ruby-saml-mod 0.1.4 → 0.1.5

Sign up to get free protection for your applications and to get access to all the features.
data/lib/onelogin/saml.rb CHANGED
@@ -13,6 +13,7 @@ module Onelogin
13
13
  end
14
14
 
15
15
  require 'onelogin/saml/auth_request'
16
+ require 'onelogin/saml/authn_contexts.rb'
16
17
  require 'onelogin/saml/response'
17
18
  require 'onelogin/saml/settings'
18
19
  require 'onelogin/saml/name_identifiers'
@@ -7,10 +7,15 @@ module Onelogin::Saml
7
7
  request =
8
8
  "<samlp:AuthnRequest xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\" ID=\"#{id}\" Version=\"2.0\" IssueInstant=\"#{issue_instant}\" ProtocolBinding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\" AssertionConsumerServiceURL=\"#{settings.assertion_consumer_service_url}\">" +
9
9
  "<saml:Issuer xmlns:saml=\"urn:oasis:names:tc:SAML:2.0:assertion\">#{settings.issuer}</saml:Issuer>\n" +
10
- "<samlp:NameIDPolicy xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\" Format=\"#{settings.name_identifier_format}\" AllowCreate=\"true\"></samlp:NameIDPolicy>\n" +
11
- "<samlp:RequestedAuthnContext xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\" Comparison=\"exact\">" +
12
- "<saml:AuthnContextClassRef xmlns:saml=\"urn:oasis:names:tc:SAML:2.0:assertion\">urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml:AuthnContextClassRef></samlp:RequestedAuthnContext>\n" +
13
- "</samlp:AuthnRequest>"
10
+ "<samlp:NameIDPolicy xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\" Format=\"#{settings.name_identifier_format}\" AllowCreate=\"true\"></samlp:NameIDPolicy>\n"
11
+
12
+ if settings.requested_authn_context
13
+ request += "<samlp:RequestedAuthnContext xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\" Comparison=\"exact\">"
14
+ request += "<saml:AuthnContextClassRef xmlns:saml=\"urn:oasis:names:tc:SAML:2.0:assertion\">#{settings.requested_authn_context}</saml:AuthnContextClassRef>"
15
+ request += "</samlp:RequestedAuthnContext>\n"
16
+ end
17
+
18
+ request += "</samlp:AuthnRequest>"
14
19
 
15
20
  deflated_request = Zlib::Deflate.deflate(request, 9)[2..-5]
16
21
  base64_request = Base64.encode64(deflated_request)
@@ -0,0 +1,35 @@
1
+ module Onelogin::Saml
2
+ module AuthnContexts
3
+ # see section 3.4 of http://docs.oasis-open.org/security/saml/v2.0/saml-authn-context-2.0-os.pdf
4
+ INTERNET_PROTOCOL = "urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocol"
5
+ INTERNET_PROTOCOL_PASSWORD = "urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword"
6
+ KERBEROS = "urn:oasis:names:tc:SAML:2.0:ac:classes:Kerberos"
7
+ MOBILE_ONE_FACTOR_UNREGISTERED = "urn:oasis:names:tc:SAML:2.0:ac:classes:MobileOneFactorUnregistered"
8
+ MOBILE_TWO_FACTOR_UNREGISTERED = "urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorUnregistered"
9
+ MOBILE_ONE_FACTOR_CONTRACT = "urn:oasis:names:tc:SAML:2.0:ac:classes:MobileOneFactorContract"
10
+ MOBILE_TWO_FACTOR_CONTRACT = "urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract"
11
+ PASSWORD = "urn:oasis:names:tc:SAML:2.0:ac:classes:Password"
12
+ PASSWORD_PROTECTED_TRANSPORT = "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport"
13
+ PREVIOUS_SESSION = "urn:oasis:names:tc:SAML:2.0:ac:classes:PreviousSession"
14
+ X509 = "urn:oasis:names:tc:SAML:2.0:ac:classes:X509"
15
+ PGP = "urn:oasis:names:tc:SAML:2.0:ac:classes:PGP"
16
+ SPKI = "urn:oasis:names:tc:SAML:2.0:ac:classes:SPKI"
17
+ XMLD_SIG = "urn:oasis:names:tc:SAML:2.0:ac:classes:XMLDSig"
18
+ SMARTCARD_PKI = "urn:oasis:names:tc:SAML:2.0:ac:classes:SmartcardPKI"
19
+ SOFTWARE_PKI = "urn:oasis:names:tc:SAML:2.0:ac:classes:SoftwarePKI"
20
+ TELEPHONY = "urn:oasis:names:tc:SAML:2.0:ac:classes:Telephony"
21
+ NOMAD_TELEPHONY = "urn:oasis:names:tc:SAML:2.0:ac:classes:NomadTelephony"
22
+ PERSONAL_TELEPHONY = "urn:oasis:names:tc:SAML:2.0:ac:classes:PersonalTelephony"
23
+ AUTHENTICATED_TELEPHONY = "urn:oasis:names:tc:SAML:2.0:ac:classes:AuthenticatedTelephony"
24
+ SECURE_REMOTE_PASSWORD = "urn:oasis:names:tc:SAML:2.0:ac:classes:SecureRemotePassword"
25
+ TLS_CLIENT = "urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient"
26
+ TIME_SYNC_TOKEN = "urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken"
27
+ UNSPECIFIED = "urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified"
28
+
29
+ ALL_CONTEXTS = [INTERNET_PROTOCOL_PASSWORD, KERBEROS, MOBILE_ONE_FACTOR_UNREGISTERED,
30
+ MOBILE_TWO_FACTOR_UNREGISTERED, MOBILE_ONE_FACTOR_CONTRACT, MOBILE_TWO_FACTOR_CONTRACT,
31
+ PASSWORD, PASSWORD_PROTECTED_TRANSPORT, PREVIOUS_SESSION, X509, PGP, SPKI, XMLD_SIG,
32
+ SMARTCARD_PKI, SOFTWARE_PKI, TELEPHONY, NOMAD_TELEPHONY, PERSONAL_TELEPHONY,
33
+ AUTHENTICATED_TELEPHONY, SECURE_REMOTE_PASSWORD, TLS_CLIENT, TIME_SYNC_TOKEN, UNSPECIFIED]
34
+ end
35
+ end
@@ -36,5 +36,9 @@ module Onelogin::Saml
36
36
  def auth_failure?
37
37
  @status_code == Onelogin::Saml::StatusCodes::AUTHN_FAILED_URI
38
38
  end
39
+
40
+ def no_authn_context?
41
+ @status_code == Onelogin::Saml::StatusCodes::NO_AUTHN_CONTEXT_URI
42
+ end
39
43
  end
40
44
  end
@@ -31,6 +31,9 @@ module Onelogin::Saml
31
31
  # For email: Onelogin::Saml::NameIdentifiers::EMAIL
32
32
  attr_accessor :name_identifier_format
33
33
 
