libsaml 3.3.0 → 3.4.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +1 -1
- data/Rakefile +1 -1
- data/lib/saml/artifact_resolve.rb +1 -1
- data/lib/saml/assertion.rb +15 -15
- data/lib/saml/authn_request.rb +9 -9
- data/lib/saml/complex_types/attribute_type.rb +2 -2
- data/lib/saml/complex_types/endpoint_type.rb +4 -4
- data/lib/saml/complex_types/indexed_endpoint_type.rb +3 -3
- data/lib/saml/complex_types/localized_name_type.rb +2 -2
- data/lib/saml/complex_types/role_descriptor_type.rb +6 -6
- data/lib/saml/complex_types/status_response_type.rb +2 -2
- data/lib/saml/elements/attribute_authority_descriptor.rb +1 -1
- data/lib/saml/elements/attribute_consuming_service.rb +3 -3
- data/lib/saml/elements/authn_context.rb +2 -2
- data/lib/saml/elements/authn_statement.rb +7 -7
- data/lib/saml/elements/conditions.rb +1 -1
- data/lib/saml/elements/contact_person.rb +8 -8
- data/lib/saml/elements/entities_descriptor.rb +6 -6
- data/lib/saml/elements/entity_descriptor.rb +6 -6
- data/lib/saml/elements/idp_entry.rb +4 -4
- data/lib/saml/elements/idp_list.rb +1 -1
- data/lib/saml/elements/idp_sso_descriptor.rb +2 -2
- data/lib/saml/elements/key_descriptor.rb +3 -3
- data/lib/saml/elements/key_info.rb +2 -2
- data/lib/saml/elements/key_info/x509_data.rb +2 -2
- data/lib/saml/elements/name_id.rb +3 -3
- data/lib/saml/elements/organization.rb +1 -1
- data/lib/saml/elements/publication_info.rb +4 -4
- data/lib/saml/elements/requested_attribute.rb +1 -1
- data/lib/saml/elements/requested_authn_context.rb +4 -4
- data/lib/saml/elements/signature.rb +2 -2
- data/lib/saml/elements/signature/canonicalization_method.rb +1 -1
- data/lib/saml/elements/signature/digest_method.rb +1 -1
- data/lib/saml/elements/signature/inclusive_namespaces.rb +1 -1
- data/lib/saml/elements/signature/reference.rb +2 -2
- data/lib/saml/elements/signature/signature_method.rb +1 -1
- data/lib/saml/elements/signature/signed_info.rb +1 -1
- data/lib/saml/elements/signature/transform.rb +1 -1
- data/lib/saml/elements/signature/transforms.rb +4 -4
- data/lib/saml/elements/sp_sso_descriptor.rb +3 -3
- data/lib/saml/elements/status.rb +1 -1
- data/lib/saml/elements/status_code.rb +3 -3
- data/lib/saml/elements/status_detail.rb +1 -1
- data/lib/saml/elements/sub_status_code.rb +2 -2
- data/lib/saml/elements/subject_confirmation.rb +4 -4
- data/lib/saml/elements/subject_confirmation_data.rb +4 -4
- data/lib/saml/elements/subject_locality.rb +1 -1
- data/lib/saml/logout_request.rb +4 -4
- data/lib/saml/version.rb +1 -1
- data/lib/saml/xml_helpers.rb +2 -2
- metadata +2 -14
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 625d43b2a0f0433163267cca39f16b6ac32c17c7076fcacbeaef1edf944be8ef
|
|
4
|
+
data.tar.gz: 21063fec7d626341f95a0827120b6a1094466a22ae1f7cbf7bc0ae1c7f5188b8
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 17089e506515c9ff63d181b0322b6d46fb4fabf6884319f01b5955dc72ddbb7c6ca3750ec76c938073ddc0f606a43549449553f27b1b8b9dadbff88dc56ce3cb
|
|
7
|
+
data.tar.gz: 31ece625fbeabaa530000a9822fd335311007c5f78e33d83534faf62c3927e460af7df2980304c413f58056e1adfa50a1132cb83a8e58d596d0976689c74c951
|
data/README.md
CHANGED
|
@@ -100,7 +100,7 @@ class SamlController < ApplicationController
|
|
|
100
100
|
provider = Saml.provider("my:very:original:entityid")
|
|
101
101
|
destination = provider.single_sign_on_service_url(Saml::ProtocolBinding::HTTP_POST)
|
|
102
102
|
|
|
103
|
-
authn_request = Saml::AuthnRequest.new(:
|
|
103
|
+
authn_request = Saml::AuthnRequest.new(destination: destination)
|
|
104
104
|
|
|
105
105
|
session[:authn_request_id] = authn_request._id
|
|
106
106
|
|
data/Rakefile
CHANGED
data/lib/saml/assertion.rb
CHANGED
|
@@ -11,11 +11,11 @@ module Saml
|
|
|
11
11
|
tag 'Assertion'
|
|
12
12
|
namespace 'saml'
|
|
13
13
|
|
|
14
|
-
attribute :_id, String, :
|
|
15
|
-
attribute :version, String, :
|
|
16
|
-
attribute :issue_instant, Time, :
|
|
14
|
+
attribute :_id, String, tag: 'ID'
|
|
15
|
+
attribute :version, String, tag: 'Version'
|
|
16
|
+
attribute :issue_instant, Time, tag: 'IssueInstant', on_save: lambda { |val| val.utc.xmlschema }
|
|
17
17
|
|
|
18
|
-
element :issuer, String, :
|
|
18
|
+
element :issuer, String, namespace: 'saml', tag: 'Issuer'
|
|
19
19
|
|
|
20
20
|
has_one :signature, Saml::Elements::Signature, xpath: './'
|
|
21
21
|
has_one :subject, Saml::Elements::Subject, xpath: './'
|
|
@@ -25,28 +25,28 @@ module Saml
|
|
|
25
25
|
has_many :authn_statement, Saml::Elements::AuthnStatement, xpath: './'
|
|
26
26
|
has_many :attribute_statements, Saml::Elements::AttributeStatement, xpath: './'
|
|
27
27
|
|
|
28
|
-
validates :_id, :version, :issue_instant, :issuer, :
|
|
28
|
+
validates :_id, :version, :issue_instant, :issuer, presence: true
|
|
29
29
|
|
|
30
30
|
validates :version, inclusion: %w(2.0)
|
|
31
|
-
validate :check_issue_instant, :
|
|
31
|
+
validate :check_issue_instant, if: lambda { |val| val.issue_instant.present? }
|
|
32
32
|
|
|
33
33
|
def initialize(*args)
|
|
34
34
|
options = args.extract_options!
