ruby-saml-for-portal 0.4.1 → 0.4.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. checksums.yaml +15 -0
  2. data/lib/onelogin/saml/response.rb +30 -12
  3. data/lib/xml_security.rb +15 -17
  4. data/ruby-saml-for-portal.gemspec +10 -10
  5. metadata +90 -118
checksums.yaml ADDED
@@ -0,0 +1,15 @@
1
+ ---
2
+ !binary "U0hBMQ==":
3
+ metadata.gz: !binary |-
4
+ ZWFhMGZhZTM2NWU1ZWZkN2RkODY2NjBjNjRhZDk4NDVlZTNmMzQzYw==
5
+ data.tar.gz: !binary |-
6
+ MGEyYmZmZjU1NDJhMGNiMTAxYmQxYjMyMGI3NmVhZTlmODNiZmIwMg==
7
+ SHA512:
8
+ metadata.gz: !binary |-
9
+ ZjY2MGQyNmEyYjY1YTlhZWQwYmQzYjAwZmYzOTFlMjE5MGQ3Y2Q1OWZkMTlm
10
+ OTY3NDU2OGI1N2U1YmIyNWMzZjIyOTc3ZjFmMmU1MjMzYmUzMGJmODA5MjYz
11
+ N2EwZDZmZjFlMWY1NzkzNTJkYzdkNTQyZmYxZTQ4OTEwMWIwMmI=
12
+ data.tar.gz: !binary |-
13
+ MjQ5MjlmYjdmMmViZTlhZmEwMjc1MWQyMzYzNDY2ZTNhYzAzYWNjMTYzYjQ2
14
+ ZjdlYzAyNzJjMmE3OGI3MWZjNjg2NDk2MTA5ZTA2YzAyZDQ3OTNlNmQ4MTI0
15
+ NTU2YzQxOGIzM2Y5ODBkMjUyNTZmY2M3NjM0MWE3OGYyMzc5ZTI=
data/lib/onelogin/saml/response.rb CHANGED
@@ -25,27 +25,45 @@ module Onelogin::Saml
25
25
 
26
26
  # The value of the user identifier as designated by the initialization request response
27
27
  def name_id
28
- @name_id ||= document.elements["saml2:Assertion/saml2:Subject/saml2:NameID"].text
28
+ @name_id ||= document.elements['saml2:Assertion/saml2:Subject/saml2:NameID'].text
29
29
  end
30
30
 
31
31
  def session_index
32
- @session_index ||= document.elements["saml2:Assertion/saml2:AuthnStatement"].attributes["SessionIndex"]
32
+ @session_index ||= document.elements['saml2:Assertion/saml2:AuthnStatement'].attributes['SessionIndex']
33
33
  end
34
34
 
35
35
  # A hash of attributes and values
36
36
  def attributes
37
37
  result = {}
38
- document.elements.each("saml2:Assertion/saml2:AttributeStatement/saml2:Attribute") do |element|
39
- attr_value = element.elements.first.text
40
- # for array
41
- unless element.elements.first.elements.first.nil?
42
- attr_value = element.elements.first.elements.first.elements.map{|v| v.text}
43
- end
44
- result.merge!(element.attributes["FriendlyName"] => attr_value)
45
- end
46
- result.merge!("name_id" => name_id)
47
- result.merge!("session_index" => session_index)
38
+ document.elements.each('saml2:Assertion/saml2:AttributeStatement/saml2:Attribute') do |element|
39
+ name = element.attributes['FriendlyName']
40
+ value = parser(element.elements.first)
41
+ result.merge!(name => value)
42
+ end
43
+
44
+ result.merge!('name_id' => name_id)
45
+ result.merge!('session_index' => session_index)
48
46
  result
49
47
  end
48
+
49
+ def parser(element)
50
+ if element.elements.first.nil?
51
+ return (element.name == 'AttributeValue') ? element.text : { element.name => element.text }
52
+ end
53
+
54
+ value = {}
55
+
56
+ element.elements.each do |e|
57
+ v = e.elements.first.nil? ? e.text : parser(e)
58
+
59
+ if value.has_key?(e.name)
60
+ value[e.name] = [value[e.name], v].flatten
61
+ else
62
+ value[e.name] = v
63
+ end
64
+ end
65
+
66
+ value
67
+ end
50
68
  end
51
69
  end
data/lib/xml_security.rb CHANGED
@@ -82,8 +82,8 @@ module XMLSecurity
82
82
 
83
83
  if validate_doc(base64_cert, logger)
84
84
  return true
85
- # elsif private_key
86
- # return decode(private_key)
85
+ elsif private_key
86
+ return decode(private_key)
87
87
  else
88
88
  return false
89
89
  end
@@ -97,22 +97,20 @@ module XMLSecurity
97
97
  return false unless sig_element
98
98
  sig_element.remove
99
99
 
100
- #временно выключили проверку дайджеста
101
-
102
100
  # #check digests
103
- # REXML::XPath.each(sig_element, "//ds:Reference", {"ds"=>"http://www.w3.org/2000/09/xmldsig#"}) do | ref |
104
- #
105
- # uri = ref.attributes.get_attribute("URI").value
106
- # hashed_element = REXML::XPath.first(self, "//[@ID='#{uri[1,uri.size]}']")
107
- # canoner = XML::Util::XmlCanonicalizer.new(false, true)
108
- # canon_hashed_element = canoner.canonicalize(hashed_element)
109
- # hash = Base64.encode64(Digest::SHA1.digest(canon_hashed_element)).chomp
110
- # digest_value = REXML::XPath.first(ref, "//ds:DigestValue", {"ds"=>"http://www.w3.org/2000/09/xmldsig#"}).text
111
- #
112
- # valid_flag = hash == digest_value
113
- #
114
- # return valid_flag if !valid_flag
115
- # end
101
+ REXML::XPath.each(sig_element, "//ds:Reference", {"ds"=>"http://www.w3.org/2000/09/xmldsig#"}) do | ref |
102
+
103
+ uri = ref.attributes.get_attribute("URI").value
104
+ hashed_element = REXML::XPath.first(self, "//[@ID='#{uri[1,uri.size]}']")
105
+ canoner = XML::Util::XmlCanonicalizer.new(false, true)
106
+ canon_hashed_element = canoner.canonicalize(hashed_element)
107
+ hash = Base64.encode64(Digest::SHA1.digest(canon_hashed_element)).chomp
108
+ digest_value = REXML::XPath.first(ref, "//ds:DigestValue", {"ds"=>"http://www.w3.org/2000/09/xmldsig#"}).text
109
+
110
+ valid_flag = hash == digest_value
111
+
112
+ return valid_flag if !valid_flag
113
+ end
116
114
 
117
115
  # verify signature
118
116
  canoner = XML::Util::XmlCanonicalizer.new(false, true)
data/ruby-saml-for-portal.gemspec CHANGED
@@ -5,7 +5,7 @@
5
5
 
6
6
  Gem::Specification.new do |s|
7
7
  s.name = %q{ruby-saml-for-portal}
8
- s.version = "0.4.1"
8
+ s.version = "0.4.2"
9
9
 
10
10
  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
11
11
  s.authors = ["OneLogin LLC"]
@@ -56,24 +56,24 @@ Gem::Specification.new do |s|
56
56
  s.specification_version = 3
57
57
 
58
58
  if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
59
- s.add_runtime_dependency(%q<xmlcanonicalizer>, ["~> 0.1.1"])
60
- s.add_runtime_dependency(%q<uuid>, ["~> 2.3.3"])
61
- s.add_runtime_dependency(%q<systemu>, ["~> 2.2.0"])
59
+ s.add_runtime_dependency(%q<xmlcanonicalizer>, ["~> 0.1.2"])
60
+ s.add_runtime_dependency(%q<uuid>, ["~> 2.3.7"])
61
+ s.add_runtime_dependency(%q<systemu>, ["~> 2.5.2"])
62
62
  s.add_runtime_dependency(%q<rsa>, ["~> 0.1.4"])
63
63
  s.add_development_dependency(%q<shoulda>, [">= 0"])
64
64
  s.add_development_dependency(%q<mocha>, [">= 0"])
65
65
  else
66
- s.add_dependency(%q<xmlcanonicalizer>, ["~> 0.1.1"])
67
- s.add_dependency(%q<uuid>, ["~> 2.3.3"])
68
- s.add_dependency(%q<systemu>, ["~> 2.2.0"])
66
+ s.add_dependency(%q<xmlcanonicalizer>, ["~> 0.1.2"])
67
+ s.add_dependency(%q<uuid>, ["~> 2.3.7"])
68
+ s.add_dependency(%q<systemu>, ["~> 2.5.2"])
69
69
  s.add_dependency(%q<rsa>, ["~> 0.1.4"])
70
70
  s.add_dependency(%q<shoulda>, [">= 0"])
71
71
  s.add_dependency(%q<mocha>, [">= 0"])
72
72
  end
73
73
  else
74
- s.add_dependency(%q<xmlcanonicalizer>, ["~> 0.1.1"])
75
- s.add_dependency(%q<uuid>, ["~> 2.3.3"])
76
- s.add_dependency(%q<systemu>, ["~> 2.2.0"])
74
+ s.add_dependency(%q<xmlcanonicalizer>, ["~> 0.1.2"])
75
+ s.add_dependency(%q<uuid>, ["~> 2.3.7"])
76
+ s.add_dependency(%q<systemu>, ["~> 2.5.2"])
77
77
  s.add_dependency(%q<rsa>, ["~> 0.1.4"])
78
78
  s.add_dependency(%q<shoulda>, [">= 0"])
79
79
  s.add_dependency(%q<mocha>, [">= 0"])
metadata CHANGED
@@ -1,125 +1,107 @@
1
- --- !ruby/object:Gem::Specification
1
+ --- !ruby/object:Gem::Specification
2
2
  name: ruby-saml-for-portal
3
- version: !ruby/object:Gem::Version
4
- hash: 13
5
- prerelease: false
6
- segments:
7
- - 0
8
- - 4
9
- - 1
10
- version: 0.4.1
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.4.2
11
5
  platform: ruby
12
- authors:
6
+ authors:
13
7
  - OneLogin LLC
14
8
  autorequire:
15
9
  bindir: bin
16
10
  cert_chain: []
17
-
18
- date: 2011-03-08 00:00:00 +03:00
19
- default_executable:
20
- dependencies:
21
- - !ruby/object:Gem::Dependency
11
+ date: 2011-03-08 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
22
14
  name: xmlcanonicalizer
23
- prerelease: false
24
- requirement: &id001 !ruby/object:Gem::Requirement
25
- none: false
26
- requirements:
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
27
17
  - - ~>
28
- - !ruby/object:Gem::Version
29
- hash: 25
30
- segments:
31
- - 0
32
- - 1
33
- - 1
34
- version: 0.1.1
18
+ - !ruby/object:Gem::Version
19
+ version: 0.1.2
35
20
  type: :runtime
36
- version_requirements: *id001
37
- - !ruby/object:Gem::Dependency
38
- name: uuid
39
21
  prerelease: false
40
- requirement: &id002 !ruby/object:Gem::Requirement
41
- none: false
42
- requirements:
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - ~>
25
+ - !ruby/object:Gem::Version
26
+ version: 0.1.2
27
+ - !ruby/object:Gem::Dependency
28
+ name: uuid
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
43
31
  - - ~>
44
- - !ruby/object:Gem::Version
45
- hash: 5
46
- segments:
47
- - 2
48
- - 3
49
- - 3
50
- version: 2.3.3
32
+ - !ruby/object:Gem::Version
33
+ version: 2.3.7
51
34
  type: :runtime
52
- version_requirements: *id002
53
- - !ruby/object:Gem::Dependency
54
- name: systemu
55
35
  prerelease: false
56
- requirement: &id003 !ruby/object:Gem::Requirement
57
- none: false
58
- requirements:
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - ~>
39
+ - !ruby/object:Gem::Version
40
+ version: 2.3.7
41
+ - !ruby/object:Gem::Dependency
42
+ name: systemu
43
+ requirement: !ruby/object:Gem::Requirement
44
+ requirements:
59
45
  - - ~>
60
- - !ruby/object:Gem::Version
61
- hash: 7
62
- segments:
63
- - 2
64
- - 2
65
- - 0
66
- version: 2.2.0
46
+ - !ruby/object:Gem::Version
47
+ version: 2.5.2
67
48
  type: :runtime
68
- version_requirements: *id003
69
- - !ruby/object:Gem::Dependency
70
- name: rsa
71
49
  prerelease: false
72
- requirement: &id004 !ruby/object:Gem::Requirement
73
- none: false
74
- requirements:
50
+ version_requirements: !ruby/object:Gem::Requirement
51
+ requirements:
75
52
  - - ~>
76
- - !ruby/object:Gem::Version
77
- hash: 19
78
- segments:
79
- - 0
80
- - 1
81
- - 4
53
+ - !ruby/object:Gem::Version
54
+ version: 2.5.2
55
+ - !ruby/object:Gem::Dependency
56
+ name: rsa
57
+ requirement: !ruby/object:Gem::Requirement
58
+ requirements:
59
+ - - ~>
60
+ - !ruby/object:Gem::Version
82
61
  version: 0.1.4
83
62
  type: :runtime
84
- version_requirements: *id004
85
- - !ruby/object:Gem::Dependency
86
- name: shoulda
87
63
  prerelease: false
88
- requirement: &id005 !ruby/object:Gem::Requirement
89
- none: false
90
- requirements:
91
- - - ">="
92
- - !ruby/object:Gem::Version
93
- hash: 3
94
- segments:
95
- - 0
96
- version: "0"
64
+ version_requirements: !ruby/object:Gem::Requirement
65
+ requirements:
66
+ - - ~>
67
+ - !ruby/object:Gem::Version
68
+ version: 0.1.4
69
+ - !ruby/object:Gem::Dependency
70
+ name: shoulda
71
+ requirement: !ruby/object:Gem::Requirement
72
+ requirements:
73
+ - - ! '>='
74
+ - !ruby/object:Gem::Version
75
+ version: '0'
97
76
  type: :development
98
- version_requirements: *id005
99
- - !ruby/object:Gem::Dependency
100
- name: mocha
101
77
  prerelease: false
102
- requirement: &id006 !ruby/object:Gem::Requirement
103
- none: false
104
- requirements:
105
- - - ">="
106
- - !ruby/object:Gem::Version
107
- hash: 3
108
- segments:
109
- - 0
110
- version: "0"
78
+ version_requirements: !ruby/object:Gem::Requirement
79
+ requirements:
80
+ - - ! '>='
81
+ - !ruby/object:Gem::Version
82
+ version: '0'
83
+ - !ruby/object:Gem::Dependency
84
+ name: mocha
85
+ requirement: !ruby/object:Gem::Requirement
86
+ requirements:
87
+ - - ! '>='
88
+ - !ruby/object:Gem::Version
89
+ version: '0'
111
90
  type: :development
112
- version_requirements: *id006
91
+ prerelease: false
92
+ version_requirements: !ruby/object:Gem::Requirement
93
+ requirements:
94
+ - - ! '>='
95
+ - !ruby/object:Gem::Version
96
+ version: '0'
113
97
  description: SAML toolkit for Ruby on Rails
114
98
  email: support@onelogin.com
115
99
  executables: []
116
-
117
100
  extensions: []
118
-
119
- extra_rdoc_files:
101
+ extra_rdoc_files:
120
102
  - LICENSE
121
103
  - README.rdoc
122
- files:
104
+ files:
123
105
  - LICENSE
124
106
  - README.rdoc
125
107
  - Rakefile
@@ -142,41 +124,31 @@ files:
142
124
  - spec/idp_logout_request_spec.rb
143
125
  - spec/spec_helper.rb
144
126
  - spec/xml_security_spec.rb
145
- has_rdoc: true
146
127
  homepage: http://github.com/onelogin/ruby-saml
147
128
  licenses: []
148
-
129
+ metadata: {}
149
130
  post_install_message:
150
- rdoc_options:
131
+ rdoc_options:
151
132
  - --charset=UTF-8
152
- require_paths:
133
+ require_paths:
153
134
  - lib
154
- required_ruby_version: !ruby/object:Gem::Requirement
155
- none: false
156
- requirements:
157
- - - ">="
158
- - !ruby/object:Gem::Version
159
- hash: 3
160
- segments:
161
- - 0
162
- version: "0"
163
- required_rubygems_version: !ruby/object:Gem::Requirement
164
- none: false
165
- requirements:
166
- - - ">="
167
- - !ruby/object:Gem::Version
168
- hash: 3
169
- segments:
170
- - 0
171
- version: "0"
135
+ required_ruby_version: !ruby/object:Gem::Requirement
136
+ requirements:
137
+ - - ! '>='
138
+ - !ruby/object:Gem::Version
139
+ version: '0'
140
+ required_rubygems_version: !ruby/object:Gem::Requirement
141
+ requirements:
142
+ - - ! '>='
143
+ - !ruby/object:Gem::Version
144
+ version: '0'
172
145
  requirements: []
173
-
174
146
  rubyforge_project:
175
- rubygems_version: 1.3.7
147
+ rubygems_version: 2.1.5
176
148
  signing_key:
177
149
  specification_version: 3
178
150
  summary: SAML Ruby Tookit
179
- test_files:
151
+ test_files:
180
152
  - test/ruby-saml_test.rb
181
153
  - test/test_helper.rb
182
154
  - test/xml_security_test.rb