ruby-saml-idp 0.2.5 → 0.2.6

Sign up to get free protection for your applications and to get access to all the features.
data/README.md CHANGED
@@ -1,8 +1,8 @@
1
- # Ruby SAML IdP [![Build Status](https://secure.travis-ci.org/lawrencepit/ruby-saml-idp.png)](http://travis-ci.org/lawrencepit/ruby-saml-idp?branch=master) [![Dependency Status](https://gemnasium.com/lawrencepit/ruby-saml-idp.png)](https://gemnasium.com/lawrencepit/ruby-saml-idp)
1
+ # Ruby SAML Idendity Provider (IdP) [![Build Status](https://secure.travis-ci.org/lawrencepit/ruby-saml-idp.png)](http://travis-ci.org/lawrencepit/ruby-saml-idp?branch=master) [![Dependency Status](https://gemnasium.com/lawrencepit/ruby-saml-idp.png)](https://gemnasium.com/lawrencepit/ruby-saml-idp)
2
2
 
3
- The Ruby SAML IdP library is for implementing the server side of SAML authentication. It allows your application to act as an IdP (Identity Provider) using the [SAML v2.0](http://en.wikipedia.org/wiki/Security_Assertion_Markup_Language) protocol. It provides a means for managing authentication requests and confirmation responses for SPs (Service Providers).
3
+ The ruby SAML Identity Provider library is for implementing the server side of SAML authentication. It allows your application to act as an IdP (Identity Provider) using the [SAML v2.0](http://en.wikipedia.org/wiki/Security_Assertion_Markup_Language) protocol. It provides a means for managing authentication requests and confirmation responses for SPs (Service Providers).
4
4
 
5
- Setting up a "real" IdP is such an undertaking I didn't care for such an achievement. I wanted something very simple that just works without having to install extra components. In it's current form it's very basic. This is because currently I use it for manual and end-to-end testing purposes only. It is reversed engineered from real-world SAML Responses send by ADFS systems.
5
+ Setting up a "real" IdP is such an undertaking I didn't care for such an achievement. I wanted something very simple that just works without having to install extra components and setup extra infrastructure. In it's current form it's basic. This is because currently I use it for manual and end-to-end testing purposes of the Service Provider side only. It is reversed engineered from real-world SAML Responses sent by ADFS systems.
6
6
 
7
7
 
8
8
  Installation and Usage
@@ -14,7 +14,11 @@ Add this to your Gemfile:
14
14
 
15
15
  ### Not using rails?
16
16
 
17
- Include `SamlIdp::Controller` and see the examples that use rails. It should be straightforward for you. Basically you call `decode_SAMLRequest(params[:SAMLRequest])` and then use the value `saml_acs_url` to determine the source for which you need to authenticate a user. Once a user has successfully authenticated on your system send the Service Provider a SAMLReponse by posting to `saml_acs_url` the parameter `SAMLResponse` with the return value from a call to `encode_SAMLResponse(user_email)`
17
+ Include `SamlIdp::Controller` and see the examples that use rails. It should be straightforward for you.
18
+
19
+ Basically you call `decode_SAMLRequest(params[:SAMLRequest])` on an incoming request and then use the value `saml_acs_url` to determine the source for which you need to authenticate a user. How you authenticate a user is entirely up to you.
20
+
21
+ Once a user has successfully authenticated on your system send the Service Provider a SAMLReponse by posting to `saml_acs_url` the parameter `SAMLResponse` with the return value from a call to `encode_SAMLResponse(user_email)`.
18
22
 
19
23
  ### Using rails?
20
24
 
@@ -56,7 +60,7 @@ end
56
60
  Keys and Secrets
57
61
  ----------------
58
62
 
59
- To generate the SAML Response it uses a default X.509 certificate and secret key... which isn't so secret. You can find them in `SamlIdp::Default`. The X.509 certificate is valid until year 2032. Obviously you shouldn't use these if you intend to use this in production environments. In that case, within the controller set the properties `x509_certificate` and `secret_key` using a `prepend_before_filter` callback within the current request context or set them globally via the `SamlIdp.x509_certificate` and `SamlIdp.secret_key` properties.
63
+ To generate the SAML Response it uses a default X.509 certificate and secret key... which isn't so secret. You can find them in `SamlIdp::Default`. The X.509 certificate is valid until year 2032. Obviously you shouldn't use these if you intend to use this in production environments. In that case, within the controller set the properties `x509_certificate` and `secret_key` using a `prepend_before_filter` callback within the current request context or set them globally via the `SamlIdp.config.x509_certificate` and `SamlIdp.config.secret_key` properties.
60
64
 
61
65
  The fingerprint to use, if you use the default X.509 certificate of this gem, is:
62
66
 
@@ -1,3 +1,4 @@
1
+ # encoding: utf-8
1
2
  module SamlIdp
2
3
  class IdpController < ActionController::Base
3
4
  include SamlIdp::Controller
data/lib/ruby-saml-idp.rb CHANGED
@@ -1,24 +1,18 @@
1
+ # encoding: utf-8
1
2
  module SamlIdp
2
- autoload :Controller, 'saml-idp/controller'
3
- autoload :Default, 'saml-idp/default'
4
- autoload :Engine, 'saml-idp/engine'
5
- autoload :Version, 'saml-idp/version'
3
+ require 'saml-idp/configurator'
4
+ require 'saml-idp/controller'
5
+ require 'saml-idp/default'
6
+ require 'saml-idp/version'
7
+ require 'saml-idp/engine' if defined?(::Rails) && Rails::VERSION::MAJOR > 2
6
8
 
