libsaml 2.6.2 → 2.6.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 81a13cb314576536016f612b508d878a2a9d88f7
-  data.tar.gz: 9d0559a6b9c14acbb190c15ef9526ed85d30fa5e
+  metadata.gz: 28262d5056cc229c82f14228014ca599f70a8537
+  data.tar.gz: f5f806bc93542801609c661a541d74990468c28a
 SHA512:
-  metadata.gz: af29451a08f4467d0527adb001ad649c3c137700772c6e714fa99b9a3c6886de524cb21cad909e3cca90a1febafe70aca1d480d822adb679f5ede02d2015b35c
-  data.tar.gz: 365600e541bdd2dd46a24fba6c6a9d1f121bd25a2054bc3565ce0b49518c5bd43fb63a4b546e1b66e14c1b756dfe02d08bf7302e867b875648564ca00f44cad5
+  metadata.gz: ce857803eb0f96f886578fd9cb2c565eecfd0220a898d0b9ae53811c8fe472bdfe5c7ffe8a5800da47b5711539e8b11c0d0394c59dbdda58efc4ab450c1b8fd3
+  data.tar.gz: 67a08315d3742cea97a9817679ac6604a231e5e50e30fc1e32986ddf475061042d7a5a5e15a068b8a3a79988b7af85ba03a6e21d19c609a55fd375c59079aa23

data/README.md

@@ -188,7 +188,7 @@ class SamlController < ActionController::Base
     elsif account_signed_in?
       build_success_response
     else
-      build_failure(Saml::TopLevelCodes::RESPONDER, Saml::SubStatusCodes::NO_AUTHN_CONTEXT)
+      build_failure(Saml::TopLevelCodes::RESPONDER, Saml::SubStatusCodes::NO_AUTHN_CONTEXT, 'cancelled')
     end
 
     if authn_request.protocol_binding == Saml::ProtocolBinding::HTTP_POST
@@ -201,8 +201,11 @@ class SamlController < ActionController::Base
 
   private
 
-  def build_failure(status_value, sub_status_value)
-    Saml::Response.new(in_response_to: session[:saml_request][:request_id], status_value: status_value, sub_status_value: sub_status_value)
+  def build_failure(status_value, sub_status_value, status_detail)
+    Saml::Response.new(in_response_to:   session[:saml_request][:request_id],
+                       status_value:     status_value,
+                       sub_status_value: sub_status_value,
+                       status_detail:    status_detail)
   end
 
   def build_success_response(authn_request)
@@ -212,8 +215,7 @@ class SamlController < ActionController::Base
       authn_context_class_ref: Saml::ClassRefs::PASSWORD_PROTECTED,
       in_response_to:          authn_request._id,
       recipient:               authn_request.assertion_url,
-      audience:                authn_request.issuer
-    }
+      audience:                authn_request.issuer)
 
     # adding custom attributes
     assertion.add_attribute('name', 'value')

data/lib/saml.rb

@@ -86,6 +86,7 @@ module Saml
   end
 
   module ComplexTypes
+    require 'saml/complex_types/role_descriptor_type'
     require 'saml/complex_types/request_abstract_type'
     require 'saml/complex_types/status_response_type'
     require 'saml/complex_types/endpoint_type'
@@ -104,6 +105,7 @@ module Saml
     require 'saml/elements/audience_restriction'
     require 'saml/elements/sub_status_code'
     require 'saml/elements/status_code'
+    require 'saml/elements/status_detail'
     require 'saml/elements/status'
     require 'saml/elements/subject_confirmation_data'
     require 'saml/elements/subject_confirmation'
@@ -120,6 +122,7 @@ module Saml
     require 'saml/elements/requested_attribute'
     require 'saml/elements/attribute_consuming_service'
     require 'saml/elements/name_id'
+    require 'saml/elements/name_id_format'
     require 'saml/elements/subject'
     require 'saml/elements/conditions'
     require 'saml/elements/authn_statement'
@@ -132,6 +135,7 @@ module Saml
     require 'saml/elements/contact_person'
     require 'saml/elements/idp_sso_descriptor'
     require 'saml/elements/sp_sso_descriptor'
+    require 'saml/elements/attribute_authority_descriptor'
     require 'saml/elements/entity_descriptor'
     require 'saml/elements/entities_descriptor'
   end

