omniauth-rsaml 1.5.1

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: 3b5c9004bb84c27f9484ca5adacc491602aec38f
4
+ data.tar.gz: 1dcddd18c2c3fd237a0855dc0e089c1f17f85e0a
5
+ SHA512:
6
+ metadata.gz: 5a906cb31f3e0cf6fd401b2eb36e139c234ec2f540cfb8d0339644a50fc46f9088eea7f687c7600f4878d62d874c2ee850b6980f15125722828c58a409c8bcca
7
+ data.tar.gz: 32917f8147c0011bfcdaf6ddd22738bc43cc1804063feee5db660253c5d9ef764debd58a63ae18b3107bd7fc41dfe53a194d73cf5968254e54fca2071022b5be
data/CHANGELOG.md ADDED
@@ -0,0 +1,45 @@
1
+ # OmniAuth SAML Version History
2
+
3
+ A generic SAML strategy for OmniAuth.
4
+
5
+ https://github.com/PracticallyGreen/omniauth-saml
6
+
7
+ ## 1.3.0 (2014-14-10)
8
+
9
+ * add `idp_cert_fingerprint_validator` option
10
+
11
+ ## 1.2.0 (2014-03-19)
12
+
13
+ * provide SP metadata at `/auth/saml/metadata`
14
+
15
+ ## 1.1.0 (2013-11-07)
16
+
17
+ * no longer set a default `name_identifier_format`
18
+ * pass strategy options to the underlying ruby-saml library
19
+ * fallback to omniauth callback url if `assertion_consumer_service_url` is not set
20
+ * add `idp_sso_target_url_runtime_params` option
21
+
22
+ ## 1.0.0 (2012-11-12)
23
+
24
+ * remove SAML code and port to ruby-saml gem
25
+ * fix incompatibility with OmniAuth 1.1
26
+
27
+ ## 0.9.2 (2012-03-30)
28
+
29
+ * validate the SAML response
30
+ * 100% test coverage
31
+ * now requires ruby 1.9.2+
32
+
33
+ ## 0.9.1 (2012-02-23)
34
+
35
+ * return first and last name in the info hash
36
+ * no longer use LDAP OIDs for name and email selection
37
+ * return SAML attributes as the omniauth raw_info hash
38
+
39
+ ## 0.9.0 (2012-02-14)
40
+
41
+ * initial release
42
+ * extracts commits from omniauth 0-3-stable branch
43
+ * port to omniauth 1.0 strategy format
44
+ * update README with more documentation and license
45
+ * package as the `omniauth-saml` gem
data/README.md ADDED
@@ -0,0 +1,146 @@
1
+ # OmniAuth SAML
2
+
3
+ A generic SAML strategy for OmniAuth.
4
+
5
+ https://github.com/PracticallyGreen/omniauth-saml
6
+
7
+ ## Requirements
8
+
9
+ * [OmniAuth](http://www.omniauth.org/) 1.2+
10
+ * Ruby 1.9.x or Ruby 2.1.x
11
+
12
+ ## Usage
13
+
14
+ Use the SAML strategy as a middleware in your application:
15
+
16
+ ```ruby
17
+ require 'omniauth'
18
+ use OmniAuth::Strategies::SAML,
19
+ :assertion_consumer_service_url => "consumer_service_url",
20
+ :issuer => "issuer",
21
+ :idp_sso_target_url => "idp_sso_target_url",
22
+ :idp_sso_target_url_runtime_params => {:original_request_param => :mapped_idp_param},
23
+ :idp_cert => "-----BEGIN CERTIFICATE-----\n...-----END CERTIFICATE-----",
24
+ :idp_cert_fingerprint => "E7:91:B2:E1:...",
25
+ :idp_cert_fingerprint_validator => lambda { |fingerprint| fingerprint },
26
+ :name_identifier_format => "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
27
+ ```
28
+
29
+ or in your Rails application:
30
+
31
+ in `Gemfile`:
32
+
33
+ ```ruby
34
+ gem 'omniauth-saml'
35
+ ```
36
+
37
+ and in `config/initializers/omniauth.rb`:
38
+
39
+ ```ruby
40
+ Rails.application.config.middleware.use OmniAuth::Builder do
41
+ provider :saml,
42
+ :assertion_consumer_service_url => "consumer_service_url",
43
+ :issuer => "rails-application",
44
+ :idp_sso_target_url => "idp_sso_target_url",
45
+ :idp_sso_target_url_runtime_params => {:original_request_param => :mapped_idp_param},
46
+ :idp_cert => "-----BEGIN CERTIFICATE-----\n...-----END CERTIFICATE-----",
47
+ :idp_cert_fingerprint => "E7:91:B2:E1:...",
48
+ :idp_cert_fingerprint_validator => lambda { |fingerprint| fingerprint },
49
+ :name_identifier_format => "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
50
+ end
51
+ ```
52
+
53
+ For IdP-initiated SSO, users should directly access the IdP SSO target URL. Set the `href` of your application's login link to the value of `idp_sso_target_url`. For SP-initiated SSO, link to `/auth/saml`.
