omniauth-mpassid 0.2.0 → 0.5.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +1 -1
  3. data/lib/omniauth/strategies/mpassid.rb +64 -45
  4. data/lib/omniauth-mpassid/version.rb +1 -1
  5. metadata +10 -10
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: d20db7b39bbaa982cf5e05417c903cc08f3b543d7eac10ba621e8c5868aa1c45
4
- data.tar.gz: 2c54ae01ece53cccc2d3f323c46e0d876a87443b38d306ce6ee9656fda8c1a3b
3
+ metadata.gz: 3ff6ff316ec561eadb8093c30bcbe1097823cf11796a81386b11d40228c4cdc6
4
+ data.tar.gz: dd16b5f03d5e8b7814e9b210fe981b15a10521e841f9560cd40a86af67c54ce0
5
5
  SHA512:
6
- metadata.gz: acd40c82d1dd81d7e4a9184c014dd0797930a2743327e61ab54319b9bebf2dc0726990386670ff94c4f216a27f910635daed878513dcd87fcbfc3a74180e5369
7
- data.tar.gz: c1b6d98478a1c39c1aabb7cafd2d1631f92613897936ac497661271da0b848fa3a2740a9910d091dcae4e6c470490bc5571d9f3310b81743bc88e347a9d7b5fb
6
+ metadata.gz: 2bcf7c78c1072b8c52db7e9381321fa2a9bcef19c7e5e2d62d98e161808419484c1ecb5ff7472a4fa2bd90e32ebbd735e6a6b7e8150e8a0673a4e7f46d303c6e
7
+ data.tar.gz: 6c4d56294369192b594a2b6afc9c0ea371d21d44b46e49078c31af3d78794c255d3000ebae7cb8dc318f5a8f36ee8c2416bbcf27086528ca389a8a4203fdf4c8
data/README.md CHANGED
@@ -1,6 +1,6 @@
1
1
  # OmniAuth MPASSid (SAML 2.0)
2
2
 
3
- [![Build Status](https://travis-ci.com/mainio/omniauth-mpassid.svg?branch=master)](https://travis-ci.com/mainio/omniauth-mpassid)
3
+ [![Build Status](https://github.com/mainio/omniauth-mpassid/actions/workflows/ci_omniauth_mpassid.yml/badge.svg)](https://github.com/mainio/omniauth-mpassid/actions)
4
4
  [![codecov](https://codecov.io/gh/mainio/omniauth-mpassid/branch/master/graph/badge.svg)](https://codecov.io/gh/mainio/omniauth-mpassid)
5
5
 
6
6
  This is an unofficial OmniAuth strategy for authenticating with the MPASSid
data/lib/omniauth/strategies/mpassid.rb CHANGED
@@ -23,13 +23,13 @@ module OmniAuth
23
23
  # - fi_FI
24
24
  #
25
25
  # In case a valid language cannot be parsed from the parameter, the lang
26
- # parameter will default to `:idp_sso_target_url_default_lang`.
27
- option :idp_sso_target_url_lang_params, %w[locale language lang]
26
+ # parameter will default to `:idp_sso_service_url_default_lang`.
27
+ option :idp_sso_service_url_lang_params, %w[locale language lang]
28
28
 
29
29
  # This is the default language to be passed to IdP sign in redirect URL as
30
30
  # defined above. In case a valid language is not found from the request
31
31
  # parameters, this will be used instead.
32
- option :idp_sso_target_url_default_lang, 'fi'
32
+ option :idp_sso_service_url_default_lang, 'fi'
33
33
 
34
34
  # The request attributes for MPASSid
35
35
  option :request_attributes, [
@@ -39,13 +39,15 @@ module OmniAuth
39
39
  # (single value)
40
40
  {
41
41
  name: 'urn:mpass.id:uid',
42
- name_format: 'urn:oasis:names:tc:SAML:2.0:attrname-format:uri'
42
+ name_format: 'urn:oasis:names:tc:SAML:2.0:attrname-format:uri',
43
+ friendly_name: 'mpassUsername'
43
44
  },
44
45
  # Funet EDU person learner ID
45
46
  # (single value)
46
47
  {
47
48
  name: 'urn:oid:1.3.6.1.4.1.16161.1.1.27',
48
- name_format: 'urn:oasis:names:tc:SAML:2.0:attrname-format:uri'
49
+ name_format: 'urn:oasis:names:tc:SAML:2.0:attrname-format:uri',
50
+ friendly_name: 'learnerId'
49
51
  },
50
52
  # The first/given name of the user.
51
53
  # (single value)
@@ -68,26 +70,6 @@ module OmniAuth
68
70
  name_format: 'urn:oasis:names:tc:SAML:2.0:attrname-format:uri',
69
71
  friendly_name: 'sn'
70
72
  },
71
- # The municipality code of the authenticated user. See
72
- # http://tilastokeskus.fi/meta/luokitukset/kunta/001-2017/index.html
73
- # for mappings in Finland.
74
- # (multi value)
75
- {
76
- name: 'urn:mpass.id:municipalityCode',
77
- name_format: 'urn:oasis:names:tc:SAML:2.0:attrname-format:uri',
78
- friendly_name: 'municipalityCode'
79
- },
80
- # The human-readable name of the municipality of the authenticated user.
81
- # (multi value)
82
- {
83
- name: 'urn:mpass.id:municipality',
84
- name_format: 'urn:oasis:names:tc:SAML:2.0:attrname-format:uri'
85
- },
86
- {
87
- name: 'urn:educloudalliance.org:municipality',
88
- name_format: 'urn:oasis:names:tc:SAML:2.0:attrname-format:uri',
89
- friendly_name: 'ecaMunicipality'
90
- },
91
73
  # The school code of the authenticated user. See
92
74
  # https://virkailija.opintopolku.fi/koodisto-service/rest/json/oppilaitosnumero/koodi
93
75
  # (JSON format)
@@ -99,7 +81,8 @@ module OmniAuth
99
81
  # (multi value)
100
82
  {
101
83
  name: 'urn:mpass.id:schoolCode',
102
- name_format: 'urn:oasis:names:tc:SAML:2.0:attrname-format:uri'
84
+ name_format: 'urn:oasis:names:tc:SAML:2.0:attrname-format:uri',
85
+ friendly_name: 'mpassSchoolCode'
103
86
  },
104
87
  # The human-readable name of the school of the authenticated user.
105
88
  # (multi value)
@@ -108,12 +91,21 @@ module OmniAuth
108
91
  name_format: 'urn:oasis:names:tc:SAML:2.0:attrname-format:uri',
109
92
  friendly_name: 'school'
110
93
  },
94
+ # Combination of the school code and official name of the educational
95
+ # institution separated with semicolon.
96
+ # For instance: 00000;Tuntematon
97
+ {
98
+ name: 'urn:mpass.id:schoolInfo',
99
+ name_format: 'urn:oasis:names:tc:SAML:2.0:attrname-format:uri',
100
+ friendly_name: 'mpassSchoolInfo'
101
+ },
111
102
  # The class/group-information of the authenticated user.
112
103
  # For instance: 8A or 3B.
113
104
  # (multi value)
114
105
  {
115
106
  name: 'urn:mpass.id:class',
116
- name_format: 'urn:oasis:names:tc:SAML:2.0:attrname-format:uri'
107
+ name_format: 'urn:oasis:names:tc:SAML:2.0:attrname-format:uri',
108
+ friendly_name: 'mpassClass'
117
109
  },
118
110
  {
119
111
  name: 'urn:educloudalliance.org:group',
@@ -125,7 +117,8 @@ module OmniAuth
125
117
  # (multi value)
126
118
  {
127
119
  name: 'urn:mpass.id:classLevel',
128
- name_format: 'urn:oasis:names:tc:SAML:2.0:attrname-format:uri'
120
+ name_format: 'urn:oasis:names:tc:SAML:2.0:attrname-format:uri',
121
+ friendly_name: 'mpassClassLevel'
129
122
  },
130
123
  # The role name of the user.
131
124
  # For instance Oppilas.
@@ -136,18 +129,43 @@ module OmniAuth
136
129
  friendly_name: 'ecaRole'
137
130
  },
138
131
  # The role of the user in four parts, divided with a semicolon (;)
139
- # character. First municipality, followed by school code, group and role
140
- # in the group.
141
- # For instance Helsinki;32132;9A;Oppilas.
132
+ # character. First educational provider's organization OID, followed by
133
+ # school code, group and role in the group.
134
+ # For instance 1.2.246.562.10.12345678907;99900;7B;Oppilas.
142
135
  # (multi value)
136
+ #
137
+ # The educational providers' organization OIDs can be found from:
138
+ # https://github.com/Opetushallitus/aitu/blob/master/ttk-db/resources/db/migration/V11_2__koulutustoimijat.sql
143
139
  {
144
140
  name: 'urn:mpass.id:role',
145
- name_format: 'urn:oasis:names:tc:SAML:2.0:attrname-format:uri'
141
+ name_format: 'urn:oasis:names:tc:SAML:2.0:attrname-format:uri',
142
+ friendly_name: 'mpassRole'
143
+ },
144
+ # The educational provider's permanent organization OID.
145
+ # (multi value)
146
+ #
147
+ # The educational providers' organization OIDs can be found from:
148
+ # https://github.com/Opetushallitus/aitu/blob/master/ttk-db/resources/db/migration/V11_2__koulutustoimijat.sql
149
+ {
150
+ name: 'urn:mpass.id:educationProviderId',
151
+ name_format: 'urn:oasis:names:tc:SAML:2.0:attrname-format:uri',
152
+ friendly_name: 'mpassEducationProviderOid'
146
153
  },
154
+ # The educational provider's human-readable name.
155
+ # (multi value)
156
+ {
157
+ name: 'urn:mpass.id:educationProvider',
158
+ name_format: 'urn:oasis:names:tc:SAML:2.0:attrname-format:uri',
159
+ friendly_name: 'mpassEducationProviderName'
160
+ },
161
+ # Combination of the education provider's organisation-OID and official
162
+ # name. Separated by semicolon.
163
+ # For instance: 1.2.246.562.10.494695390410;Virallinen nimi
164
+ # (multi value)
147
165
  {
148
- name: 'urn:educloudalliance.org:structuredRole',
166
+ name: 'urn:mpass.id:educationProviderInfo',
149
167
  name_format: 'urn:oasis:names:tc:SAML:2.0:attrname-format:uri',
150
- friendly_name: 'ecaStructuredRole'
168
+ friendly_name: 'mpassEducationProviderInfo'
151
169
  }
152
170
  ]
153
171
 
@@ -158,8 +176,8 @@ module OmniAuth
158
176
  # Given name or all first names (in case given name is not found)
159
177
  first_name: ['urn:oid:2.5.4.42', 'http://eidas.europa.eu/attributes/naturalperson/CurrentGivenName'],
160
178
  last_name: ['urn:oid:2.5.4.4'],
161
- # The municipality of the person (literal format in Finnish)
162
- location: ['urn:mpass.id:municipality', 'urn:educloudalliance.org:municipality']
179
+ # The education provider (e.g. municipality) of the person (literal format in Finnish)
180
+ location: ['urn:mpass.id:educationProvider']
163
181
  )
164
182
 
165
183
  info do
@@ -197,14 +215,14 @@ module OmniAuth
197
215
  option(
198
216
  :saml_attributes_map,
199
217
  given_name: ['urn:oid:2.5.4.42'],
200
- first_names: ['http://eidas.europa.eu/attributes/naturalperson/CurrentGivenName'],
218
+ first_names: ['urn:oid:2.5.4.42'],
201
219
  last_name: ['urn:oid:2.5.4.4'],
202
- municipality_code: {
203
- name: ['urn:mpass.id:municipalityCode'],
220
+ provider_id: {
221
+ name: ['urn:mpass.id:educationProviderId'],
204
222
  type: :multi
205
223
  },
206
- municipality_name: {
207
- name: ['urn:mpass.id:municipality', 'urn:educloudalliance.org:municipality'],
224
+ provider_name: {
225
+ name: ['urn:mpass.id:educationProvider'],
208
226
  type: :multi
209
227
  },
210
228
  school_code: {
@@ -231,7 +249,8 @@ module OmniAuth
231
249
  name: ['urn:educloudalliance.org:role'],
232
250
  type: :multi
233
251
  },
234
- # Extra (undocumented)
252
+ # Extra
253
+ # Unique learner ID
235
254
  funet_person_learner_id: ['urn:oid:1.3.6.1.4.1.16161.1.1.27']
236
255
  )
237
256
 
@@ -346,8 +365,8 @@ module OmniAuth
346
365
  end
347
366
 
348
367
  def lang_for_authn_request
349
- if options.idp_sso_target_url_lang_params.is_a?(Array)
350
- options.idp_sso_target_url_lang_params.each do |param|
368
+ if options.idp_sso_service_url_lang_params.is_a?(Array)
369
+ options.idp_sso_service_url_lang_params.each do |param|
351
370
  next unless request.params.key?(param.to_s)
352
371
 
353
372
  lang = parse_language_value(request.params[param.to_s])
@@ -355,7 +374,7 @@ module OmniAuth
355
374
  end
356
375
  end
357
376
 
358
- options.idp_sso_target_url_default_lang
377
+ options.idp_sso_service_url_default_lang
359
378
  end
360
379
 
361
380
  def parse_language_value(string)
data/lib/omniauth-mpassid/version.rb CHANGED
@@ -2,6 +2,6 @@
2
2
 
3
3
  module OmniAuth
4
4
  module MPASSid
5
- VERSION = '0.2.0'
5
+ VERSION = '0.5.0'
6
6
  end
7
7
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: omniauth-mpassid
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.0
4
+ version: 0.5.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Antti Hukkanen
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2019-10-07 00:00:00.000000000 Z
11
+ date: 2022-01-09 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: omniauth-saml
@@ -16,42 +16,42 @@ dependencies:
16
16
  requirements:
17
17
  - - "~>"
18
18
  - !ruby/object:Gem::Version
19
- version: 1.10.1
19
+ version: '2.0'
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - "~>"
25
25
  - !ruby/object:Gem::Version
26
- version: 1.10.1
26
+ version: '2.0'
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: rake
29
29
  requirement: !ruby/object:Gem::Requirement
30
30
  requirements:
31
31
  - - "~>"
32
32
  - !ruby/object:Gem::Version
33
- version: '12.3'
33
+ version: '13.0'
34
34
  type: :development
35
35
  prerelease: false
36
36
  version_requirements: !ruby/object:Gem::Requirement
37
37
  requirements:
38
38
  - - "~>"
39
39
  - !ruby/object:Gem::Version
40
- version: '12.3'
40
+ version: '13.0'
41
41
  - !ruby/object:Gem::Dependency
42
42
  name: rspec
43
43
  requirement: !ruby/object:Gem::Requirement
44
44
  requirements:
45
45
  - - "~>"
46
46
  - !ruby/object:Gem::Version
47
- version: '3.8'
47
+ version: '3.9'
48
48
  type: :development
49
49
  prerelease: false
50
50
  version_requirements: !ruby/object:Gem::Requirement
51
51
  requirements:
52
52
  - - "~>"
53
53
  - !ruby/object:Gem::Version
54
- version: '3.8'
54
+ version: '3.9'
55
55
  - !ruby/object:Gem::Dependency
56
56
  name: rack-test
57
57
  requirement: !ruby/object:Gem::Requirement
@@ -106,14 +106,14 @@ dependencies:
106
106
  requirements:
107
107
  - - "~>"
108
108
  - !ruby/object:Gem::Version
109
- version: 0.16.0
109
+ version: 0.19.0
110
110
  type: :development
111
111
  prerelease: false
112
112
  version_requirements: !ruby/object:Gem::Requirement
113
113
  requirements:
114
114
  - - "~>"
115
115
  - !ruby/object:Gem::Version
116
- version: 0.16.0
116
+ version: 0.19.0
117
117
  description: MPASSid identification service integration for OmniAuth.
118
118
  email:
119
119
  - antti.hukkanen@mainiotech.fi