ruby-saml-federazione-trentina 0.0.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (48) hide show
  1. data/.document +5 -0
  2. data/.gitignore +10 -0
  3. data/.travis.yml +5 -0
  4. data/Gemfile +12 -0
  5. data/LICENSE +19 -0
  6. data/README.md +126 -0
  7. data/Rakefile +41 -0
  8. data/lib/onelogin/ruby-saml/authrequest.rb +189 -0
  9. data/lib/onelogin/ruby-saml/coding.rb +34 -0
  10. data/lib/onelogin/ruby-saml/logging.rb +26 -0
  11. data/lib/onelogin/ruby-saml/logout_request.rb +126 -0
  12. data/lib/onelogin/ruby-saml/logout_response.rb +132 -0
  13. data/lib/onelogin/ruby-saml/metadata.rb +270 -0
  14. data/lib/onelogin/ruby-saml/request.rb +83 -0
  15. data/lib/onelogin/ruby-saml/response.rb +211 -0
  16. data/lib/onelogin/ruby-saml/settings.rb +29 -0
  17. data/lib/onelogin/ruby-saml/validation_error.rb +7 -0
  18. data/lib/onelogin/ruby-saml/version.rb +5 -0
  19. data/lib/ruby-saml.rb +11 -0
  20. data/lib/schemas/saml20assertion_schema.xsd +283 -0
  21. data/lib/schemas/saml20protocol_schema.xsd +302 -0
  22. data/lib/schemas/xenc_schema.xsd +146 -0
  23. data/lib/schemas/xmldsig_schema.xsd +318 -0
  24. data/lib/xml_security.rb +165 -0
  25. data/ruby-saml.gemspec +21 -0
  26. data/test/certificates/certificate1 +12 -0
  27. data/test/logoutrequest_test.rb +98 -0
  28. data/test/request_test.rb +53 -0
  29. data/test/response_test.rb +219 -0
  30. data/test/responses/adfs_response_sha1.xml +46 -0
  31. data/test/responses/adfs_response_sha256.xml +46 -0
  32. data/test/responses/adfs_response_sha384.xml +46 -0
  33. data/test/responses/adfs_response_sha512.xml +46 -0
  34. data/test/responses/no_signature_ns.xml +48 -0
  35. data/test/responses/open_saml_response.xml +56 -0
  36. data/test/responses/response1.xml.base64 +1 -0
  37. data/test/responses/response2.xml.base64 +79 -0
  38. data/test/responses/response3.xml.base64 +66 -0
  39. data/test/responses/response4.xml.base64 +93 -0
  40. data/test/responses/response5.xml.base64 +102 -0
  41. data/test/responses/response_with_ampersands.xml +139 -0
  42. data/test/responses/response_with_ampersands.xml.base64 +93 -0
  43. data/test/responses/simple_saml_php.xml +71 -0
  44. data/test/responses/wrapped_response_2.xml.base64 +150 -0
  45. data/test/settings_test.rb +43 -0
  46. data/test/test_helper.rb +66 -0
  47. data/test/xml_security_test.rb +123 -0
  48. metadata +155 -0
@@ -0,0 +1,150 @@
1
+ 77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz4NCjxzYW1s
2
+ cDpSZXNwb25zZSB4bWxuczpzYW1scD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6
3
+ Mi4wOnByb3RvY29sIiB4bWxuczpzYW1sPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FN
4
+ TDoyLjA6YXNzZXJ0aW9uIiBJRD0iXzI2NTAyNGI0NjAyZmM2OGMwMTQ1YzZlOWM1
5
+ NzFkOGY2MjE5ZTZjZmVlMCIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIw
6
+ MTEtMDYtMTNUMTY6MDI6MjVaIiBEZXN0aW5hdGlvbj0iaHR0cDovL2xvY2FsaG9z
7
+ dC9waHAtc2FtbC1maXhlZC9jb25zdW1lLnBocCIgSW5SZXNwb25zZVRvPSJfMzI0
8
+ NDJhOGMzZDFiYThlYTEzNmMiPg0KICA8c2FtbDpJc3N1ZXI+aHR0cHM6Ly9pZHAv
9
+ c2ltcGxlc2FtbC9zYW1sMi9pZHAvbWV0YWRhdGEucGhwPC9zYW1sOklzc3Vlcj4N
10
