ruby-saml-for-portal 0.4.1 → 0.4.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. checksums.yaml +15 -0
  2. data/lib/onelogin/saml/response.rb +30 -12
  3. data/lib/xml_security.rb +15 -17
  4. data/ruby-saml-for-portal.gemspec +10 -10
  5. metadata +90 -118
checksums.yaml ADDED
@@ -0,0 +1,15 @@
1
+ ---
2
+ !binary "U0hBMQ==":
3
+ metadata.gz: !binary |-
4
+ ZWFhMGZhZTM2NWU1ZWZkN2RkODY2NjBjNjRhZDk4NDVlZTNmMzQzYw==
5
+ data.tar.gz: !binary |-
6
+ MGEyYmZmZjU1NDJhMGNiMTAxYmQxYjMyMGI3NmVhZTlmODNiZmIwMg==
7
+ SHA512:
8
+ metadata.gz: !binary |-
9
+ ZjY2MGQyNmEyYjY1YTlhZWQwYmQzYjAwZmYzOTFlMjE5MGQ3Y2Q1OWZkMTlm
10
+ OTY3NDU2OGI1N2U1YmIyNWMzZjIyOTc3ZjFmMmU1MjMzYmUzMGJmODA5MjYz
11
+ N2EwZDZmZjFlMWY1NzkzNTJkYzdkNTQyZmYxZTQ4OTEwMWIwMmI=
12
+ data.tar.gz: !binary |-
13
+ MjQ5MjlmYjdmMmViZTlhZmEwMjc1MWQyMzYzNDY2ZTNhYzAzYWNjMTYzYjQ2
14
+ ZjdlYzAyNzJjMmE3OGI3MWZjNjg2NDk2MTA5ZTA2YzAyZDQ3OTNlNmQ4MTI0
15
+ NTU2YzQxOGIzM2Y5ODBkMjUyNTZmY2M3NjM0MWE3OGYyMzc5ZTI=
data/lib/onelogin/saml/response.rb CHANGED
@@ -25,27 +25,45 @@ module Onelogin::Saml
25
25
 
26
26
  # The value of the user identifier as designated by the initialization request response
27
27
  def name_id
28
- @name_id ||= document.elements["saml2:Assertion/saml2:Subject/saml2:NameID"].text
28
+ @name_id ||= document.elements['saml2:Assertion/saml2:Subject/saml2:NameID'].text
29
29
  end
30
30
 
31
31
  def session_index
32
- @session_index ||= document.elements["saml2:Assertion/saml2:AuthnStatement"].attributes["SessionIndex"]
32
+ @session_index ||= document.elements['saml2:Assertion/saml2:AuthnStatement'].attributes['SessionIndex']
33
33
  end
34
34
 
35
35
  # A hash of attributes and values
36
36
  def attributes
37
37
  result = {}
38
- document.elements.each("saml2:Assertion/saml2:AttributeStatement/saml2:Attribute") do |element|
39
- attr_value = element.elements.first.text
40
- # for array
41
- unless element.elements.first.elements.first.nil?
42
- attr_value = element.elements.first.elements.first.elements.map{|v| v.text}
43
- end
44
- result.merge!(element.attributes["FriendlyName"] => attr_value)
45
- end
46
- result.merge!("name_id" => name_id)
47
- result.merge!("session_index" => session_index)
38
+ document.elements.each('saml2:Assertion/saml2:AttributeStatement/saml2:Attribute') do |element|
39
+ name = element.attributes['FriendlyName']
40
+ value = parser(element.elements.first)
41
+ result.merge!(name => value)
42
+ end
43
+
44
+ result.merge!('name_id' => name_id)
45
+ result.merge!('session_index' => session_index)
48
46
  result
49
47
  end
48
+
49
+ def parser(element)
50
+ if element.elements.first.nil?
51
+ return (element.name == 'AttributeValue') ? element.text : { element.name => element.text }
52
+ end
53
+
54
+ value = {}
55
+
56
+ element.elements.each do |e|
57
+ v = e.elements.first.nil? ? e.text : parser(e)
58
+
59
+ if value.has_key?(e.name)
60
+ value[e.name] = [value[e.name], v].flatten
61
+ else
62
+ value[e.name] = v
63
+ end
64
+ end
65
+
66
+ value
67
+ end
50
68
  end
51
69
  end
data/lib/xml_security.rb CHANGED
@@ -82,8 +82,8 @@ module XMLSecurity
82
82
 
