libsaml 3.6.0 → 3.7.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +7 -3
- data/lib/saml/bindings/http_redirect.rb +8 -3
- data/lib/saml/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: e689c8b19f26da4c7cc09904fb18cb052088834f32567abf14023219f9987481
|
|
4
|
+
data.tar.gz: cbc544b35d8b045d11c09c85f074234466d33b1a90a91a229d47d594456cc646
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 1b11d5dda8bf220251d944a1c8397075e33b0c98c67a42b6d0e61bffe0c67722a8628e79461880d3ecd9d982751ef322ff5485a18cd320c024f1ef13e5d80827
|
|
7
|
+
data.tar.gz: cec277eeadebc7a6c4f5294437b34f7a39daff47873c9e35ad95e6c42e0f91429580bca880214c4e95728f17cdf599694e60981bab8d24c2483f99ab0c79c1cb
|
data/README.md
CHANGED
|
@@ -94,10 +94,10 @@ Now you can make a SAML controller in `app/controllers/saml_controller.rb`:
|
|
|
94
94
|
```ruby
|
|
95
95
|
class SamlController < ApplicationController
|
|
96
96
|
extend Saml::Rails::ControllerHelper
|
|
97
|
-
current_provider "
|
|
97
|
+
current_provider "<sp_entity_id>"
|
|
98
98
|
|
|
99
99
|
def request_authentication
|
|
100
|
-
provider = Saml.provider("
|
|
100
|
+
provider = Saml.provider("<idp_enity_id>")
|
|
101
101
|
destination = provider.single_sign_on_service_url(Saml::ProtocolBinding::HTTP_POST)
|
|
102
102
|
|
|
103
103
|
authn_request = Saml::AuthnRequest.new(destination: destination)
|
|
@@ -153,7 +153,7 @@ Below is an example of a very primitive IDP Saml Controller
|
|
|
153
153
|
```ruby
|
|
154
154
|
class SamlController < ActionController::Base
|
|
155
155
|
extend Saml::Rails::ControllerHelper
|
|
156
|
-
current_provider "
|
|
156
|
+
current_provider "<idp_entity_id>"
|
|
157
157
|
|
|
158
158
|
def receive_authn_request
|
|
159
159
|
authn_request = if request.get?
|
|
@@ -227,6 +227,10 @@ class SamlController < ActionController::Base
|
|
|
227
227
|
end
|
|
228
228
|
```
|
|
229
229
|
|
|
230
|
+
## Caveats
|
|
231
|
+
|
|
232
|
+
- SAMLResponse and Assertions have to be signed as per the SAML security guidelines (Some IDP's don't do this by default and require special configuration)
|
|
233
|
+
|
|
230
234
|
## Contributing
|
|
231
235
|
|
|
232
236
|
- Fork the project
|
|
@@ -5,7 +5,7 @@ module Saml
|
|
|
5
5
|
|
|
6
6
|
class << self
|
|
7
7
|
def create_url(request_or_response, options = {})
|
|
8
|
-
options[:signature_algorithm] ||= 'http://www.w3.org/2000/09/xmldsig#rsa-sha1'
|
|
8
|
+
options[:signature_algorithm] ||= 'http://www.w3.org/2000/09/xmldsig#rsa-sha1' unless options[:exclude_signature]
|
|
9
9
|
new(request_or_response, options).create_url
|
|
10
10
|
end
|
|
11
11
|
|
|
@@ -42,13 +42,14 @@ module Saml
|
|
|
42
42
|
end
|
|
43
43
|
end
|
|
44
44
|
|
|
45
|
-
attr_accessor :request_or_response, :signature_algorithm, :relay_state, :signature
|
|
45
|
+
attr_accessor :request_or_response, :signature_algorithm, :relay_state, :signature, :exclude_signature
|
|
46
46
|
|
|
47
47
|
def initialize(request_or_response, options = {})
|
|
48
48
|
@request_or_response = request_or_response
|
|
49
49
|
@signature_algorithm = options[:signature_algorithm]
|
|
50
50
|
@relay_state = options[:relay_state]
|
|
51
51
|
@signature = options[:signature]
|
|
52
|
+
@exclude_signature = options[:exclude_signature]
|
|
52
53
|
end
|
|
53
54
|
|
|
54
55
|
def verify_signature(query)
|
|
@@ -61,7 +62,7 @@ module Saml
|
|
|
61
62
|
url = request_or_response.destination
|
|
62
63
|
delimiter = url.include?('?') ? '&' : '?'
|
|
63
64
|
|
|
64
|
-
[url, signed_params].join(delimiter)
|
|
65
|
+
[url, exclude_signature ? unsigned_params : signed_params].join(delimiter)
|
|
65
66
|
end
|
|
66
67
|
|
|
67
68
|
private
|
|
@@ -108,6 +109,10 @@ module Saml
|
|
|
108
109
|
|
|
109
110
|
"#{encoded_params}&Signature=#{encoded_signature}"
|
|
110
111
|
end
|
|
112
|
+
|
|
113
|
+
def unsigned_params
|
|
114
|
+
encoded_params.to_s
|
|
115
|
+
end
|
|
111
116
|
end
|
|
112
117
|
end
|
|
113
118
|
end
|
data/lib/saml/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: libsaml
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 3.
|
|
4
|
+
version: 3.7.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Benoist Claassen
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2020-03-17 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: activesupport
|