omniauth-islykill 0.9.8 → 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +1 -1
  3. data/lib/omniauth-islykill/version.rb +1 -1
  4. data/lib/omniauth/strategies/islykill.rb +29 -38
  5. data/lib/signed_xml/digest_method_resolution.rb +1 -0
  6. data/lib/signed_xml/document.rb +2 -2
  7. data/lib/signed_xml/signature.rb +1 -1
  8. metadata +32 -33
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 56fced1e74fbd3dfc280e4bcf348fe2d9d618108
4
- data.tar.gz: 5b4c83f5ba4f4d904254024305263cf5643f6368
3
+ metadata.gz: 9d587f84b5b19548cb5757f12fc01c4ae0ad2f80
4
+ data.tar.gz: a89db600e9632875c20348e7d68bf756e6c63a3b
5
5
  SHA512:
6
- metadata.gz: 0aba1334e79e01ee4446173e95029afc09f0cfe55ae40b1fec260edf069d2c75ccf4dd305c8ada165bec73681aa1d1ae0eeea9d4ff84fc8940a2a64864f801aa
7
- data.tar.gz: fdfc5a2a975b9d89e0ed82c9fc1dc74c35ef1ad3d211d67dfd716319625afac14ca5fbba8530b2be0a0beb47903577d75ff962b0681d90d46b894e8aaed20f9e
6
+ metadata.gz: 369ee13fc7c14a4ec5e977636e0adaa65ea4e1660befaa2aac474e77e306fb18b3d67bb02ff027f906bfdc61288737d717e7cbdb74dd58695e482f5125fbbbea
7
+ data.tar.gz: e30326325f52c6061c38a4d15a4408602cf24f6c0a7b951431a8743064fbeb1b9956b79e04c1cb33ae3cb282ab4bfe08b18e94515b9e20de7ab26d2f23ae244f
data/README.md CHANGED
@@ -74,7 +74,7 @@ The service provider metadata used to ease configuration of the SAML SP in the I
74
74
  If not specified, the IdP is free to choose the name identifier format used
75
75
  in the response. Optional.
76
76
 
77
- * See the `Onelogin::Saml::Settings` class in the [Ruby SAML gem](https://github.com/onelogin/ruby-saml) for additional supported options.
77
+ * See the `OneLogin::Saml::Settings` class in the [Ruby SAML gem](https://github.com/onelogin/ruby-saml) for additional supported options.
78
78
 
79
79
  ## Authors
80
80
 
data/lib/omniauth-islykill/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module OmniAuth
2
2
  module ISLYKILL
3
- VERSION = '0.9.8'
3
+ VERSION = '1.0.0'
4
4
  end
5
5
  end
data/lib/omniauth/strategies/islykill.rb CHANGED
@@ -4,7 +4,7 @@ require 'ruby-saml'
4
4
  module OmniAuth
5
5
  module Strategies
6
6
  class Islykill
7
- include OmniAuth::Strategy
7
+ include OmniAuth::Strategy
8
8
 
9
9
  option :name_identifier_format, nil
10
10
  option :idp_sso_target_url_runtime_params, {}
@@ -18,12 +18,35 @@ module OmniAuth
18
18
  additional_params[mapped_param_key] = request.params[request_param_key.to_s] if request.params.has_key?(request_param_key.to_s)
19
19
  end if runtime_request_parameters
20
20
 
21
- authn_request = Onelogin::Saml::Authrequest.new
22
- settings = Onelogin::Saml::Settings.new(options)
21
+ authn_request = OneLogin::RubySaml::Authrequest.new
22
+ settings = OneLogin::RubySaml::Settings.new(options)
23
23
 
24
24
  redirect(authn_request.create(settings, additional_params))
25
25
  end
26
26
 
27
+ def read_attributes token_base64
28
+ islykill_xml_saml_response = Base64.decode64(token_base64)
29
+ signedDocument = SignedXml::Document(islykill_xml_saml_response)
30
+ if !signedDocument.is_verified?
31
+ raise OmniAuth::Strategies::Islykill::ValidationError.new("Islykill response not valid")
32
+ end
33
+
34
+ # response is valid so we extract the information using xpath
35
+ xml_doc = REXML::Document.new(islykill_xml_saml_response)
36
+ prefix='Response/Assertion/AttributeStatement/Attribute[@Name="'
37
+ postfix='"]/AttributeValue'
38
+
39
+ @attributes={
40
+ name: REXML::XPath.first(xml_doc,"#{prefix}Name#{postfix}").text,
41
+ kennitala: REXML::XPath.first(xml_doc,"#{prefix}UserSSN#{postfix}").text,
42
+ provider: REXML::XPath.first(xml_doc,"#{prefix}Authentication#{postfix}").text
43
+ }
44
+
45
+ @name_id = REXML::XPath.first(xml_doc,"Response/Assertion/Subject/NameID/@NameQualifier").value()
46
+
47
+ end
48
+
49
+
27
50
  def callback_phase
28
51
  puts " ___ _ _ _ _ "
29
52
  puts " / __ __ _| | | |__ __ _ ___| | __"
@@ -36,51 +59,19 @@ module OmniAuth
36
59
  raise OmniAuth::Strategies::Islykill::ValidationError.new("Islykill response missing")
37
60
  end
38
61
 
