libsaml 3.9.0 → 3.10.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 2426d8b0b8d15224e07684bf9137716eefaeacf012f34b96c749bc8a61773efc
4
- data.tar.gz: 8f3ff2560d4a89cb82c03148fbe6876bddaf29976a2a6932e703aea3c688e834
3
+ metadata.gz: c9c418991d49dd9d592c20de8a63075dba13cd22a36aad55aaa854d340b9f163
4
+ data.tar.gz: 6e379cc45d025aa29296d6b51aa7fa0fa352c30e81c88527a886041240e86bef
5
5
  SHA512:
6
- metadata.gz: 3629c58577294a0c7945a3641161ea4c22edd7f996c74d412812e72ae9990881c1dd1e4344282c98c68f1c6150a41f475bd908e605315d12d2fa055a6e815f4a
7
- data.tar.gz: 9c5ff0253ccd9d6964acc28e4b4bdb6eff2e2920c7299043dd1ef2b9eb8713018d6d2646c279fb8f334304686f81f442bb0c3a4ed43e1392d93cd614ef7cf943
6
+ metadata.gz: e4f69d474b8e53b276f52be66b1d68bb48d5dc7c1c7b0aebb27624eea67e690f8bc09e1ba1788cda91a67038eb13bd81da48e522f1b099d32091d245ef819b42
7
+ data.tar.gz: 9c8a76b240424d2833d4a3241e120e34a0d5a4ecc5e1e3472ecef0ec5f80c273a509d85fc22086909f843bcce04f989dea257371b52e6f285cf8919dc1e4fa2f
data/README.md CHANGED
@@ -1,7 +1,6 @@
1
- [![Build status](https://travis-ci.org/digidentity/libsaml.png?branch=master)](https://travis-ci.org/digidentity/libsaml)
1
+ [![Build status](https://travis-ci.com/digidentity/libsaml.svg?branch=master)](https://travis-ci.com/digidentity/libsaml)
2
2
  [![Coverage status](https://coveralls.io/repos/digidentity/libsaml/badge.png)](https://coveralls.io/r/digidentity/libsaml)
3
3
  [![Code climate](https://codeclimate.com/github/digidentity/libsaml.png)](https://codeclimate.com/github/digidentity/libsaml)
4
- [![Dependency status](https://gemnasium.com/digidentity/libsaml.png)](https://gemnasium.com/digidentity/libsaml)
5
4
 
6
5
  # libsaml
7
6
 
data/lib/saml.rb CHANGED
@@ -34,6 +34,8 @@ module Saml
34
34
  end
35
35
  class UnparseableMessage < SamlError
36
36
  end
37
+ class InvalidParams < SamlError
38
+ end
37
39
  class MetadataDownloadFailed < SamlError
38
40
  end
39
41
  class InvalidStore < SamlError
@@ -46,7 +46,8 @@ module Saml
46
46
  @authn_statement = Saml::Elements::AuthnStatement.new(authn_instant: authn_instant,
47
47
  address: options.delete(:address),
48
48
  authn_context_class_ref: options.delete(:authn_context_class_ref),
49
- session_index: options.delete(:session_index))
49
+ session_index: options.delete(:session_index),
50
+ session_not_on_or_after: options.delete(:session_not_on_or_after))
50
51
  super(*(args << options))
51
52
  @_id ||= Saml.generate_id
52
53
  @issue_instant ||= Time.now
@@ -20,7 +20,12 @@ module Saml
20
20
  end
21
21
 
22
22
  def receive_message(request, type)
23
- message = Saml::Encoding.decode_64(request.params["SAMLRequest"] || request.params["SAMLResponse"])
23
+ receive_xml = request.params["SAMLRequest"] || request.params["SAMLResponse"]
24
+ if receive_xml.nil?
25
+ raise Saml::Errors::InvalidParams, 'require params `SAMLRequest` or `SAMLResponse`'
26
+ end
27
+
28
+ message = Saml::Encoding.decode_64(receive_xml)
24
29
  notify('receive_message', message)
25
30
  request_or_response = Saml.parse_message(message, type)
26
31
 
@@ -14,6 +14,11 @@ module Saml
14
14
  options[:signature_algorithm] = http_request.params["SigAlg"]
15
15
  options[:relay_state] = http_request.params["RelayState"]
16
16
 
17
+ receive_xml = http_request.params["SAMLRequest"] || http_request.params["SAMLResponse"]
18
+ if receive_xml.nil?
19
+ raise Saml::Errors::InvalidParams, 'require params `SAMLRequest` or `SAMLResponse`'
20
+ end
21
+
17
22
  request_or_response = parse_request_or_response(options.delete(:type), http_request.params)
18
23
 
19
24
  redirect_binding = new(request_or_response, options)
@@ -8,6 +8,7 @@ module Saml
8
8
 