54
+
55
+ ## Metadata
56
+
57
+ The service provider metadata used to ease configuration of the SAML SP in the IdP can be retrieved from `http://example.com/auth/saml/metadata`. Send this URL to the administrator of the IdP.
58
+
59
+ ## Options
60
+
61
+ * `:assertion_consumer_service_url` - The URL at which the SAML assertion should be
62
+ received. If not provided, defaults to the OmniAuth callback URL (typically
63
+ `http://example.com/auth/saml/callback`). Optional.
64
+
65
+ * `:issuer` - The name of your application. Some identity providers might need this
66
+ to establish the identity of the service provider requesting the login. **Required**.
67
+
68
+ * `:idp_sso_target_url` - The URL to which the authentication request should be sent.
69
+ This would be on the identity provider. **Required**.
70
+
71
+ * `:idp_sso_target_url_runtime_params` - A dynamic mapping of request params that exist
72
+ during the request phase of OmniAuth that should to be sent to the IdP after a specific
73
+ mapping. So for example, a param `original_request_param` with value `original_param_value`,
74
+ could be sent to the IdP on the login request as `mapped_idp_param` with value
75
+ `original_param_value`. Optional.
76
+
77
+ * `:idp_cert` - The identity provider's certificate in PEM format. Takes precedence
78
+ over the fingerprint option below. This option or `:idp_cert_fingerprint` or `:idp_cert_fingerprint_validator` must
79
+ be present.
80
+
81
+ * `:idp_cert_fingerprint` - The SHA1 fingerprint of the certificate, e.g.
82
+ "90:CC:16:F0:8D:...". This is provided from the identity provider when setting up
83
+ the relationship. This option or `:idp_cert` or `:idp_cert_fingerprint_validator` MUST be present.
84
+
85
+ * `:idp_cert_fingerprint_validator` - A lambda that MUST accept one parameter
86
+ (the fingerprint), verify if it is valid and return it if successful. This option
87
+ or `:idp_cert` or `:idp_cert_fingerprint` MUST be present.
88
+
89
+ * `:name_identifier_format` - Used during SP-initiated SSO. Describes the format of
90
+ the username required by this application. If you need the email address, use
91
+ "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress". See
92
+ http://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf section 8.3 for
93
+ other options. Note that the identity provider might not support all options.
94
+ If not specified, the IdP is free to choose the name identifier format used
95
+ in the response. Optional.
96
+
97
+ * `:request_attributes` - Used to build the metadata file to inform the IdP to send certain attributes
98
+ along with the SAMLResponse messages. Defaults to requesting `name`, `first_name`, `last_name` and `email`
99
+ attributes. See the `OneLogin::RubySaml::AttributeService` class in the [Ruby SAML gem](https://github.com/onelogin/ruby-saml) for the available options for each attribute. Set to `{}` to disable this from metadata.
100
+
101
+ * `:attribute_service_name` - Name for the attribute service. Defaults to `Required attributes`.
102
+
103
+ * See the `OneLogin::RubySaml::Settings` class in the [Ruby SAML gem](https://github.com/onelogin/ruby-saml) for additional supported options.
104
+
105
+ ## Devise Integration
106
+
107
+ Straightforward integration with [Devise](https://github.com/plataformatec/devise), the widely-used authentication solution for Rails.