+ CiAgPHNhbWxwOlN0YXR1cz4NCiAgICA8c2FtbHA6U3RhdHVzQ29kZSBWYWx1ZT0i
11
+ dXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnN0YXR1czpTdWNjZXNzIiAvPg0K
12
+ ICA8L3NhbWxwOlN0YXR1cz4NCiAgPHNhbWw6QXNzZXJ0aW9uIHhtbG5zOnhzaT0i
13
+ aHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhtbG5z
14
+ OnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgSUQ9Il82M2Iw
15
+ YWVhZWMyYmJiNDU4ZjcxMTUzZjIxODBjNzJjNDM5MzFkM2M5MjAiIFZlcnNpb249
16
+ IjIuMCIgSXNzdWVJbnN0YW50PSIyMDExLTA2LTEzVDE2OjAyOjI1WiI+DQogICAg
17
+ PHNhbWw6SXNzdWVyPmh0dHBzOi8vaWRwL3NpbXBsZXNhbWwvc2FtbDIvaWRwL21l
18
+ dGFkYXRhLnBocDwvc2FtbDpJc3N1ZXI+DQogICAgPHNhbWw6U3ViamVjdD4NCiAg
19
+ ICAgIDxzYW1sOk5hbWVJRCBTUE5hbWVRdWFsaWZpZXI9InBocC1zYW1sLWZpeGVk
20
+ IiBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjEuMTpuYW1laWQtZm9y
21
+ bWF0OmVtYWlsQWRkcmVzcyI+cm9vdEBleGFtcGxlLmNvbTwvc2FtbDpOYW1lSUQ+
22
+ DQogICAgICA8c2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uIE1ldGhvZD0idXJuOm9h
23
+ c2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmNtOmJlYXJlciI+DQogICAgICAgIDxzYW1s
24
+ OlN1YmplY3RDb25maXJtYXRpb25EYXRhIE5vdE9uT3JBZnRlcj0iMjAxMS0wNi0x
25
+ M1QxNjowNzoyNVoiIFJlY2lwaWVudD0iaHR0cDovL2xvY2FsaG9zdC9waHAtc2Ft
26
+ bC1maXhlZC9jb25zdW1lLnBocCIgSW5SZXNwb25zZVRvPSJfMzI0NDJhOGMzZDFi
27
+ YThlYTEzNmMiIC8+DQogICAgICA8L3NhbWw6U3ViamVjdENvbmZpcm1hdGlvbj4N
28
+ CiAgICA8L3NhbWw6U3ViamVjdD4NCiAgICA8c2FtbDpDb25kaXRpb25zIE5vdEJl
29
+ Zm9yZT0iMjAxMS0wNi0xM1QxNjowMTo1NVoiIE5vdE9uT3JBZnRlcj0iMjAxMS0w
30
+ Ni0xM1QxNjowNzoyNVoiPg0KICAgICAgPHNhbWw6QXVkaWVuY2VSZXN0cmljdGlv
31
+ bj4NCiAgICAgICAgPHNhbWw6QXVkaWVuY2U+cGhwLXNhbWwtZml4ZWQ8L3NhbWw6
32
+ QXVkaWVuY2U+DQogICAgICA8L3NhbWw6QXVkaWVuY2VSZXN0cmljdGlvbj4NCiAg
33
+ ICA8L3NhbWw6Q29uZGl0aW9ucz4NCiAgICA8c2FtbDpBdXRoblN0YXRlbWVudCBB
34
+ dXRobkluc3RhbnQ9IjIwMTEtMDYtMTNUMTI6NDc6MzNaIiBTZXNzaW9uTm90T25P
35
+ ckFmdGVyPSIyMDExLTA2LTE0VDAwOjAyOjI1WiIgU2Vzc2lvbkluZGV4PSJfNTk5
36
+ NGFjYjUyODc4MTc4ZjAyYjY2ZTY5M2RlYmUzNDA3MjU3OTZjZDJjIj4NCiAgICAg
37
+ IDxzYW1sOkF1dGhuQ29udGV4dD4NCiAgICAgICAgPHNhbWw6QXV0aG5Db250ZXh0
38
+ Q2xhc3NSZWY+dXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFjOmNsYXNzZXM6
39
+ UGFzc3dvcmQ8L3NhbWw6QXV0aG5Db250ZXh0Q2xhc3NSZWY+DQogICAgICA8L3Nh
40
+ bWw6QXV0aG5Db250ZXh0Pg0KICAgIDwvc2FtbDpBdXRoblN0YXRlbWVudD4NCiAg
41
+ PC9zYW1sOkFzc2VydGlvbj4NCiAgPG1kOkVudGl0eURlc2NyaXB0b3IgeG1sbnM6
42
+ bWQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDptZXRhZGF0YSIgeG1sbnM6
43
+ ZHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiIGVudGl0eUlE
44
+ PSJodHRwczovL2lkcC9zaW1wbGVzYW1sL3NhbWwyL2lkcC9tZXRhZGF0YS5waHAi
45
+ IElEPSJwZng4YjhmZTFkMC0wZjhmLTJlMDAtYTAwOC1iOThiYmM1ZGExZDAiPg0K
46
+ ICAgIDxkczpTaWduYXR1cmU+DQogICAgICA8ZHM6U2lnbmVkSW5mbz4NCiAgICAg
47
+ ICAgPGRzOkNhbm9uaWNhbGl6YXRpb25NZXRob2QgQWxnb3JpdGhtPSJodHRwOi8v
48
+ d3d3LnczLm9yZy8yMDAxLzEwL3htbC1leGMtYzE0biMiIC8+DQogICAgICAgIDxk
49
+ czpTaWduYXR1cmVNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8y
50
+ MDAwLzA5L3htbGRzaWcjcnNhLXNoYTEiIC8+DQogICAgICAgIDxkczpSZWZlcmVu
51
+ Y2UgVVJJPSIjcGZ4OGI4ZmUxZDAtMGY4Zi0yZTAwLWEwMDgtYjk4YmJjNWRhMWQw
52
+ Ij4NCiAgICAgICAgICA8ZHM6VHJhbnNmb3Jtcz4NCiAgICAgICAgICAgIDxkczpU