7
- def self.x509_certificate
8
- @@x509_certificate
9
+ def self.config=(config)
10
+ @config = config
9
11
  end
10
- def self.x509_certificate=(x509_certificate)
11
- @@x509_certificate = x509_certificate
12
- end
13
- @@x509_certificate = Default::X509_CERTIFICATE
14
12
 
15
- def self.secret_key
16
- @@secret_key
17
- end
18
- def self.secret_key=(secret_key)
19
- @@secret_key = secret_key
13
+ def self.config
14
+ @config ||= SamlIdp::Configurator.new
20
15
  end
21
- @@secret_key = Default::SECRET_KEY
22
16
 
23
17
  end
24
18
 
@@ -0,0 +1,12 @@
1
+ # encoding: utf-8
2
+ module SamlIdp
3
+ class Configurator
4
+ attr_accessor :x509_certificate, :secret_key
5
+
6
+ def initialize(config_file = nil)
7
+ self.x509_certificate = Default::X509_CERTIFICATE
8
+ self.secret_key = Default::SECRET_KEY
9
+ instance_eval(File.read(config_file), config_file) if config_file
10
+ end
11
+ end
12
+ end
@@ -1,24 +1,21 @@
1
- require 'openssl'
2
- require 'base64'
3
- require 'time'
4
-
1
+ # encoding: utf-8
5
2
  module SamlIdp
6
3
  module Controller
4
+ require 'openssl'
5
+ require 'base64'
6
+ require 'time'
7
7
 
8
8
  attr_accessor :x509_certificate, :secret_key
9
-
10
- def saml_acs_url
11
- @saml_acs_url
12
- end
9
+ attr_accessor :saml_acs_url
13
10
 
14
11
  def x509_certificate
15
12
  return @x509_certificate if defined?(@x509_certificate)
16
- @x509_certificate = SamlIdp.x509_certificate
13
+ @x509_certificate = SamlIdp.config.x509_certificate
17
14
  end
18
15
 
19
16
  def secret_key
20
17
  return @secret_key if defined?(@secret_key)
21
- @secret_key = SamlIdp.secret_key
18
+ @secret_key = SamlIdp.config.secret_key
22
19
  end
23
20
 
24
21
  protected
@@ -1,3 +1,4 @@
1
+ # encoding: utf-8
1
2
  module SamlIdp
2
3
  module Default
3
4
 
@@ -1,4 +1,5 @@
1
+ # encoding: utf-8
1
2
  module SamlIdp
2
3
  class Engine < Rails::Engine
3
4
  end
4
- end if defined?(::Rails) && Rails::VERSION::MAJOR > 2
5
+ end
@@ -1,3 +1,4 @@
1
+ # encoding: utf-8
1
2
  module SamlIdp
2
- VERSION = '0.2.5'
3
+ VERSION = '0.2.6'
3
4
  end
@@ -9,8 +9,8 @@ Gem::Specification.new do |s|
9
9
  s.authors = ["Lawrence Pit"]
10
10
  s.email = %q{lawrence.pit@gmail.com}
11
11
  s.homepage = %q{http://github.com/lawrencepit/ruby-saml-idp}
12
- s.summary = %q{SAML IdP in ruby}
13
- s.description = %q{SAML Identity Provider library in ruby}
12
+ s.summary = %q{SAML Indentity Provider in ruby}
13
+ s.description = %q{SAML IdP (Identity Provider) library in ruby}
14
14
  s.date = Time.now.utc.strftime("%Y-%m-%d")
15
15
  s.files = Dir.glob("app/**/*") + Dir.glob("lib/**/*") + [
16
16
  "MIT-LICENSE",
metadata CHANGED
@@ -1,13 +1,13 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: ruby-saml-idp
3
3
  version: !ruby/object:Gem::Version
4
- hash: 29
4
+ hash: 27
5
5
  prerelease:
6
6
  segments:
7
7
  - 0
8
8
  - 2
9
- - 5
10
- version: 0.2.5
9
+ - 6
10
+ version: 0.2.6
11
11
  platform: ruby
12
12
  authors:
13
13
  - Lawrence Pit
@@ -73,7 +73,7 @@ dependencies:
73
73
  version: "0"
74
74
  type: :development
75
75
  version_requirements: *id004
76
- description: SAML Identity Provider library in ruby
76
+ description: SAML IdP (Identity Provider) library in ruby
77
77
  email: lawrence.pit@gmail.com
78
78
  executables: []
79
79
 
@@ -86,6 +86,7 @@ files:
86
86
  - app/views/saml_idp/idp/new.html.erb
87
87
  - app/views/saml_idp/idp/saml_post.html.erb
88
88
  - lib/ruby-saml-idp.rb
89
+ - lib/saml-idp/configurator.rb
89
90
  - lib/saml-idp/controller.rb
90
91
  - lib/saml-idp/default.rb
91
92
  - lib/saml-idp/engine.rb
@@ -128,7 +129,7 @@ rubyforge_project:
128
129
  rubygems_version: 1.8.24
129
130
  signing_key:
130
131
  specification_version: 3
131
- summary: SAML IdP in ruby
132
+ summary: SAML Indentity Provider in ruby
132
133
  test_files:
133
134
  - spec/controller_spec.rb
134
135
  - spec/spec_helper.rb