RubyGems - libsaml - Versions diffs - 2.9.0 → 2.10.0 - Mend

libsaml 2.9.0 → 2.10.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (12) hide show

checksums.yaml +4 -4
data/lib/saml.rb +8 -2
data/lib/saml/complex_types/attribute_query_type.rb +20 -0
data/lib/saml/complex_types/evidence_type.rb +23 -0
data/lib/saml/complex_types/subject_query_abstract_type.rb +27 -0
data/lib/saml/elements/attribute_query.rb +12 -0
data/lib/saml/elements/attribute_value.rb +5 -2
data/lib/saml/elements/encrypted_id.rb +53 -0
data/lib/saml/elements/evidence.rb +11 -0
data/lib/saml/util.rb +22 -1
data/lib/saml/version.rb +1 -1
metadata +10 -4

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 194bdb769169b21923b5fa689fe9866751f09f0a
-  data.tar.gz: 5ab51c74f9e390e80388f1529016f1c49b3a187e
+  metadata.gz: 882f50e4ac23264d5ca2b47dca17df3805e8a6ed
+  data.tar.gz: 52e24e2e5867fd8709011f2c5e96b1a3d8f56ea9
 SHA512:
-  metadata.gz: 199ce03937ac45c4cc56879ab807af9d61152be42777e140878685b28ad1adf657379eed0029e63b54a38f5be55168101a997400605e3d869685f45b1a93cc82
-  data.tar.gz: 6e655df6e753dc658eb7207a0936e14746b61358498a541b662b94dda7bfa047de9d241eec12d28fd50a28209df1ed6abd992637e762e480a083473e18fb9dd0
+  metadata.gz: d4b5a5bef05f0756775db7cbe1922fb1fe8b62cb84807c43a832cca8b66f571e3db090c321d7e49fd8365f57547dc3725f91469c1e85bd1a62d33719e380d7b2
+  data.tar.gz: d346b7bcb9c684047717ff157615b16fbf35cfd2c09de5f9e9b6f95f66036182c44a68344dbef7a33e2c169a1aac1097375496dcc6b03a04b6b74f0de792dac4

data/lib/saml.rb CHANGED Viewed

@@ -97,6 +97,9 @@ module Saml
     require 'saml/complex_types/attribute_type'
     require 'saml/complex_types/localized_name_type'
     require 'saml/complex_types/statement_abstract_type'
+    require 'saml/complex_types/subject_query_abstract_type'
+    require 'saml/complex_types/attribute_query_type'
+    require 'saml/complex_types/evidence_type'
   end
   module Elements
@@ -113,6 +116,9 @@ module Saml
     require 'saml/elements/subject_confirmation'
     require 'saml/elements/encrypted_assertion'
     require 'saml/elements/encrypted_attribute'
+    require 'saml/elements/name_id'
+    require 'saml/elements/name_id_format'
+    require 'saml/elements/encrypted_id'
     require 'saml/elements/attribute_value'
     require 'saml/elements/attribute'
     require 'saml/elements/attribute_statement'
@@ -124,8 +130,6 @@ module Saml
     require 'saml/elements/service_description'
     require 'saml/elements/requested_attribute'
     require 'saml/elements/attribute_consuming_service'
-    require 'saml/elements/name_id'
-    require 'saml/elements/name_id_format'
     require 'saml/elements/subject'
     require 'saml/elements/conditions'
     require 'saml/elements/authn_statement'
@@ -141,6 +145,8 @@ module Saml
     require 'saml/elements/attribute_authority_descriptor'
     require 'saml/elements/entity_descriptor'
     require 'saml/elements/entities_descriptor'
+    require 'saml/elements/attribute_query'
+    require 'saml/elements/evidence'
   end
   module Rails

data/lib/saml/complex_types/attribute_query_type.rb ADDED Viewed

@@ -0,0 +1,20 @@
+module Saml
+  module ComplexTypes
+    module AttributeQueryType
+      extend ActiveSupport::Concern
+      include SubjectQueryAbstractType
+      included do
+        has_many :attributes, Saml::Elements::Attribute
+      end
+      def initialize(*args)
+        options = args.extract_options!
+        super(*(args << options))
+        @attributes = []
+      end
+    end
+  end
+end