53
+ cmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3ht
54
+ bGRzaWcjZW52ZWxvcGVkLXNpZ25hdHVyZSIgLz4NCiAgICAgICAgICAgIDxkczpU
55
+ cmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzEwL3ht
56
+ bC1leGMtYzE0biMiIC8+DQogICAgICAgICAgPC9kczpUcmFuc2Zvcm1zPg0KICAg
57
+ ICAgICAgIDxkczpEaWdlc3RNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3Lncz
58
+ Lm9yZy8yMDAwLzA5L3htbGRzaWcjc2hhMSIgLz4NCiAgICAgICAgICA8ZHM6RGln
59
+ ZXN0VmFsdWU+NVVmdy9lUlMwVHpIbC9vc2pMVCtJOGxlUDZVPTwvZHM6RGlnZXN0
60
+ VmFsdWU+DQogICAgICAgIDwvZHM6UmVmZXJlbmNlPg0KICAgICAgPC9kczpTaWdu
61
+ ZWRJbmZvPg0KICAgICAgPGRzOlNpZ25hdHVyZVZhbHVlPkM0OFpLQ2FwQVdsNHBx
62
+ WlM1ZFhMTmVmdjZSYS9hMXZGSDlGWDZsd3c3RS94VmxtZXFTbHh1WGEra0JicE4r
63
+ RWFzWmJaMGE4blYxTE1oNGN5TER2ajVnVURyYkhvMG1aOVNhRDBZaFhxcnBQY21H
64
+ djVmSGZxZFRtRTVJUUs2MjQ0UkFPdk05MklyYU0vU0hRQ0dROE1hdkhTNSs4Nm11
65
+ MGdkbjVuNWJrcUU1ND08L2RzOlNpZ25hdHVyZVZhbHVlPg0KICAgICAgPGRzOktl
66
+ eUluZm8+DQogICAgICAgIDxkczpYNTA5RGF0YT4NCiAgICAgICAgICA8ZHM6WDUw
67
+ OUNlcnRpZmljYXRlPk1JSUNnVENDQWVvQ0NRQ2JPbHJXRGRYN0ZUQU5CZ2txaGtp
68
+ Rzl3MEJBUVVGQURDQmhERUxNQWtHQTFVRUJoTUNUazh4R0RBV0JnTlZCQWdURDBG
69
+ dVpISmxZWE1nVTI5c1ltVnlaekVNTUFvR0ExVUVCeE1EUm05dk1SQXdEZ1lEVlFR
70
+ S0V3ZFZUa2xPUlZSVU1SZ3dGZ1lEVlFRREV3OW1aV2xrWlM1bGNteGhibWN1Ym04
71
+ eElUQWZCZ2txaGtpRzl3MEJDUUVXRW1GdVpISmxZWE5BZFc1cGJtVjBkQzV1YnpB
72
+ ZUZ3MHdOekEyTVRVeE1qQXhNelZhRncwd056QTRNVFF4TWpBeE16VmFNSUdFTVFz
73
+ d0NRWURWUVFHRXdKT1R6RVlNQllHQTFVRUNCTVBRVzVrY21WaGN5QlRiMnhpWlhK
74
+ bk1Rd3dDZ1lEVlFRSEV3TkdiMjh4RURBT0JnTlZCQW9UQjFWT1NVNUZWRlF4R0RB
75
+ V0JnTlZCQU1URDJabGFXUmxMbVZ5YkdGdVp5NXViekVoTUI4R0NTcUdTSWIzRFFF
76
+ SkFSWVNZVzVrY21WaGMwQjFibWx1WlhSMExtNXZNSUdmTUEwR0NTcUdTSWIzRFFF
77
+ QkFRVUFBNEdOQURDQmlRS0JnUURpdmJoUjdQNTE2eC9TM0JxS3h1cFFlMExPTm9s
78
+ aXVwaUJPZXNDTzNTSGJEcmwzK3E5SWJmbmZtRTA0ck51TWNQc0l4QjE2MVRkRHBJ
79
+ ZXNMQ243YzhhUEhJU0tPdFBsQWVUWlNuYjhRQXU3YVJqWnEzK1BiclA1dVczVGNm
80
+ Q0dQdEtUeXRIT2dlL09sSmJvMDc4ZFZoWFExNGQxRUR3WEpXMXJSWHVVdDRDOFFJ
81
+ REFRQUJNQTBHQ1NxR1NJYjNEUUVCQlFVQUE0R0JBQ0RWZnA4NkhPYnFZK2U4QlVv
82
+ V1E5K1ZNUXgxQVNEb2hCandPc2cyV3lrVXFSWEYrZExmY1VIOWRXUjYzQ3RaSUtG
83
+ RGJTdE5vbVBuUXo3bmJLK29ueWd3QnNwVkVibkh1VWloWnEzWlVkbXVtUXFDdzRV
84
+ dnMvMVV2cTNvck9vL1dKVmhUeXZMZ0ZWSzJRYXJRNC82N09aZkhkN1IrUE9CWGhv
85
+ cGhTTXYxWk9vPC9kczpYNTA5Q2VydGlmaWNhdGU+DQogICAgICAgIDwvZHM6WDUw
86
+ OURhdGE+DQogICAgICA8L2RzOktleUluZm8+DQogICAgPC9kczpTaWduYXR1cmU+
87
+ DQogICAgPG1kOklEUFNTT0Rlc2NyaXB0b3IgcHJvdG9jb2xTdXBwb3J0RW51bWVy
88
+ YXRpb249InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCI+DQog
89
+ ICAgICA8bWQ6S2V5RGVzY3JpcHRvciB1c2U9InNpZ25pbmciPg0KICAgICAgICA8
90
+ ZHM6S2V5SW5mbyB4bWxuczpkcz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94
91
+ bWxkc2lnIyI+DQogICAgICAgICAgPGRzOlg1MDlEYXRhPg0KICAgICAgICAgICAg
92
+ PGRzOlg1MDlDZXJ0aWZpY2F0ZT5NSUlDZ1RDQ0Flb0NDUUNiT2xyV0RkWDdGVEFO
93
+ QmdrcWhraUc5dzBCQVFVRkFEQ0JoREVMTUFrR0ExVUVCaE1DVGs4eEdEQVdCZ05W
94
+ QkFnVEQwRnVaSEpsWVhNZ1UyOXNZbVZ5WnpFTU1Bb0dBMVVFQnhNRFJtOXZNUkF3
95
+ RGdZRFZRUUtFd2RWVGtsT1JWUlVNUmd3RmdZRFZRUURFdzltWldsa1pTNWxjbXho
96
+ Ym1jdWJtOHhJVEFmQmdrcWhraUc5dzBCQ1FFV0VtRnVaSEpsWVhOQWRXNXBibVYw