83
83
  if validate_doc(base64_cert, logger)
84
84
  return true
85
- # elsif private_key
86
- # return decode(private_key)
85
+ elsif private_key
86
+ return decode(private_key)
87
87
  else
88
88
  return false
89
89
  end
@@ -97,22 +97,20 @@ module XMLSecurity
97
97
  return false unless sig_element
98
98
  sig_element.remove
99
99
 
100
- #временно выключили проверку дайджеста
101
-
102
100
  # #check digests
103
- # REXML::XPath.each(sig_element, "//ds:Reference", {"ds"=>"http://www.w3.org/2000/09/xmldsig#"}) do | ref |
104
- #
105
- # uri = ref.attributes.get_attribute("URI").value
106
- # hashed_element = REXML::XPath.first(self, "//[@ID='#{uri[1,uri.size]}']")
107
- # canoner = XML::Util::XmlCanonicalizer.new(false, true)
108
- # canon_hashed_element = canoner.canonicalize(hashed_element)
109
- # hash = Base64.encode64(Digest::SHA1.digest(canon_hashed_element)).chomp
110
- # digest_value = REXML::XPath.first(ref, "//ds:DigestValue", {"ds"=>"http://www.w3.org/2000/09/xmldsig#"}).text
111
- #
112
- # valid_flag = hash == digest_value
113
- #
114
- # return valid_flag if !valid_flag
115
- # end
101
+ REXML::XPath.each(sig_element, "//ds:Reference", {"ds"=>"http://www.w3.org/2000/09/xmldsig#"}) do | ref |
102
+
103
+ uri = ref.attributes.get_attribute("URI").value
104
+ hashed_element = REXML::XPath.first(self, "//[@ID='#{uri[1,uri.size]}']")
105
+ canoner = XML::Util::XmlCanonicalizer.new(false, true)
106
+ canon_hashed_element = canoner.canonicalize(hashed_element)
107
+ hash = Base64.encode64(Digest::SHA1.digest(canon_hashed_element)).chomp
108
+ digest_value = REXML::XPath.first(ref, "//ds:DigestValue", {"ds"=>"http://www.w3.org/2000/09/xmldsig#"}).text
109
+
110
+ valid_flag = hash == digest_value
111
+
112
+ return valid_flag if !valid_flag
113
+ end
116
114
 
117
115
  # verify signature
118
116
  canoner = XML::Util::XmlCanonicalizer.new(false, true)
data/ruby-saml-for-portal.gemspec CHANGED
@@ -5,7 +5,7 @@
5
5
 
6
6
  Gem::Specification.new do |s|
7
7
  s.name = %q{ruby-saml-for-portal}
8
- s.version = "0.4.1"
8
+ s.version = "0.4.2"
9
9
 
10
10
  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
11
11
  s.authors = ["OneLogin LLC"]
@@ -56,24 +56,24 @@ Gem::Specification.new do |s|
56
56
  s.specification_version = 3
57
57
 
