omniauth-latvija 3.0.0 → 4.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 61e8e173bd8c5e154333778d5838d7c8d5d858dd
4
- data.tar.gz: 698200a449f8c9047d87690e2221e36022a926c7
3
+ metadata.gz: '09b2671984f3e6cae04fb9c89aa8cee876a1064f'
4
+ data.tar.gz: 9c2a5f397af09733dc4658633d6a2c438a422ed4
5
5
  SHA512:
6
- metadata.gz: 2f90ced3cba761f56ce57a2d24ecc684cb69e451008d72fa78d659b5496f995a566f368200ad1c67dd673f6efaefba196b29a29d6146231223d34c8b55fb8a2f
7
- data.tar.gz: a9dafe2e3b298c9593e23918de155ebc8d6150583812744582e85c992a29b69aaa6bd21f91d66ccf3f397c0e19dc289c31eef921624392da281f8096b461911d
6
+ metadata.gz: e6f72751d59002fbd7d5a0b05a2a3e9024f163ac03b476359cbbeb5ac0904f333bd46ddc0e4bf55dde10f34b9489717d9fa9f8c262b5d32c49ff780091283cac
7
+ data.tar.gz: 806a5ffc9ef76e432a1d0e0e851cef0b5758cda40690bcdefd6647bdd3836f38575b1d18ee2c0a9369f9b6cf0b12344c04673edf9dae033ef4fb669ed792e0fb
data/README.md CHANGED
@@ -59,7 +59,9 @@ Here's an example hash available in `request.env['omniauth.auth']`
59
59
  name: 'JANIS BERZINS',
60
60
  first_name: 'JANIS',
61
61
  last_name: 'BERZINS',
62
- private_personal_identifier: '12345612345'
62
+ private_personal_identifier: '12345612345',
63
+ not_valid_before: '2019-05-09T07:29:41Z',
64
+ not_valid_on_or_after: '2019-05-09T08:29:41Z'
63
65
  },
64
66
  authentication_method: 'SWEDBANK'
65
67
  }
@@ -1,5 +1,5 @@
1
1
  module OmniAuth
2
2
  module Latvija
3
- VERSION = '3.0.0'
3
+ VERSION = '4.0.0'
4
4
  end
5
5
  end
@@ -13,7 +13,7 @@ module OmniAuth::Strategies
13
13
  end
14
14
 
15
15
  def validate!
16
- @document.validate!(fingerprint)
16
+ @document.validate!(fingerprint) && validate_conditions!
17
17
  end
18
18
 
19
19
  def xml
@@ -30,11 +30,15 @@ module OmniAuth::Strategies
30
30
  # Assuming there is only one value for each key
31
31
  def attributes
32
32
  @attributes ||= begin
33
+ attrs = {
34
+ 'not_valid_before' => not_valid_before,
35
+ 'not_valid_on_or_after' => not_valid_on_or_after
36
+ }
33
37
 
34
38
  stmt_elements = xml.xpath('//a:Attribute', a: ASSERTION)
35
- return {} if stmt_elements.nil?
39
+ return attrs if stmt_elements.nil?
36
40
 
37
- stmt_elements.each_with_object({}) do |element, result|
41
+ stmt_elements.each_with_object(attrs) do |element, result|
38
42
  name = element.attribute('AttributeName').value
39
43
  value = element.text
40
44
 
@@ -49,6 +53,26 @@ module OmniAuth::Strategies
49
53
  cert = OpenSSL::X509::Certificate.new(options[:certificate])
50
54
  Digest::SHA1.hexdigest(cert.to_der).upcase.scan(/../).join(':')
51
55
  end
56
+
57
+ def conditions_tag
58
+ @conditions_tag ||= xml.xpath('//saml:Conditions', saml: ASSERTION)
59
+ end
60
+
61
+ def not_valid_before
62
+ @not_valid_before ||= conditions_tag.attribute('NotBefore').value
63
+ end
64
+
65
+ def not_valid_on_or_after
66
+ @not_valid_on_or_after ||= conditions_tag.attribute('NotOnOrAfter').value
67
+ end
68
+
69
+ def validate_conditions!
70
+ if not_valid_on_or_after.present? && Time.current < Time.parse(not_valid_on_or_after)
71
+ true
72
+ else
73
+ raise ValidationError, 'Current time is on or after NotOnOrAfter condition'
74
+ end
75
+ end
52
76
  end
53
77
  end
54
78
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: omniauth-latvija
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.0.0
4
+ version: 4.0.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Edgars Beigarts
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2018-02-12 00:00:00.000000000 Z
11
+ date: 2019-05-09 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: omniauth
@@ -122,6 +122,20 @@ dependencies:
122
122
  - - ">="
123
123
  - !ruby/object:Gem::Version
124
124
  version: '0'
125
+ - !ruby/object:Gem::Dependency
126
+ name: timecop
127
+ requirement: !ruby/object:Gem::Requirement
128
+ requirements:
129
+ - - ">="
130
+ - !ruby/object:Gem::Version
131
+ version: '0'
132
+ type: :development
133
+ prerelease: false
134
+ version_requirements: !ruby/object:Gem::Requirement
135
+ requirements:
136
+ - - ">="
137
+ - !ruby/object:Gem::Version
138
+ version: '0'
125
139
  description: Latvija.lv authentication strategy for OmniAuth
126
140
  email:
127
141
  - edgars.beigarts@makit.lv
@@ -156,7 +170,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
156
170
  version: '0'
157
171
  requirements: []
158
172
  rubyforge_project:
159
- rubygems_version: 2.6.11
173
+ rubygems_version: 2.6.14
160
174
  signing_key:
161
175
  specification_version: 4
162
176
  summary: Latvija.lv authentication strategy for OmniAuth