97
+ ZEM1dWJ6QWVGdzB3TnpBMk1UVXhNakF4TXpWYUZ3MHdOekE0TVRReE1qQXhNelZh
98
+ TUlHRU1Rc3dDUVlEVlFRR0V3Sk9UekVZTUJZR0ExVUVDQk1QUVc1a2NtVmhjeUJU
99
+ YjJ4aVpYSm5NUXd3Q2dZRFZRUUhFd05HYjI4eEVEQU9CZ05WQkFvVEIxVk9TVTVG
100
+ VkZReEdEQVdCZ05WQkFNVEQyWmxhV1JsTG1WeWJHRnVaeTV1YnpFaE1COEdDU3FH
101
+ U0liM0RRRUpBUllTWVc1a2NtVmhjMEIxYm1sdVpYUjBMbTV2TUlHZk1BMEdDU3FH
102
+ U0liM0RRRUJBUVVBQTRHTkFEQ0JpUUtCZ1FEaXZiaFI3UDUxNngvUzNCcUt4dXBR
103
+ ZTBMT05vbGl1cGlCT2VzQ08zU0hiRHJsMytxOUliZm5mbUUwNHJOdU1jUHNJeEIx
104
+ NjFUZERwSWVzTENuN2M4YVBISVNLT3RQbEFlVFpTbmI4UUF1N2FSalpxMytQYnJQ
105
+ NXVXM1RjZkNHUHRLVHl0SE9nZS9PbEpibzA3OGRWaFhRMTRkMUVEd1hKVzFyUlh1
106
+ VXQ0QzhRSURBUUFCTUEwR0NTcUdTSWIzRFFFQkJRVUFBNEdCQUNEVmZwODZIT2Jx
107
+ WStlOEJVb1dROStWTVF4MUFTRG9oQmp3T3NnMld5a1VxUlhGK2RMZmNVSDlkV1I2
108
+ M0N0WklLRkRiU3ROb21QblF6N25iSytvbnlnd0JzcFZFYm5IdVVpaFpxM1pVZG11
109
+ bVFxQ3c0VXZzLzFVdnEzb3JPby9XSlZoVHl2TGdGVksyUWFyUTQvNjdPWmZIZDdS
110
+ K1BPQlhob3BoU012MVpPbzwvZHM6WDUwOUNlcnRpZmljYXRlPg0KICAgICAgICAg
111
+ IDwvZHM6WDUwOURhdGE+DQogICAgICAgIDwvZHM6S2V5SW5mbz4NCiAgICAgIDwv
112
+ bWQ6S2V5RGVzY3JpcHRvcj4NCiAgICAgIDxtZDpLZXlEZXNjcmlwdG9yIHVzZT0i
113
+ ZW5jcnlwdGlvbiI+DQogICAgICAgIDxkczpLZXlJbmZvIHhtbG5zOmRzPSJodHRw
114
+ Oi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjIj4NCiAgICAgICAgICA8ZHM6
115
+ WDUwOURhdGE+DQogICAgICAgICAgICA8ZHM6WDUwOUNlcnRpZmljYXRlPk1JSUNn
116
+ VENDQWVvQ0NRQ2JPbHJXRGRYN0ZUQU5CZ2txaGtpRzl3MEJBUVVGQURDQmhERUxN
117
+ QWtHQTFVRUJoTUNUazh4R0RBV0JnTlZCQWdURDBGdVpISmxZWE1nVTI5c1ltVnla
118
+ ekVNTUFvR0ExVUVCeE1EUm05dk1SQXdEZ1lEVlFRS0V3ZFZUa2xPUlZSVU1SZ3dG
119
+ Z1lEVlFRREV3OW1aV2xrWlM1bGNteGhibWN1Ym04eElUQWZCZ2txaGtpRzl3MEJD
120
+ UUVXRW1GdVpISmxZWE5BZFc1cGJtVjBkQzV1YnpBZUZ3MHdOekEyTVRVeE1qQXhN
121
+ elZhRncwd056QTRNVFF4TWpBeE16VmFNSUdFTVFzd0NRWURWUVFHRXdKT1R6RVlN
122
+ QllHQTFVRUNCTVBRVzVrY21WaGN5QlRiMnhpWlhKbk1Rd3dDZ1lEVlFRSEV3Tkdi
123
+ Mjh4RURBT0JnTlZCQW9UQjFWT1NVNUZWRlF4R0RBV0JnTlZCQU1URDJabGFXUmxM
124
+ bVZ5YkdGdVp5NXViekVoTUI4R0NTcUdTSWIzRFFFSkFSWVNZVzVrY21WaGMwQjFi
125
+ bWx1WlhSMExtNXZNSUdmTUEwR0NTcUdTSWIzRFFFQkFRVUFBNEdOQURDQmlRS0Jn
126
+ UURpdmJoUjdQNTE2eC9TM0JxS3h1cFFlMExPTm9saXVwaUJPZXNDTzNTSGJEcmwz
127
+ K3E5SWJmbmZtRTA0ck51TWNQc0l4QjE2MVRkRHBJZXNMQ243YzhhUEhJU0tPdFBs
128
+ QWVUWlNuYjhRQXU3YVJqWnEzK1BiclA1dVczVGNmQ0dQdEtUeXRIT2dlL09sSmJv
129
+ MDc4ZFZoWFExNGQxRUR3WEpXMXJSWHVVdDRDOFFJREFRQUJNQTBHQ1NxR1NJYjNE
130
+ UUVCQlFVQUE0R0JBQ0RWZnA4NkhPYnFZK2U4QlVvV1E5K1ZNUXgxQVNEb2hCandP
131
+ c2cyV3lrVXFSWEYrZExmY1VIOWRXUjYzQ3RaSUtGRGJTdE5vbVBuUXo3bmJLK29u
132
+ eWd3QnNwVkVibkh1VWloWnEzWlVkbXVtUXFDdzRVdnMvMVV2cTNvck9vL1dKVmhU
133
+ eXZMZ0ZWSzJRYXJRNC82N09aZkhkN1IrUE9CWGhvcGhTTXYxWk9vPC9kczpYNTA5
134
+ Q2VydGlmaWNhdGU+DQogICAgICAgICAgPC9kczpYNTA5RGF0YT4NCiAgICAgICAg
135
+ PC9kczpLZXlJbmZvPg0KICAgICAgPC9tZDpLZXlEZXNjcmlwdG9yPg0KICAgICAg
136
+ PG1kOlNpbmdsZUxvZ291dFNlcnZpY2UgQmluZGluZz0idXJuOm9hc2lzOm5hbWVz
137
+ OnRjOlNBTUw6Mi4wOmJpbmRpbmdzOkhUVFAtUmVkaXJlY3QiIExvY2F0aW9uPSJo
138
+ dHRwczovL2lkcC9zaW1wbGVzYW1sL3NhbWwyL2lkcC9TaW5nbGVMb2dvdXRTZXJ2
139
+ aWNlLnBocCIgLz4NCiAgICAgIDxtZDpOYW1lSURGb3JtYXQ+dXJuOm9hc2lzOm5h
140