|
|
35
35
|
if options[:subject].present?
|
|
36
36
|
@subject = options.delete(:subject)
|
|
37
37
|
else
|
|
38
|
-
@subject = Saml::Elements::Subject.new(:
|
|
39
|
-
:
|
|
40
|
-
:
|
|
41
|
-
:
|
|
38
|
+
@subject = Saml::Elements::Subject.new(name_id: options.delete(:name_id),
|
|
39
|
+
name_id_format: options.delete(:name_id_format),
|
|
40
|
+
recipient: options.delete(:recipient),
|
|
41
|
+
in_response_to: options.delete(:in_response_to))
|
|
42
42
|
end
|
|
43
43
|
|
|
44
|
-
@conditions = Saml::Elements::Conditions.new(:
|
|
44
|
+
@conditions = Saml::Elements::Conditions.new(audience: options.delete(:audience))
|
|
45
45
|
authn_instant = options.delete(:authn_instant) || Time.now
|
|
46
|
-
@authn_statement = Saml::Elements::AuthnStatement.new(:
|
|
47
|
-
:
|
|
48
|
-
:
|
|
49
|
-
:
|
|
46
|
+
@authn_statement = Saml::Elements::AuthnStatement.new(authn_instant: authn_instant,
|
|
47
|
+
address: options.delete(:address),
|
|
48
|
+
authn_context_class_ref: options.delete(:authn_context_class_ref),
|
|
49
|
+
session_index: options.delete(:session_index))
|
|
50
50
|
super(*(args << options))
|
|
51
51
|
@_id ||= Saml.generate_id
|
|
52
52
|
@issue_instant ||= Time.now
|
data/lib/saml/authn_request.rb
CHANGED
|
@@ -5,20 +5,20 @@ module Saml
|
|
|
5
5
|
attr_accessor :xml_value
|
|
6
6
|
|
|
7
7
|
tag 'AuthnRequest'
|
|
8
|
-
attribute :force_authn, Boolean, :
|
|
9
|
-
attribute :is_passive, Boolean, :
|
|
10
|
-
attribute :assertion_consumer_service_index, Integer, :
|
|
11
|
-
attribute :assertion_consumer_service_url, String, :
|
|
12
|
-
attribute :attribute_consuming_service_index, Integer, :
|
|
13
|
-
attribute :protocol_binding, String, :
|
|
14
|
-
attribute :provider_name, String, :
|
|
8
|
+
attribute :force_authn, Boolean, tag: "ForceAuthn"
|
|
9
|
+
attribute :is_passive, Boolean, tag: "IsPassive"
|
|
10
|
+
attribute :assertion_consumer_service_index, Integer, tag: "AssertionConsumerServiceIndex"
|
|
11
|
+
attribute :assertion_consumer_service_url, String, tag: "AssertionConsumerServiceURL"
|
|
12
|
+
attribute :attribute_consuming_service_index, Integer, tag: "AttributeConsumingServiceIndex"
|
|
13
|
+
attribute :protocol_binding, String, tag: "ProtocolBinding"
|
|
14
|
+
attribute :provider_name, String, tag: "ProviderName"
|
|
15
15
|
|
|
16
16
|
has_one :requested_authn_context, Saml::Elements::RequestedAuthnContext
|
|
17
17
|
has_one :scoping, Saml::Elements::Scoping
|
|
18
18
|
has_one :name_id_policy, Saml::Elements::NameIdPolicy
|
|
19
19
|
|
|
20
|
-
validates :force_authn, :
|
|
21
|
-
validates :assertion_consumer_service_index, :
|
|
20
|
+
validates :force_authn, inclusion: [true, false, nil]
|
|
21
|
+
validates :assertion_consumer_service_index, numericality: true, if: lambda { |val|
|
|
22
22
|
val.assertion_consumer_service_index.present?