108
+
109
+ In `config/initializers/devise.rb`:
110
+
111
+ ```ruby
112
+ Devise.setup do |config|
113
+ config.omniauth :saml,
114
+ idp_cert_fingerprint: 'fingerprint',
115
+ idp_sso_target_url: 'target_url'
116
+ end
117
+ ```
118
+
119
+ Then follow Devise's general [OmniAuth tutorial](https://github.com/plataformatec/devise/wiki/OmniAuth:-Overview), replacing references to `facebook` with `saml`.
120
+
121
+ ## Authors
122
+
123
+ Authored by [Rajiv Aaron Manglani](http://www.rajivmanglani.com/), Raecoo Cao, Todd W Saxton, Ryan Wilcox, Steven Anderson, Nikos Dimitrakopoulos, Rudolf Vriend and [Bruno Pedro](http://brunopedro.com/).
124
+
125
+ ## License
126
+
127
+ Copyright (c) 2011-2014 [Practically Green, Inc.](http://www.practicallygreen.com/).
128
+ All rights reserved. Released under the MIT license.
129
+
130
+ Permission is hereby granted, free of charge, to any person obtaining a copy
131
+ of this software and associated documentation files (the "Software"), to deal
132
+ in the Software without restriction, including without limitation the rights
133
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
134
+ copies of the Software, and to permit persons to whom the Software is
135
+ furnished to do so, subject to the following conditions:
136
+
137
+ The above copyright notice and this permission notice shall be included in
138
+ all copies or substantial portions of the Software.
139
+
140
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
141
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
142
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
143
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
144
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
145
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
146
+ THE SOFTWARE.
@@ -0,0 +1,2 @@
1
+ require 'omniauth/strategies/saml'
2
+ require 'omniauth/strategies/saml/validation_error'
@@ -0,0 +1,5 @@
1
+ module OmniAuth
2
+ module SAML
3
+ VERSION = '1.5.1'
4
+ end
5
+ end
@@ -0,0 +1,119 @@
1
+ require 'omniauth'
2
+ require 'ruby-saml'
3
+
4
+ module OmniAuth
5
+ module Strategies
6
+ class SAML
7
+ include OmniAuth::Strategy
8
+
9
+ option :name_identifier_format, nil
10
+ option :idp_sso_target_url_runtime_params, {}
11
+ option :request_attributes, [
12
+ { name: 'email', name_format: 'urn:oasis:names:tc:SAML:2.0:attrname-format:basic', friendly_name: 'Email address' },
13
+ { name: 'name', name_format: 'urn:oasis:names:tc:SAML:2.0:attrname-format:basic', friendly_name: 'Full name' },
14
+ { name: 'first_name', name_format: 'urn:oasis:names:tc:SAML:2.0:attrname-format:basic', friendly_name: 'Given name' },
15
+ { name: 'last_name', name_format: 'urn:oasis:names:tc:SAML:2.0:attrname-format:basic', friendly_name: 'Family name' }
16
+ ]
17
+ option :attribute_service_name, 'Required attributes'
18
+
19
+ def request_phase
20
+ options[:assertion_consumer_service_url] ||= callback_url
21
+ runtime_request_parameters = options.delete(:idp_sso_target_url_runtime_params)
22
+
23
+ additional_params = {}
24
+ runtime_request_parameters.each_pair do |request_param_key, mapped_param_key|
25
+ additional_params[mapped_param_key] = request.params[request_param_key.to_s] if request.params.has_key?(request_param_key.to_s)
26
+ end if runtime_request_parameters
27
+
28
+ authn_request = OneLogin::RubySaml::Authrequest.new
29
+ settings = OneLogin::RubySaml::Settings.new(options)
30
+
31
+ redirect(authn_request.create(settings, additional_params))
32
+ end
33
+
34
+ def callback_phase
35
+ unless request.params['SAMLResponse']
36
+ raise OmniAuth::Strategies::SAML::ValidationError.new("SAML response missing")
37
+ end
38
+
39
+ # Call a fingerprint validation method if there's one
40
+ if options.idp_cert_fingerprint_validator
41
+ fingerprint_exists = options.idp_cert_fingerprint_validator[response_fingerprint]
42
+ unless fingerprint_exists
43
+ raise OmniAuth::Strategies::SAML::ValidationError.new("Non-existent fingerprint")
44
+ end
45
+ # id_cert_fingerprint becomes the given fingerprint if it exists
46
+ options.idp_cert_fingerprint = fingerprint_exists
47
+ end
48
+
49
+ response = OneLogin::RubySaml::Response.new(request.params['SAMLResponse'], options)
50
+ response.settings = OneLogin::RubySaml::Settings.new(options)
51
+ response.attributes['fingerprint'] = options.idp_cert_fingerprint
52
+
53
+ @name_id = response.name_id
54
+ @attributes = response.attributes
55
+
56
+ if @name_id.nil? || @name_id.empty?
57
+ raise OmniAuth::Strategies::SAML::ValidationError.new("SAML response missing 'name_id'")
58
+ end
59
+
60
+ # will raise an error since we are not in soft mode
61
+ response.soft = false
62
+ response.is_valid?
63
+
64
+ super
65
+ rescue OmniAuth::Strategies::SAML::ValidationError
66
+ fail!(:invalid_ticket, $!)
67
+ rescue OneLogin::RubySaml::ValidationError
68
+ fail!(:invalid_ticket, $!)
69
+ end
70
+
71
+ # Obtain an idp certificate fingerprint from the response.
72
+ def response_fingerprint
73
+ response = request.params['SAMLResponse']
74
+ response = (response =~ /^</) ? response : Base64.decode64(response)
75
+ document = XMLSecurity::SignedDocument::new(response)
76
+ cert_element = REXML::XPath.first(document, "//ds:X509Certificate", { "ds"=> 'http://www.w3.org/2000/09/xmldsig#' })
77
+ base64_cert = cert_element.text
78
+ cert_text = Base64.decode64(base64_cert)
79
+ cert = OpenSSL::X509::Certificate.new(cert_text)
80
+ Digest::SHA1.hexdigest(cert.to_der).upcase.scan(/../).join(':')
81
+ end
82
+
83
+ def other_phase
84
+ if on_path?("#{request_path}/metadata")
85
+ # omniauth does not set the strategy on the other_phase
86
+ @env['omniauth.strategy'] ||= self
87
+ setup_phase
88
+
89
+ response = OneLogin::RubySaml::Metadata.new
90
+ settings = OneLogin::RubySaml::Settings.new(options)
91
+ if options.request_attributes.length > 0
92
+ settings.attribute_consuming_service.service_name options.attribute_service_name
93
+ options.request_attributes.each do |attribute|
94
+ settings.attribute_consuming_service.add_attribute attribute
95
+ end
96
+ end
97
+ Rack::Response.new(response.generate(settings), 200, { "Content-Type" => "application/xml" }).finish
98
+ else
99
+ call_app!
100
+ end
101
+ end
102
+
103
+ uid { @name_id }
104
+
105
+ info do
106
+ {
107
+ :name => @attributes[:name],
108
+ :email => @attributes[:email] || @attributes[:mail],
109
+ :first_name => @attributes[:first_name] || @attributes[:firstname] || @attributes[:firstName],
110
+ :last_name => @attributes[:last_name] || @attributes[:lastname] || @attributes[:lastName]
111
+ }
112
+ end
113
+
114
+ extra { { :raw_info => @attributes } }
115
+ end
116
+ end
117
+ end
118
+
119
+ OmniAuth.config.add_camelization 'saml', 'SAML'
@@ -0,0 +1,8 @@
1
+ module OmniAuth
2
+ module Strategies
3
+ class SAML
4
+ class ValidationError < Exception
5
+ end
6
+ end
7
+ end
8
+ end
@@ -0,0 +1,175 @@
1
+ require 'spec_helper'
2
+
3
+ RSpec::Matchers.define :fail_with do |message|
4
+ match do |actual|
5
+ actual.redirect? && /\?.*message=#{message}/ === actual.location
6
+ end
7
+ end
8
+
9
+ def post_xml(xml=:example_response)
10
+ post "/auth/saml/callback", {'SAMLResponse' => load_xml(xml)}
11
+ end
12
+
13
+ describe OmniAuth::Strategies::SAML, :type => :strategy do
14
+ include OmniAuth::Test::StrategyTestCase
15
+
16
+ let(:auth_hash){ last_request.env['omniauth.auth'] }
17
+ let(:saml_options) do
18
+ {
19
+ :assertion_consumer_service_url => "http://localhost:3000/auth/saml/callback",
20
+ :idp_sso_target_url => "https://idp.sso.target_url/signon/29490",
21