58
58
  if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
59
- s.add_runtime_dependency(%q<xmlcanonicalizer>, ["~> 0.1.1"])
60
- s.add_runtime_dependency(%q<uuid>, ["~> 2.3.3"])
61
- s.add_runtime_dependency(%q<systemu>, ["~> 2.2.0"])
59
+ s.add_runtime_dependency(%q<xmlcanonicalizer>, ["~> 0.1.2"])
60
+ s.add_runtime_dependency(%q<uuid>, ["~> 2.3.7"])
61
+ s.add_runtime_dependency(%q<systemu>, ["~> 2.5.2"])
62
62
  s.add_runtime_dependency(%q<rsa>, ["~> 0.1.4"])
63
63
  s.add_development_dependency(%q<shoulda>, [">= 0"])
64
64
  s.add_development_dependency(%q<mocha>, [">= 0"])
65
65
  else
66
- s.add_dependency(%q<xmlcanonicalizer>, ["~> 0.1.1"])
67
- s.add_dependency(%q<uuid>, ["~> 2.3.3"])
68
- s.add_dependency(%q<systemu>, ["~> 2.2.0"])
66
+ s.add_dependency(%q<xmlcanonicalizer>, ["~> 0.1.2"])
67
+ s.add_dependency(%q<uuid>, ["~> 2.3.7"])
68
+ s.add_dependency(%q<systemu>, ["~> 2.5.2"])
69
69
  s.add_dependency(%q<rsa>, ["~> 0.1.4"])
70
70
  s.add_dependency(%q<shoulda>, [">= 0"])
71
71
  s.add_dependency(%q<mocha>, [">= 0"])
72
72
  end
73
73
  else
74
- s.add_dependency(%q<xmlcanonicalizer>, ["~> 0.1.1"])
75
- s.add_dependency(%q<uuid>, ["~> 2.3.3"])
76
- s.add_dependency(%q<systemu>, ["~> 2.2.0"])
74
+ s.add_dependency(%q<xmlcanonicalizer>, ["~> 0.1.2"])
75
+ s.add_dependency(%q<uuid>, ["~> 2.3.7"])
76
+ s.add_dependency(%q<systemu>, ["~> 2.5.2"])
77
77
  s.add_dependency(%q<rsa>, ["~> 0.1.4"])
78
78
  s.add_dependency(%q<shoulda>, [">= 0"])
79
79
  s.add_dependency(%q<mocha>, [">= 0"])
metadata CHANGED
@@ -1,125 +1,107 @@
1
- --- !ruby/object:Gem::Specification
1
+ --- !ruby/object:Gem::Specification
2
2
  name: ruby-saml-for-portal
3
- version: !ruby/object:Gem::Version
4
- hash: 13
5
- prerelease: false
6
- segments:
7
- - 0
8
- - 4
9
- - 1
10
- version: 0.4.1
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.4.2
11
5
  platform: ruby
12
- authors:
6
+ authors:
13
7
  - OneLogin LLC
14
8
  autorequire:
15
9
  bindir: bin
16
10
  cert_chain: []
17
-
18
- date: 2011-03-08 00:00:00 +03:00
19
- default_executable:
20
- dependencies:
21
- - !ruby/object:Gem::Dependency
11
+ date: 2011-03-08 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
22
14
  name: xmlcanonicalizer
23
- prerelease: false
24
- requirement: &id001 !ruby/object:Gem::Requirement
25
- none: false
26
- requirements:
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
27
17
  - - ~>
28
- - !ruby/object:Gem::Version
29
- hash: 25
30
- segments:
31
- - 0
32
- - 1
33
- - 1
34
- version: 0.1.1
18
+ - !ruby/object:Gem::Version
19
+ version: 0.1.2
35
20
  type: :runtime
36
- version_requirements: *id001
37
- - !ruby/object:Gem::Dependency
38
- name: uuid
39
21
  prerelease: false
40
- requirement: &id002 !ruby/object:Gem::Requirement
41
- none: false
42
- requirements:
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - ~>
25
+ - !ruby/object:Gem::Version
26
+ version: 0.1.2
27
+ - !ruby/object:Gem::Dependency
28
+ name: uuid
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
43
31
  - - ~>
44
- - !ruby/object:Gem::Version
45
- hash: 5
46
- segments:
47
- - 2
48
- - 3
49
- - 3
50
- version: 2.3.3
32
+ - !ruby/object:Gem::Version
33
+ version: 2.3.7
51
34
  type: :runtime
52
- version_requirements: *id002
53
- - !ruby/object:Gem::Dependency
54
- name: systemu
55
35
  prerelease: false
56
- requirement: &id003 !ruby/object:Gem::Requirement
57
- none: false
58
- requirements:
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - ~>
39
+ - !ruby/object:Gem::Version
40
+ version: 2.3.7
41
+ - !ruby/object:Gem::Dependency
42
+ name: systemu
43
+ requirement: !ruby/object:Gem::Requirement
44
+ requirements:
59
45
  - - ~>
60
- - !ruby/object:Gem::Version
61
- hash: 7
62
- segments:
63
- - 2
64
- - 2
65
- - 0
66
- version: 2.2.0
46
+ - !ruby/object:Gem::Version
47
+ version: 2.5.2
67
48
  type: :runtime
68
- version_requirements: *id003
69
- - !ruby/object:Gem::Dependency
70
- name: rsa
