RubyGems - ruby-saml-mod - Versions diffs - 0.2.0 → 0.2.1 - Mend

ruby-saml-mod 0.2.0 → 0.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

checksums.yaml +4 -4
data/lib/onelogin/saml/auth_request.rb +44 -38
data/spec/response_spec.rb +4 -4
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: c9b8339af98b853334c4cd343eff1454a9ed537a
-  data.tar.gz: 7702ec985b556013a1d812f646e415ec16cfe58f
+  metadata.gz: 70a7eb538a2bbed9d2269ccf27a1ae560a40734c
+  data.tar.gz: dca9f7dd1a7e5e7d3a7e8967af606b3688144c09
 SHA512:
-  metadata.gz: 1e1accc268ecc2fad5023f99552d8c2a53cca7ddd548092236534bcb0d6016ec51a40d0960b8706afceacd9fe5ecfeb204751985f0b15c90e78e1bbaeeb5cade
-  data.tar.gz: 868e76914f77d9766ebc31449b9262c28dd689a4ea815ed23c6269ada3a0e4422ec2941e73c87bfd3e9d53671ee0e5c0c1f6b58ab2151ba969cee116a3599f7d
+  metadata.gz: 1be665813508c314582bebac318758085c74ca7fd3621c58e6df191df83639981eb48fa3b3d6cbad8047765962abddd6fb920a8b8d0f9062d2075293f1ba8d87
+  data.tar.gz: a9d34492f6c2e8feb08a1bccccb2a53545c88ef336bc1cfb8345fff663ccbee7857bc338970d233877a8b295b44d03779b5f5cadcdeaa2655b5af57acb24e134

data/lib/onelogin/saml/auth_request.rb CHANGED Viewed

@@ -1,47 +1,53 @@
-module Onelogin::Saml
-  class AuthRequest < BaseAssertion
-    attr_accessor :requested_authn_context,
-                  :assertion_consumer_service_url,
-                  :name_identifier_format
-    def self.parse(raw_assertion, settings = nil)
-      raise NotImplementedError
+ module Onelogin::Saml
+  class AuthRequest
+    attr_reader :settings, :id, :request_xml, :forward_url
+    def initialize(settings)
+      @settings = settings
     end
-    def self.generate(settings)
-      super(settings, {
-        destination: settings.idp_sso_target_url,
-        requested_authn_context: settings.requested_authn_context,
-        assertion_consumer_service_url: Array(settings.assertion_consumer_service_url).first,
-        name_identifier_format: settings.name_identifier_format
-      })
+    def self.create(settings)
+      ar = AuthRequest.new(settings)
+      ar.generate_request
     end
+    def generate_request
+      @id = Onelogin::Saml::AuthRequest.generate_unique_id(42)
+      issue_instant = Onelogin::Saml::AuthRequest.get_timestamp
-    def generate
-      if self.requested_authn_context
-        xml = <<-XML
-          <samlp:RequestedAuthnContext Comparison="exact">
-            <saml:AuthnContextClassRef>#{self.requested_authn_context}</saml:AuthnContextClassRef>
-          </samlp:RequestedAuthnContext>
-        XML
+      @request_xml =
+        "<samlp:AuthnRequest xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\" ID=\"#{@id}\" Version=\"2.0\" IssueInstant=\"#{issue_instant}\" ProtocolBinding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\" AssertionConsumerServiceURL=\"#{Array(settings.assertion_consumer_service_url).first}\">" +
+        "<saml:Issuer xmlns:saml=\"urn:oasis:names:tc:SAML:2.0:assertion\">#{@settings.issuer}</saml:Issuer>\n" +
+        "<samlp:NameIDPolicy xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\" Format=\"#{@settings.name_identifier_format}\" AllowCreate=\"true\"></samlp:NameIDPolicy>\n"
+      if @settings.requested_authn_context
+        @request_xml += "<samlp:RequestedAuthnContext xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\" Comparison=\"exact\">"
+        @request_xml += "<saml:AuthnContextClassRef xmlns:saml=\"urn:oasis:names:tc:SAML:2.0:assertion\">#{@settings.requested_authn_context}</saml:AuthnContextClassRef>"
+        @request_xml += "</samlp:RequestedAuthnContext>\n"
       end
+      @request_xml += "</samlp:AuthnRequest>"
-      <<-XML
-        <samlp:AuthnRequest
-          xmlns:samlp="#{Onelogin::NAMESPACES['samlp']}"
-          xmlns:saml="#{Onelogin::NAMESPACES['saml']}"
-          ID="#{self.id}"
-          Version="2.0"
-          ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
-          AssertionConsumerServiceURL=\"#{self.assertion_consumer_service_url}\"
-          IssueInstant="#{self.issue_instant}">
-          <saml:Issuer>#{self.issuer}</saml:Issuer>
-          <samlp:NameIDPolicy Format="#{self.name_identifier_format}" AllowCreate="true"></samlp:NameIDPolicy>
+      deflated_request  = Zlib::Deflate.deflate(@request_xml, 9)[2..-5]
+      base64_request    = Base64.strict_encode64(deflated_request)
+      encoded_request   = CGI.escape(base64_request)
-          #{xml}
-        </samlp:AuthnRequest>
-      XML
+      @forward_url = @settings.idp_sso_target_url + (@settings.idp_sso_target_url.include?("?") ? "&" : "?") + "SAMLRequest=" + encoded_request
+    end
+    private
+    def self.generate_unique_id(length)
+      chars = ("a".."f").to_a + ("0".."9").to_a
+      chars_len = chars.size
+      unique_id = ("a".."f").to_a[rand(6)]
+      2.upto(length) { |i| unique_id << chars[rand(chars_len)] }
+      unique_id
+    end
+    def self.get_timestamp
+      Time.new.utc.strftime("%Y-%m-%dT%H:%M:%SZ")
     end
   end
 end

data/spec/response_spec.rb CHANGED Viewed

@@ -164,9 +164,9 @@ describe Onelogin::Saml::Response do
         :idp_slo_target_url => "http://example.com/logout.php"
       )
-      request = Onelogin::Saml::AuthRequest::generate(settings)
+      forward_url = Onelogin::Saml::AuthRequest::create(settings)
       prefix = "http://example.com/login.php?SAMLRequest="
-      expect(request.forward_url[0...prefix.size]).to eql(prefix)
+      expect(forward_url[0...prefix.size]).to eql(prefix)
       request = Onelogin::Saml::LogoutRequest::generate(name_qualifier, name_id, session_index, settings)
       prefix = "http://example.com/logout.php?SAMLRequest="
@@ -181,9 +181,9 @@ describe Onelogin::Saml::Response do
         :idp_slo_target_url => "http://example.com/logout.php?param=foo"
       )
-      request = Onelogin::Saml::AuthRequest::generate(settings)
+      forward_url = Onelogin::Saml::AuthRequest::create(settings)
       prefix = "http://example.com/login.php?param=foo&SAMLRequest="
-      expect(request.forward_url[0...prefix.size]).to eql(prefix)
+      expect(forward_url[0...prefix.size]).to eql(prefix)
       request = Onelogin::Saml::LogoutRequest::generate(name_qualifier, name_id, session_index, settings)
       prefix = "http://example.com/logout.php?param=foo&SAMLRequest="

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: ruby-saml-mod
 version: !ruby/object:Gem::Version
-  version: 0.2.0
+  version: 0.2.1
 platform: ruby
 authors:
 - OneLogin LLC
@@ -14,7 +14,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2014-10-31 00:00:00.000000000 Z
+date: 2014-11-06 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: libxml-ruby