34
+ # The type of authentication requested (see Onelogin::Saml::AuthnContexts)
35
+ attr_accessor :requested_authn_context
36
+
34
37
  ## Attributes for the metadata
35
38
 
36
39
  # The logout url of your application
@@ -1,9 +1,9 @@
1
1
  Gem::Specification.new do |s|
2
2
  s.name = %q{ruby-saml-mod}
3
- s.version = "0.1.4"
3
+ s.version = "0.1.5"
4
4
 
5
5
  s.authors = ["OneLogin LLC", "Bracken", "Zach"]
6
- s.date = %q{2011-11-05}
6
+ s.date = %q{2012-01-26}
7
7
  s.extra_rdoc_files = [
8
8
  "LICENSE"
9
9
  ]
@@ -12,6 +12,7 @@ Gem::Specification.new do |s|
12
12
  "README",
13
13
  "lib/onelogin/saml.rb",
14
14
  "lib/onelogin/saml/auth_request.rb",
15
+ "lib/onelogin/saml/authn_contexts.rb",
15
16
  "lib/onelogin/saml/log_out_request.rb",
16
17
  "lib/onelogin/saml/meta_data.rb",
17
18
  "lib/onelogin/saml/name_identifiers.rb",
metadata CHANGED
@@ -1,12 +1,13 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: ruby-saml-mod
3
3
  version: !ruby/object:Gem::Version
4
- prerelease: false
4
+ hash: 17
5
+ prerelease:
5
6
  segments:
6
7
  - 0
7
8
  - 1
8
- - 4
9
- version: 0.1.4
9
+ - 5
10
+ version: 0.1.5
10
11
  platform: ruby
11
12
  authors:
12
13
  - OneLogin LLC
@@ -16,8 +17,7 @@ autorequire:
16
17
  bindir: bin
17
18
  cert_chain: []
18
19
 
19
- date: 2011-11-05 00:00:00 -06:00
20
- default_executable:
20
+ date: 2012-01-26 00:00:00 Z
21
21
  dependencies: []
22
22
 
23
23
  description: "This is an early fork from https://github.com/onelogin/ruby-saml - I plan to \"rebase\" these changes ontop of their current version eventually. "
@@ -33,6 +33,7 @@ files:
33
33
  - README
34
34
  - lib/onelogin/saml.rb
35
35
  - lib/onelogin/saml/auth_request.rb
36
+ - lib/onelogin/saml/authn_contexts.rb
36
37
  - lib/onelogin/saml/log_out_request.rb
37
38
  - lib/onelogin/saml/meta_data.rb
38
39
  - lib/onelogin/saml/name_identifiers.rb
@@ -41,7 +42,6 @@ files:
41
42
  - lib/onelogin/saml/status_codes.rb
42
43
  - lib/xml_sec.rb
43
44
  - ruby-saml-mod.gemspec
44
- has_rdoc: true
45
45
  homepage: http://github.com/bracken/ruby-saml
46
46
  licenses: []
47
47
 
@@ -51,23 +51,27 @@ rdoc_options: []
51
51
  require_paths:
52
52
  - lib
53
53
  required_ruby_version: !ruby/object:Gem::Requirement
54
+ none: false
54
55
  requirements:
55
56
  - - ">="
56
57
  - !ruby/object:Gem::Version
58
+ hash: 3
57
59
  segments:
58
60
  - 0
59
61
  version: "0"
60
62
  required_rubygems_version: !ruby/object:Gem::Requirement
63
+ none: false
61
64
  requirements:
62
65
  - - ">="
63
66
  - !ruby/object:Gem::Version
67
+ hash: 3
64
68
  segments:
65
69
  - 0
66
70
  version: "0"
67
71
  requirements: []
68
72
 
69
73
  rubyforge_project:
70
- rubygems_version: 1.3.6
74
+ rubygems_version: 1.8.15
71
75
  signing_key:
72
76
  specification_version: 3
73
77
  summary: Ruby library for SAML service providers