data/lib/saml/complex_types/evidence_type.rb ADDED Viewed

@@ -0,0 +1,23 @@
+module Saml
+  module ComplexTypes
+    module EvidenceType
+      extend ActiveSupport::Concern
+      included do
+        require 'saml/assertion'
+        has_many :assertion, ::Saml::Assertion
+        validates :assertion, presence: true
+      end
+      def initialize(*args)
+        options = args.extract_options!
+        @assertion = options.delete(:assertion)
+        super(*(args << options))
+      end
+    end
+  end
+end

data/lib/saml/complex_types/subject_query_abstract_type.rb ADDED Viewed

@@ -0,0 +1,27 @@
+module Saml
+  module ComplexTypes
+    module SubjectQueryAbstractType
+      extend ActiveSupport::Concern
+      include RequestAbstractType
+      included do
+        element :subject, Saml::Elements::Subject
+        validates :subject, presence: true
+      end
+      def initialize(*args)
+        options = args.extract_options!
+        @subject = Saml::Elements::Subject.new(
+          name_id: options.delete(:name_id),
+          name_id_format: options.delete(:name_id_format),
+          recipient: options.delete(:recipient),
+          in_response_to: options.delete(:in_response_to)
+        )
+        super(*(args << options))
+      end
+    end
+  end
+end

data/lib/saml/elements/attribute_query.rb ADDED Viewed

@@ -0,0 +1,12 @@
+module Saml
+  module Elements
+    class AttributeQuery
+      include HappyMapper
+      include Saml::Base
+      include Saml::ComplexTypes::AttributeQueryType
+      tag 'AttributeQuery'
+      namespace 'samlp'
+    end
+  end
+end

data/lib/saml/elements/attribute_value.rb CHANGED Viewed

@@ -1,14 +1,17 @@
 module Saml
   module Elements
     class AttributeValue
-      include Saml::Base
+      include ::Saml::Base
+      tag 'AttributeValue'
       register_namespace 'saml', Saml::SAML_NAMESPACE
       register_namespace 'xs',   Saml::XS_NAMESPACE
       register_namespace 'xsi',  Saml::XSI_NAMESPACE
       namespace 'saml'
-      tag 'AttributeValue'
+      has_one :encrypted_id, EncryptedID
       attribute :type, String, tag: 'xsi:type'

data/lib/saml/elements/encrypted_id.rb ADDED Viewed

@@ -0,0 +1,53 @@
+module Saml
+  module Elements
+    class EncryptedID
+      include ::HappyMapper
+      include ::Saml::Base
+      include ::Saml::XMLHelpers
+      tag 'EncryptedID'
+      register_namespace 'saml', ::Saml::SAML_NAMESPACE
+      namespace 'saml'
+      has_one :encrypted_data, Xmlenc::Builder::EncryptedData
+      has_many :encrypted_keys, Xmlenc::Builder::EncryptedKey
+      has_one :name_id, Saml::Elements::NameId
+      validates :encrypted_data, presence: true
+      def initialize(*args)
+        options = args.extract_options!
+        super(*(args << options))
+      end
+      def encrypt(key_descriptor, key_options = {})
+        certificate = key_descriptor.certificate
+        key_name = key_descriptor.key_info.key_name
+        self.encrypted_data = Xmlenc::Builder::EncryptedData.new
+        self.encrypted_data.set_key_retrieval_method Xmlenc::Builder::RetrievalMethod.new(
+          uri: "##{key_options[:id]}"
+        )
+        self.encrypted_data.set_encryption_method(
+          algorithm: 'http://www.w3.org/2001/04/xmlenc#aes256-cbc'
+        )
+        encrypted_key = self.encrypted_data.encrypt(name_id_xml, key_options)
+        encrypted_key.set_encryption_method(
+          algorithm: 'http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p',
+          digest_method_algorithm: 'http://www.w3.org/2000/09/xmldsig#sha1'
+        )
+        encrypted_key.set_key_name key_name
+        encrypted_key.encrypt certificate.public_key
+        self.encrypted_keys = [encrypted_key]
+        self.name_id = nil
+      end
+      private
+      def name_id_xml
+        Nokogiri::XML(name_id.to_xml).root.to_xml
+      end
+    end
+  end
+end

data/lib/saml/elements/evidence.rb ADDED Viewed

@@ -0,0 +1,11 @@
+module Saml
+  module Elements
+    class Evidence
+      include HappyMapper
+      include Saml::Base
+      include Saml::ComplexTypes::EvidenceType
+      tag 'Evidence'
+    end
+  end
+end

