbf44904493851bbccaf73c02a34a72dd72
7
+ data.tar.gz: 6af57acd2b87f93cb6621d55a65498585056c890abc5cb1b1a286c267b417d8238a1c0e0e0fa8914be633383509568a5ad549ac5c5ac33c9591f21b028a25424
data/lib/saml.rb CHANGED
@@ -26,6 +26,8 @@ module Saml
26
26
  end
27
27
  class SignatureInvalid < SamlError
28
28
  end
29
+ class SignatureMissing < SamlError
30
+ end
29
31
  class InvalidProvider < SamlError
30
32
  end
31
33
  class UnparseableMessage < SamlError
data/lib/saml/bindings/http_redirect.rb CHANGED
@@ -19,7 +19,11 @@ module Saml
19
19
  redirect_binding = new(request_or_response, options)
20
20
  query_string = URI.parse(http_request.url).query
21
21
 
22
- redirect_binding.verify_signature(query_string) if request_or_response.provider.authn_requests_signed?
22
+ if http_request.params["Signature"].present?
23
+ redirect_binding.verify_signature(query_string)
24
+ else
25
+ raise Saml::Errors::SignatureMissing.new('Signature missing, but provider requires a signature') if request_or_response.provider.authn_requests_signed?
26
+ end
23
27
 
24
28
  request_or_response.actual_destination = http_request.url
25
29
  request_or_response
data/lib/saml/provider.rb CHANGED
@@ -84,7 +84,7 @@ module Saml
84
84
  end
85
85
 
86
86
  def authn_requests_signed?
87
- sp_descriptor.authn_requests_signed
87
+ sp_descriptor(false).try(:authn_requests_signed)
88
88
  end
89
89
 
90
90
  private
data/lib/saml/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Saml
2
- VERSION = "2.13.1"
2
+ VERSION = "2.14.0"
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: libsaml
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.13.1
4
+ version: 2.14.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Benoist Claassen
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-11-17 00:00:00.000000000 Z
11
+ date: 2015-11-19 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activesupport