libsaml 2.19.10 → 2.20.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/saml/basic_provider.rb +4 -3
- data/lib/saml/bindings/http_artifact.rb +3 -2
- data/lib/saml/provider.rb +11 -2
- data/lib/saml/provider_stores/file.rb +10 -6
- data/lib/saml/provider_stores/url.rb +1 -1
- data/lib/saml/util.rb +4 -2
- data/lib/saml/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 03f151738b652768bfa0a378d0e3f8b2a346b542
|
|
4
|
+
data.tar.gz: be0de973fd8ee3c11d37261a09b973e57cf2621d
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 0a91727caf2cbdc4daaed5502f0946a691d3a2569b1bf3281e19b1b619132cbb53521d943b6a8ac3cd05f9f0d340651d04e5c08fa1646c259f4e3ab62a86eff7
|
|
7
|
+
data.tar.gz: 08f0988500ce8071e51470212f548bb86cc38ea54ea2c501dc3dbb58f2449b457e786e55ad725c0e2580cc60b89aaa9f60f8dcada8e48430797b7a90e2205884
|
data/lib/saml/basic_provider.rb
CHANGED
|
@@ -1,12 +1,13 @@
|
|
|
1
1
|
module Saml
|
|
2
2
|
class BasicProvider
|
|
3
3
|
include Provider
|
|
4
|
-
attr_accessor :entity_descriptor, :
|
|
4
|
+
attr_accessor :entity_descriptor, :encryption_key, :type
|
|
5
5
|
|
|
6
|
-
def initialize(entity_descriptor,
|
|
6
|
+
def initialize(entity_descriptor, encryption_key, type, signing_key)
|
|
7
7
|
@entity_descriptor = entity_descriptor
|
|
8
|
-
@
|
|
8
|
+
@encryption_key = encryption_key
|
|
9
9
|
@type = type
|
|
10
|
+
@signing_key = signing_key
|
|
10
11
|
end
|
|
11
12
|
end
|
|
12
13
|
end
|
|
@@ -30,11 +30,12 @@ module Saml
|
|
|
30
30
|
Saml::Util.verify_xml(artifact_resolve, raw_xml)
|
|
31
31
|
end
|
|
32
32
|
|
|
33
|
-
def resolve(request, location)
|
|
33
|
+
def resolve(request, location, additional_headers = {}, proxy = {})
|
|
34
34
|
artifact = request.params["SAMLart"]
|
|
35
35
|
artifact_resolve = Saml::ArtifactResolve.new(artifact: artifact, destination: location)
|
|
36
36
|
|
|
37
|
-
|
|
37
|
+
message = notify('create_post', Saml::Util.sign_xml(artifact_resolve, :soap))
|
|
38
|
+
response = Saml::Util.post(location, message, additional_headers, proxy)
|
|
38
39
|
|
|
39
40
|
if response.code == "200"
|
|
40
41
|
notify('receive_response', response.body)
|
data/lib/saml/provider.rb
CHANGED
|
@@ -47,11 +47,20 @@ module Saml
|
|
|
47
47
|
end
|
|
48
48
|
|
|
49
49
|
def private_key
|
|
50
|
-
|
|
50
|
+
warn '[DEPRECATED] `private_key` please use signing_key or encryption_key'
|
|
51
|
+
encryption_key
|
|
52
|
+
end
|
|
53
|
+
|
|
54
|
+
def signing_key
|
|
55
|
+
@signing_key || encryption_key
|
|
56
|
+
end
|
|
57
|
+
|
|
58
|
+
def encryption_key
|
|
59
|
+
@encryption_key || private_key
|
|
51
60
|
end
|
|
52
61
|
|
|
53
62
|
def sign(signature_algorithm, data)
|
|
54
|
-
|
|
63
|
+
signing_key.sign(digest_method(signature_algorithm).new, data)
|
|
55
64
|
end
|
|
56
65
|
|
|
57
66
|
def single_sign_on_service_url(binding)
|
|
@@ -3,11 +3,13 @@ module Saml
|
|
|
3
3
|
class File
|
|
4
4
|
attr_accessor :providers
|
|
5
5
|
|
|
6
|
-
def initialize(metadata_dir = "config/metadata",
|
|
6
|
+
def initialize(metadata_dir = "config/metadata",
|
|
7
|
+
encryption_key_file = "config/ssl/key.pem", encryption_key_password = nil,
|
|
8
|
+