|
|
23
23
|
}
|
|
24
24
|
|
|
@@ -8,7 +8,7 @@ module Saml
|
|
|
8
8
|
register_namespace "saml", Saml::SAML_NAMESPACE
|
|
9
9
|
register_namespace 'ext', Saml::ATTR_EXT_NAMESPACE
|
|
10
10
|
|
|
11
|
-
attribute :name, String, :
|
|
11
|
+
attribute :name, String, tag: 'Name'
|
|
12
12
|
attribute :format, String, tag: 'NameFormat'
|
|
13
13
|
attribute :friendly_name, String, tag: 'FriendlyName'
|
|
14
14
|
|
|
@@ -17,7 +17,7 @@ module Saml
|
|
|
17
17
|
|
|
18
18
|
has_many :attribute_values, Saml::Elements::AttributeValue
|
|
19
19
|
|
|
20
|
-
validates :name, :
|
|
20
|
+
validates :name, presence: true
|
|
21
21
|
end
|
|
22
22
|
|
|
23
23
|
def initialize(*args)
|
|
@@ -7,11 +7,11 @@ module Saml
|
|
|
7
7
|
included do
|
|
8
8
|
namespace 'md'
|
|
9
9
|
|
|
10
|
-
attribute :binding, String, :
|
|
11
|
-
attribute :location, String, :
|
|
12
|
-
attribute :response_location, String, :
|
|
10
|
+
attribute :binding, String, tag: "Binding"
|
|
11
|
+
attribute :location, String, tag: "Location"
|
|
12
|
+
attribute :response_location, String, tag: "ResponseLocation"
|
|
13
13
|
|
|
14
|
-
validates :binding, :location, :
|
|
14
|
+
validates :binding, :location, presence: true
|
|
15
15
|
end
|
|
16
16
|
end
|
|
17
17
|
end
|
|
@@ -5,10 +5,10 @@ module Saml
|
|
|
5
5
|
include EndpointType
|
|
6
6
|
|
|
7
7
|
included do
|
|
8
|
-
attribute :index, Integer, :
|
|
9
|
-
attribute :is_default, XmlMapper::Boolean, :
|
|
8
|
+
attribute :index, Integer, tag: "index"
|
|
9
|
+
attribute :is_default, XmlMapper::Boolean, tag: "isDefault"
|
|
10
10
|
|
|
11
|
-
validates :index, :
|
|
11
|
+
validates :index, presence: true
|
|
12
12
|
end
|
|
13
13
|
end
|
|
14
14
|
end
|
|
@@ -9,15 +9,15 @@ module Saml
|
|
|
9
9
|
|
|
10
10
|
PROTOCOL_SUPPORT_ENUMERATION = 'urn:oasis:names:tc:SAML:2.0:protocol' unless defined?(PROTOCOL_SUPPORT_ENUMERATION)
|
|
11
11
|
|
|
12
|
-
attribute :_id, String, :
|
|
13
|
-
attribute :valid_until, Time, :
|
|
14
|
-
attribute :cache_duration, String, :
|
|
15
|
-
attribute :protocol_support_enumeration, String, :
|
|
16
|
-
attribute :error_url, String, :
|
|
12
|
+
attribute :_id, String, tag: 'ID'
|
|
13
|
+
attribute :valid_until, Time, tag: 'validUntil'
|
|
14
|
+
attribute :cache_duration, String, tag: 'cacheDuration'
|
|
15
|
+
attribute :protocol_support_enumeration, String, tag: 'protocolSupportEnumeration'
|
|
16
|
+
attribute :error_url, String, tag: 'errorURL'
|
|
17
17
|
|
|
18
18
|
has_many :key_descriptors, Saml::Elements::KeyDescriptor
|
|
19
19
|
|
|
20
|
-
validates :protocol_support_enumeration, :
|
|
20
|
+
validates :protocol_support_enumeration, presence: true, inclusion: [PROTOCOL_SUPPORT_ENUMERATION]
|
|
21
21
|
end
|
|
22
22
|
|
|
23
23
|
def initialize(*args)
|
|
@@ -8,10 +8,10 @@ module Saml
|
|
|
8
8
|
include RequestAbstractType
|
|
9
9
|
|
|
10
10
|
included do
|
|
11
|
-
attribute :in_response_to, String, :
|
|
11
|
+
attribute :in_response_to, String, tag: 'InResponseTo'
|
|
12
12
|
has_one :status, Saml::Elements::Status
|
|
13
13
|
|
|
14
|
-
validates :in_response_to, :status, :
|
|
14
|
+
validates :in_response_to, :status, presence: true
|
|
15
15
|
end
|
|
16
16
|
|
|
17
17
|
def initialize(*args)
|
|
@@ -7,14 +7,14 @@ module Saml
|
|
|
7
7
|
register_namespace "md", Saml::MD_NAMESPACE
|
|
8
8
|
namespace "md"
|
|
9
9
|
|
|
10
|
-
attribute :index, Integer, :
|
|
11
|
-
attribute :is_default, XmlMapper::Boolean, :
|
|
10
|
+
attribute :index, Integer, tag: "index"
|
|
11
|
+
attribute :is_default, XmlMapper::Boolean, tag: "isDefault"
|
|
12
12
|
|
|
13
13
|
has_many :service_names, ServiceName
|
|
14
14
|
has_many :service_descriptions, ServiceDescription
|
|
15
15
|
has_many :requested_attributes, RequestedAttribute
|
|
16
16
|
|
|
17
|
-
validates :index, :service_names, :requested_attributes, :
|
|
17
|
+
validates :index, :service_names, :requested_attributes, presence: true
|
|
18
18
|
end
|
|
19
19
|
end
|
|
20
20
|
end
|
|
@@ -5,11 +5,11 @@ module Saml
|
|
|
5
5
|
|
|
6
6
|
tag "AuthnContext"
|
|
7
7
|
namespace 'saml'
|
|
8
|
-
element :authn_context_class_ref, String, :
|
|
8
|
+
element :authn_context_class_ref, String, tag: "AuthnContextClassRef"
|
|
9
9
|
|
|
10
10
|
has_many :authenticating_authorities, ::Saml::Elements::AuthenticatingAuthority
|
|
11
11
|
|
|
12
|
-
validates :authn_context_class_ref, :
|
|
12
|
+
validates :authn_context_class_ref, inclusion: ClassRefs::ALL_CLASS_REFS + [nil]
|
|
13
13
|
end
|
|
14
14
|
end
|
|
15
15
|
end
|
|
@@ -6,18 +6,18 @@ module Saml
|
|
|
6
6
|
tag "AuthnStatement"
|
|
7
7
|
namespace 'saml'
|
|
8
8
|
|
|
9
|
-
attribute :authn_instant, Time, :
|
|
10
|
-
attribute :session_index, String, :
|
|
9
|
+
attribute :authn_instant, Time, tag: "AuthnInstant", on_save: lambda { |val| val.utc.xmlschema }
|
|
10
|
+
attribute :session_index, String, tag: "SessionIndex"
|
|
11
11
|
|
|
12
|
-
has_one :subject_locality, Saml::Elements::SubjectLocality, :
|
|
13
|
-
has_one :authn_context, Saml::Elements::AuthnContext, :
|
|
12
|
+
has_one :subject_locality, Saml::Elements::SubjectLocality, tag: "SubjectLocality"
|
|
13
|
+
has_one :authn_context, Saml::Elements::AuthnContext, tag: "AuthnContext"
|
|
14
14
|
|
|
15
|
-
validates :authn_instant, :authn_context, :
|
|
15
|
+
validates :authn_instant, :authn_context, presence: true
|
|
16
16
|
|
|
17
17
|
def initialize(*args)
|
|
18
18
|
options = args.extract_options!
|
|
19
|
-
@subject_locality = Saml::Elements::SubjectLocality.new(:
|
|
20
|
-
@authn_context = Saml::Elements::AuthnContext.new(:
|
|
19
|
+
@subject_locality = Saml::Elements::SubjectLocality.new(address: options.delete(:address)) if options[:address]
|
|
20
|
+
@authn_context = Saml::Elements::AuthnContext.new(authn_context_class_ref: options.delete(:authn_context_class_ref)) if options[:authn_context_class_ref]
|
|
21
21
|
super(*(args << options))
|
|
22
22
|
end
|
|
23
23
|
end
|
|
@@ -13,7 +13,7 @@ module Saml
|
|
|
13
13
|
|
|
14
14
|
def initialize(*args)
|
|
15
15
|
options = args.extract_options!
|
|
16
|
-
@audience_restriction = Saml::Elements::AudienceRestriction.new(:
|
|
16
|
+
@audience_restriction = Saml::Elements::AudienceRestriction.new(audience: options.delete(:audience)) if options[:audience]
|
|
17
17
|
self.not_before = Time.now - Saml::Config.max_issue_instant_offset.minutes
|
|
18
18
|
self.not_on_or_after = Time.now + Saml::Config.max_issue_instant_offset.minutes
|
|
19
19
|
super(*(args << options))
|
|
@@ -16,18 +16,18 @@ module Saml
|
|
|
16
16
|
ALL = [TECHNICAL, SUPPORT, ADMINISTRATIVE, BILLING, OTHER]
|
|
17
17
|
end
|
|
18
18
|
|
|
19
|
-
attribute :contact_type, String, :
|
|
19
|
+
attribute :contact_type, String, tag: "contactType"
|
|
20
20
|
|
|
21
|
-
element :company, String, :
|
|
22
|
-
element :given_name, String, :
|
|
23
|
-
element :sur_name, String, :
|
|
21
|
+
element :company, String, tag: "Company"
|
|
22
|
+
element :given_name, String, tag: "GivenName"
|
|
23
|
+
element :sur_name, String, tag: "SurName"
|
|
24
24
|
|
|
25
|
-
has_many :email_addresses, String, :
|
|
26
|
-
has_many :telephone_numbers, String, :
|
|
25
|
+
has_many :email_addresses, String, tag: "EmailAddress"
|
|
26
|
+
has_many :telephone_numbers, String, tag: "TelephoneNumber"
|
|
27
27
|
|
|
28
|
-
validates :contact_type, :
|
|
28
|
+
validates :contact_type, inclusion: ContactTypes::ALL
|
|
29
29
|
|
|
30
|
-
validates :email_addresses, :telephone_numbers, :
|
|
30
|
+
validates :email_addresses, :telephone_numbers, presence: true