+ bWVzOnRjOlNBTUw6Mi4wOm5hbWVpZC1mb3JtYXQ6dHJhbnNpZW50PC9tZDpOYW1l
141
+ SURGb3JtYXQ+DQogICAgICA8bWQ6U2luZ2xlU2lnbk9uU2VydmljZSBCaW5kaW5n
142
+ PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YmluZGluZ3M6SFRUUC1SZWRp
143
+ cmVjdCIgTG9jYXRpb249Imh0dHBzOi8vaWRwL3NpbXBsZXNhbWwvc2FtbDIvaWRw
144
+ L1NTT1NlcnZpY2UucGhwIiAvPg0KICAgIDwvbWQ6SURQU1NPRGVzY3JpcHRvcj4N
145
+ CiAgICA8bWQ6Q29udGFjdFBlcnNvbiBjb250YWN0VHlwZT0idGVjaG5pY2FsIj4N
146
+ CiAgICAgIDxtZDpHaXZlbk5hbWU+QW5kcmVhczwvbWQ6R2l2ZW5OYW1lPg0KICAg
147
+ ICAgPG1kOlN1ck5hbWU+TWF5ZXI8L21kOlN1ck5hbWU+DQogICAgICA8bWQ6RW1h
148
+ aWxBZGRyZXNzPmFuZHJlYXMubWF5ZXJAd3VlcnRoLmNvbTwvbWQ6RW1haWxBZGRy
149
+ ZXNzPg0KICAgIDwvbWQ6Q29udGFjdFBlcnNvbj4NCiAgPC9tZDpFbnRpdHlEZXNj
150
+ cmlwdG9yPg0KPC9zYW1scDpSZXNwb25zZT4=
@@ -0,0 +1,43 @@
1
+ require File.expand_path(File.join(File.dirname(__FILE__), "test_helper"))
2
+
3
+ class SettingsTest < Test::Unit::TestCase
4
+
5
+ context "Settings" do
6
+ setup do
7
+ @settings = Onelogin::Saml::Settings.new
8
+ end
9
+ should "should provide getters and settings" do
10
+ accessors = [
11
+ :assertion_consumer_service_url, :issuer, :sp_name_qualifier,
12
+ :idp_sso_target_url, :idp_cert_fingerprint, :name_identifier_format,
13
+ :idp_slo_target_url, :name_identifier_value, :sessionindex
14
+ ]
15
+
16
+ accessors.each do |accessor|
17
+ value = Kernel.rand
18
+ @settings.send("#{accessor}=".to_sym, value)
19
+ assert_equal value, @settings.send(accessor)
20
+ end
21
+ end
22
+
23
+ should "create settings from hash" do
24
+
25
+ config = {
26
+ :assertion_consumer_service_url => "http://app.muda.no/sso",
27
+ :issuer => "http://muda.no",
28
+ :sp_name_qualifier => "http://sso.muda.no",
29
+ :idp_sso_target_url => "http://sso.muda.no/sso",
30
+ :idp_slo_target_url => "http://sso.muda.no/slo",
31
+ :idp_cert_fingerprint => "00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00",
32
+ :name_identifier_format => "urn:oasis:names:tc:SAML:2.0:nameid-format:transient",
33
+ }
34
+ @settings = Onelogin::Saml::Settings.new(config)
35
+
36
+ config.each do |k,v|
37
+ assert_equal v, @settings.send(k)
38
+ end
39
+ end
40
+
41
+ end
42
+
43
+ end
@@ -0,0 +1,66 @@
1
+ require 'rubygems'
2
+ require 'test/unit'
3
+ require 'shoulda'
4
+ require 'mocha'
5
+ require 'ruby-debug'
6
+
7
+ $LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
8
+ $LOAD_PATH.unshift(File.dirname(__FILE__))
9
+ require 'ruby-saml'
10
+
11
+ ENV["ruby-saml/testing"] = "1"
12
+
13
+ class Test::Unit::TestCase
14
+ def fixture(document, base64 = true)
15
+ response = Dir.glob(File.join(File.dirname(__FILE__), "responses", "#{document}*")).first
16
+ if base64 && response =~ /\.xml$/
17
+ Base64.encode64(File.read(response))
18
+ else
19
+ File.read(response)
20
+ end
21
+ end
22
+
23
+ def response_document
24
+ @response_document ||= File.read(File.join(File.dirname(__FILE__), 'responses', 'response1.xml.base64'))
25
+ end
26
+
27
+ def response_document_2
28
+ @response_document2 ||= File.read(File.join(File.dirname(__FILE__), 'responses', 'response2.xml.base64'))
29
+ end
30
+
31
+ def response_document_3
