omniauth-islykill 0.9.8 → 1.0.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +1 -1
  3. data/lib/omniauth-islykill/version.rb +1 -1
  4. data/lib/omniauth/strategies/islykill.rb +29 -38
  5. data/lib/signed_xml/digest_method_resolution.rb +1 -0
  6. data/lib/signed_xml/document.rb +2 -2
  7. data/lib/signed_xml/signature.rb +1 -1
  8. metadata +32 -33
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 56fced1e74fbd3dfc280e4bcf348fe2d9d618108
4
- data.tar.gz: 5b4c83f5ba4f4d904254024305263cf5643f6368
3
+ metadata.gz: 9d587f84b5b19548cb5757f12fc01c4ae0ad2f80
4
+ data.tar.gz: a89db600e9632875c20348e7d68bf756e6c63a3b
5
5
  SHA512:
6
- metadata.gz: 0aba1334e79e01ee4446173e95029afc09f0cfe55ae40b1fec260edf069d2c75ccf4dd305c8ada165bec73681aa1d1ae0eeea9d4ff84fc8940a2a64864f801aa
7
- data.tar.gz: fdfc5a2a975b9d89e0ed82c9fc1dc74c35ef1ad3d211d67dfd716319625afac14ca5fbba8530b2be0a0beb47903577d75ff962b0681d90d46b894e8aaed20f9e
6
+ metadata.gz: 369ee13fc7c14a4ec5e977636e0adaa65ea4e1660befaa2aac474e77e306fb18b3d67bb02ff027f906bfdc61288737d717e7cbdb74dd58695e482f5125fbbbea
7
+ data.tar.gz: e30326325f52c6061c38a4d15a4408602cf24f6c0a7b951431a8743064fbeb1b9956b79e04c1cb33ae3cb282ab4bfe08b18e94515b9e20de7ab26d2f23ae244f
data/README.md CHANGED
@@ -74,7 +74,7 @@ The service provider metadata used to ease configuration of the SAML SP in the I
74
74
  If not specified, the IdP is free to choose the name identifier format used
75
75
  in the response. Optional.
76
76
 
77
- * See the `Onelogin::Saml::Settings` class in the [Ruby SAML gem](https://github.com/onelogin/ruby-saml) for additional supported options.
77
+ * See the `OneLogin::Saml::Settings` class in the [Ruby SAML gem](https://github.com/onelogin/ruby-saml) for additional supported options.
78
78
 
79
79
  ## Authors
80
80
 
data/lib/omniauth-islykill/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module OmniAuth
2
2
  module ISLYKILL
3
- VERSION = '0.9.8'
3
+ VERSION = '1.0.0'
4
4
  end
5
5
  end
data/lib/omniauth/strategies/islykill.rb CHANGED
@@ -4,7 +4,7 @@ require 'ruby-saml'
4
4
  module OmniAuth
5
5
  module Strategies
6
6
  class Islykill
7
- include OmniAuth::Strategy
7
+ include OmniAuth::Strategy
8
8
 
9
9
  option :name_identifier_format, nil
10
10
  option :idp_sso_target_url_runtime_params, {}
@@ -18,12 +18,35 @@ module OmniAuth
18
18
  additional_params[mapped_param_key] = request.params[request_param_key.to_s] if request.params.has_key?(request_param_key.to_s)
19
19
  end if runtime_request_parameters
20
20
 
21
- authn_request = Onelogin::Saml::Authrequest.new
22
- settings = Onelogin::Saml::Settings.new(options)
21
+ authn_request = OneLogin::RubySaml::Authrequest.new
22
+ settings = OneLogin::RubySaml::Settings.new(options)
23
23
 
24
24
  redirect(authn_request.create(settings, additional_params))
25
25
  end
26
26
 
27
+ def read_attributes token_base64
28
+ islykill_xml_saml_response = Base64.decode64(token_base64)
29
+ signedDocument = SignedXml::Document(islykill_xml_saml_response)
30
+ if !signedDocument.is_verified?
31
+ raise OmniAuth::Strategies::Islykill::ValidationError.new("Islykill response not valid")
32
+ end
33
+
34
+ # response is valid so we extract the information using xpath
35
+ xml_doc = REXML::Document.new(islykill_xml_saml_response)
36
+ prefix='Response/Assertion/AttributeStatement/Attribute[@Name="'
37
+ postfix='"]/AttributeValue'
38
+
39
+ @attributes={
40
+ name: REXML::XPath.first(xml_doc,"#{prefix}Name#{postfix}").text,
41
+ kennitala: REXML::XPath.first(xml_doc,"#{prefix}UserSSN#{postfix}").text,
42
+ provider: REXML::XPath.first(xml_doc,"#{prefix}Authentication#{postfix}").text
43
+ }
44
+
45
+ @name_id = REXML::XPath.first(xml_doc,"Response/Assertion/Subject/NameID/@NameQualifier").value()
46
+
47
+ end
48
+
49
+
27
50
  def callback_phase
28
51
  puts " ___ _ _ _ _ "
29
52
  puts " / __ __ _| | | |__ __ _ ___| | __"
@@ -36,51 +59,19 @@ module OmniAuth
36
59
  raise OmniAuth::Strategies::Islykill::ValidationError.new("Islykill response missing")
37
60
  end
38
61
 
