rack_entra_id_auth 1.0.3 → 1.2.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: b0a2ea6b5c8890bdf9e35c1dc4d8b1dcce9ecd085d212948e83ae1621165698e
4
- data.tar.gz: '095bdcaf3880329d01fecd0d70b4478e8f5850ce941989f172e46f1403917ec3'
3
+ metadata.gz: 1203180f536c61e3f893d7b94beab66c2769c22979daf217421ef11e6d07a9d9
4
+ data.tar.gz: 4815b5403b5d113460246780faed0f4925216002099da173f24348075a901a91
5
5
  SHA512:
6
- metadata.gz: 02f0be8e2d05113930639578e75777cf1cb36764fefa4ca6cb1cc9b56dbdc805531463789c206976ab2ac8e0e4233dca5e42e47662e5d4e2d231b20065e46881
7
- data.tar.gz: 01471a840c03d0bfed7958a8a96cfe2dc1d242a53e4615fcbd9515464009b1c082971b78d88e4f0a43053983c968f7f146d63781b3664558dcb53b552550d0ff
6
+ metadata.gz: aaa60faf6eac7b26d71426f88bfaf46a088134fbe71e3dab4d8f929172f5847e1c422690ce190f910693acbbc87b42a7d7245ef1832aeef583ff400ab54b96ed
7
+ data.tar.gz: 76f7a00c6a86fe63e7c78f69f26457b07fe3eee61674923b6ee4a3935dd3bf721e9267678326fe8377e0dc4b3ca2c8578d3d6ee3190f1b25726c644e1932f4aa
@@ -1,9 +1,49 @@
1
1
  require 'active_support/configurable'
2
+ require 'ruby-saml'
2
3
 
3
4
  module RackEntraIdAuth
4
5
  class Configuration
5
6
  include ActiveSupport::Configurable
6
7
 
8
+ RUBY_SAML_SETTINGS = %i(
9
+ idp_entity_id
10
+ idp_sso_service_url
11
+ idp_slo_service_url
12
+ idp_slo_response_service_url
13
+ idp_cert
14
+ idp_cert_fingerprint
15
+ idp_cert_fingerprint_algorithm
16
+ idp_cert_multi
17
+ idp_attribute_names
18
+ idp_name_qualifier
19
+ valid_until
20
+ sp_entity_id
21
+ assertion_consumer_service_url
22
+ single_logout_service_url
23
+ sp_name_qualifier
24
+ name_identifier_format
25
+ name_identifier_value
26
+ name_identifier_value_requested
27
+ sessionindex
28
+ compress_request
29
+ compress_response
30
+ double_quote_xml_attribute_values
31
+ message_max_bytesize
32
+ passive
33
+ attributes_index
34
+ force_authn
35
+ certificate
36
+ private_key
37
+ sp_cert_multi
38
+ authn_context
39
+ authn_context_comparison
40
+ authn_context_decl_ref
41
+ security
42
+ soft
43
+ )
44
+
45
+ RUBY_SAML_SETTINGS.each { |ruby_saml_setting| config_accessor ruby_saml_setting }
46
+
7
47
  config_accessor :login_path, default: '/login'
8
48
  config_accessor :login_relay_state_url
9
49
  config_accessor :logout_path, default: '/logout'
@@ -24,57 +64,29 @@ module RackEntraIdAuth
24
64
  }
25
65
  config_accessor :skip_single_logout, default: true
26
66
 
27
- # Ruby SAML ID Provider Settings
28
- config_accessor :idp_entity_id
29
- config_accessor :idp_sso_service_url
30
- config_accessor :idp_slo_service_url
31
- config_accessor :idp_slo_response_service_url
32
- config_accessor :idp_cert
33
- config_accessor :idp_cert_fingerprint
34
- config_accessor :idp_cert_fingerprint_algorithm
35
- config_accessor :idp_cert_multi
36
- config_accessor :idp_attribute_names
37
- config_accessor :idp_name_qualifier
38
- config_accessor :valid_until
67
+ def configuration_options (configuration_options = {})
68
+ configuration_options.slice(:metadata_url, *RUBY_SAML_SETTINGS).each do |key, value|
69
+ self.send("#{key}=", value) unless value.nil?
70
+ end
71
+ end
72
+
73
+ def metadata_url
74
+ @metadata_url
75
+ end
76
+
77
+ def metadata_url= (metadata_url)
78
+ @metadata_url = metadata_url
39
79
 