32
+ @response_document3 ||= File.read(File.join(File.dirname(__FILE__), 'responses', 'response3.xml.base64'))
33
+ end
34
+
35
+ def response_document_4
36
+ @response_document4 ||= File.read(File.join(File.dirname(__FILE__), 'responses', 'response4.xml.base64'))
37
+ end
38
+
39
+ def response_document_5
40
+ @response_document5 ||= File.read(File.join(File.dirname(__FILE__), 'responses', 'response5.xml.base64'))
41
+ end
42
+
43
+ def ampersands_response
44
+ @ampersands_resposne ||= File.read(File.join(File.dirname(__FILE__), 'responses', 'response_with_ampersands.xml.base64'))
45
+ end
46
+
47
+ def response_document_6
48
+ doc = Base64.decode64(response_document)
49
+ doc.gsub!(/NotBefore=\"(\d{4})-(\d{2})-(\d{2})T(\d{2}):(\d{2}):(\d{2})Z\"/, "NotBefore=\"#{(Time.now-300).getutc.strftime("%Y-%m-%dT%XZ")}\"")
50
+ doc.gsub!(/NotOnOrAfter=\"(\d{4})-(\d{2})-(\d{2})T(\d{2}):(\d{2}):(\d{2})Z\"/, "NotOnOrAfter=\"#{(Time.now+300).getutc.strftime("%Y-%m-%dT%XZ")}\"")
51
+ Base64.encode64(doc)
52
+ end
53
+
54
+ def wrapped_response_2
55
+ @wrapped_response_2 ||= File.read(File.join(File.dirname(__FILE__), 'responses', 'wrapped_response_2.xml.base64'))
56
+ end
57
+
58
+ def signature_fingerprint_1
59
+ @signature_fingerprint1 ||= "C5:19:85:D9:47:F1:BE:57:08:20:25:05:08:46:EB:27:F6:CA:B7:83"
60
+ end
61
+
62
+ def signature_1
63
+ @signature1 ||= File.read(File.join(File.dirname(__FILE__), 'certificates', 'certificate1'))
64
+ end
65
+
66
+ end
@@ -0,0 +1,123 @@
1
+ require 'test_helper'
2
+ require 'xml_security'
3
+
4
+ class XmlSecurityTest < Test::Unit::TestCase
5
+ include XMLSecurity
6
+
7
+ context "XmlSecurity" do
8
+ setup do
9
+ @document = XMLSecurity::SignedDocument.new(Base64.decode64(response_document))
10
+ @base64cert = @document.elements["//ds:X509Certificate"].text
11
+ end
12
+
13
+ should "should run validate without throwing NS related exceptions" do
14
+ assert !@document.validate_doc(@base64cert, true)
15
+ end
16
+
17
+ should "should run validate with throwing NS related exceptions" do
18
+ assert_raise(Onelogin::Saml::ValidationError) do
19
+ @document.validate_doc(@base64cert, false)
20
+ end
21
+ end
22
+
23
+ should "not raise an error when softly validating the document multiple times" do
24
+ assert_nothing_raised do
25
+ 2.times { @document.validate_doc(@base64cert, true) }
26
+ end
27
+ end
28
+
29
+ should "should raise Fingerprint mismatch" do
30
+ exception = assert_raise(Onelogin::Saml::ValidationError) do
31
+ @document.validate("no:fi:ng:er:pr:in:t", false)
32
+ end
33
+ assert_equal("Fingerprint mismatch", exception.message)
34
+ end
35
+
36
+ should "should raise Digest mismatch" do
37
+ exception = assert_raise(Onelogin::Saml::ValidationError) do
38
+ @document.validate_doc(@base64cert, false)
39
+ end
40
+ assert_equal("Digest mismatch", exception.message)
41
+ end
42
+
43
+ should "should raise Key validation error" do
44
+ response = Base64.decode64(response_document)
45
+ response.sub!("<ds:DigestValue>pJQ7MS/ek4KRRWGmv/H43ReHYMs=</ds:DigestValue>",
46
+ "<ds:DigestValue>b9xsAXLsynugg3Wc1CI3kpWku+0=</ds:DigestValue>")
