omniauth-latvija 3.0.0 → 4.0.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +3 -1
  3. data/lib/omniauth-latvija/version.rb +1 -1
  4. data/lib/omniauth/strategies/latvija/response.rb +27 -3
  5. metadata +17 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 61e8e173bd8c5e154333778d5838d7c8d5d858dd
4
- data.tar.gz: 698200a449f8c9047d87690e2221e36022a926c7
3
+ metadata.gz: '09b2671984f3e6cae04fb9c89aa8cee876a1064f'
4
+ data.tar.gz: 9c2a5f397af09733dc4658633d6a2c438a422ed4
5
5
  SHA512:
6
- metadata.gz: 2f90ced3cba761f56ce57a2d24ecc684cb69e451008d72fa78d659b5496f995a566f368200ad1c67dd673f6efaefba196b29a29d6146231223d34c8b55fb8a2f
7
- data.tar.gz: a9dafe2e3b298c9593e23918de155ebc8d6150583812744582e85c992a29b69aaa6bd21f91d66ccf3f397c0e19dc289c31eef921624392da281f8096b461911d
6
+ metadata.gz: e6f72751d59002fbd7d5a0b05a2a3e9024f163ac03b476359cbbeb5ac0904f333bd46ddc0e4bf55dde10f34b9489717d9fa9f8c262b5d32c49ff780091283cac
7
+ data.tar.gz: 806a5ffc9ef76e432a1d0e0e851cef0b5758cda40690bcdefd6647bdd3836f38575b1d18ee2c0a9369f9b6cf0b12344c04673edf9dae033ef4fb669ed792e0fb
data/README.md CHANGED
@@ -59,7 +59,9 @@ Here's an example hash available in `request.env['omniauth.auth']`
59
59
  name: 'JANIS BERZINS',
60
60
  first_name: 'JANIS',
61
61
  last_name: 'BERZINS',
62
- private_personal_identifier: '12345612345'
62
+ private_personal_identifier: '12345612345',
63
+ not_valid_before: '2019-05-09T07:29:41Z',
64
+ not_valid_on_or_after: '2019-05-09T08:29:41Z'
63
65
  },
64
66
  authentication_method: 'SWEDBANK'
65
67
  }
data/lib/omniauth-latvija/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module OmniAuth
2
2
  module Latvija
3
- VERSION = '3.0.0'
3
+ VERSION = '4.0.0'
4
4
  end
5
5
  end
data/lib/omniauth/strategies/latvija/response.rb CHANGED
@@ -13,7 +13,7 @@ module OmniAuth::Strategies
13
13
  end
14
14
 
15
15
  def validate!
16
- @document.validate!(fingerprint)
16
+ @document.validate!(fingerprint) && validate_conditions!
17
17
  end
18
18
 
19
19
  def xml
@@ -30,11 +30,15 @@ module OmniAuth::Strategies
30
30
  # Assuming there is only one value for each key
31
31
  def attributes
32
32
  @attributes ||= begin
33
+ attrs = {
34
+ 'not_valid_before' => not_valid_before,
35
+ 'not_valid_on_or_after' => not_valid_on_or_after
36
+ }
33
37
 
34
38
  stmt_elements = xml.xpath('//a:Attribute', a: ASSERTION)
35
- return {} if stmt_elements.nil?
39
+ return attrs if stmt_elements.nil?
36
40
 
37
- stmt_elements.each_with_object({}) do |element, result|
41
+ stmt_elements.each_with_object(attrs) do |element, result|
38
42
  name = element.attribute('AttributeName').value
39
43
  value = element.text
40
44
 
@@ -49,6 +53,26 @@ module OmniAuth::Strategies
49
53
  cert = OpenSSL::X509::Certificate.new(options[:certificate])
50
54
  Digest::SHA1.hexdigest(cert.to_der).upcase.scan(/../).join(':')
51
55
  end
56
+
57
+ def conditions_tag
58
+ @conditions_tag ||= xml.xpath('//saml:Conditions', saml: ASSERTION)
59
+ end
60
+
61
+ def not_valid_before
62
+ @not_valid_before ||= conditions_tag.attribute('NotBefore').value
63
+ end
64
+
65
+ def not_valid_on_or_after
66
+ @not_valid_on_or_after ||= conditions_tag.attribute('NotOnOrAfter').value
67
+ end
68
+
69
+ def validate_conditions!
70
+ if not_valid_on_or_after.present? && Time.current < Time.parse(not_valid_on_or_after)
71
+ true
72
+ else
73
+ raise ValidationError, 'Current time is on or after NotOnOrAfter condition'
74
+ end
75
+ end
52
76
  end
53
77
  end
54
78
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: omniauth-latvija
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.0.0
4
+ version: 4.0.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Edgars Beigarts
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2018-02-12 00:00:00.000000000 Z
11
+ date: 2019-05-09 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: omniauth
@@ -122,6 +122,20 @@ dependencies:
122
122
  - - ">="
123
123
  - !ruby/object:Gem::Version
124
124
  version: '0'
125
+ - !ruby/object:Gem::Dependency
126
+ name: timecop
127
+ requirement: !ruby/object:Gem::Requirement
128
+ requirements:
129
+ - - ">="
130
+ - !ruby/object:Gem::Version
131
+ version: '0'
132
+ type: :development
133
+ prerelease: false
134
+ version_requirements: !ruby/object:Gem::Requirement
135
+ requirements:
136
+ - - ">="
137
+ - !ruby/object:Gem::Version
138
+ version: '0'
125
139
  description: Latvija.lv authentication strategy for OmniAuth
126
140
  email:
127
141
  - edgars.beigarts@makit.lv
@@ -156,7 +170,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
156
170
  version: '0'
157
171
  requirements: []
158
172
  rubyforge_project:
159
- rubygems_version: 2.6.11
173
+ rubygems_version: 2.6.14
160
174
  signing_key:
161
175
  specification_version: 4
162
176
  summary: Latvija.lv authentication strategy for OmniAuth