omniauth-latvija 3.0.0 → 4.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +3 -1
- data/lib/omniauth-latvija/version.rb +1 -1
- data/lib/omniauth/strategies/latvija/response.rb +27 -3
- metadata +17 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: '09b2671984f3e6cae04fb9c89aa8cee876a1064f'
|
4
|
+
data.tar.gz: 9c2a5f397af09733dc4658633d6a2c438a422ed4
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: e6f72751d59002fbd7d5a0b05a2a3e9024f163ac03b476359cbbeb5ac0904f333bd46ddc0e4bf55dde10f34b9489717d9fa9f8c262b5d32c49ff780091283cac
|
7
|
+
data.tar.gz: 806a5ffc9ef76e432a1d0e0e851cef0b5758cda40690bcdefd6647bdd3836f38575b1d18ee2c0a9369f9b6cf0b12344c04673edf9dae033ef4fb669ed792e0fb
|
data/README.md
CHANGED
@@ -59,7 +59,9 @@ Here's an example hash available in `request.env['omniauth.auth']`
|
|
59
59
|
name: 'JANIS BERZINS',
|
60
60
|
first_name: 'JANIS',
|
61
61
|
last_name: 'BERZINS',
|
62
|
-
private_personal_identifier: '12345612345'
|
62
|
+
private_personal_identifier: '12345612345',
|
63
|
+
not_valid_before: '2019-05-09T07:29:41Z',
|
64
|
+
not_valid_on_or_after: '2019-05-09T08:29:41Z'
|
63
65
|
},
|
64
66
|
authentication_method: 'SWEDBANK'
|
65
67
|
}
|
@@ -13,7 +13,7 @@ module OmniAuth::Strategies
|
|
13
13
|
end
|
14
14
|
|
15
15
|
def validate!
|
16
|
-
@document.validate!(fingerprint)
|
16
|
+
@document.validate!(fingerprint) && validate_conditions!
|
17
17
|
end
|
18
18
|
|
19
19
|
def xml
|
@@ -30,11 +30,15 @@ module OmniAuth::Strategies
|
|
30
30
|
# Assuming there is only one value for each key
|
31
31
|
def attributes
|
32
32
|
@attributes ||= begin
|
33
|
+
attrs = {
|
34
|
+
'not_valid_before' => not_valid_before,
|
35
|
+
'not_valid_on_or_after' => not_valid_on_or_after
|
36
|
+
}
|
33
37
|
|
34
38
|
stmt_elements = xml.xpath('//a:Attribute', a: ASSERTION)
|
35
|
-
return
|
39
|
+
return attrs if stmt_elements.nil?
|
36
40
|
|
37
|
-
stmt_elements.each_with_object(
|
41
|
+
stmt_elements.each_with_object(attrs) do |element, result|
|
38
42
|
name = element.attribute('AttributeName').value
|
39
43
|
value = element.text
|
40
44
|
|
@@ -49,6 +53,26 @@ module OmniAuth::Strategies
|
|
49
53
|
cert = OpenSSL::X509::Certificate.new(options[:certificate])
|
50
54
|
Digest::SHA1.hexdigest(cert.to_der).upcase.scan(/../).join(':')
|
51
55
|
end
|
56
|
+
|
57
|
+
def conditions_tag
|
58
|
+
@conditions_tag ||= xml.xpath('//saml:Conditions', saml: ASSERTION)
|
59
|
+
end
|
60
|
+
|
61
|
+
def not_valid_before
|
62
|
+
@not_valid_before ||= conditions_tag.attribute('NotBefore').value
|
63
|
+
end
|
64
|
+
|
65
|
+
def not_valid_on_or_after
|
66
|
+
@not_valid_on_or_after ||= conditions_tag.attribute('NotOnOrAfter').value
|
67
|
+
end
|
68
|
+
|
69
|
+
def validate_conditions!
|
70
|
+
if not_valid_on_or_after.present? && Time.current < Time.parse(not_valid_on_or_after)
|
71
|
+
true
|
72
|
+
else
|
73
|
+
raise ValidationError, 'Current time is on or after NotOnOrAfter condition'
|
74
|
+
end
|
75
|
+
end
|
52
76
|
end
|
53
77
|
end
|
54
78
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: omniauth-latvija
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version:
|
4
|
+
version: 4.0.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Edgars Beigarts
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2019-05-09 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: omniauth
|
@@ -122,6 +122,20 @@ dependencies:
|
|
122
122
|
- - ">="
|
123
123
|
- !ruby/object:Gem::Version
|
124
124
|
version: '0'
|
125
|
+
- !ruby/object:Gem::Dependency
|
126
|
+
name: timecop
|
127
|
+
requirement: !ruby/object:Gem::Requirement
|
128
|
+
requirements:
|
129
|
+
- - ">="
|
130
|
+
- !ruby/object:Gem::Version
|
131
|
+
version: '0'
|
132
|
+
type: :development
|
133
|
+
prerelease: false
|
134
|
+
version_requirements: !ruby/object:Gem::Requirement
|
135
|
+
requirements:
|
136
|
+
- - ">="
|
137
|
+
- !ruby/object:Gem::Version
|
138
|
+
version: '0'
|
125
139
|
description: Latvija.lv authentication strategy for OmniAuth
|
126
140
|
email:
|
127
141
|
- edgars.beigarts@makit.lv
|
@@ -156,7 +170,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
156
170
|
version: '0'
|
157
171
|
requirements: []
|
158
172
|
rubyforge_project:
|
159
|
-
rubygems_version: 2.6.
|
173
|
+
rubygems_version: 2.6.14
|
160
174
|
signing_key:
|
161
175
|
specification_version: 4
|
162
176
|
summary: Latvija.lv authentication strategy for OmniAuth
|