40
- # Ruby SAML Service Provider Settings
41
- config_accessor :sp_entity_id
42
- config_accessor :assertion_consumer_service_url
43
- config_accessor :single_logout_service_url
44
- config_accessor :sp_name_qualifier
45
- config_accessor :name_identifier_format
46
- config_accessor :name_identifier_value
47
- config_accessor :name_identifier_value_requested
48
- config_accessor :sessionindex
49
- config_accessor :compress_request
50
- config_accessor :compress_response
51
- config_accessor :double_quote_xml_attribute_values
52
- config_accessor :message_max_bytesize
53
- config_accessor :passive
54
- config_accessor :attributes_index
55
- config_accessor :force_authn
56
- config_accessor :certificate
57
- config_accessor :private_key
58
- config_accessor :sp_cert_multi
59
- config_accessor :authn_context
60
- config_accessor :authn_context_comparison
61
- config_accessor :authn_context_decl_ref
80
+ OneLogin::RubySaml::IdpMetadataParser.new.parse_remote_to_hash(metadata_url)
81
+ .slice(*RUBY_SAML_SETTINGS).each do |key, value|
82
+ self.send("#{key}=", value) unless value.nil?
83
+ end
62
84
 
63
- # Ruby SAML workflow Settings
64
- config_accessor :security
65
- config_accessor :soft
85
+ @metadata_url
86
+ end
66
87
 
67
88
  def ruby_saml_settings
68
- config.to_h.except(
69
- :login_path,
70
- :login_relay_state_url,
71
- :logout_path,
72
- :logout_relay_state_url,
73
- :mock_server,
74
- :mock_attributes,
75
- :session_key,
76
- :session_value_proc,
77
- :skip_single_logout)
89
+ config.to_h.slice(*RUBY_SAML_SETTINGS)
78
90
  end
79
91
  end
80
92
  end
@@ -66,13 +66,13 @@ module RackEntraIdAuth
66
66
  if !auth_response.is_valid?
67
67
  log(env, "Invalid single login reponse from Entra ID: #{auth_response.errors.first}")
68
68
 
69
- return internal_server_error_response("Invalid login reponse from Entra ID: #{auth_response.errors.first}")
69
+ return internal_server_error_response("Invalid single login reponse from Entra ID: #{auth_response.errors.first}")
70
70
  end
71
71
 
72
72
  if !auth_response.success?
73
73
  log(env, 'Unsuccessful single single reponse from Entra ID.')
74
74
 
75
- return internal_server_error_response('Unsuccessful login reponse from Entra ID.')
75
+ return internal_server_error_response('Unsuccessful single login reponse from Entra ID.')
76
76
  end
77
77
 
78
78
  log(env, 'Initializing session and redirecting to relay state URL…')
@@ -94,7 +94,7 @@ module RackEntraIdAuth
94
94
  if !logout_request.is_valid?
95
95
  log(env, "Invalid single logout request from Entra ID: #{logout_request.errors.first}")
96
96
 
97
- return internal_server_error_response("Invalid logout request from Entra ID: #{logout_request.errors.first}")
97
+ return internal_server_error_response("Invalid single logout request from Entra ID: #{logout_request.errors.first}")
98
98
  end
99
99
 
100
100
  log(env, 'Destroying session and sending logout response to Entra ID…')
@@ -124,13 +124,13 @@ module RackEntraIdAuth
124
124
  if !logout_response.validate
125
125
  log(env, "Invalid single logout reponse from Entra ID: #{logout_response.errors.first}")
126
126
 
127
- return internal_server_error_response("Invalid logout reponse from Entra ID: #{logout_response.errors.first}")
127
+ return internal_server_error_response("Invalid single logout reponse from Entra ID: #{logout_response.errors.first}")
128
128
  end
129
129
 
130
130
  if !logout_response.success?
131
131
  log(env, 'Unsuccessful single logout reponse from Entra ID.')
132
132
 
133
- return internal_server_error_response('Unsuccessful logout reponse from Entra ID.')
133
+ return internal_server_error_response('Unsuccessful single logout reponse from Entra ID.')
134
134
  end
135
135
 
136
136
  log(env, 'Destroying session and redirecting to relay state URL…')
@@ -1,3 +1,3 @@
1
1
  module RackEntraIdAuth
2
- VERSION = '1.0.3'
2
+ VERSION = '1.2.0'
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rack_entra_id_auth
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.3
4
+ version: 1.2.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - David Susco
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-08-01 00:00:00.000000000 Z
11
+ date: 2024-08-27 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activesupport
@@ -119,7 +119,7 @@ licenses:
119
119
  - MIT
120
120
  metadata:
121
121
  bug_tracker_uri: https://github.com/dsusco/rack_entra_id_auth/issues
122
- changelog_uri: https://github.com/dsusco/rack_entra_id_auth/releases/tag/v1.0.3
122
+ changelog_uri: https://github.com/dsusco/rack_entra_id_auth/releases/tag/v1.2.0
123
123
  homepage_uri: https://github.com/dsusco/rack_entra_id_auth
124
124
  source_code_uri: https://github.com/dsusco/rack_entra_id_auth
125
125
  post_install_message: