ruby-saml-federazione-trentina 0.0.1
Sign up to get free protection for your applications and to get access to all the features.
- data/.document +5 -0
- data/.gitignore +10 -0
- data/.travis.yml +5 -0
- data/Gemfile +12 -0
- data/LICENSE +19 -0
- data/README.md +126 -0
- data/Rakefile +41 -0
- data/lib/onelogin/ruby-saml/authrequest.rb +189 -0
- data/lib/onelogin/ruby-saml/coding.rb +34 -0
- data/lib/onelogin/ruby-saml/logging.rb +26 -0
- data/lib/onelogin/ruby-saml/logout_request.rb +126 -0
- data/lib/onelogin/ruby-saml/logout_response.rb +132 -0
- data/lib/onelogin/ruby-saml/metadata.rb +270 -0
- data/lib/onelogin/ruby-saml/request.rb +83 -0
- data/lib/onelogin/ruby-saml/response.rb +211 -0
- data/lib/onelogin/ruby-saml/settings.rb +29 -0
- data/lib/onelogin/ruby-saml/validation_error.rb +7 -0
- data/lib/onelogin/ruby-saml/version.rb +5 -0
- data/lib/ruby-saml.rb +11 -0
- data/lib/schemas/saml20assertion_schema.xsd +283 -0
- data/lib/schemas/saml20protocol_schema.xsd +302 -0
- data/lib/schemas/xenc_schema.xsd +146 -0
- data/lib/schemas/xmldsig_schema.xsd +318 -0
- data/lib/xml_security.rb +165 -0
- data/ruby-saml.gemspec +21 -0
- data/test/certificates/certificate1 +12 -0
- data/test/logoutrequest_test.rb +98 -0
- data/test/request_test.rb +53 -0
- data/test/response_test.rb +219 -0
- data/test/responses/adfs_response_sha1.xml +46 -0
- data/test/responses/adfs_response_sha256.xml +46 -0
- data/test/responses/adfs_response_sha384.xml +46 -0
- data/test/responses/adfs_response_sha512.xml +46 -0
- data/test/responses/no_signature_ns.xml +48 -0
- data/test/responses/open_saml_response.xml +56 -0
- data/test/responses/response1.xml.base64 +1 -0
- data/test/responses/response2.xml.base64 +79 -0
- data/test/responses/response3.xml.base64 +66 -0
- data/test/responses/response4.xml.base64 +93 -0
- data/test/responses/response5.xml.base64 +102 -0
- data/test/responses/response_with_ampersands.xml +139 -0
- data/test/responses/response_with_ampersands.xml.base64 +93 -0
- data/test/responses/simple_saml_php.xml +71 -0
- data/test/responses/wrapped_response_2.xml.base64 +150 -0
- data/test/settings_test.rb +43 -0
- data/test/test_helper.rb +66 -0
- data/test/xml_security_test.rb +123 -0
- metadata +155 -0
@@ -0,0 +1,150 @@
|
|
1
|
+
77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz4NCjxzYW1s
|
2
|
+
cDpSZXNwb25zZSB4bWxuczpzYW1scD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6
|
3
|
+
Mi4wOnByb3RvY29sIiB4bWxuczpzYW1sPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FN
|
4
|
+
TDoyLjA6YXNzZXJ0aW9uIiBJRD0iXzI2NTAyNGI0NjAyZmM2OGMwMTQ1YzZlOWM1
|
5
|
+
NzFkOGY2MjE5ZTZjZmVlMCIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIw
|
6
|
+
MTEtMDYtMTNUMTY6MDI6MjVaIiBEZXN0aW5hdGlvbj0iaHR0cDovL2xvY2FsaG9z
|
7
|
+
dC9waHAtc2FtbC1maXhlZC9jb25zdW1lLnBocCIgSW5SZXNwb25zZVRvPSJfMzI0
|
8
|
+
NDJhOGMzZDFiYThlYTEzNmMiPg0KICA8c2FtbDpJc3N1ZXI+aHR0cHM6Ly9pZHAv
|
9
|
+
c2ltcGxlc2FtbC9zYW1sMi9pZHAvbWV0YWRhdGEucGhwPC9zYW1sOklzc3Vlcj4N
|
10
|
+
CiAgPHNhbWxwOlN0YXR1cz4NCiAgICA8c2FtbHA6U3RhdHVzQ29kZSBWYWx1ZT0i
|
11
|
+
dXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnN0YXR1czpTdWNjZXNzIiAvPg0K
|
12
|
+
ICA8L3NhbWxwOlN0YXR1cz4NCiAgPHNhbWw6QXNzZXJ0aW9uIHhtbG5zOnhzaT0i
|
13
|
+
aHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhtbG5z
|
14
|
+
OnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgSUQ9Il82M2Iw
|
15
|
+
YWVhZWMyYmJiNDU4ZjcxMTUzZjIxODBjNzJjNDM5MzFkM2M5MjAiIFZlcnNpb249
|
16
|
+
IjIuMCIgSXNzdWVJbnN0YW50PSIyMDExLTA2LTEzVDE2OjAyOjI1WiI+DQogICAg
|
17
|
+
PHNhbWw6SXNzdWVyPmh0dHBzOi8vaWRwL3NpbXBsZXNhbWwvc2FtbDIvaWRwL21l
|
18
|
+
dGFkYXRhLnBocDwvc2FtbDpJc3N1ZXI+DQogICAgPHNhbWw6U3ViamVjdD4NCiAg
|
19
|
+
ICAgIDxzYW1sOk5hbWVJRCBTUE5hbWVRdWFsaWZpZXI9InBocC1zYW1sLWZpeGVk
|
20
|
+
IiBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjEuMTpuYW1laWQtZm9y
|
21
|
+
bWF0OmVtYWlsQWRkcmVzcyI+cm9vdEBleGFtcGxlLmNvbTwvc2FtbDpOYW1lSUQ+
|
22
|
+
DQogICAgICA8c2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uIE1ldGhvZD0idXJuOm9h
|
23
|
+
c2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmNtOmJlYXJlciI+DQogICAgICAgIDxzYW1s
|
24
|
+
OlN1YmplY3RDb25maXJtYXRpb25EYXRhIE5vdE9uT3JBZnRlcj0iMjAxMS0wNi0x
|
25
|
+
M1QxNjowNzoyNVoiIFJlY2lwaWVudD0iaHR0cDovL2xvY2FsaG9zdC9waHAtc2Ft
|
26
|
+
bC1maXhlZC9jb25zdW1lLnBocCIgSW5SZXNwb25zZVRvPSJfMzI0NDJhOGMzZDFi
|
27
|
+
YThlYTEzNmMiIC8+DQogICAgICA8L3NhbWw6U3ViamVjdENvbmZpcm1hdGlvbj4N
|
28
|
+
CiAgICA8L3NhbWw6U3ViamVjdD4NCiAgICA8c2FtbDpDb25kaXRpb25zIE5vdEJl
|
29
|
+
Zm9yZT0iMjAxMS0wNi0xM1QxNjowMTo1NVoiIE5vdE9uT3JBZnRlcj0iMjAxMS0w
|
30
|
+
Ni0xM1QxNjowNzoyNVoiPg0KICAgICAgPHNhbWw6QXVkaWVuY2VSZXN0cmljdGlv
|
31
|
+
bj4NCiAgICAgICAgPHNhbWw6QXVkaWVuY2U+cGhwLXNhbWwtZml4ZWQ8L3NhbWw6
|
32
|
+
QXVkaWVuY2U+DQogICAgICA8L3NhbWw6QXVkaWVuY2VSZXN0cmljdGlvbj4NCiAg
|
33
|
+
ICA8L3NhbWw6Q29uZGl0aW9ucz4NCiAgICA8c2FtbDpBdXRoblN0YXRlbWVudCBB
|
34
|
+
dXRobkluc3RhbnQ9IjIwMTEtMDYtMTNUMTI6NDc6MzNaIiBTZXNzaW9uTm90T25P
|
35
|
+
ckFmdGVyPSIyMDExLTA2LTE0VDAwOjAyOjI1WiIgU2Vzc2lvbkluZGV4PSJfNTk5
|
36
|
+
NGFjYjUyODc4MTc4ZjAyYjY2ZTY5M2RlYmUzNDA3MjU3OTZjZDJjIj4NCiAgICAg
|
37
|
+
IDxzYW1sOkF1dGhuQ29udGV4dD4NCiAgICAgICAgPHNhbWw6QXV0aG5Db250ZXh0
|
38
|
+
Q2xhc3NSZWY+dXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFjOmNsYXNzZXM6
|
39
|
+
UGFzc3dvcmQ8L3NhbWw6QXV0aG5Db250ZXh0Q2xhc3NSZWY+DQogICAgICA8L3Nh
|
40
|
+
bWw6QXV0aG5Db250ZXh0Pg0KICAgIDwvc2FtbDpBdXRoblN0YXRlbWVudD4NCiAg
|
41
|
+
PC9zYW1sOkFzc2VydGlvbj4NCiAgPG1kOkVudGl0eURlc2NyaXB0b3IgeG1sbnM6
|
42
|
+
bWQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDptZXRhZGF0YSIgeG1sbnM6
|
43
|
+
ZHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiIGVudGl0eUlE
|
44
|
+
PSJodHRwczovL2lkcC9zaW1wbGVzYW1sL3NhbWwyL2lkcC9tZXRhZGF0YS5waHAi
|
45
|
+
IElEPSJwZng4YjhmZTFkMC0wZjhmLTJlMDAtYTAwOC1iOThiYmM1ZGExZDAiPg0K
|
46
|
+
ICAgIDxkczpTaWduYXR1cmU+DQogICAgICA8ZHM6U2lnbmVkSW5mbz4NCiAgICAg
|
47
|
+
ICAgPGRzOkNhbm9uaWNhbGl6YXRpb25NZXRob2QgQWxnb3JpdGhtPSJodHRwOi8v
|
48
|
+
d3d3LnczLm9yZy8yMDAxLzEwL3htbC1leGMtYzE0biMiIC8+DQogICAgICAgIDxk
|
49
|
+
czpTaWduYXR1cmVNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8y
|
50
|
+
MDAwLzA5L3htbGRzaWcjcnNhLXNoYTEiIC8+DQogICAgICAgIDxkczpSZWZlcmVu
|
51
|
+
Y2UgVVJJPSIjcGZ4OGI4ZmUxZDAtMGY4Zi0yZTAwLWEwMDgtYjk4YmJjNWRhMWQw
|
52
|
+
Ij4NCiAgICAgICAgICA8ZHM6VHJhbnNmb3Jtcz4NCiAgICAgICAgICAgIDxkczpU
|
53
|
+
cmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3ht
|
54
|
+
bGRzaWcjZW52ZWxvcGVkLXNpZ25hdHVyZSIgLz4NCiAgICAgICAgICAgIDxkczpU
|
55
|
+
cmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzEwL3ht
|
56
|
+
bC1leGMtYzE0biMiIC8+DQogICAgICAgICAgPC9kczpUcmFuc2Zvcm1zPg0KICAg
|
57
|
+
ICAgICAgIDxkczpEaWdlc3RNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3Lncz
|
58
|
+
Lm9yZy8yMDAwLzA5L3htbGRzaWcjc2hhMSIgLz4NCiAgICAgICAgICA8ZHM6RGln
|
59
|
+
ZXN0VmFsdWU+NVVmdy9lUlMwVHpIbC9vc2pMVCtJOGxlUDZVPTwvZHM6RGlnZXN0
|
60
|
+
VmFsdWU+DQogICAgICAgIDwvZHM6UmVmZXJlbmNlPg0KICAgICAgPC9kczpTaWdu
|
61
|
+
ZWRJbmZvPg0KICAgICAgPGRzOlNpZ25hdHVyZVZhbHVlPkM0OFpLQ2FwQVdsNHBx
|
62
|
+
WlM1ZFhMTmVmdjZSYS9hMXZGSDlGWDZsd3c3RS94VmxtZXFTbHh1WGEra0JicE4r
|
63
|
+
RWFzWmJaMGE4blYxTE1oNGN5TER2ajVnVURyYkhvMG1aOVNhRDBZaFhxcnBQY21H
|
64
|
+
djVmSGZxZFRtRTVJUUs2MjQ0UkFPdk05MklyYU0vU0hRQ0dROE1hdkhTNSs4Nm11
|
65
|
+
MGdkbjVuNWJrcUU1ND08L2RzOlNpZ25hdHVyZVZhbHVlPg0KICAgICAgPGRzOktl
|
66
|
+
eUluZm8+DQogICAgICAgIDxkczpYNTA5RGF0YT4NCiAgICAgICAgICA8ZHM6WDUw
|
67
|
+
OUNlcnRpZmljYXRlPk1JSUNnVENDQWVvQ0NRQ2JPbHJXRGRYN0ZUQU5CZ2txaGtp
|
68
|
+
Rzl3MEJBUVVGQURDQmhERUxNQWtHQTFVRUJoTUNUazh4R0RBV0JnTlZCQWdURDBG
|
69
|
+
dVpISmxZWE1nVTI5c1ltVnlaekVNTUFvR0ExVUVCeE1EUm05dk1SQXdEZ1lEVlFR
|
70
|
+
S0V3ZFZUa2xPUlZSVU1SZ3dGZ1lEVlFRREV3OW1aV2xrWlM1bGNteGhibWN1Ym04
|
71
|
+
eElUQWZCZ2txaGtpRzl3MEJDUUVXRW1GdVpISmxZWE5BZFc1cGJtVjBkQzV1YnpB
|
72
|
+
ZUZ3MHdOekEyTVRVeE1qQXhNelZhRncwd056QTRNVFF4TWpBeE16VmFNSUdFTVFz
|
73
|
+
d0NRWURWUVFHRXdKT1R6RVlNQllHQTFVRUNCTVBRVzVrY21WaGN5QlRiMnhpWlhK
|
74
|
+
bk1Rd3dDZ1lEVlFRSEV3TkdiMjh4RURBT0JnTlZCQW9UQjFWT1NVNUZWRlF4R0RB
|
75
|
+
V0JnTlZCQU1URDJabGFXUmxMbVZ5YkdGdVp5NXViekVoTUI4R0NTcUdTSWIzRFFF
|
76
|
+
SkFSWVNZVzVrY21WaGMwQjFibWx1WlhSMExtNXZNSUdmTUEwR0NTcUdTSWIzRFFF
|
77
|
+
QkFRVUFBNEdOQURDQmlRS0JnUURpdmJoUjdQNTE2eC9TM0JxS3h1cFFlMExPTm9s
|
78
|
+
aXVwaUJPZXNDTzNTSGJEcmwzK3E5SWJmbmZtRTA0ck51TWNQc0l4QjE2MVRkRHBJ
|
79
|
+
ZXNMQ243YzhhUEhJU0tPdFBsQWVUWlNuYjhRQXU3YVJqWnEzK1BiclA1dVczVGNm
|
80
|
+
Q0dQdEtUeXRIT2dlL09sSmJvMDc4ZFZoWFExNGQxRUR3WEpXMXJSWHVVdDRDOFFJ
|
81
|
+
REFRQUJNQTBHQ1NxR1NJYjNEUUVCQlFVQUE0R0JBQ0RWZnA4NkhPYnFZK2U4QlVv
|
82
|
+
V1E5K1ZNUXgxQVNEb2hCandPc2cyV3lrVXFSWEYrZExmY1VIOWRXUjYzQ3RaSUtG
|
83
|
+
RGJTdE5vbVBuUXo3bmJLK29ueWd3QnNwVkVibkh1VWloWnEzWlVkbXVtUXFDdzRV
|
84
|
+
dnMvMVV2cTNvck9vL1dKVmhUeXZMZ0ZWSzJRYXJRNC82N09aZkhkN1IrUE9CWGhv
|
85
|
+
cGhTTXYxWk9vPC9kczpYNTA5Q2VydGlmaWNhdGU+DQogICAgICAgIDwvZHM6WDUw
|
86
|
+
OURhdGE+DQogICAgICA8L2RzOktleUluZm8+DQogICAgPC9kczpTaWduYXR1cmU+
|
87
|
+
DQogICAgPG1kOklEUFNTT0Rlc2NyaXB0b3IgcHJvdG9jb2xTdXBwb3J0RW51bWVy
|
88
|
+
YXRpb249InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCI+DQog
|
89
|
+
ICAgICA8bWQ6S2V5RGVzY3JpcHRvciB1c2U9InNpZ25pbmciPg0KICAgICAgICA8
|
90
|
+
ZHM6S2V5SW5mbyB4bWxuczpkcz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94
|
91
|
+
bWxkc2lnIyI+DQogICAgICAgICAgPGRzOlg1MDlEYXRhPg0KICAgICAgICAgICAg
|
92
|
+
PGRzOlg1MDlDZXJ0aWZpY2F0ZT5NSUlDZ1RDQ0Flb0NDUUNiT2xyV0RkWDdGVEFO
|
93
|
+
QmdrcWhraUc5dzBCQVFVRkFEQ0JoREVMTUFrR0ExVUVCaE1DVGs4eEdEQVdCZ05W
|
94
|
+
QkFnVEQwRnVaSEpsWVhNZ1UyOXNZbVZ5WnpFTU1Bb0dBMVVFQnhNRFJtOXZNUkF3
|
95
|
+
RGdZRFZRUUtFd2RWVGtsT1JWUlVNUmd3RmdZRFZRUURFdzltWldsa1pTNWxjbXho
|
96
|
+
Ym1jdWJtOHhJVEFmQmdrcWhraUc5dzBCQ1FFV0VtRnVaSEpsWVhOQWRXNXBibVYw
|
97
|
+
ZEM1dWJ6QWVGdzB3TnpBMk1UVXhNakF4TXpWYUZ3MHdOekE0TVRReE1qQXhNelZh
|
98
|
+
TUlHRU1Rc3dDUVlEVlFRR0V3Sk9UekVZTUJZR0ExVUVDQk1QUVc1a2NtVmhjeUJU
|
99
|
+
YjJ4aVpYSm5NUXd3Q2dZRFZRUUhFd05HYjI4eEVEQU9CZ05WQkFvVEIxVk9TVTVG
|
100
|
+
VkZReEdEQVdCZ05WQkFNVEQyWmxhV1JsTG1WeWJHRnVaeTV1YnpFaE1COEdDU3FH
|
101
|
+
U0liM0RRRUpBUllTWVc1a2NtVmhjMEIxYm1sdVpYUjBMbTV2TUlHZk1BMEdDU3FH
|
102
|
+
U0liM0RRRUJBUVVBQTRHTkFEQ0JpUUtCZ1FEaXZiaFI3UDUxNngvUzNCcUt4dXBR
|
103
|
+
ZTBMT05vbGl1cGlCT2VzQ08zU0hiRHJsMytxOUliZm5mbUUwNHJOdU1jUHNJeEIx
|
104
|
+
NjFUZERwSWVzTENuN2M4YVBISVNLT3RQbEFlVFpTbmI4UUF1N2FSalpxMytQYnJQ
|
105
|
+
NXVXM1RjZkNHUHRLVHl0SE9nZS9PbEpibzA3OGRWaFhRMTRkMUVEd1hKVzFyUlh1
|
106
|
+
VXQ0QzhRSURBUUFCTUEwR0NTcUdTSWIzRFFFQkJRVUFBNEdCQUNEVmZwODZIT2Jx
|
107
|
+
WStlOEJVb1dROStWTVF4MUFTRG9oQmp3T3NnMld5a1VxUlhGK2RMZmNVSDlkV1I2
|
108
|
+
M0N0WklLRkRiU3ROb21QblF6N25iSytvbnlnd0JzcFZFYm5IdVVpaFpxM1pVZG11
|
109
|
+
bVFxQ3c0VXZzLzFVdnEzb3JPby9XSlZoVHl2TGdGVksyUWFyUTQvNjdPWmZIZDdS
|
110
|
+
K1BPQlhob3BoU012MVpPbzwvZHM6WDUwOUNlcnRpZmljYXRlPg0KICAgICAgICAg
|
111
|
+
IDwvZHM6WDUwOURhdGE+DQogICAgICAgIDwvZHM6S2V5SW5mbz4NCiAgICAgIDwv
|
112
|
+
bWQ6S2V5RGVzY3JpcHRvcj4NCiAgICAgIDxtZDpLZXlEZXNjcmlwdG9yIHVzZT0i
|
113
|
+
ZW5jcnlwdGlvbiI+DQogICAgICAgIDxkczpLZXlJbmZvIHhtbG5zOmRzPSJodHRw
|
114
|
+
Oi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjIj4NCiAgICAgICAgICA8ZHM6
|
115
|
+
WDUwOURhdGE+DQogICAgICAgICAgICA8ZHM6WDUwOUNlcnRpZmljYXRlPk1JSUNn
|
116
|
+
VENDQWVvQ0NRQ2JPbHJXRGRYN0ZUQU5CZ2txaGtpRzl3MEJBUVVGQURDQmhERUxN
|
117
|
+
QWtHQTFVRUJoTUNUazh4R0RBV0JnTlZCQWdURDBGdVpISmxZWE1nVTI5c1ltVnla
|
118
|
+
ekVNTUFvR0ExVUVCeE1EUm05dk1SQXdEZ1lEVlFRS0V3ZFZUa2xPUlZSVU1SZ3dG
|
119
|
+
Z1lEVlFRREV3OW1aV2xrWlM1bGNteGhibWN1Ym04eElUQWZCZ2txaGtpRzl3MEJD
|
120
|
+
UUVXRW1GdVpISmxZWE5BZFc1cGJtVjBkQzV1YnpBZUZ3MHdOekEyTVRVeE1qQXhN
|
121
|
+
elZhRncwd056QTRNVFF4TWpBeE16VmFNSUdFTVFzd0NRWURWUVFHRXdKT1R6RVlN
|
122
|
+
QllHQTFVRUNCTVBRVzVrY21WaGN5QlRiMnhpWlhKbk1Rd3dDZ1lEVlFRSEV3Tkdi
|
123
|
+
Mjh4RURBT0JnTlZCQW9UQjFWT1NVNUZWRlF4R0RBV0JnTlZCQU1URDJabGFXUmxM
|
124
|
+
bVZ5YkdGdVp5NXViekVoTUI4R0NTcUdTSWIzRFFFSkFSWVNZVzVrY21WaGMwQjFi
|
125
|
+
bWx1WlhSMExtNXZNSUdmTUEwR0NTcUdTSWIzRFFFQkFRVUFBNEdOQURDQmlRS0Jn
|
126
|
+
UURpdmJoUjdQNTE2eC9TM0JxS3h1cFFlMExPTm9saXVwaUJPZXNDTzNTSGJEcmwz
|
127
|
+
K3E5SWJmbmZtRTA0ck51TWNQc0l4QjE2MVRkRHBJZXNMQ243YzhhUEhJU0tPdFBs
|
128
|
+
QWVUWlNuYjhRQXU3YVJqWnEzK1BiclA1dVczVGNmQ0dQdEtUeXRIT2dlL09sSmJv
|
129
|
+
MDc4ZFZoWFExNGQxRUR3WEpXMXJSWHVVdDRDOFFJREFRQUJNQTBHQ1NxR1NJYjNE
|
130
|
+
UUVCQlFVQUE0R0JBQ0RWZnA4NkhPYnFZK2U4QlVvV1E5K1ZNUXgxQVNEb2hCandP
|
131
|
+
c2cyV3lrVXFSWEYrZExmY1VIOWRXUjYzQ3RaSUtGRGJTdE5vbVBuUXo3bmJLK29u
|
132
|
+
eWd3QnNwVkVibkh1VWloWnEzWlVkbXVtUXFDdzRVdnMvMVV2cTNvck9vL1dKVmhU
|
133
|
+
eXZMZ0ZWSzJRYXJRNC82N09aZkhkN1IrUE9CWGhvcGhTTXYxWk9vPC9kczpYNTA5
|
134
|
+
Q2VydGlmaWNhdGU+DQogICAgICAgICAgPC9kczpYNTA5RGF0YT4NCiAgICAgICAg
|
135
|
+
PC9kczpLZXlJbmZvPg0KICAgICAgPC9tZDpLZXlEZXNjcmlwdG9yPg0KICAgICAg
|
136
|
+
PG1kOlNpbmdsZUxvZ291dFNlcnZpY2UgQmluZGluZz0idXJuOm9hc2lzOm5hbWVz
|
137
|
+
OnRjOlNBTUw6Mi4wOmJpbmRpbmdzOkhUVFAtUmVkaXJlY3QiIExvY2F0aW9uPSJo
|
138
|
+
dHRwczovL2lkcC9zaW1wbGVzYW1sL3NhbWwyL2lkcC9TaW5nbGVMb2dvdXRTZXJ2
|
139
|
+
aWNlLnBocCIgLz4NCiAgICAgIDxtZDpOYW1lSURGb3JtYXQ+dXJuOm9hc2lzOm5h
|
140
|
+
bWVzOnRjOlNBTUw6Mi4wOm5hbWVpZC1mb3JtYXQ6dHJhbnNpZW50PC9tZDpOYW1l
|
141
|
+
SURGb3JtYXQ+DQogICAgICA8bWQ6U2luZ2xlU2lnbk9uU2VydmljZSBCaW5kaW5n
|
142
|
+
PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YmluZGluZ3M6SFRUUC1SZWRp
|
143
|
+
cmVjdCIgTG9jYXRpb249Imh0dHBzOi8vaWRwL3NpbXBsZXNhbWwvc2FtbDIvaWRw
|
144
|
+
L1NTT1NlcnZpY2UucGhwIiAvPg0KICAgIDwvbWQ6SURQU1NPRGVzY3JpcHRvcj4N
|
145
|
+
CiAgICA8bWQ6Q29udGFjdFBlcnNvbiBjb250YWN0VHlwZT0idGVjaG5pY2FsIj4N
|
146
|
+
CiAgICAgIDxtZDpHaXZlbk5hbWU+QW5kcmVhczwvbWQ6R2l2ZW5OYW1lPg0KICAg
|
147
|
+
ICAgPG1kOlN1ck5hbWU+TWF5ZXI8L21kOlN1ck5hbWU+DQogICAgICA8bWQ6RW1h
|
148
|
+
aWxBZGRyZXNzPmFuZHJlYXMubWF5ZXJAd3VlcnRoLmNvbTwvbWQ6RW1haWxBZGRy
|
149
|
+
ZXNzPg0KICAgIDwvbWQ6Q29udGFjdFBlcnNvbj4NCiAgPC9tZDpFbnRpdHlEZXNj
|
150
|
+
cmlwdG9yPg0KPC9zYW1scDpSZXNwb25zZT4=
|
@@ -0,0 +1,43 @@
|
|
1
|
+
require File.expand_path(File.join(File.dirname(__FILE__), "test_helper"))
|
2
|
+
|
3
|
+
class SettingsTest < Test::Unit::TestCase
|
4
|
+
|
5
|
+
context "Settings" do
|
6
|
+
setup do
|
7
|
+
@settings = Onelogin::Saml::Settings.new
|
8
|
+
end
|
9
|
+
should "should provide getters and settings" do
|
10
|
+
accessors = [
|
11
|
+
:assertion_consumer_service_url, :issuer, :sp_name_qualifier,
|
12
|
+
:idp_sso_target_url, :idp_cert_fingerprint, :name_identifier_format,
|
13
|
+
:idp_slo_target_url, :name_identifier_value, :sessionindex
|
14
|
+
]
|
15
|
+
|
16
|
+
accessors.each do |accessor|
|
17
|
+
value = Kernel.rand
|
18
|
+
@settings.send("#{accessor}=".to_sym, value)
|
19
|
+
assert_equal value, @settings.send(accessor)
|
20
|
+
end
|
21
|
+
end
|
22
|
+
|
23
|
+
should "create settings from hash" do
|
24
|
+
|
25
|
+
config = {
|
26
|
+
:assertion_consumer_service_url => "http://app.muda.no/sso",
|
27
|
+
:issuer => "http://muda.no",
|
28
|
+
:sp_name_qualifier => "http://sso.muda.no",
|
29
|
+
:idp_sso_target_url => "http://sso.muda.no/sso",
|
30
|
+
:idp_slo_target_url => "http://sso.muda.no/slo",
|
31
|
+
:idp_cert_fingerprint => "00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00",
|
32
|
+
:name_identifier_format => "urn:oasis:names:tc:SAML:2.0:nameid-format:transient",
|
33
|
+
}
|
34
|
+
@settings = Onelogin::Saml::Settings.new(config)
|
35
|
+
|
36
|
+
config.each do |k,v|
|
37
|
+
assert_equal v, @settings.send(k)
|
38
|
+
end
|
39
|
+
end
|
40
|
+
|
41
|
+
end
|
42
|
+
|
43
|
+
end
|
data/test/test_helper.rb
ADDED
@@ -0,0 +1,66 @@
|
|
1
|
+
require 'rubygems'
|
2
|
+
require 'test/unit'
|
3
|
+
require 'shoulda'
|
4
|
+
require 'mocha'
|
5
|
+
require 'ruby-debug'
|
6
|
+
|
7
|
+
$LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
|
8
|
+
$LOAD_PATH.unshift(File.dirname(__FILE__))
|
9
|
+
require 'ruby-saml'
|
10
|
+
|
11
|
+
ENV["ruby-saml/testing"] = "1"
|
12
|
+
|
13
|
+
class Test::Unit::TestCase
|
14
|
+
def fixture(document, base64 = true)
|
15
|
+
response = Dir.glob(File.join(File.dirname(__FILE__), "responses", "#{document}*")).first
|
16
|
+
if base64 && response =~ /\.xml$/
|
17
|
+
Base64.encode64(File.read(response))
|
18
|
+
else
|
19
|
+
File.read(response)
|
20
|
+
end
|
21
|
+
end
|
22
|
+
|
23
|
+
def response_document
|
24
|
+
@response_document ||= File.read(File.join(File.dirname(__FILE__), 'responses', 'response1.xml.base64'))
|
25
|
+
end
|
26
|
+
|
27
|
+
def response_document_2
|
28
|
+
@response_document2 ||= File.read(File.join(File.dirname(__FILE__), 'responses', 'response2.xml.base64'))
|
29
|
+
end
|
30
|
+
|
31
|
+
def response_document_3
|
32
|
+
@response_document3 ||= File.read(File.join(File.dirname(__FILE__), 'responses', 'response3.xml.base64'))
|
33
|
+
end
|
34
|
+
|
35
|
+
def response_document_4
|
36
|
+
@response_document4 ||= File.read(File.join(File.dirname(__FILE__), 'responses', 'response4.xml.base64'))
|
37
|
+
end
|
38
|
+
|
39
|
+
def response_document_5
|
40
|
+
@response_document5 ||= File.read(File.join(File.dirname(__FILE__), 'responses', 'response5.xml.base64'))
|
41
|
+
end
|
42
|
+
|
43
|
+
def ampersands_response
|
44
|
+
@ampersands_resposne ||= File.read(File.join(File.dirname(__FILE__), 'responses', 'response_with_ampersands.xml.base64'))
|
45
|
+
end
|
46
|
+
|
47
|
+
def response_document_6
|
48
|
+
doc = Base64.decode64(response_document)
|
49
|
+
doc.gsub!(/NotBefore=\"(\d{4})-(\d{2})-(\d{2})T(\d{2}):(\d{2}):(\d{2})Z\"/, "NotBefore=\"#{(Time.now-300).getutc.strftime("%Y-%m-%dT%XZ")}\"")
|
50
|
+
doc.gsub!(/NotOnOrAfter=\"(\d{4})-(\d{2})-(\d{2})T(\d{2}):(\d{2}):(\d{2})Z\"/, "NotOnOrAfter=\"#{(Time.now+300).getutc.strftime("%Y-%m-%dT%XZ")}\"")
|
51
|
+
Base64.encode64(doc)
|
52
|
+
end
|
53
|
+
|
54
|
+
def wrapped_response_2
|
55
|
+
@wrapped_response_2 ||= File.read(File.join(File.dirname(__FILE__), 'responses', 'wrapped_response_2.xml.base64'))
|
56
|
+
end
|
57
|
+
|
58
|
+
def signature_fingerprint_1
|
59
|
+
@signature_fingerprint1 ||= "C5:19:85:D9:47:F1:BE:57:08:20:25:05:08:46:EB:27:F6:CA:B7:83"
|
60
|
+
end
|
61
|
+
|
62
|
+
def signature_1
|
63
|
+
@signature1 ||= File.read(File.join(File.dirname(__FILE__), 'certificates', 'certificate1'))
|
64
|
+
end
|
65
|
+
|
66
|
+
end
|
@@ -0,0 +1,123 @@
|
|
1
|
+
require 'test_helper'
|
2
|
+
require 'xml_security'
|
3
|
+
|
4
|
+
class XmlSecurityTest < Test::Unit::TestCase
|
5
|
+
include XMLSecurity
|
6
|
+
|
7
|
+
context "XmlSecurity" do
|
8
|
+
setup do
|
9
|
+
@document = XMLSecurity::SignedDocument.new(Base64.decode64(response_document))
|
10
|
+
@base64cert = @document.elements["//ds:X509Certificate"].text
|
11
|
+
end
|
12
|
+
|
13
|
+
should "should run validate without throwing NS related exceptions" do
|
14
|
+
assert !@document.validate_doc(@base64cert, true)
|
15
|
+
end
|
16
|
+
|
17
|
+
should "should run validate with throwing NS related exceptions" do
|
18
|
+
assert_raise(Onelogin::Saml::ValidationError) do
|
19
|
+
@document.validate_doc(@base64cert, false)
|
20
|
+
end
|
21
|
+
end
|
22
|
+
|
23
|
+
should "not raise an error when softly validating the document multiple times" do
|
24
|
+
assert_nothing_raised do
|
25
|
+
2.times { @document.validate_doc(@base64cert, true) }
|
26
|
+
end
|
27
|
+
end
|
28
|
+
|
29
|
+
should "should raise Fingerprint mismatch" do
|
30
|
+
exception = assert_raise(Onelogin::Saml::ValidationError) do
|
31
|
+
@document.validate("no:fi:ng:er:pr:in:t", false)
|
32
|
+
end
|
33
|
+
assert_equal("Fingerprint mismatch", exception.message)
|
34
|
+
end
|
35
|
+
|
36
|
+
should "should raise Digest mismatch" do
|
37
|
+
exception = assert_raise(Onelogin::Saml::ValidationError) do
|
38
|
+
@document.validate_doc(@base64cert, false)
|
39
|
+
end
|
40
|
+
assert_equal("Digest mismatch", exception.message)
|
41
|
+
end
|
42
|
+
|
43
|
+
should "should raise Key validation error" do
|
44
|
+
response = Base64.decode64(response_document)
|
45
|
+
response.sub!("<ds:DigestValue>pJQ7MS/ek4KRRWGmv/H43ReHYMs=</ds:DigestValue>",
|
46
|
+
"<ds:DigestValue>b9xsAXLsynugg3Wc1CI3kpWku+0=</ds:DigestValue>")
|
47
|
+
document = XMLSecurity::SignedDocument.new(response)
|
48
|
+
base64cert = document.elements["//ds:X509Certificate"].text
|
49
|
+
exception = assert_raise(Onelogin::Saml::ValidationError) do
|
50
|
+
document.validate_doc(base64cert, false)
|
51
|
+
end
|
52
|
+
assert_equal("Key validation error", exception.message)
|
53
|
+
end
|
54
|
+
end
|
55
|
+
|
56
|
+
context "Algorithms" do
|
57
|
+
should "validate using SHA1" do
|
58
|
+
@document = XMLSecurity::SignedDocument.new(fixture(:adfs_response_sha1, false))
|
59
|
+
assert @document.validate("F1:3C:6B:80:90:5A:03:0E:6C:91:3E:5D:15:FA:DD:B0:16:45:48:72")
|
60
|
+
end
|
61
|
+
|
62
|
+
should "validate using SHA256" do
|
63
|
+
@document = XMLSecurity::SignedDocument.new(fixture(:adfs_response_sha256, false))
|
64
|
+
assert @document.validate("28:74:9B:E8:1F:E8:10:9C:A8:7C:A9:C3:E3:C5:01:6C:92:1C:B4:BA")
|
65
|
+
end
|
66
|
+
|
67
|
+
should "validate using SHA384" do
|
68
|
+
@document = XMLSecurity::SignedDocument.new(fixture(:adfs_response_sha384, false))
|
69
|
+
assert @document.validate("F1:3C:6B:80:90:5A:03:0E:6C:91:3E:5D:15:FA:DD:B0:16:45:48:72")
|
70
|
+
end
|
71
|
+
|
72
|
+
should "validate using SHA512" do
|
73
|
+
@document = XMLSecurity::SignedDocument.new(fixture(:adfs_response_sha512, false))
|
74
|
+
assert @document.validate("F1:3C:6B:80:90:5A:03:0E:6C:91:3E:5D:15:FA:DD:B0:16:45:48:72")
|
75
|
+
end
|
76
|
+
end
|
77
|
+
|
78
|
+
context "XmlSecurity::SignedDocument" do
|
79
|
+
|
80
|
+
context "#extract_inclusive_namespaces" do
|
81
|
+
should "support explicit namespace resolution for exclusive canonicalization" do
|
82
|
+
response = fixture(:open_saml_response, false)
|
83
|
+
document = XMLSecurity::SignedDocument.new(response)
|
84
|
+
inclusive_namespaces = document.send(:extract_inclusive_namespaces)
|
85
|
+
|
86
|
+
assert_equal %w[ xs ], inclusive_namespaces
|
87
|
+
end
|
88
|
+
|
89
|
+
should "support implicit namespace resolution for exclusive canonicalization" do
|
90
|
+
response = fixture(:no_signature_ns, false)
|
91
|
+
document = XMLSecurity::SignedDocument.new(response)
|
92
|
+
inclusive_namespaces = document.send(:extract_inclusive_namespaces)
|
93
|
+
|
94
|
+
assert_equal %w[ #default saml ds xs xsi ], inclusive_namespaces
|
95
|
+
end
|
96
|
+
|
97
|
+
should_eventually 'support inclusive canonicalization' do
|
98
|
+
|
99
|
+
response = Onelogin::Saml::Response.new(fixture("tdnf_response.xml"))
|
100
|
+
response.stubs(:conditions).returns(nil)
|
101
|
+
assert !response.is_valid?
|
102
|
+
settings = Onelogin::Saml::Settings.new
|
103
|
+
assert !response.is_valid?
|
104
|
+
response.settings = settings
|
105
|
+
assert !response.is_valid?
|
106
|
+
settings.idp_cert_fingerprint = "e6 38 9a 20 b7 4f 13 db 6a bc b1 42 6a e7 52 1d d6 56 d4 1b".upcase.gsub(" ", ":")
|
107
|
+
assert response.validate!
|
108
|
+
end
|
109
|
+
|
110
|
+
should "return an empty list when inclusive namespace element is missing" do
|
111
|
+
response = fixture(:no_signature_ns, false)
|
112
|
+
response.slice! %r{<InclusiveNamespaces xmlns="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="#default saml ds xs xsi"/>}
|
113
|
+
|
114
|
+
document = XMLSecurity::SignedDocument.new(response)
|
115
|
+
inclusive_namespaces = document.send(:extract_inclusive_namespaces)
|
116
|
+
|
117
|
+
assert inclusive_namespaces.empty?
|
118
|
+
end
|
119
|
+
end
|
120
|
+
|
121
|
+
end
|
122
|
+
|
123
|
+
end
|
metadata
ADDED
@@ -0,0 +1,155 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: ruby-saml-federazione-trentina
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
hash: 29
|
5
|
+
prerelease:
|
6
|
+
segments:
|
7
|
+
- 0
|
8
|
+
- 0
|
9
|
+
- 1
|
10
|
+
version: 0.0.1
|
11
|
+
platform: ruby
|
12
|
+
authors:
|
13
|
+
- Fabiano Pavan
|
14
|
+
autorequire:
|
15
|
+
bindir: bin
|
16
|
+
cert_chain: []
|
17
|
+
|
18
|
+
date: 2013-01-17 00:00:00 Z
|
19
|
+
dependencies:
|
20
|
+
- !ruby/object:Gem::Dependency
|
21
|
+
name: canonix
|
22
|
+
prerelease: false
|
23
|
+
requirement: &id001 !ruby/object:Gem::Requirement
|
24
|
+
none: false
|
25
|
+
requirements:
|
26
|
+
- - "="
|
27
|
+
- !ruby/object:Gem::Version
|
28
|
+
hash: 25
|
29
|
+
segments:
|
30
|
+
- 0
|
31
|
+
- 1
|
32
|
+
- 1
|
33
|
+
version: 0.1.1
|
34
|
+
type: :runtime
|
35
|
+
version_requirements: *id001
|
36
|
+
- !ruby/object:Gem::Dependency
|
37
|
+
name: uuid
|
38
|
+
prerelease: false
|
39
|
+
requirement: &id002 !ruby/object:Gem::Requirement
|
40
|
+
none: false
|
41
|
+
requirements:
|
42
|
+
- - ~>
|
43
|
+
- !ruby/object:Gem::Version
|
44
|
+
hash: 5
|
45
|
+
segments:
|
46
|
+
- 2
|
47
|
+
- 3
|
48
|
+
version: "2.3"
|
49
|
+
type: :runtime
|
50
|
+
version_requirements: *id002
|
51
|
+
- !ruby/object:Gem::Dependency
|
52
|
+
name: nokogiri
|
53
|
+
prerelease: false
|
54
|
+
requirement: &id003 !ruby/object:Gem::Requirement
|
55
|
+
none: false
|
56
|
+
requirements:
|
57
|
+
- - ">="
|
58
|
+
- !ruby/object:Gem::Version
|
59
|
+
hash: 3
|
60
|
+
segments:
|
61
|
+
- 0
|
62
|
+
version: "0"
|
63
|
+
type: :runtime
|
64
|
+
version_requirements: *id003
|
65
|
+
description: "SAML toolkit for Ruby programs to integrate with federazione PAT trentina "
|
66
|
+
email: fabiano.pavan@soluzionipa.it
|
67
|
+
executables: []
|
68
|
+
|
69
|
+
extensions: []
|
70
|
+
|
71
|
+
extra_rdoc_files: []
|
72
|
+
|
73
|
+
files:
|
74
|
+
- .document
|
75
|
+
- .gitignore
|
76
|
+
- .travis.yml
|
77
|
+
- Gemfile
|
78
|
+
- LICENSE
|
79
|
+
- README.md
|
80
|
+
- Rakefile
|
81
|
+
- lib/onelogin/ruby-saml/authrequest.rb
|
82
|
+
- lib/onelogin/ruby-saml/coding.rb
|
83
|
+
- lib/onelogin/ruby-saml/logging.rb
|
84
|
+
- lib/onelogin/ruby-saml/logout_request.rb
|
85
|
+
- lib/onelogin/ruby-saml/logout_response.rb
|
86
|
+
- lib/onelogin/ruby-saml/metadata.rb
|
87
|
+
- lib/onelogin/ruby-saml/request.rb
|
88
|
+
- lib/onelogin/ruby-saml/response.rb
|
89
|
+
- lib/onelogin/ruby-saml/settings.rb
|
90
|
+
- lib/onelogin/ruby-saml/validation_error.rb
|
91
|
+
- lib/onelogin/ruby-saml/version.rb
|
92
|
+
- lib/ruby-saml.rb
|
93
|
+
- lib/schemas/saml20assertion_schema.xsd
|
94
|
+
- lib/schemas/saml20protocol_schema.xsd
|
95
|
+
- lib/schemas/xenc_schema.xsd
|
96
|
+
- lib/schemas/xmldsig_schema.xsd
|
97
|
+
- lib/xml_security.rb
|
98
|
+
- ruby-saml.gemspec
|
99
|
+
- test/certificates/certificate1
|
100
|
+
- test/logoutrequest_test.rb
|
101
|
+
- test/request_test.rb
|
102
|
+
- test/response_test.rb
|
103
|
+
- test/responses/adfs_response_sha1.xml
|
104
|
+
- test/responses/adfs_response_sha256.xml
|
105
|
+
- test/responses/adfs_response_sha384.xml
|
106
|
+
- test/responses/adfs_response_sha512.xml
|
107
|
+
- test/responses/no_signature_ns.xml
|
108
|
+
- test/responses/open_saml_response.xml
|
109
|
+
- test/responses/response1.xml.base64
|
110
|
+
- test/responses/response2.xml.base64
|
111
|
+
- test/responses/response3.xml.base64
|
112
|
+
- test/responses/response4.xml.base64
|
113
|
+
- test/responses/response5.xml.base64
|
114
|
+
- test/responses/response_with_ampersands.xml
|
115
|
+
- test/responses/response_with_ampersands.xml.base64
|
116
|
+
- test/responses/simple_saml_php.xml
|
117
|
+
- test/responses/wrapped_response_2.xml.base64
|
118
|
+
- test/settings_test.rb
|
119
|
+
- test/test_helper.rb
|
120
|
+
- test/xml_security_test.rb
|
121
|
+
homepage: https://github.com/fabianopavan/ruby-saml
|
122
|
+
licenses: []
|
123
|
+
|
124
|
+
post_install_message:
|
125
|
+
rdoc_options:
|
126
|
+
- --charset=UTF-8
|
127
|
+
require_paths:
|
128
|
+
- lib
|
129
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
130
|
+
none: false
|
131
|
+
requirements:
|
132
|
+
- - ">="
|
133
|
+
- !ruby/object:Gem::Version
|
134
|
+
hash: 3
|
135
|
+
segments:
|
136
|
+
- 0
|
137
|
+
version: "0"
|
138
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
139
|
+
none: false
|
140
|
+
requirements:
|
141
|
+
- - ">="
|
142
|
+
- !ruby/object:Gem::Version
|
143
|
+
hash: 3
|
144
|
+
segments:
|
145
|
+
- 0
|
146
|
+
version: "0"
|
147
|
+
requirements: []
|
148
|
+
|
149
|
+
rubyforge_project:
|
150
|
+
rubygems_version: 1.8.24
|
151
|
+
signing_key:
|
152
|
+
specification_version: 3
|
153
|
+
summary: SAML Ruby Tookit
|
154
|
+
test_files: []
|
155
|
+
|