omniauth-latvija 3.0.0 → 4.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +3 -1
- data/lib/omniauth-latvija/version.rb +1 -1
- data/lib/omniauth/strategies/latvija/response.rb +27 -3
- metadata +17 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: '09b2671984f3e6cae04fb9c89aa8cee876a1064f'
|
|
4
|
+
data.tar.gz: 9c2a5f397af09733dc4658633d6a2c438a422ed4
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: e6f72751d59002fbd7d5a0b05a2a3e9024f163ac03b476359cbbeb5ac0904f333bd46ddc0e4bf55dde10f34b9489717d9fa9f8c262b5d32c49ff780091283cac
|
|
7
|
+
data.tar.gz: 806a5ffc9ef76e432a1d0e0e851cef0b5758cda40690bcdefd6647bdd3836f38575b1d18ee2c0a9369f9b6cf0b12344c04673edf9dae033ef4fb669ed792e0fb
|
data/README.md
CHANGED
|
@@ -59,7 +59,9 @@ Here's an example hash available in `request.env['omniauth.auth']`
|
|
|
59
59
|
name: 'JANIS BERZINS',
|
|
60
60
|
first_name: 'JANIS',
|
|
61
61
|
last_name: 'BERZINS',
|
|
62
|
-
private_personal_identifier: '12345612345'
|
|
62
|
+
private_personal_identifier: '12345612345',
|
|
63
|
+
not_valid_before: '2019-05-09T07:29:41Z',
|
|
64
|
+
not_valid_on_or_after: '2019-05-09T08:29:41Z'
|
|
63
65
|
},
|
|
64
66
|
authentication_method: 'SWEDBANK'
|
|
65
67
|
}
|
|
@@ -13,7 +13,7 @@ module OmniAuth::Strategies
|
|
|
13
13
|
end
|
|
14
14
|
|
|
15
15
|
def validate!
|
|
16
|
-
@document.validate!(fingerprint)
|
|
16
|
+
@document.validate!(fingerprint) && validate_conditions!
|
|
17
17
|
end
|
|
18
18
|
|
|
19
19
|
def xml
|
|
@@ -30,11 +30,15 @@ module OmniAuth::Strategies
|
|
|
30
30
|
# Assuming there is only one value for each key
|
|
31
31
|
def attributes
|
|
32
32
|
@attributes ||= begin
|
|
33
|
+
attrs = {
|
|
34
|
+
'not_valid_before' => not_valid_before,
|
|
35
|
+
'not_valid_on_or_after' => not_valid_on_or_after
|
|
36
|
+
}
|
|
33
37
|
|
|
34
38
|
stmt_elements = xml.xpath('//a:Attribute', a: ASSERTION)
|
|
35
|
-
return
|
|
39
|
+
return attrs if stmt_elements.nil?
|
|
36
40
|
|
|
37
|
-
stmt_elements.each_with_object(
|
|
41
|
+
stmt_elements.each_with_object(attrs) do |element, result|
|
|
38
42
|
name = element.attribute('AttributeName').value
|
|
39
43
|
value = element.text
|
|
40
44
|
|
|
@@ -49,6 +53,26 @@ module OmniAuth::Strategies
|
|
|
49
53
|
cert = OpenSSL::X509::Certificate.new(options[:certificate])
|
|
50
54
|
Digest::SHA1.hexdigest(cert.to_der).upcase.scan(/../).join(':')
|
|
51
55
|
end
|
|
56
|
+
|
|
57
|
+
def conditions_tag
|
|
58
|
+
@conditions_tag ||= xml.xpath('//saml:Conditions', saml: ASSERTION)
|
|
59
|
+
end
|
|
60
|
+
|
|
61
|
+
def not_valid_before
|
|
62
|
+
@not_valid_before ||= conditions_tag.attribute('NotBefore').value
|
|
63
|
+
end
|
|
64
|
+
|
|
65
|
+
def not_valid_on_or_after
|
|
66
|
+
@not_valid_on_or_after ||= conditions_tag.attribute('NotOnOrAfter').value
|
|
67
|
+
end
|
|
68
|
+
|
|
69
|
+
def validate_conditions!
|
|
70
|
+
if not_valid_on_or_after.present? && Time.current < Time.parse(not_valid_on_or_after)
|
|
71
|
+
true
|
|
72
|
+
else
|
|
73
|
+
raise ValidationError, 'Current time is on or after NotOnOrAfter condition'
|
|
74
|
+
end
|
|
75
|
+
end
|
|
52
76
|
end
|
|
53
77
|
end
|
|
54
78
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: omniauth-latvija
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version:
|
|
4
|
+
version: 4.0.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Edgars Beigarts
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2019-05-09 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: omniauth
|
|
@@ -122,6 +122,20 @@ dependencies:
|
|
|
122
122
|
- - ">="
|
|
123
123
|
- !ruby/object:Gem::Version
|
|
124
124
|
version: '0'
|
|
125
|
+
- !ruby/object:Gem::Dependency
|
|
126
|
+
name: timecop
|
|
127
|
+
requirement: !ruby/object:Gem::Requirement
|
|
128
|
+
requirements:
|
|
129
|
+
- - ">="
|
|
130
|
+
- !ruby/object:Gem::Version
|
|
131
|
+
version: '0'
|
|
132
|
+
type: :development
|
|
133
|
+
prerelease: false
|
|
134
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
135
|
+
requirements:
|
|
136
|
+
- - ">="
|
|
137
|
+
- !ruby/object:Gem::Version
|
|
138
|
+
version: '0'
|
|
125
139
|
description: Latvija.lv authentication strategy for OmniAuth
|
|
126
140
|
email:
|
|
127
141
|
- edgars.beigarts@makit.lv
|
|
@@ -156,7 +170,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
156
170
|
version: '0'
|
|
157
171
|
requirements: []
|
|
158
172
|
rubyforge_project:
|
|
159
|
-
rubygems_version: 2.6.
|
|
173
|
+
rubygems_version: 2.6.14
|
|
160
174
|
signing_key:
|
|
161
175
|
specification_version: 4
|
|
162
176
|
summary: Latvija.lv authentication strategy for OmniAuth
|