+ :idp_cert_fingerprint => "C1:59:74:2B:E8:0C:6C:A9:41:0F:6E:83:F6:D1:52:25:45:58:89:FB",
22
+ :idp_sso_target_url_runtime_params => {:original_param_key => :mapped_param_key},
23
+ :name_identifier_format => "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress",
24
+ :request_attributes => [
25
+ { name: 'email', name_format: 'urn:oasis:names:tc:SAML:2.0:attrname-format:basic', friendly_name: 'Email address' },
26
+ { name: 'name', name_format: 'urn:oasis:names:tc:SAML:2.0:attrname-format:basic', friendly_name: 'Full name' },
27
+ { name: 'first_name', name_format: 'urn:oasis:names:tc:SAML:2.0:attrname-format:basic', friendly_name: 'Given name' },
28
+ { name: 'last_name', name_format: 'urn:oasis:names:tc:SAML:2.0:attrname-format:basic', friendly_name: 'Family name' }
29
+ ],
30
+ :attribute_service_name => 'Required attributes'
31
+ }
32
+ end
33
+ let(:strategy) { [OmniAuth::Strategies::SAML, saml_options] }
34
+
35
+ describe 'GET /auth/saml' do
36
+ context 'without idp runtime params present' do
37
+ before do
38
+ get '/auth/saml'
39
+ end
40
+
41
+ it 'should get authentication page' do
42
+ last_response.should be_redirect
43
+ last_response.location.should match /https:\/\/idp.sso.target_url\/signon\/29490/
44
+ last_response.location.should match /\?SAMLRequest=/
45
+ last_response.location.should_not match /mapped_param_key/
46
+ last_response.location.should_not match /original_param_key/
47
+ end
48
+ end
49
+
50
+ context 'with idp runtime params' do
51
+ before do
52
+ get '/auth/saml', 'original_param_key' => 'original_param_value', 'mapped_param_key' => 'mapped_param_value'
53
+ end
54
+
55
+ it 'should get authentication page' do
56
+ last_response.should be_redirect
57
+ last_response.location.should match /https:\/\/idp.sso.target_url\/signon\/29490/
58
+ last_response.location.should match /\?SAMLRequest=/
59
+ last_response.location.should match /\&mapped_param_key=original_param_value/
60
+ last_response.location.should_not match /original_param_key/
61
+ end
62
+ end
63
+ end
64
+
65
+ describe 'POST /auth/saml/callback' do
66
+ subject { last_response }
67
+
68
+ let(:xml) { :example_response }
69
+
70
+ before :each do
71
+ Time.stub(:now).and_return(Time.new(2012, 11, 8, 20, 40, 00, 0))
72
+ end
73
+
74
+ context "when the response is valid" do
75
+ before :each do
76
+ post_xml
77
+ end
78
+
79
+ it "should set the uid to the nameID in the SAML response" do
80
+ auth_hash['uid'].should == '_1f6fcf6be5e13b08b1e3610e7ff59f205fbd814f23'
81
+ end
82
+
83
+ it "should set the raw info to all attributes" do
84
+ auth_hash['extra']['raw_info'].all.to_hash.should == {
85
+ 'first_name' => ['Rajiv'],
86
+ 'last_name' => ['Manglani'],
87
+ 'email' => ['user@example.com'],
88
+ 'company_name' => ['Example Company'],
89
+ 'fingerprint' => saml_options[:idp_cert_fingerprint]
90
+ }
91
+ end
92
+ end
93
+
94
+ context "when fingerprint is empty and there's a fingerprint validator" do
95
+ before :each do
96
+ saml_options.delete(:idp_cert_fingerprint)
97
+ saml_options[:idp_cert_fingerprint_validator] = lambda { |fingerprint| "C1:59:74:2B:E8:0C:6C:A9:41:0F:6E:83:F6:D1:52:25:45:58:89:FB" }