data/lib/saml/complex_types/role_descriptor_type.rb

@@ -0,0 +1,46 @@
+module Saml
+  module ComplexTypes
+    module RoleDescriptorType
+      extend ActiveSupport::Concern
+      include Saml::Base
+
+      included do
+        namespace 'md'
+
+        PROTOCOL_SUPPORT_ENUMERATION = 'urn:oasis:names:tc:SAML:2.0:protocol' unless defined?(PROTOCOL_SUPPORT_ENUMERATION)
+
+        attribute :_id, String, :tag => 'ID'
+        attribute :valid_until, Time, :tag => 'validUntil'
+        attribute :cache_duration, String, :tag => 'cacheDuration'
+        attribute :protocol_support_enumeration, String, :tag => 'protocolSupportEnumeration'
+        attribute :error_url, String, :tag => 'errorURL'
+
+        has_many :key_descriptors, Saml::Elements::KeyDescriptor
+
+        validates :protocol_support_enumeration, :presence => true, :inclusion => [PROTOCOL_SUPPORT_ENUMERATION]
+      end
+
+      def initialize(*args)
+        super(*args)
+        @key_descriptors              ||= []
+        @protocol_support_enumeration ||= PROTOCOL_SUPPORT_ENUMERATION
+      end
+
+      def find_key_descriptor(key_name, use)
+        key_descriptors_by_use = find_key_descriptors_by_use(use)
+
+        if key_name.present?
+          key_descriptors_by_use.find { |key| key.key_info.key_name == key_name }
+        else
+          key_descriptors_by_use.first
+        end
+      end
+
+      private
+
+      def find_key_descriptors_by_use(use)
+        key_descriptors.select { |key| key.use == use || key.use.blank? }
+      end
+    end
+  end
+end

data/lib/saml/complex_types/sso_descriptor_type.rb

@@ -4,6 +4,8 @@ module Saml
       extend ActiveSupport::Concern
       include Saml::Base
 
+      include RoleDescriptorType
+
       class ArtifactResolutionService
         include Saml::ComplexTypes::IndexedEndpointType
 
@@ -21,43 +23,14 @@ module Saml
       included do
         namespace 'md'
 
-        PROTOCOL_SUPPORT_ENUMERATION = "urn:oasis:names:tc:SAML:2.0:protocol" unless defined?(PROTOCOL_SUPPORT_ENUMERATION)
-
-        attribute :protocol_support_enumeration, String, :tag => "protocolSupportEnumeration"
-        attribute :valid_until, Time, :tag => "validUntil"
-        attribute :cache_duration, String, :tag => "cacheDuration"
-        attribute :error_url, String, :tag => "errorURL"
-
-        has_many :key_descriptors, Saml::Elements::KeyDescriptor
-
         has_many :artifact_resolution_services, ArtifactResolutionService
         has_many :single_logout_services, SingleLogoutService
-
-        validates :protocol_support_enumeration, :presence => true, :inclusion => [PROTOCOL_SUPPORT_ENUMERATION]
       end
 
       def initialize(*args)
         super(*args)
         @single_logout_services       ||= []
-        @key_descriptors              ||= []
         @artifact_resolution_services ||= []
-        @protocol_support_enumeration ||= PROTOCOL_SUPPORT_ENUMERATION
-      end
-
-      def find_key_descriptor(key_name, use)
-        key_descriptors_by_use = find_key_descriptors_by_use(use)
-
-        if key_name.present?
-          key_descriptors_by_use.find { |key| key.key_info.key_name == key_name }
-        else
-          key_descriptors_by_use.first
-        end
-      end
-
-      private
-
-      def find_key_descriptors_by_use(use)
-        key_descriptors.select { |key| key.use == use || key.use.blank? }
       end
     end
   end

data/lib/saml/complex_types/status_response_type.rb

@@ -16,8 +16,9 @@ module Saml
 
       def initialize(*args)
         options = args.extract_options!
-        @status = Saml::Elements::Status.new(:status_code => Saml::Elements::StatusCode.new(:value            => options.delete(:status_value),
-                                                                                            :sub_status_value => options.delete(:sub_status_value)))
+        @status = Saml::Elements::Status.new(:status_code   => Saml::Elements::StatusCode.new(:value            => options.delete(:status_value),
+                                                                                              :sub_status_value => options.delete(:sub_status_value)),
+                                             :status_detail => Saml::Elements::StatusDetail.new(:status_value => options.delete(:status_detail)))
         super(*(args << options))
       end
 

