RubyGems - omniauth-suomifi - Versions diffs - 0.4.0 → 0.4.1 - Mend

omniauth-suomifi 0.4.0 → 0.4.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

checksums.yaml +4 -4
data/lib/omniauth-suomifi/ruby_saml_extensions.rb +18 -14
data/lib/omniauth-suomifi/version.rb +1 -1
data/lib/omniauth/strategies/suomifi.rb +2 -2
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 3a565773bca57e1803acfbf666ee25c54474374831857b4a1d7eeec965dbf289
-  data.tar.gz: f555e8a657886b482b19bc93decac583dd3f6101c2060a48f9f811cc27af1272
+  metadata.gz: 6f13147094a51b1011e54a3b72e31352b17ce876fad5598156b5b1f6ada977b2
+  data.tar.gz: 3ab984607001ce46573290197e49390f7e9b27bc098a7c1f48a4f24717609065
 SHA512:
-  metadata.gz: df188a2b7f673b6b2710a63dda35c123b5d757d2a0310b11b76ed43f58ec0c8cc39aa682bb2c99caa8967c5a8083137dc7340804e311aaae7ac20aaabed91739
-  data.tar.gz: ce866b947cce063f0df0233bca9a5de7836b2b0326c4dab6398abb6255cd4b58627d365d9abcae09d74bc27fc4f0c7a07ab8f67eaac73efc2ebf0e3891758aeb
+  metadata.gz: 58af0b760126edc00ee2f114f90fd8c632271f1a60bc80938c70e61dbfb536c7e7032da6cd3cb91515bb239d68872c44ec3784c1498930f121e2bd139e63ff5d
+  data.tar.gz: a6367ec02b859f4e18e84bc9e739d3b44314a299b00730092c52c65a657b44b57b7ac80149cd2fd067023a200f1e25dc537647bd33e155b2bc4d5573fac7e39d

data/lib/omniauth-suomifi/ruby_saml_extensions.rb CHANGED Viewed

@@ -30,31 +30,35 @@ OneLogin::RubySaml::Utils.class_eval do
   # @return [String] The deciphered text
   def self.retrieve_plaintext(cipher_text, symmetric_key, algorithm)
     case algorithm
-      when 'http://www.w3.org/2001/04/xmlenc#tripledes-cbc' then cipher = OpenSSL::Cipher.new('DES-EDE3-CBC').decrypt
-      when 'http://www.w3.org/2001/04/xmlenc#aes128-cbc' then cipher = OpenSSL::Cipher.new('AES-128-CBC').decrypt
-      when 'http://www.w3.org/2001/04/xmlenc#aes192-cbc' then cipher = OpenSSL::Cipher.new('AES-192-CBC').decrypt
-      when 'http://www.w3.org/2001/04/xmlenc#aes256-cbc' then cipher = OpenSSL::Cipher.new('AES-256-CBC').decrypt
-      when 'http://www.w3.org/2009/xmlenc11#aes128-gcm' then auth_cipher = OpenSSL::Cipher.new('AES-128-GCM').decrypt
-      when 'http://www.w3.org/2009/xmlenc11#aes192-gcm' then auth_cipher = OpenSSL::Cipher.new('AES-192-GCM').decrypt
-      when 'http://www.w3.org/2009/xmlenc11#aes256-gcm' then auth_cipher = OpenSSL::Cipher.new('AES-256-GCM').decrypt
-      when 'http://www.w3.org/2001/04/xmlenc#rsa-1_5' then rsa = symmetric_key
-      when 'http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p' then oaep = symmetric_key
+    when 'http://www.w3.org/2001/04/xmlenc#tripledes-cbc' then cipher = OpenSSL::Cipher.new('DES-EDE3-CBC').decrypt
+    when 'http://www.w3.org/2001/04/xmlenc#aes128-cbc' then cipher = OpenSSL::Cipher.new('AES-128-CBC').decrypt
+    when 'http://www.w3.org/2001/04/xmlenc#aes192-cbc' then cipher = OpenSSL::Cipher.new('AES-192-CBC').decrypt
+    when 'http://www.w3.org/2001/04/xmlenc#aes256-cbc' then cipher = OpenSSL::Cipher.new('AES-256-CBC').decrypt
+    when 'http://www.w3.org/2009/xmlenc11#aes128-gcm' then auth_cipher = OpenSSL::Cipher.new('AES-128-GCM').decrypt
+    when 'http://www.w3.org/2009/xmlenc11#aes192-gcm' then auth_cipher = OpenSSL::Cipher.new('AES-192-GCM').decrypt
+    when 'http://www.w3.org/2009/xmlenc11#aes256-gcm' then auth_cipher = OpenSSL::Cipher.new('AES-256-GCM').decrypt
+    when 'http://www.w3.org/2001/04/xmlenc#rsa-1_5' then rsa = symmetric_key
+    when 'http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p' then oaep = symmetric_key
     end
     if cipher
       iv_len = cipher.iv_len
       data = cipher_text[iv_len..-1]
-      cipher.padding, cipher.key, cipher.iv = 0, symmetric_key, cipher_text[0..iv_len-1]
+      cipher.padding = 0
+      cipher.key = symmetric_key
+      cipher.iv = cipher_text[0..iv_len - 1]
       assertion_plaintext = cipher.update(data)
       assertion_plaintext << cipher.final
     elsif auth_cipher
-      iv_len, text_len, tag_len = auth_cipher.iv_len, cipher_text.length, 16
-      data = cipher_text[iv_len..text_len-1-tag_len]
+      iv_len = auth_cipher.iv_len
+      text_len = cipher_text.length
+      tag_len = 16
+      data = cipher_text[iv_len..text_len - 1 - tag_len]
       auth_cipher.padding = 0
       auth_cipher.key = symmetric_key
-      auth_cipher.iv = cipher_text[0..iv_len-1]
+      auth_cipher.iv = cipher_text[0..iv_len - 1]
       auth_cipher.auth_data = ''
-      auth_cipher.auth_tag = cipher_text[text_len-tag_len..-1]
+      auth_cipher.auth_tag = cipher_text[text_len - tag_len..-1]
       assertion_plaintext = auth_cipher.update(data)
       assertion_plaintext << auth_cipher.final
     elsif rsa

data/lib/omniauth-suomifi/version.rb CHANGED Viewed

@@ -2,6 +2,6 @@
 module OmniAuth
   module Suomifi
-    VERSION = '0.4.0'
+    VERSION = '0.4.1'
   end
 end

data/lib/omniauth/strategies/suomifi.rb CHANGED Viewed

@@ -609,8 +609,8 @@ module OmniAuth
         case options.mode
         when :test
           'https://testi.apro.tunnistus.fi/static/metadata/idp-metadata.xml'
-        else
-          'https://tunnistus.suomi.fi/static/metadata/idp-metadata-secondary.xml'
+        else # :production
+          'https://tunnistus.suomi.fi/static/metadata/idp-metadata-tunnistautuminen.xml'
         end
       end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: omniauth-suomifi
 version: !ruby/object:Gem::Version
-  version: 0.4.0
+  version: 0.4.1
 platform: ruby
 authors:
 - Antti Hukkanen
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-10-22 00:00:00.000000000 Z
+date: 2021-02-03 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: omniauth-saml