signing_key_file = nil, signing_key_password = nil)
|
|
7
9
|
@mutex = Mutex.new
|
|
8
10
|
self.providers = {}
|
|
9
11
|
|
|
10
|
-
load_files(metadata_dir,
|
|
12
|
+
load_files(metadata_dir, encryption_key_file, encryption_key_password, signing_key_file, signing_key_password)
|
|
11
13
|
end
|
|
12
14
|
|
|
13
15
|
def find_by_entity_id(entity_id)
|
|
@@ -21,16 +23,18 @@ module Saml
|
|
|
21
23
|
end.to_a[1]
|
|
22
24
|
end
|
|
23
25
|
|
|
24
|
-
def load_files(metadata_dir,
|
|
26
|
+
def load_files(metadata_dir, encryption_key_file, encryption_key_password = nil,
|
|
27
|
+
sign_key_file = nil, sign_key_password = nil)
|
|
25
28
|
Dir[::File.join(metadata_dir, '*.xml')].each do |file|
|
|
26
|
-
add_metadata(::File.read(file), get_private_key(
|
|
29
|
+
add_metadata(::File.read(file), get_private_key(encryption_key_file, encryption_key_password),
|
|
30
|
+
sign_key_file.present? ? get_private_key(sign_key_file, sign_key_password) : nil)
|
|
27
31
|
end
|
|
28
32
|
end
|
|
29
33
|
|
|
30
|
-
def add_metadata(metadata_xml,
|
|
34
|
+
def add_metadata(metadata_xml, encryption_key = nil, signing_key = nil)
|
|
31
35
|
entity_descriptor = Saml::Elements::EntityDescriptor.parse(metadata_xml, single: true)
|
|
32
36
|
type = entity_descriptor.sp_sso_descriptor.present? ? 'service_provider' : 'identity_provider'
|
|
33
|
-
provider = BasicProvider.new(entity_descriptor,
|
|
37
|
+
provider = BasicProvider.new(entity_descriptor, encryption_key, type, signing_key)
|
|
34
38
|
|
|
35
39
|
@mutex.synchronize do
|
|
36
40
|
providers[provider.entity_id] = provider
|
|
@@ -8,7 +8,7 @@ module Saml
|
|
|
8
8
|
entity_descriptor = Saml::Elements::EntityDescriptor.parse(metadata, single: true)
|
|
9
9
|
type = entity_descriptor.sp_sso_descriptor.present? ? "service_provider" : "identity_provider"
|
|
10
10
|
|
|
11
|
-
BasicProvider.new(entity_descriptor, nil, type)
|
|
11
|
+
BasicProvider.new(entity_descriptor, nil, type, nil)
|
|
12
12
|
end
|
|
13
13
|
|
|
14
14
|
alias_method :find_by_entity_id, :find_by_metadata_location
|
data/lib/saml/util.rb
CHANGED
|
@@ -14,10 +14,12 @@ module Saml
|
|
|
14
14
|
params
|
|
15
15
|
end
|
|
16
16
|
|
|
17
|
-
def post(location, message, additional_headers = {})
|
|
17
|
+
def post(location, message, additional_headers = {}, proxy = {})
|
|
18
18
|
uri = URI.parse(location)
|
|
19
|
+
default_proxy_settings = { addr: :ENV, port: nil, user: nil, pass: nil }
|
|
20
|
+
proxy = default_proxy_settings.merge(proxy)
|
|
19
21
|
|
|
20
|
-
http = Net::HTTP.new(uri.host, uri.port)
|
|
22
|
+
http = Net::HTTP.new(uri.host, uri.port, proxy[:addr], proxy[:port], proxy[:user], proxy[:pass])
|
|
21
23
|
http.use_ssl = uri.scheme == 'https'
|
|
22
24
|
http.verify_mode = OpenSSL::SSL::VERIFY_PEER
|
|
23
25
|
|
data/lib/saml/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: libsaml
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.
|
|
4
|
+
version: 2.20.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Benoist Claassen
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2016-01-
|
|
11
|
+
date: 2016-01-28 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: activesupport
|