98
+ post_xml
99
+ end
100
+
101
+ it "should set the uid to the nameID in the SAML response" do
102
+ auth_hash['uid'].should == '_1f6fcf6be5e13b08b1e3610e7ff59f205fbd814f23'
103
+ end
104
+
105
+ it "should set the raw info to all attributes" do
106
+ auth_hash['extra']['raw_info'].all.to_hash.should == {
107
+ 'first_name' => ['Rajiv'],
108
+ 'last_name' => ['Manglani'],
109
+ 'email' => ['user@example.com'],
110
+ 'company_name' => ['Example Company'],
111
+ 'fingerprint' => 'C1:59:74:2B:E8:0C:6C:A9:41:0F:6E:83:F6:D1:52:25:45:58:89:FB'
112
+ }
113
+ end
114
+ end
115
+
116
+ context "when there is no SAMLResponse parameter" do
117
+ before :each do
118
+ post '/auth/saml/callback'
119
+ end
120
+
121
+ it { should fail_with(:invalid_ticket) }
122
+ end
123
+
124
+ context "when there is no name id in the XML" do
125
+ before :each do
126
+ post_xml :no_name_id
127
+ end
128
+
129
+ it { should fail_with(:invalid_ticket) }
130
+ end
131
+
132
+ context "when the fingerprint is invalid" do
133
+ before :each do
134
+ saml_options[:idp_cert_fingerprint] = "00:00:00:00:00:0C:6C:A9:41:0F:6E:83:F6:D1:52:25:45:58:89:FB"
135
+ post_xml
136
+ end
137
+
138
+ it { should fail_with(:invalid_ticket) }
139
+ end
140
+
141
+ context "when the digest is invalid" do
142
+ before :each do
143
+ post_xml :digest_mismatch
144
+ end
145
+
146
+ it { should fail_with(:invalid_ticket) }
147
+ end
148
+
149
+ context "when the signature is invalid" do
150
+ before :each do
151
+ post_xml :invalid_signature
152
+ end
153
+
154
+ it { should fail_with(:invalid_ticket) }
155
+ end
156
+ end
157
+
158
+ describe 'GET /auth/saml/metadata' do
159
+ before do
160
+ get '/auth/saml/metadata'
161
+ end
162
+
163
+ it 'should get SP metadata page' do
164
+ last_response.status.should == 200
165
+ last_response.header["Content-Type"].should == "application/xml"
166
+ end
167
+
168
+ it 'should configure attributes consuming service' do
169
+ last_response.body.should match /AttributeConsumingService/
170
+ last_response.body.should match /first_name/
171
+ last_response.body.should match /last_name/
172
+ last_response.body.should match /Required attributes/
173
+ end
174
+ end
175
+ end
@@ -0,0 +1,17 @@
1
+ require 'simplecov'
2
+ SimpleCov.start
3
+
4
+ require 'omniauth-saml'
5
+ require 'rack/test'
6
+ require 'rexml/document'
7
+ require 'rexml/xpath'
8
+ require 'base64'
9
+
10
+ RSpec.configure do |config|
11
+ config.include Rack::Test::Methods
12
+ end
13
+
14
+ def load_xml(filename=:example_response)
15
+ filename = File.expand_path(File.join('..', 'support', "#{filename.to_s}.xml"), __FILE__)
16
+ Base64.encode64(IO.read(filename))
17
+ end
metadata ADDED
@@ -0,0 +1,130 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: omniauth-rsaml
3
+ version: !ruby/object:Gem::Version
4
+ version: 1.5.1
5
+ platform: ruby
6
+ authors:
7
+ - Raecoo Cao
8
+ - Ryan Wilcox
9
+ - Rajiv Aaron Manglani
10
+ - Steven Anderson
11
+ - Nikos Dimitrakopoulos
12
+ - Rudolf Vriend
13
+ - Bruno Pedro
14
+ autorequire:
15
+ bindir: bin
16
+ cert_chain: []
17
+ date: 2015-09-23 00:00:00.000000000 Z
18