39
- token_base64 = request.params['token']
40
- islykill_xml_saml_response = Base64.decode64(token_base64)
41
- signedDocument = SignedXml::Document(islykill_xml_saml_response)
42
- if !signedDocument.is_verified?
43
- raise OmniAuth::Strategies::Islykill::ValidationError.new("Islykill response not valid")
44
- end
45
-
46
- # response is valid so we extract the information using xpath
47
- xml_doc = REXML::Document.new(islykill_xml_saml_response)
48
- prefix='Response/Assertion/AttributeStatement/Attribute[@Name="'
49
- postfix='"]/AttributeValue'
62
+ read_attributes request.params['token']
50
63
 
51
- @attributes={
52
- name: REXML::XPath.first(xml_doc,"#{prefix}Name#{postfix}").text,
53
- kennitala: REXML::XPath.first(xml_doc,"#{prefix}UserSSN#{postfix}").text,
54
- provider: REXML::XPath.first(xml_doc,"#{prefix}Authentication#{postfix}").text
55
- }
56
-
57
- @name_id = REXML::XPath.first(xml_doc,"Response/Assertion/Subject/NameID/@NameQualifier").value()
58
-
59
- if @name_id.nil? || @name_id.empty?
64
+ if @name_id.nil? || @name_id.empty?
60
65
  raise OmniAuth::Strategies::Islykill::ValidationError.new("SAML response missing 'name_id'")
61
66
  end
62
67
 
63
68
  super
64
69
  rescue
65
70
  fail!(:invalid_ticket, $!)
66
- rescue Onelogin::Saml::ValidationError
71
+ rescue OneLogin::RubySaml::ValidationError
67
72
  fail!(:invalid_ticket, $!)
68
73
  end
69
74
 
70
- # def other_phase
71
- # if on_path?("#{request_path}/metadata")
72
- # # omniauth does not set the strategy on the other_phase
73
- # @env['omniauth.strategy'] ||= self
74
- # setup_phase
75
-
76
- # response = Onelogin::Saml::Metadata.new
77
- # settings = Onelogin::Saml::Settings.new(options)
78
- # Rack::Response.new(response.generate(settings), 200, { "Content-Type" => "application/xml" }).finish
79
- # else
80
- # call_app!
81
- # end
82
- # end
83
-
84
75
  uid {
85
76
  #@name_id
86
77
  @attributes[:kennitala]
data/lib/signed_xml/digest_method_resolution.rb CHANGED
@@ -5,6 +5,7 @@ module SignedXml
5
5
  include OpenSSL
6
6
 
7
7
  def new_digester_for_id(id)
8
+
8
9
  id = id && id =~ /sha(.*?)$/i && $1.to_i
9
10
  case id
10
11
  when 256 then OpenSSL::Digest::SHA256.new
data/lib/signed_xml/document.rb CHANGED
@@ -12,7 +12,7 @@ module SignedXml
12
12
  @doc = thing
13
13
  else
14
14
  @doc = Nokogiri::XML(thing)
15
- end
15
+ end
16
16
  end
17
17
 
18
18
  def is_verifiable?
@@ -20,7 +20,7 @@ module SignedXml
20
20
  end
21
21
 
22
22
  def is_verified?(arg = nil)
23
- unless is_verifiable?
23
+ unless is_verifiable?
24
24
  logger.warn "document cannot be verified because it contains no <Signature> elements"
25
25
  return false
26
26
  end
data/lib/signed_xml/signature.rb CHANGED
@@ -28,9 +28,9 @@ module SignedXml
28
28
 
29
29
  def is_signed_info_verified?
30
30
  return false if public_key.nil?
31
-
32
31
  result = public_key.verify(new_digester_for_id(signed_info.signature_method), decoded_value, signed_info.apply_transforms)
33
32
  logger.info "verification of signature value [#{value}] failed" unless result
33
+ puts result
34
34
  result
35
35
  end
36
36
 
metadata CHANGED
@@ -1,71 +1,71 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: omniauth-islykill
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.9.8
4
+ version: 1.0.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Bjorgvin Thordarson
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2014-05-07 00:00:00.000000000 Z
11
+ date: 2015-10-10 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: omniauth
15
15
  requirement: !ruby/object:Gem::Requirement
16
16
  requirements:
17
- - - ~>
17
+ - - "~>"
18
18
  - !ruby/object:Gem::Version
19
19
  version: '1.2'
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
- - - ~>
24
+ - - "~>"
25
25
  - !ruby/object:Gem::Version
26
26
  version: '1.2'
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: ruby-saml
29
29
  requirement: !ruby/object:Gem::Requirement
30
30
  requirements:
31
- - - ~>
31
+ - - "~>"
32
32
  - !ruby/object:Gem::Version
33
- version: 0.7.3
33
+ version: '1.0'
34
34
  type: :runtime
35
35
  prerelease: false
36
36
  version_requirements: !ruby/object:Gem::Requirement
37
37
  requirements:
38
- - - ~>
38
+ - - "~>"
39
39
  - !ruby/object:Gem::Version
40
- version: 0.7.3
40
+ version: '1.0'
41
41
  - !ruby/object:Gem::Dependency
42
42
  name: nokogiri
43
43
  requirement: !ruby/object:Gem::Requirement
44
44
  requirements:
45
- - - ~>
45
+ - - "~>"
46
46
  - !ruby/object:Gem::Version
47
- version: '1.5'
47
+ version: '1.6'
48
48
  type: :runtime
49
49
  prerelease: false
50
50
  version_requirements: !ruby/object:Gem::Requirement
51
51
  requirements:
52
- - - ~>
52
+ - - "~>"
53
53
  - !ruby/object:Gem::Version
54
- version: '1.5'
54
+ version: '1.6'
55
55
  - !ruby/object:Gem::Dependency
56
56
  name: options
57
57
  requirement: !ruby/object:Gem::Requirement
58
58
  requirements:
59
- - - '>='
59
+ - - "~>"
60
60
  - !ruby/object:Gem::Version
61
- version: '0'
61
+ version: '2.3'
62
62
  type: :runtime
63
63
  prerelease: false
64
64
  version_requirements: !ruby/object:Gem::Requirement
65
65
  requirements:
66
- - - '>='
66
+ - - "~>"
67
67
  - !ruby/object:Gem::Version
68
- version: '0'
68
+ version: '2.3'
69
69
  description: This is a specific SAML strategy that handles authentication to Icelands
70
70
  Íslykill for OmniAuth.
71
71
  email: algrim.is@outlook.com
@@ -73,26 +73,26 @@ executables: []
73
73
  extensions: []
74
74
  extra_rdoc_files: []
75
75
  files:
76
- - README.md
77
76
  - CHANGELOG.md
77
+ - README.md
78
+ - lib/omniauth-islykill.rb
79
+ - lib/omniauth-islykill/version.rb
80
+ - lib/omniauth/strategies/islykill.rb
81
+ - lib/omniauth/strategies/islykill/validation_error.rb
78
82
  - lib/signed_xml.rb
83
+ - lib/signed_xml/base64_transform.rb
79
84
  - lib/signed_xml/c14n_transform.rb
80
- - lib/signed_xml/signed_info.rb
85
+ - lib/signed_xml/digest_method_resolution.rb
81
86
  - lib/signed_xml/digest_transform.rb
82
87
  - lib/signed_xml/document.rb
83
88
  - lib/signed_xml/enveloped_signature_transform.rb
84
- - lib/signed_xml/reference.rb
85
- - lib/signed_xml/base64_transform.rb
86
- - lib/signed_xml/version.rb
87
- - lib/signed_xml/digest_method_resolution.rb
88
- - lib/signed_xml/logging.rb
89
89
  - lib/signed_xml/fingerprinting.rb
90
- - lib/signed_xml/transformable.rb
90
+ - lib/signed_xml/logging.rb
91
+ - lib/signed_xml/reference.rb
91
92
  - lib/signed_xml/signature.rb
92
- - lib/omniauth-islykill.rb
93
- - lib/omniauth-islykill/version.rb
94
- - lib/omniauth/strategies/islykill/validation_error.rb
95
- - lib/omniauth/strategies/islykill.rb
93
+ - lib/signed_xml/signed_info.rb
94
+ - lib/signed_xml/transformable.rb
95
+ - lib/signed_xml/version.rb
96
96
  homepage: https://github.com/Algrim/omniauth-islykill
97
97
  licenses:
98
98
  - ''
@@ -103,19 +103,18 @@ require_paths:
103
103
  - lib
104
104
  required_ruby_version: !ruby/object:Gem::Requirement
105
105
  requirements:
106
- - - '>='
106
+ - - ">="
107
107
  - !ruby/object:Gem::Version
108
108
  version: '0'
109
109
  required_rubygems_version: !ruby/object:Gem::Requirement
110
110
  requirements:
111
- - - '>='
111
+ - - ">="
112
112
  - !ruby/object:Gem::Version
113
113
  version: '0'
114
114
  requirements: []
115
115
  rubyforge_project:
116
- rubygems_version: 2.1.9
116
+ rubygems_version: 2.4.5
117
117
  signing_key:
118
118
  specification_version: 4
119
- summary: This is a specific SAML strategy that handles authentication to Icelands
120
- Íslykill for OmniAuth.
119
+ summary: SAML strategy to handle Icelands Íslykill for OmniAuth.
121
120
  test_files: []