9
9
  attribute :authn_instant, Time, tag: "AuthnInstant", on_save: lambda { |val| val.utc.xmlschema }
10
10
  attribute :session_index, String, tag: "SessionIndex"
11
+ attribute :session_not_on_or_after, Time, tag: "SessionNotOnOrAfter", on_save: lambda { |val| val.utc.xmlschema if val.present?}
11
12
 
12
13
  has_one :subject_locality, Saml::Elements::SubjectLocality, tag: "SubjectLocality"
13
14
  has_one :authn_context, Saml::Elements::AuthnContext, tag: "AuthnContext"
data/lib/saml/provider.rb CHANGED
@@ -105,6 +105,8 @@ module Saml
105
105
  def digest_method(signature_algorithm)
106
106
  digest = signature_algorithm && signature_algorithm =~ /sha(.*?)$/i && $1.to_i
107
107
  case digest
108
+ when 512 then
109
+ OpenSSL::Digest::SHA512
108
110
  when 256 then
109
111
  OpenSSL::Digest::SHA256
110
112
  else
data/lib/saml/response.rb CHANGED
@@ -28,10 +28,14 @@ module Saml
28
28
  !success? && status.status_code.unknown_principal?
29
29
  end
30
30
 
31
- def encrypt_assertions(certificate, include_certificate: false)
31
+ def encrypt_assertions(key_descriptor_or_certificate, include_certificate: false, include_key_retrieval_method: false)
32
32
  @encrypted_assertions = []
33
33
  assertions.each do |assertion|
34
- @encrypted_assertions << Saml::Util.encrypt_assertion(assertion, certificate, include_certificate: include_certificate)
34
+ @encrypted_assertions << Saml::Util.encrypt_assertion(
35
+ assertion, key_descriptor_or_certificate,
36
+ include_certificate: include_certificate,
37
+ include_key_retrieval_method: include_key_retrieval_method
38
+ )
35
39
  end
36
40
  assertions.clear
37
41
  end
data/lib/saml/util.rb CHANGED
@@ -60,7 +60,7 @@ module Saml
60
60
  end
61
61
  end
62
62
 
63
- def encrypt_assertion(assertion, key_descriptor_or_certificate, include_certificate: false)
63
+ def encrypt_assertion(assertion, key_descriptor_or_certificate, include_certificate: false, include_key_retrieval_method: false)
64
64
  case key_descriptor_or_certificate
65
65
  when OpenSSL::X509::Certificate
66
66
  certificate = key_descriptor_or_certificate
@@ -87,6 +87,11 @@ module Saml
87
87
  end
88
88
  encrypted_key.encrypt(certificate.public_key)
89
89
 
90
+ if include_key_retrieval_method
91
+ encrypted_key.id = '_' + SecureRandom.uuid
92
+ encrypted_data.set_key_retrieval_method (Xmlenc::Builder::RetrievalMethod.new(uri: "##{encrypted_key.id}"))
93
+ end
94
+
90
95
  Saml::Elements::EncryptedAssertion.new(encrypted_data: encrypted_data, encrypted_keys: encrypted_key)
91
96
  end
92
97
 
data/lib/saml/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Saml
2
- VERSION = '3.9.0'
2
+ VERSION = '3.10.0'.freeze
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: libsaml
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.9.0
4
+ version: 3.10.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Benoist Claassen
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-04-20 00:00:00.000000000 Z
11
+ date: 2021-08-14 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activesupport
@@ -44,28 +44,28 @@ dependencies:
44
44
  requirements:
45
45
  - - "~>"
46
46
  - !ruby/object:Gem::Version
47
- version: 0.7.3
47
+ version: 0.8.1
48
48
  type: :runtime
49
49
  prerelease: false
50
50
  version_requirements: !ruby/object:Gem::Requirement
51
51
  requirements:
52
52
  - - "~>"
53
53
  - !ruby/object:Gem::Version
54
- version: 0.7.3
54
+ version: 0.8.1
55
55
  - !ruby/object:Gem::Dependency
56
56
  name: nokogiri
57
57
  requirement: !ruby/object:Gem::Requirement
58
58
  requirements:
59
59
  - - "~>"
60
60
  - !ruby/object:Gem::Version
61
- version: '1.8'
61
+ version: '1.11'
62
62
  type: :runtime
63
63
  prerelease: false
64
64
  version_requirements: !ruby/object:Gem::Requirement
65
65
  requirements:
66
66
  - - "~>"
67
67
  - !ruby/object:Gem::Version
68
- version: '1.8'
68
+ version: '1.11'
69
69
  - !ruby/object:Gem::Dependency
70
70
  name: xmldsig
71
71
  requirement: !ruby/object:Gem::Requirement
@@ -255,7 +255,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
255
255
  - !ruby/object:Gem::Version
256
256
  version: '0'
257
257
  requirements: []
258
- rubygems_version: 3.0.3
258
+ rubygems_version: 3.1.4
259
259
  signing_key:
260
260
  specification_version: 4
261
261
  summary: A gem to easily create SAML 2.0 messages.