39
- token_base64 = request.params['token']
40
- islykill_xml_saml_response = Base64.decode64(token_base64)
41
- signedDocument = SignedXml::Document(islykill_xml_saml_response)
42
- if !signedDocument.is_verified?
43
- raise OmniAuth::Strategies::Islykill::ValidationError.new("Islykill response not valid")
44
- end
45
-
46
- # response is valid so we extract the information using xpath
47
- xml_doc = REXML::Document.new(islykill_xml_saml_response)
48
- prefix='Response/Assertion/AttributeStatement/Attribute[@Name="'
49
- postfix='"]/AttributeValue'
62
+ read_attributes request.params['token']
50
63
 
51
- @attributes={
52
- name: REXML::XPath.first(xml_doc,"#{prefix}Name#{postfix}").text,
53
- kennitala: REXML::XPath.first(xml_doc,"#{prefix}UserSSN#{postfix}").text,
54
- provider: REXML::XPath.first(xml_doc,"#{prefix}Authentication#{postfix}").text
55
- }
56
-
57
- @name_id = REXML::XPath.first(xml_doc,"Response/Assertion/Subject/NameID/@NameQualifier").value()
58
-
59
- if @name_id.nil? || @name_id.empty?
64
+ if @name_id.nil? || @name_id.empty?
60
65
  raise OmniAuth::Strategies::Islykill::ValidationError.new("SAML response missing 'name_id'")
61
66
  end
62
67
 
63
68
  super
64
69
  rescue
65
70
  fail!(:invalid_ticket, $!)
66
- rescue Onelogin::Saml::ValidationError
71
+ rescue OneLogin::RubySaml::ValidationError
67
72
  fail!(:invalid_ticket, $!)
68
73
  end
69
74
 
70
- # def other_phase
71
- # if on_path?("#{request_path}/metadata")
72
- # # omniauth does not set the strategy on the other_phase
73
- # @env['omniauth.strategy'] ||= self
74
- # setup_phase
75
-
76
- # response = Onelogin::Saml::Metadata.new
77
- # settings = Onelogin::Saml::Settings.new(options)
78
- # Rack::Response.new(response.generate(settings), 200, { "Content-Type" => "application/xml" }).finish
79
- # else
80
- # call_app!
81
- # end
82
- # end
83
-
84
75
  uid {
85
76
  #@name_id
86
77
  @attributes[:kennitala]
data/lib/signed_xml/digest_method_resolution.rb CHANGED
@@ -5,6 +5,7 @@ module SignedXml
5
5
  include OpenSSL
6
6
 
7
7
  def new_digester_for_id(id)
8
+
8
9
  id = id && id =~ /sha(.*?)$/i && $1.to_i
9
10
  case id
10
11
  when 256 then OpenSSL::Digest::SHA256.new
data/lib/signed_xml/document.rb CHANGED
@@ -12,7 +12,7 @@ module SignedXml
12
12
  @doc = thing
13
13
  else
14
14
  @doc = Nokogiri::XML(thing)
15
- end
15
+ end
16
16
  end
17
17
 
18
18
  def is_verifiable?
@@ -20,7 +20,7 @@ module SignedXml
20
20
  end
21
21
 
22
22
  def is_verified?(arg = nil)
23
- unless is_verifiable?
23
+ unless is_verifiable?
24
24
  logger.warn "document cannot be verified because it contains no <Signature> elements"
25
25
  return false
26
26
  end
data/lib/signed_xml/signature.rb CHANGED
@@ -28,9 +28,9 @@ module SignedXml
28
28
 
29
29
  def is_signed_info_verified?
30
30
  return false if public_key.nil?
31
-
32
31
  result = public_key.verify(new_digester_for_id(signed_info.signature_method), decoded_value, signed_info.apply_transforms)
33
32
  logger.info "verification of signature value [#{value}] failed" unless result
33
+ puts result
34
34
  result
35
35
  end
36
36
 