|
|
31
31
|
end
|
|
32
32
|
end
|
|
33
33
|
end
|
|
@@ -9,18 +9,18 @@ module Saml
|
|
|
9
9
|
tag "EntitiesDescriptor"
|
|
10
10
|
namespace "md"
|
|
11
11
|
|
|
12
|
-
attribute :_id, String, :
|
|
13
|
-
attribute :name, String, :
|
|
14
|
-
attribute :valid_until, Time, :
|
|
15
|
-
attribute :cache_duration, String, :
|
|
12
|
+
attribute :_id, String, tag: "ID"
|
|
13
|
+
attribute :name, String, tag: "Name"
|
|
14
|
+
attribute :valid_until, Time, tag: "validUntil"
|
|
15
|
+
attribute :cache_duration, String, tag: "cacheDuration"
|
|
16
16
|
|
|
17
17
|
has_one :signature, Saml::Elements::Signature
|
|
18
18
|
|
|
19
19
|
has_many :entities_descriptors, Saml::Elements::EntitiesDescriptor
|
|
20
20
|
has_many :entity_descriptors, Saml::Elements::EntityDescriptor
|
|
21
21
|
|
|
22
|
-
validates :entities_descriptors, :
|
|
23
|
-
validates :entity_descriptors, :
|
|
22
|
+
validates :entities_descriptors, length: { minimum: 1 }, if: lambda { |ed| ed.entity_descriptors.blank? }
|
|
23
|
+
validates :entity_descriptors, length: { minimum: 1 }, if: lambda { |ed| ed.entities_descriptors.blank? }
|
|
24
24
|
|
|
25
25
|
end
|
|
26
26
|
end
|
|
@@ -9,11 +9,11 @@ module Saml
|
|
|
9
9
|
tag 'EntityDescriptor'
|
|
10
10
|
namespace 'md'
|
|
11
11
|
|
|
12
|
-
attribute :_id, String, :
|
|
13
|
-
attribute :name, String, :
|
|
14
|
-
attribute :entity_id, String, :
|
|
15
|
-
attribute :valid_until, Time, :
|
|
16
|
-
attribute :cache_duration, String, :
|
|
12
|
+
attribute :_id, String, tag: 'ID'
|
|
13
|
+
attribute :name, String, tag: "Name"
|
|
14
|
+
attribute :entity_id, String, tag: "entityID"
|
|
15
|
+
attribute :valid_until, Time, tag: "validUntil"
|
|
16
|
+
attribute :cache_duration, String, tag: "cacheDuration"
|
|
17
17
|
|
|
18
18
|
has_one :signature, Saml::Elements::Signature
|
|
19
19
|
|
|
@@ -26,7 +26,7 @@ module Saml
|
|
|
26
26
|
has_one :organization, Saml::Elements::Organization
|
|
27
27
|
has_many :contact_persons, Saml::Elements::ContactPerson
|
|
28
28
|
|
|
29
|
-
validates :entity_id, :
|
|
29
|
+
validates :entity_id, presence: true
|
|
30
30
|
|
|
31
31
|
def initialize(*args)
|
|
32
32
|
super(*args)
|
|
@@ -6,11 +6,11 @@ module Saml
|
|
|
6
6
|
tag 'IDPEntry'
|
|
7
7
|
namespace 'samlp'
|
|
8
8
|
|
|
9
|
-
attribute :provider_id, String, :
|
|
10
|
-
attribute :name, String, :
|
|
11
|
-
attribute :loc, String, :
|
|
9
|
+
attribute :provider_id, String, tag: 'ProviderID'
|
|
10
|
+
attribute :name, String, tag: 'Name'
|
|
11
|
+
attribute :loc, String, tag: 'Loc'
|
|
12
12
|
|
|
13
|
-
validates :provider_id, :
|
|
13
|
+
validates :provider_id, presence: true
|
|
14
14
|
end
|
|
15
15
|
end
|
|
16
16
|
end
|
|
@@ -10,11 +10,11 @@ module Saml
|
|
|
10
10
|
|
|
11
11
|
tag 'IDPSSODescriptor'
|
|
12
12
|
|
|
13
|
-
attribute :want_authn_requests_signed, XmlMapper::Boolean, :
|
|
13
|
+
attribute :want_authn_requests_signed, XmlMapper::Boolean, tag: "WantAuthnRequestsSigned", default: false
|
|
14
14
|
|
|
15
15
|
has_many :single_sign_on_services, SingleSignOnService
|
|
16
16
|
|
|
17
|
-
validates :single_sign_on_services, :
|
|
17
|
+
validates :single_sign_on_services, presence: true
|
|
18
18
|
|
|
19
19
|
def initialize(*args)
|
|
20
20
|
super(*args)
|
|
@@ -14,12 +14,12 @@ module Saml
|
|
|
14
14
|
tag 'KeyDescriptor'
|
|
15
15
|
namespace 'md'
|
|
16
16
|
|
|
17
|
-
attribute :use, String, :
|
|
17
|
+
attribute :use, String, tag: "use"
|
|
18
18
|
|
|
19
19
|
has_one :key_info, KeyInfo
|
|
20
20
|
|
|
21
|
-
validates :use, :
|
|
22
|
-
validates :certificate, :
|
|
21
|
+
validates :use, inclusion: UseTypes::ALL
|
|
22
|
+
validates :certificate, presence: true
|
|
23
23
|
|
|
24
24
|
def certificate
|
|
25
25
|
key_info.try(:x509Data).try(:x509certificate)
|
|
@@ -9,11 +9,11 @@ module Saml
|
|
|
9
9
|
namespace 'ds'
|
|
10
10
|
tag 'KeyInfo'
|
|
11
11
|
|
|
12
|
-
element :key_name, String, :
|
|
12
|
+
element :key_name, String, namespace: 'ds', tag: "KeyName"
|
|
13
13
|
|
|
14
14
|
has_one :x509Data, X509Data
|
|
15
15
|
|
|
16
|
-
validates :x509Data, :
|
|
16
|
+
validates :x509Data, presence: true
|
|
17
17
|
|
|
18
18
|
def initialize(cert = nil)
|
|
19
19
|
if cert
|
|
@@ -7,9 +7,9 @@ module Saml
|
|
|
7
7
|
tag 'X509Data'
|
|
8
8
|
namespace 'ds'
|
|
9
9
|
|
|
10
|
-
element :x509certificate, String, :
|
|
10
|
+
element :x509certificate, String, tag: "X509Certificate", on_save: lambda { |c| c.present? ? Base64.encode64(c.to_der) : "" }
|
|
11
11
|
|
|
12
|
-
validates :x509certificate, :
|
|
12
|
+
validates :x509certificate, presence: true
|
|
13
13
|
|
|
14
14
|
def initialize(cert = nil)
|
|
15
15
|
self.x509certificate = cert
|
|
@@ -7,9 +7,9 @@ module Saml
|
|
|
7
7
|
register_namespace 'saml', Saml::SAML_NAMESPACE
|
|
8
8
|
namespace 'saml'
|
|
9
9
|
|
|
10
|
-
attribute :format, String, :
|
|
11
|
-
attribute :name_qualifier, String, :
|
|
12
|
-
attribute :sp_name_qualifier, String, :
|
|
10
|
+
attribute :format, String, tag: "Format"
|
|
11
|
+
attribute :name_qualifier, String, tag: "NameQualifier"
|
|
12
|
+
attribute :sp_name_qualifier, String, tag: "SPNameQualifier"
|
|
13
13
|
|
|
14
14
|
content :value, String
|
|
15
15
|
end
|
|
@@ -10,7 +10,7 @@ module Saml
|
|
|
10
10
|
has_many :organization_display_names, Saml::Elements::OrganizationDisplayName
|
|
11
11
|
has_many :organization_urls, Saml::Elements::OrganizationUrl
|
|
12
12
|
|
|
13
|
-
validates :organization_names, :organization_display_names, :organization_urls, :
|
|
13
|
+
validates :organization_names, :organization_display_names, :organization_urls, presence: true
|
|
14
14
|
end
|
|
15
15
|
end
|
|
16
16
|
end
|
|
@@ -8,11 +8,11 @@ module Saml
|
|
|
8
8
|
register_namespace 'mdrpi', Saml::MD_RPI_NAMESPACE
|
|
9
9
|
namespace 'mdrpi'
|
|
10
10
|
|
|
11
|
-
attribute :publisher, String, :
|
|
12
|
-
attribute :creation_instant, Time, :
|
|
13
|
-
attribute :publication_id, String, :
|
|
11
|
+
attribute :publisher, String, tag: 'publisher'
|
|
12
|
+
attribute :creation_instant, Time, tag: 'creationInstant', on_save: lambda { |val| val.utc.xmlschema if val.present? }
|
|
13
|
+
attribute :publication_id, String, tag: 'publicationId'
|
|
14
14
|
|
|
15
|
-
validates :publisher, :
|
|
15
|
+
validates :publisher, presence: true
|
|
16
16
|
|
|
17
17
|
end
|
|
18
18
|
end
|
|
@@ -17,12 +17,12 @@ module Saml
|
|
|
17
17
|
tag 'RequestedAuthnContext'
|
|
18
18
|
namespace 'samlp'
|
|
19
19
|
|
|
20
|
-
attribute :comparison, String, :
|
|
20
|
+
attribute :comparison, String, tag: "Comparison"
|
|
21
21
|
|
|
22
|
-
has_many :authn_context_class_refs, String, :
|
|
22
|
+
has_many :authn_context_class_refs, String, namespace: "saml", tag: "AuthnContextClassRef"
|
|
23
23
|
|
|
24
|
-
validates :authn_context_class_ref, :
|
|
25
|
-
validates :comparison, :
|
|
24
|
+
validates :authn_context_class_ref, presence: true, inclusion: ALL_CLASS_REFS
|
|
25
|
+
validates :comparison, inclusion: ComparisonTypes::ALL
|
|
26
26
|
|
|
27
27
|
def authn_context_class_ref
|
|
28
28
|
authn_context_class_refs.first if authn_context_class_refs
|
|
@@ -18,13 +18,13 @@ module Saml
|
|
|
18
18
|
namespace 'ds'
|
|
19
19
|
|
|
20
20
|
has_one :signed_info, SignedInfo
|
|
21
|
-
element :signature_value, String, :
|
|
21
|
+
element :signature_value, String, tag: "SignatureValue", state_when_nil: true
|
|
22
22
|
has_one :key_info, KeyInfo
|
|
23
23
|
|
|
24
24
|
def initialize(*args)
|
|
25
25
|
super(*args)
|
|
26
26
|
options = args.extract_options!
|
|
27
|
-
@signed_info ||= SignedInfo.new(:
|
|
27
|
+
@signed_info ||= SignedInfo.new(uri: options.delete(:uri), digest_value: options.delete(:digest_value))
|
|
28
28
|
end
|
|
29
29
|
|
|
30
30
|
def key_name
|
|
@@ -8,10 +8,10 @@ module Saml
|
|
|
8
8
|
register_namespace 'ds', Saml::XML_DSIG_NAMESPACE
|
|
9
9
|
namespace 'ds'
|
|
10
10
|
|
|
11
|
-
attribute :uri, String, :
|
|
11
|
+
attribute :uri, String, tag: "URI"
|
|
12
12
|
element :transforms, Transforms
|
|
13
13
|
element :digest_method, DigestMethod
|
|
14
|
-
element :digest_value, String, :
|
|
14
|
+
element :digest_value, String, tag: "DigestValue", state_when_nil: true
|
|
15
15
|
|
|
16
16
|
def initialize(*args)
|
|
17
17
|
@transforms = Transforms.new
|
|
@@ -16,7 +16,7 @@ module Saml
|
|
|
16
16
|
@signature_method = SignatureMethod.new
|
|
17
17
|
super(*args)
|
|
18
18
|
options = args.extract_options!
|
|
19
|
-
@reference ||= Reference.new(:
|
|
19
|
+
@reference ||= Reference.new(uri: options.delete(:uri), digest_value: options.delete(:digest_value))
|
|
20
20
|
end
|
|
21
21
|
end
|
|
22
22
|
end
|
|
@@ -7,12 +7,12 @@ module Saml
|
|
|
7
7
|
tag "Transforms"
|
|
8
8
|
namespace 'ds'
|
|
9
9
|
|
|
10
|
-
has_many :transform, Transform, :
|
|
10
|
+
has_many :transform, Transform, tag: "Transform"
|
|
11
11
|
|
|
12
12
|
def initialize(*args)
|
|
13
|
-
@transform = [Transform.new(:
|
|
14
|
-
Transform.new(:
|
|
15
|
-
:
|
|
13
|
+
@transform = [Transform.new(algorithm: "http://www.w3.org/2000/09/xmldsig#enveloped-signature"),
|
|
14
|
+
Transform.new(algorithm: "http://www.w3.org/2001/10/xml-exc-c14n#",
|
|
15
|
+
inclusive_namespaces: InclusiveNamespaces.new)]
|
|
16
16
|
super(*args)
|
|
17
17
|
end
|
|
18
18
|
end
|
|
@@ -10,13 +10,13 @@ module Saml
|
|
|
10
10
|
|
|
11
11
|
tag 'SPSSODescriptor'
|
|
12
12
|
|
|
13
|
-
attribute :authn_requests_signed, Boolean, :
|
|
14
|
-
attribute :want_assertions_signed, Boolean, :
|
|
13
|
+
attribute :authn_requests_signed, Boolean, tag: "AuthnRequestsSigned", default: false
|
|
14
|
+
attribute :want_assertions_signed, Boolean, tag: "WantAssertionsSigned", default: false
|
|
15
15
|
|
|
16
16
|
has_many :assertion_consumer_services, AssertionConsumerService
|
|
17
17
|
has_many :attribute_consuming_services, Saml::Elements::AttributeConsumingService
|
|
18
18
|
|
|
19
|
-
validates :assertion_consumer_services, :
|
|
19
|
+
validates :assertion_consumer_services, presence: true
|
|
20
20
|
|
|
21
21
|
def initialize(*args)
|
|
22
22
|
super(*args)
|
data/lib/saml/elements/status.rb
CHANGED
|
@@ -6,15 +6,15 @@ module Saml
|
|
|
6
6
|
tag "StatusCode"
|
|
7
7
|
namespace 'samlp'
|
|
8
8
|
|
|
9
|
-
attribute :value, String, :
|
|
9
|
+
attribute :value, String, tag: "Value"
|
|
10
10
|
|
|
11
11
|
has_one :sub_status_code, Saml::Elements::SubStatusCode
|
|
12
12
|
|
|
13
|
-
validates :value, :
|
|
13
|
+
validates :value, presence: true, inclusion: TopLevelCodes::ALL
|
|
14
14
|
|
|
15
15
|
def initialize(*args)
|
|
16
16
|
options = args.extract_options!
|
|
17
|
-
@sub_status_code = Saml::Elements::SubStatusCode.new(:
|
|
17
|
+
@sub_status_code = Saml::Elements::SubStatusCode.new(value: options.delete(:sub_status_value)) if options[:sub_status_value]
|
|
18
18
|
super(*(args << options))
|
|
19
19
|
end
|
|
20
20
|
|
|
@@ -6,9 +6,9 @@ module Saml
|
|
|
6
6
|
tag "StatusCode"
|
|
7
7
|
namespace 'samlp'
|
|
8
8
|
|
|
9
|
-
attribute :value, String, :
|
|
9
|
+
attribute :value, String, tag: "Value"
|
|
10
10
|
|
|
11
|
-
validates :value, :
|
|
11
|
+
validates :value, presence: true, inclusion: SubStatusCodes::ALL
|
|
12
12
|
end
|
|
13
13
|
end
|
|
14
14
|
end
|
|
@@ -11,16 +11,16 @@ module Saml
|
|
|
11
11
|
register_namespace 'saml', Saml::SAML_NAMESPACE
|
|
12
12
|
namespace 'saml'
|
|
13
13
|
|
|
14
|
-
attribute :_method, String, :
|
|
14
|
+
attribute :_method, String, tag: 'Method'
|
|
15
15
|
|
|
16
16
|
has_one :subject_confirmation_data, Saml::Elements::SubjectConfirmationData
|
|
17
17
|
|
|
18
|
-
validates :_method, :
|
|
18
|
+
validates :_method, presence: true
|
|
19
19
|
|
|
20
20
|
def initialize(*args)
|
|
21
21
|
options = args.extract_options!
|
|
22
|
-
@subject_confirmation_data = Saml::Elements::SubjectConfirmationData.new(:
|
|
23
|
-
:
|
|
22
|
+
@subject_confirmation_data = Saml::Elements::SubjectConfirmationData.new(recipient: options.delete(:recipient),
|
|
23
|
+
in_response_to: options.delete(:in_response_to))
|
|
24
24
|
super(*(args << options))
|
|
25
25
|
@_method ||= Methods::BEARER
|
|
26
26
|
end
|
|
@@ -7,11 +7,11 @@ module Saml
|
|
|
7
7
|
register_namespace 'saml', Saml::SAML_NAMESPACE
|
|
8
8
|
namespace 'saml'
|
|
9
9
|
|
|
10
|
-
attribute :not_on_or_after, Time, :
|
|
11
|
-
attribute :recipient, String, :
|
|
12
|
-
attribute :in_response_to, String, :
|
|
10
|
+
attribute :not_on_or_after, Time, tag: "NotOnOrAfter", on_save: lambda { |val| val.utc.xmlschema }
|
|
11
|
+
attribute :recipient, String, tag: "Recipient"
|
|
12
|
+
attribute :in_response_to, String, tag: "InResponseTo"
|
|
13
13
|
|
|
14
|
-
validates :not_on_or_after, :in_response_to, :recipient, :
|
|
14
|
+
validates :not_on_or_after, :in_response_to, :recipient, presence: true
|
|
15
15
|
|
|
16
16
|
def initialize(*args)
|
|
17
17
|
options = args.extract_options!
|
data/lib/saml/logout_request.rb
CHANGED
|
@@ -6,11 +6,11 @@ module Saml
|
|
|
6
6
|
|
|
7
7
|
tag "LogoutRequest"
|
|
8
8
|
|
|
9
|
-
attribute :not_on_or_after, Time, :
|
|
9
|
+
attribute :not_on_or_after, Time, tag: "NotOnOrAfter", on_save: lambda { |val| val.utc.xmlschema if val.present? }
|
|
10
10
|
|
|
11
|
-
element :name_id, String, :
|
|
12
|
-
element :session_index, String, :
|
|
11
|
+
element :name_id, String, tag: "NameID", namespace: 'saml'
|
|
12
|
+
element :session_index, String, tag: "SessionIndex", namespace: 'samlp'
|
|
13
13
|
|
|
14
|
-
validates :name_id, :
|
|
14
|
+
validates :name_id, presence: true
|
|
15
15
|
end
|
|
16
16
|
end
|
data/lib/saml/version.rb
CHANGED
data/lib/saml/xml_helpers.rb
CHANGED
|
@@ -34,8 +34,8 @@ module Saml
|
|
|
34
34
|
builder = Nokogiri::XML::Builder.new
|
|
35
35
|
body = self.to_xml(builder)
|
|
36
36
|
|
|
37
|
-
builder = Nokogiri::XML::Builder.new(:
|
|
38
|
-
builder.Envelope(
|
|
37
|
+
builder = Nokogiri::XML::Builder.new(encoding: "UTF-8")
|
|
38
|
+
builder.Envelope('xmlns:soapenv': "http://schemas.xmlsoap.org/soap/envelope/") do |xml|
|
|
39
39
|
xml.parent.namespace = xml.parent.namespace_definitions.find { |n| n.prefix == 'soapenv' }
|
|
40
40
|
|
|
41
41
|
if header_options = options[:header]
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: libsaml
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 3.
|
|
4
|
+
version: 3.4.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Benoist Claassen
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2019-04-26 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: activesupport
|
|
@@ -59,12 +59,6 @@ dependencies:
|
|
|
59
59
|
- - "~>"
|
|
60
60
|
- !ruby/object:Gem::Version
|
|
61
61
|
version: '1.8'
|
|
62
|
-
- - ">="
|
|
63
|
-
- !ruby/object:Gem::Version
|
|
64
|
-
version: 1.8.2
|
|
65
|
-
- - "<="
|
|
66
|
-
- !ruby/object:Gem::Version
|
|
67
|
-
version: 1.8.5
|
|
68
62
|
type: :runtime
|
|
69
63
|
prerelease: false
|
|
70
64
|
version_requirements: !ruby/object:Gem::Requirement
|
|
@@ -72,12 +66,6 @@ dependencies:
|
|
|
72
66
|
- - "~>"
|
|
73
67
|
- !ruby/object:Gem::Version
|
|
74
68
|
version: '1.8'
|
|
75
|
-
- - ">="
|
|
76
|
-
- !ruby/object:Gem::Version
|
|
77
|
-
version: 1.8.2
|
|
78
|
-
- - "<="
|
|
79
|
-
- !ruby/object:Gem::Version
|
|
80
|
-
version: 1.8.5
|
|
81
69
|
- !ruby/object:Gem::Dependency
|
|
82
70
|
name: xmldsig
|
|
83
71
|
requirement: !ruby/object:Gem::Requirement
|