71
49
  prerelease: false
72
- requirement: &id004 !ruby/object:Gem::Requirement
73
- none: false
74
- requirements:
50
+ version_requirements: !ruby/object:Gem::Requirement
51
+ requirements:
75
52
  - - ~>
76
- - !ruby/object:Gem::Version
77
- hash: 19
78
- segments:
79
- - 0
80
- - 1
81
- - 4
53
+ - !ruby/object:Gem::Version
54
+ version: 2.5.2
55
+ - !ruby/object:Gem::Dependency
56
+ name: rsa
57
+ requirement: !ruby/object:Gem::Requirement
58
+ requirements:
59
+ - - ~>
60
+ - !ruby/object:Gem::Version
82
61
  version: 0.1.4
83
62
  type: :runtime
84
- version_requirements: *id004
85
- - !ruby/object:Gem::Dependency
86
- name: shoulda
87
63
  prerelease: false
88
- requirement: &id005 !ruby/object:Gem::Requirement
89
- none: false
90
- requirements:
91
- - - ">="
92
- - !ruby/object:Gem::Version
93
- hash: 3
94
- segments:
95
- - 0
96
- version: "0"
64
+ version_requirements: !ruby/object:Gem::Requirement
65
+ requirements:
66
+ - - ~>
67
+ - !ruby/object:Gem::Version
68
+ version: 0.1.4
69
+ - !ruby/object:Gem::Dependency
70
+ name: shoulda
71
+ requirement: !ruby/object:Gem::Requirement
72
+ requirements:
73
+ - - ! '>='
74
+ - !ruby/object:Gem::Version
75
+ version: '0'
97
76
  type: :development
98
- version_requirements: *id005
99
- - !ruby/object:Gem::Dependency
100
- name: mocha
101
77
  prerelease: false
102
- requirement: &id006 !ruby/object:Gem::Requirement
103
- none: false
104
- requirements:
105
- - - ">="
106
- - !ruby/object:Gem::Version
107
- hash: 3
108
- segments:
109
- - 0
110
- version: "0"
78
+ version_requirements: !ruby/object:Gem::Requirement
79
+ requirements:
80
+ - - ! '>='
81
+ - !ruby/object:Gem::Version
82
+ version: '0'
83
+ - !ruby/object:Gem::Dependency
84
+ name: mocha
85
+ requirement: !ruby/object:Gem::Requirement
86
+ requirements:
87
+ - - ! '>='
88
+ - !ruby/object:Gem::Version
89
+ version: '0'
111
90
  type: :development
112
- version_requirements: *id006
91
+ prerelease: false
92
+ version_requirements: !ruby/object:Gem::Requirement
93
+ requirements:
94
+ - - ! '>='
95
+ - !ruby/object:Gem::Version
96
+ version: '0'
113
97
  description: SAML toolkit for Ruby on Rails
114
98
  email: support@onelogin.com
115
99
  executables: []
116
-
117
100
  extensions: []
118
-
119
- extra_rdoc_files:
101
+ extra_rdoc_files:
120
102
  - LICENSE
121
103
  - README.rdoc
122
- files:
104
+ files:
123
105
  - LICENSE
124
106
  - README.rdoc
125
107
  - Rakefile
@@ -142,41 +124,31 @@ files:
142
124
  - spec/idp_logout_request_spec.rb
143
125
  - spec/spec_helper.rb
144
126
  - spec/xml_security_spec.rb
145
- has_rdoc: true
146
127
  homepage: http://github.com/onelogin/ruby-saml
147
128
  licenses: []
148
-
129
+ metadata: {}
149
130
  post_install_message:
150
- rdoc_options:
131
+ rdoc_options:
151
132
  - --charset=UTF-8
152
- require_paths:
133
+ require_paths:
153
134
  - lib
154
- required_ruby_version: !ruby/object:Gem::Requirement
155
- none: false
156
- requirements:
157
- - - ">="
158
- - !ruby/object:Gem::Version
159
- hash: 3
160
- segments:
161
- - 0
162
- version: "0"
163
- required_rubygems_version: !ruby/object:Gem::Requirement
164
- none: false
165
- requirements:
166
- - - ">="
167
- - !ruby/object:Gem::Version
168
- hash: 3
169
- segments:
170
- - 0
171
- version: "0"
135
+ required_ruby_version: !ruby/object:Gem::Requirement
136
+ requirements:
137
+ - - ! '>='
138
+ - !ruby/object:Gem::Version
139
+ version: '0'
140
+ required_rubygems_version: !ruby/object:Gem::Requirement
141
+ requirements:
142
+ - - ! '>='
143
+ - !ruby/object:Gem::Version
144
+ version: '0'
172
145
  requirements: []
173
-
174
146
  rubyforge_project:
175
- rubygems_version: 1.3.7
147
+ rubygems_version: 2.1.5
176
148
  signing_key:
177
149
  specification_version: 3
178
150
  summary: SAML Ruby Tookit
179
- test_files:
151
+ test_files:
180
152
  - test/ruby-saml_test.rb
181
153
  - test/test_helper.rb
182
154
  - test/xml_security_test.rb