data/lib/saml/util.rb CHANGED Viewed

@@ -29,7 +29,11 @@ module Saml
           http.key  = OpenSSL::PKey::RSA.new(key)
         end
-        headers = { 'Content-Type' => 'text/xml' }
+        headers = {
+          'Content-Type' => 'text/xml',
+          'Cache-Control' => 'no-cache, no-store',
+          'Pragma' => 'no-cache'
+        }
         headers.merge! additional_headers
         request      = Net::HTTP::Post.new(uri.request_uri, headers)
@@ -85,6 +89,23 @@ module Saml
         Saml::Assertion.parse(encrypted_document.decrypt(private_key), single: true)
       end
+      def encrypt_name_id(name_id, key_descriptor, key_options = {})
+        encrypted_id = Saml::Elements::EncryptedID.new(name_id: name_id)
+        encrypt_encrypted_id(encrypted_id, key_descriptor, key_options)
+      end
+      def encrypt_encrypted_id(encrypted_id, key_descriptor, key_options = {})
+        encrypted_id.encrypt(key_descriptor, key_options)
+        encrypted_id
+      end
+      def decrypt_encrypted_id(encrypted_id, private_key)
+        encrypted_id_xml = encrypted_id.is_a?(Saml::Elements::EncryptedID) ?
+            encrypted_id.to_xml : encrypted_id.to_s
+        encrypted_document = Xmlenc::EncryptedDocument.new(encrypted_id_xml)
+        Saml::Elements::EncryptedID.parse(encrypted_document.decrypt(private_key))
+      end
       def verify_xml(message, raw_body)
         document = Xmldsig::SignedDocument.new(raw_body)

data/lib/saml/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module Saml
-  VERSION = "2.9.0"
+  VERSION = "2.10.0"
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: libsaml
 version: !ruby/object:Gem::Version
-  version: 2.9.0
+  version: 2.10.0
 platform: ruby
 authors:
 - Benoist Claassen
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2015-10-20 00:00:00.000000000 Z
+date: 2015-10-26 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -72,14 +72,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.3.0
+        version: 0.4.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.3.0
+        version: 0.4.0
 - !ruby/object:Gem::Dependency
   name: curb
   requirement: !ruby/object:Gem::Requirement
@@ -133,8 +133,10 @@ files:
 - lib/saml/bindings/http_post.rb
 - lib/saml/bindings/http_redirect.rb
 - lib/saml/bindings/soap.rb
+- lib/saml/complex_types/attribute_query_type.rb
 - lib/saml/complex_types/attribute_type.rb
 - lib/saml/complex_types/endpoint_type.rb
+- lib/saml/complex_types/evidence_type.rb
 - lib/saml/complex_types/indexed_endpoint_type.rb
 - lib/saml/complex_types/localized_name_type.rb
 - lib/saml/complex_types/request_abstract_type.rb
@@ -142,10 +144,12 @@ files:
 - lib/saml/complex_types/sso_descriptor_type.rb
 - lib/saml/complex_types/statement_abstract_type.rb
 - lib/saml/complex_types/status_response_type.rb
+- lib/saml/complex_types/subject_query_abstract_type.rb
 - lib/saml/config.rb
 - lib/saml/elements/attribute.rb
 - lib/saml/elements/attribute_authority_descriptor.rb
 - lib/saml/elements/attribute_consuming_service.rb
+- lib/saml/elements/attribute_query.rb
 - lib/saml/elements/attribute_statement.rb
 - lib/saml/elements/attribute_value.rb
 - lib/saml/elements/audience_restriction.rb
@@ -156,9 +160,11 @@ files:
 - lib/saml/elements/contact_person.rb
 - lib/saml/elements/encrypted_assertion.rb
 - lib/saml/elements/encrypted_attribute.rb
+- lib/saml/elements/encrypted_id.rb
 - lib/saml/elements/entities_descriptor.rb
 - lib/saml/elements/entity_attributes.rb
 - lib/saml/elements/entity_descriptor.rb
+- lib/saml/elements/evidence.rb
 - lib/saml/elements/idp_sso_descriptor.rb
 - lib/saml/elements/key_descriptor.rb
 - lib/saml/elements/key_info.rb