metadata CHANGED
@@ -1,71 +1,71 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: omniauth-islykill
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.9.8
4
+ version: 1.0.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Bjorgvin Thordarson
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2014-05-07 00:00:00.000000000 Z
11
+ date: 2015-10-10 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: omniauth
15
15
  requirement: !ruby/object:Gem::Requirement
16
16
  requirements:
17
- - - ~>
17
+ - - "~>"
18
18
  - !ruby/object:Gem::Version
19
19
  version: '1.2'
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
- - - ~>
24
+ - - "~>"
25
25
  - !ruby/object:Gem::Version
26
26
  version: '1.2'
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: ruby-saml
29
29
  requirement: !ruby/object:Gem::Requirement
30
30
  requirements:
31
- - - ~>
31
+ - - "~>"
32
32
  - !ruby/object:Gem::Version
33
- version: 0.7.3
33
+ version: '1.0'
34
34
  type: :runtime
35
35
  prerelease: false
36
36
  version_requirements: !ruby/object:Gem::Requirement
37
37
  requirements:
38
- - - ~>
38
+ - - "~>"
39
39
  - !ruby/object:Gem::Version
40
- version: 0.7.3
40
+ version: '1.0'
41
41
  - !ruby/object:Gem::Dependency
42
42
  name: nokogiri
43
43
  requirement: !ruby/object:Gem::Requirement
44
44
  requirements:
45
- - - ~>
45
+ - - "~>"
46
46
  - !ruby/object:Gem::Version
47
- version: '1.5'
47
+ version: '1.6'
48
48
  type: :runtime
49
49
  prerelease: false
50
50
  version_requirements: !ruby/object:Gem::Requirement
51
51
  requirements:
52
- - - ~>
52
+ - - "~>"
53
53
  - !ruby/object:Gem::Version
54
- version: '1.5'
54
+ version: '1.6'
55
55
  - !ruby/object:Gem::Dependency
56
56
  name: options
57
57
  requirement: !ruby/object:Gem::Requirement
58
58
  requirements:
59
- - - '>='
59
+ - - "~>"
60
60
  - !ruby/object:Gem::Version
61
- version: '0'
61
+ version: '2.3'
62
62
  type: :runtime
63
63
  prerelease: false
64
64
  version_requirements: !ruby/object:Gem::Requirement
65
65
  requirements:
66
- - - '>='
66
+ - - "~>"
67
67
  - !ruby/object:Gem::Version
68
- version: '0'
68
+ version: '2.3'
69
69
  description: This is a specific SAML strategy that handles authentication to Icelands
70
70
  Íslykill for OmniAuth.
71
71
  email: algrim.is@outlook.com
@@ -73,26 +73,26 @@ executables: []
73
73
  extensions: []
74
74
  extra_rdoc_files: []
75
75
  files:
76
- - README.md
77
76
  - CHANGELOG.md
77
+ - README.md
78
+ - lib/omniauth-islykill.rb
79
+ - lib/omniauth-islykill/version.rb
80
+ - lib/omniauth/strategies/islykill.rb
81
+ - lib/omniauth/strategies/islykill/validation_error.rb
78
82
  - lib/signed_xml.rb
83
+ - lib/signed_xml/base64_transform.rb
79
84
  - lib/signed_xml/c14n_transform.rb
80
- - lib/signed_xml/signed_info.rb
85
+ - lib/signed_xml/digest_method_resolution.rb
81
86
  - lib/signed_xml/digest_transform.rb
82
87
  - lib/signed_xml/document.rb
83
88
  - lib/signed_xml/enveloped_signature_transform.rb
84
- - lib/signed_xml/reference.rb
85
- - lib/signed_xml/base64_transform.rb
86
- - lib/signed_xml/version.rb
87
- - lib/signed_xml/digest_method_resolution.rb
88
- - lib/signed_xml/logging.rb
89
89
  - lib/signed_xml/fingerprinting.rb
90
- - lib/signed_xml/transformable.rb
90
+ - lib/signed_xml/logging.rb
91
+ - lib/signed_xml/reference.rb
91
92
  - lib/signed_xml/signature.rb
92
- - lib/omniauth-islykill.rb
93
- - lib/omniauth-islykill/version.rb
94
- - lib/omniauth/strategies/islykill/validation_error.rb
95
- - lib/omniauth/strategies/islykill.rb
93
+ - lib/signed_xml/signed_info.rb
94
+ - lib/signed_xml/transformable.rb
95
+ - lib/signed_xml/version.rb
96
96
  homepage: https://github.com/Algrim/omniauth-islykill
97
97
  licenses:
98
98
  - ''
@@ -103,19 +103,18 @@ require_paths:
103
103
  - lib
104
104
  required_ruby_version: !ruby/object:Gem::Requirement
105
105
  requirements:
106
- - - '>='
106
+ - - ">="
107
107
  - !ruby/object:Gem::Version
108
108
  version: '0'
109
109
  required_rubygems_version: !ruby/object:Gem::Requirement
110
110
  requirements:
111
- - - '>='
111
+ - - ">="
112
112
  - !ruby/object:Gem::Version
113
113
  version: '0'
114
114
  requirements: []
115
115
  rubyforge_project:
116
- rubygems_version: 2.1.9
116
+ rubygems_version: 2.4.5
117
117
  signing_key:
118
118
  specification_version: 4
119
- summary: This is a specific SAML strategy that handles authentication to Icelands
120
- Íslykill for OmniAuth.
119
+ summary: SAML strategy to handle Icelands Íslykill for OmniAuth.
121
120
  test_files: []