47
+ document = XMLSecurity::SignedDocument.new(response)
48
+ base64cert = document.elements["//ds:X509Certificate"].text
49
+ exception = assert_raise(Onelogin::Saml::ValidationError) do
50
+ document.validate_doc(base64cert, false)
51
+ end
52
+ assert_equal("Key validation error", exception.message)
53
+ end
54
+ end
55
+
56
+ context "Algorithms" do
57
+ should "validate using SHA1" do
58
+ @document = XMLSecurity::SignedDocument.new(fixture(:adfs_response_sha1, false))
59
+ assert @document.validate("F1:3C:6B:80:90:5A:03:0E:6C:91:3E:5D:15:FA:DD:B0:16:45:48:72")
60
+ end
61
+
62
+ should "validate using SHA256" do
63
+ @document = XMLSecurity::SignedDocument.new(fixture(:adfs_response_sha256, false))
64
+ assert @document.validate("28:74:9B:E8:1F:E8:10:9C:A8:7C:A9:C3:E3:C5:01:6C:92:1C:B4:BA")
65
+ end
66
+
67
+ should "validate using SHA384" do
68
+ @document = XMLSecurity::SignedDocument.new(fixture(:adfs_response_sha384, false))
69
+ assert @document.validate("F1:3C:6B:80:90:5A:03:0E:6C:91:3E:5D:15:FA:DD:B0:16:45:48:72")
70
+ end
71
+
72
+ should "validate using SHA512" do
73
+ @document = XMLSecurity::SignedDocument.new(fixture(:adfs_response_sha512, false))
74
+ assert @document.validate("F1:3C:6B:80:90:5A:03:0E:6C:91:3E:5D:15:FA:DD:B0:16:45:48:72")
75
+ end
76
+ end
77
+
78
+ context "XmlSecurity::SignedDocument" do
79
+
80
+ context "#extract_inclusive_namespaces" do
81
+ should "support explicit namespace resolution for exclusive canonicalization" do
82
+ response = fixture(:open_saml_response, false)
83
+ document = XMLSecurity::SignedDocument.new(response)
84
+ inclusive_namespaces = document.send(:extract_inclusive_namespaces)
85
+
86
+ assert_equal %w[ xs ], inclusive_namespaces
87
+ end
88
+
89
+ should "support implicit namespace resolution for exclusive canonicalization" do
90
+ response = fixture(:no_signature_ns, false)
91
+ document = XMLSecurity::SignedDocument.new(response)
92
+ inclusive_namespaces = document.send(:extract_inclusive_namespaces)
93
+
94
+ assert_equal %w[ #default saml ds xs xsi ], inclusive_namespaces
95
+ end
96
+
97
+ should_eventually 'support inclusive canonicalization' do
98
+
99
+ response = Onelogin::Saml::Response.new(fixture("tdnf_response.xml"))
100
+ response.stubs(:conditions).returns(nil)
101
+ assert !response.is_valid?
102
+ settings = Onelogin::Saml::Settings.new
103
+ assert !response.is_valid?
104
+ response.settings = settings
105
+ assert !response.is_valid?
106
+ settings.idp_cert_fingerprint = "e6 38 9a 20 b7 4f 13 db 6a bc b1 42 6a e7 52 1d d6 56 d4 1b".upcase.gsub(" ", ":")
107
+ assert response.validate!
108
+ end
109
+
110
+ should "return an empty list when inclusive namespace element is missing" do
111
+ response = fixture(:no_signature_ns, false)
112
+ response.slice! %r{<InclusiveNamespaces xmlns="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="#default saml ds xs xsi"/>}
113
+
114
+ document = XMLSecurity::SignedDocument.new(response)
115
+ inclusive_namespaces = document.send(:extract_inclusive_namespaces)
116
+
117
+ assert inclusive_namespaces.empty?