+ dependencies:
19
+ - !ruby/object:Gem::Dependency
20
+ name: omniauth
21
+ requirement: !ruby/object:Gem::Requirement
22
+ requirements:
23
+ - - "~>"
24
+ - !ruby/object:Gem::Version
25
+ version: '1.1'
26
+ type: :runtime
27
+ prerelease: false
28
+ version_requirements: !ruby/object:Gem::Requirement
29
+ requirements:
30
+ - - "~>"
31
+ - !ruby/object:Gem::Version
32
+ version: '1.1'
33
+ - !ruby/object:Gem::Dependency
34
+ name: r-saml
35
+ requirement: !ruby/object:Gem::Requirement
36
+ requirements:
37
+ - - "~>"
38
+ - !ruby/object:Gem::Version
39
+ version: 1.0.1
40
+ type: :runtime
41
+ prerelease: false
42
+ version_requirements: !ruby/object:Gem::Requirement
43
+ requirements:
44
+ - - "~>"
45
+ - !ruby/object:Gem::Version
46
+ version: 1.0.1
47
+ - !ruby/object:Gem::Dependency
48
+ name: rspec
49
+ requirement: !ruby/object:Gem::Requirement
50
+ requirements:
51
+ - - "~>"
52
+ - !ruby/object:Gem::Version
53
+ version: '2.8'
54
+ type: :development
55
+ prerelease: false
56
+ version_requirements: !ruby/object:Gem::Requirement
57
+ requirements:
58
+ - - "~>"
59
+ - !ruby/object:Gem::Version
60
+ version: '2.8'
61
+ - !ruby/object:Gem::Dependency
62
+ name: simplecov
63
+ requirement: !ruby/object:Gem::Requirement
64
+ requirements:
65
+ - - "~>"
66
+ - !ruby/object:Gem::Version
67
+ version: '0.6'
68
+ type: :development
69
+ prerelease: false
70
+ version_requirements: !ruby/object:Gem::Requirement
71
+ requirements:
72
+ - - "~>"
73
+ - !ruby/object:Gem::Version
74
+ version: '0.6'
75
+ - !ruby/object:Gem::Dependency
76
+ name: rack-test
77
+ requirement: !ruby/object:Gem::Requirement
78
+ requirements:
79
+ - - "~>"
80
+ - !ruby/object:Gem::Version
81
+ version: '0.6'
82
+ type: :development
83
+ prerelease: false
84
+ version_requirements: !ruby/object:Gem::Requirement
85
+ requirements:
86
+ - - "~>"
87
+ - !ruby/object:Gem::Version
88
+ version: '0.6'
89
+ description: A generic SAML strategy for OmniAuth.
90
+ email: rajiv@alum.mit.edu
91
+ executables: []
92
+ extensions: []
93
+ extra_rdoc_files: []
94
+ files:
95
+ - CHANGELOG.md
96
+ - README.md
97
+ - lib/omniauth-rsaml.rb
98
+ - lib/omniauth-saml/version.rb
99
+ - lib/omniauth/strategies/saml.rb
100
+ - lib/omniauth/strategies/saml/validation_error.rb
101
+ - spec/omniauth/strategies/saml_spec.rb
102
+ - spec/spec_helper.rb
103
+ homepage: https://github.com/PracticallyGreen/omniauth-saml
104
+ licenses:
105
+ - MIT
106
+ metadata: {}
107
+ post_install_message:
108
+ rdoc_options: []
109
+ require_paths:
110
+ - lib
111
+ required_ruby_version: !ruby/object:Gem::Requirement
112
+ requirements:
113
+ - - ">="
114
+ - !ruby/object:Gem::Version
115
+ version: '0'
116
+ required_rubygems_version: !ruby/object:Gem::Requirement
117
+ requirements:
118
+ - - ">="
119
+ - !ruby/object:Gem::Version
120
+ version: '0'
121
+ requirements: []
122
+ rubyforge_project:
123
+ rubygems_version: 2.4.8
124
+ signing_key:
125
+ specification_version: 4
126
+ summary: A generic SAML strategy for OmniAuth.
127
+ test_files:
128
+ - spec/omniauth/strategies/saml_spec.rb
129
+ - spec/spec_helper.rb
130
+ has_rdoc: