omniauth-mpassid 0.3.1 → 0.3.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/omniauth/strategies/mpassid.rb +23 -1
- data/lib/omniauth-mpassid/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: f48ffa5ce82f1a1fc9c58c23c6922a331d9ddd67a8cf0d18727eb1c9a71349b4
|
|
4
|
+
data.tar.gz: 493aee76ba5c50ba9bbb21e4cac136a73b6a121128a12bbf95863529d2126fdf
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 56ec987f2a110f6ce52471793e4e65625db009d1addb6d3c058f9f6e4d1b59fed48ee24d797c668f6849f36dc661f23ff7d4066d36f5ea733d32dae3efe49aa3
|
|
7
|
+
data.tar.gz: 21e0c03164aad2c68e4d1062120dbc325a8f141ee5f254e672bdb12e5271ab3f63360253e1d23dfe4281f1cd560f3f6a570817ee5ea72e70fd2815fe0218b346
|
|
@@ -10,6 +10,12 @@ module OmniAuth
|
|
|
10
10
|
# :test - MPASSid test environment
|
|
11
11
|
option :mode, :production
|
|
12
12
|
|
|
13
|
+
# The certificate file to define the certificate.
|
|
14
|
+
option :certificate_file, nil
|
|
15
|
+
|
|
16
|
+
# The private key file to define the private key.
|
|
17
|
+
option :private_key_file, nil
|
|
18
|
+
|
|
13
19
|
# Defines the lang parameters to check from the request phase request
|
|
14
20
|
# parameters. A valid language will be added to the IdP sign in redirect
|
|
15
21
|
# URL as the last parameter (with the name `lang` as expected by
|
|
@@ -205,6 +211,7 @@ module OmniAuth
|
|
|
205
211
|
|
|
206
212
|
option(
|
|
207
213
|
:security_settings,
|
|
214
|
+
authn_requests_signed: true,
|
|
208
215
|
digest_method: XMLSecurity::Document::SHA256,
|
|
209
216
|
signature_method: XMLSecurity::Document::RSA_SHA256
|
|
210
217
|
)
|
|
@@ -274,6 +281,7 @@ module OmniAuth
|
|
|
274
281
|
@options = OmniAuth::Strategy::Options.new(
|
|
275
282
|
mpassid_options.merge(options)
|
|
276
283
|
)
|
|
284
|
+
options[:security][:authn_requests_signed] = false unless options[:certificate] && options[:private_key]
|
|
277
285
|
end
|
|
278
286
|
|
|
279
287
|
# Override the request phase to be able to pass the lang parameter to
|
|
@@ -314,6 +322,14 @@ module OmniAuth
|
|
|
314
322
|
|
|
315
323
|
private
|
|
316
324
|
|
|
325
|
+
def certificate
|
|
326
|
+
File.read(options.certificate_file) if options.certificate_file
|
|
327
|
+
end
|
|
328
|
+
|
|
329
|
+
def private_key
|
|
330
|
+
File.read(options.private_key_file) if options.private_key_file
|
|
331
|
+
end
|
|
332
|
+
|
|
317
333
|
def idp_metadata_url
|
|
318
334
|
case options.mode
|
|
319
335
|
when :test
|
|
@@ -337,10 +353,16 @@ module OmniAuth
|
|
|
337
353
|
sso_binding: ['urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect']
|
|
338
354
|
)
|
|
339
355
|
|
|
356
|
+
# Local certificate and private key to decrypt the responses
|
|
357
|
+
settings[:certificate] = certificate
|
|
358
|
+
settings[:private_key] = private_key
|
|
359
|
+
|
|
340
360
|
# Define the security settings as there are some defaults that need to be
|
|
341
361
|
# modified
|
|
342
362
|
security_defaults = OneLogin::RubySaml::Settings::DEFAULTS[:security]
|
|
343
|
-
settings[:security] = security_defaults.merge(
|
|
363
|
+
settings[:security] = security_defaults.merge(
|
|
364
|
+
options.security_settings.to_h.transform_keys(&:to_sym)
|
|
365
|
+
)
|
|
344
366
|
|
|
345
367
|
settings
|
|
346
368
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: omniauth-mpassid
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.3.
|
|
4
|
+
version: 0.3.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Antti Hukkanen
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-01
|
|
11
|
+
date: 2022-09-01 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: omniauth-saml
|