data/lib/saml/elements/attribute_authority_descriptor.rb

@@ -0,0 +1,20 @@
+module Saml
+  module Elements
+    class AttributeAuthorityDescriptor
+      include Saml::ComplexTypes::RoleDescriptorType
+
+      class AttributeService
+        include Saml::ComplexTypes::EndpointType
+        tag 'AttributeService'
+      end
+
+      tag 'AttributeAuthorityDescriptor'
+
+      has_many :attribute_service, AttributeService
+      has_many :name_id_format, Saml::Elements::NameIdFormat
+
+      validates :attribute_service, :presence => true
+
+    end
+  end
+end

data/lib/saml/elements/entity_descriptor.rb

@@ -21,6 +21,7 @@ module Saml
 
       has_one :idp_sso_descriptor, Saml::Elements::IDPSSODescriptor
       has_one :sp_sso_descriptor, Saml::Elements::SPSSODescriptor
+      has_one :attribute_authority_descriptor, Saml::Elements::AttributeAuthorityDescriptor
 
       has_one :organization, Saml::Elements::Organization
       has_many :contact_persons, Saml::Elements::ContactPerson

data/lib/saml/elements/name_id_format.rb

@@ -0,0 +1,14 @@
+module Saml
+  module Elements
+    class NameIdFormat
+      include Saml::Base
+
+      tag 'NameIDFormat'
+      register_namespace 'md', Saml::MD_NAMESPACE
+      namespace 'md'
+
+      content :value, String
+    end
+  end
+end
+

data/lib/saml/elements/status.rb

@@ -7,6 +7,7 @@ module Saml
       namespace 'samlp'
 
       has_one :status_code, Saml::Elements::StatusCode
+      has_one :status_detail, Saml::Elements::StatusDetail
 
       validates :status_code, :presence => true
 

data/lib/saml/elements/status_detail.rb

@@ -0,0 +1,18 @@
+module Saml
+  module Elements
+    class StatusDetail
+      include Saml::Base
+
+      tag "StatusDetail"
+      namespace 'samlp'
+
+      element :status_value, String, :tag => 'StatusValue'
+
+      def initialize(*args)
+        options          = args.extract_options!
+        @status_value = options.delete(:status_value) if options[:status_value]
+        super(*(args << options))
+      end
+    end
+  end
+end

data/lib/saml/version.rb

@@ -1,3 +1,3 @@
 module Saml
-  VERSION = "2.6.2"
+  VERSION = "2.6.4"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: libsaml
 version: !ruby/object:Gem::Version
-  version: 2.6.2
+  version: 2.6.4
 platform: ruby
 authors:
 - Benoist Claassen
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-07-03 00:00:00.000000000 Z
+date: 2015-08-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -138,11 +138,13 @@ files:
 - lib/saml/complex_types/indexed_endpoint_type.rb
 - lib/saml/complex_types/localized_name_type.rb
 - lib/saml/complex_types/request_abstract_type.rb
+- lib/saml/complex_types/role_descriptor_type.rb
 - lib/saml/complex_types/sso_descriptor_type.rb
 - lib/saml/complex_types/statement_abstract_type.rb
 - lib/saml/complex_types/status_response_type.rb
 - lib/saml/config.rb
 - lib/saml/elements/attribute.rb
+- lib/saml/elements/attribute_authority_descriptor.rb
 - lib/saml/elements/attribute_consuming_service.rb
 - lib/saml/elements/attribute_statement.rb
 - lib/saml/elements/audience_restriction.rb
@@ -162,6 +164,7 @@ files:
 - lib/saml/elements/key_info/x509_data.rb
 - lib/saml/elements/md_extensions.rb
 - lib/saml/elements/name_id.rb
+- lib/saml/elements/name_id_format.rb
 - lib/saml/elements/organization.rb
 - lib/saml/elements/organization_display_name.rb
 - lib/saml/elements/organization_name.rb
@@ -184,6 +187,7 @@ files:
 - lib/saml/elements/sp_sso_descriptor.rb
 - lib/saml/elements/status.rb
 - lib/saml/elements/status_code.rb
+- lib/saml/elements/status_detail.rb
 - lib/saml/elements/sub_status_code.rb
 - lib/saml/elements/subject.rb
 - lib/saml/elements/subject_confirmation.rb