118
+ end
119
+ end
120
+
121
+ end
122
+
123
+ end
metadata ADDED
@@ -0,0 +1,155 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: ruby-saml-federazione-trentina
3
+ version: !ruby/object:Gem::Version
4
+ hash: 29
5
+ prerelease:
6
+ segments:
7
+ - 0
8
+ - 0
9
+ - 1
10
+ version: 0.0.1
11
+ platform: ruby
12
+ authors:
13
+ - Fabiano Pavan
14
+ autorequire:
15
+ bindir: bin
16
+ cert_chain: []
17
+
18
+ date: 2013-01-17 00:00:00 Z
19
+ dependencies:
20
+ - !ruby/object:Gem::Dependency
21
+ name: canonix
22
+ prerelease: false
23
+ requirement: &id001 !ruby/object:Gem::Requirement
24
+ none: false
25
+ requirements:
26
+ - - "="
27
+ - !ruby/object:Gem::Version
28
+ hash: 25
29
+ segments:
30
+ - 0
31
+ - 1
32
+ - 1
33
+ version: 0.1.1
34
+ type: :runtime
35
+ version_requirements: *id001
36
+ - !ruby/object:Gem::Dependency
37
+ name: uuid
38
+ prerelease: false
39
+ requirement: &id002 !ruby/object:Gem::Requirement
40
+ none: false
41
+ requirements:
42
+ - - ~>
43
+ - !ruby/object:Gem::Version
44
+ hash: 5
45
+ segments:
46
+ - 2
47
+ - 3
48
+ version: "2.3"
49
+ type: :runtime
50
+ version_requirements: *id002
51
+ - !ruby/object:Gem::Dependency
52
+ name: nokogiri
53
+ prerelease: false
54
+ requirement: &id003 !ruby/object:Gem::Requirement
55
+ none: false
56
+ requirements:
57
+ - - ">="
58
+ - !ruby/object:Gem::Version
59
+ hash: 3
60
+ segments:
61
+ - 0
62
+ version: "0"
63
+ type: :runtime
64
+ version_requirements: *id003
65
+ description: "SAML toolkit for Ruby programs to integrate with federazione PAT trentina "
66
+ email: fabiano.pavan@soluzionipa.it
67
+ executables: []
68
+
69
+ extensions: []
70
+
71
+ extra_rdoc_files: []
72
+
73
+ files:
74
+ - .document
75
+ - .gitignore
76
+ - .travis.yml
77
+ - Gemfile
78
+ - LICENSE
79
+ - README.md
80
+ - Rakefile
81
+ - lib/onelogin/ruby-saml/authrequest.rb
82
+ - lib/onelogin/ruby-saml/coding.rb
83
+ - lib/onelogin/ruby-saml/logging.rb
84
+ - lib/onelogin/ruby-saml/logout_request.rb
85
+ - lib/onelogin/ruby-saml/logout_response.rb
86
+ - lib/onelogin/ruby-saml/metadata.rb
87
+ - lib/onelogin/ruby-saml/request.rb
88
+ - lib/onelogin/ruby-saml/response.rb
89
+ - lib/onelogin/ruby-saml/settings.rb
90
+ - lib/onelogin/ruby-saml/validation_error.rb
91
+ - lib/onelogin/ruby-saml/version.rb
92
+ - lib/ruby-saml.rb
93
+ - lib/schemas/saml20assertion_schema.xsd
94
+ - lib/schemas/saml20protocol_schema.xsd
95
+ - lib/schemas/xenc_schema.xsd
96
+ - lib/schemas/xmldsig_schema.xsd
97
+ - lib/xml_security.rb
98
+ - ruby-saml.gemspec
99
+ - test/certificates/certificate1
100
+ - test/logoutrequest_test.rb
101
+ - test/request_test.rb
102
+ - test/response_test.rb
103
+ - test/responses/adfs_response_sha1.xml
104
+ - test/responses/adfs_response_sha256.xml
105
+ - test/responses/adfs_response_sha384.xml
106
+ - test/responses/adfs_response_sha512.xml
107
+ - test/responses/no_signature_ns.xml
108
+ - test/responses/open_saml_response.xml
109
+ - test/responses/response1.xml.base64
110
+ - test/responses/response2.xml.base64
111
+ - test/responses/response3.xml.base64
112
+ - test/responses/response4.xml.base64
113
+ - test/responses/response5.xml.base64
114
+ - test/responses/response_with_ampersands.xml
115
+ - test/responses/response_with_ampersands.xml.base64
116
+ - test/responses/simple_saml_php.xml
117
+ - test/responses/wrapped_response_2.xml.base64
118
+ - test/settings_test.rb
119
+ - test/test_helper.rb
120
+ - test/xml_security_test.rb
121
+ homepage: https://github.com/fabianopavan/ruby-saml
122
+ licenses: []
123
+
124
+ post_install_message:
125
+ rdoc_options:
126
+ - --charset=UTF-8
127
+ require_paths:
128
+ - lib
129
+ required_ruby_version: !ruby/object:Gem::Requirement
130
+ none: false
131
+ requirements:
132
+ - - ">="
133
+ - !ruby/object:Gem::Version
134
+ hash: 3
135
+ segments:
136
+ - 0
137
+ version: "0"
138
+ required_rubygems_version: !ruby/object:Gem::Requirement
139
+ none: false
140
+ requirements:
141
+ - - ">="
142
+ - !ruby/object:Gem::Version
143
+ hash: 3
144
+ segments:
145
+ - 0
146
+ version: "0"
147
+ requirements: []
148
+
149
+ rubyforge_project:
150
+ rubygems_version: 1.8.24
151
+ signing_key:
152
+ specification_version: 3
153
+ summary: SAML Ruby Tookit
154
+ test_files: []
155
+