RubyGems - ruby-saml - Versions diffs - 0.2.1 → 0.2.2 - Mend

ruby-saml 0.2.1 → 0.2.2

Potentially problematic release.

This version of ruby-saml might be problematic. Click here for more details.

Files changed (7) hide show

data/.gitignore +5 -0
data/VERSION +1 -1
data/lib/onelogin/saml/response.rb +1 -2
data/lib/{xml_sec.rb → xml_security.rb} +23 -23
data/ruby-saml.gemspec +23 -19
data/test/xml_security_test.rb +16 -0
metadata +10 -7

data/.gitignore ADDED Viewed

@@ -0,0 +1,5 @@
+*.sw?
+.DS_Store
+coverage
+rdoc
+pkg

data/VERSION CHANGED Viewed

	@@ -1 +1 @@
1	- 0.2.1
1	+ 0.2.2

data/lib/onelogin/saml/response.rb CHANGED Viewed

@@ -1,5 +1,4 @@
-require "rexml/document"
-require "xml_sec"
+require "xml_security"
 require "time"
 module Onelogin::Saml

data/lib/{xml_sec.rb → xml_security.rb} RENAMED Viewed

@@ -28,7 +28,7 @@ require "rexml/xpath"
 require "openssl"
 require "xmlcanonicalizer"
 require "digest/sha1"
 module XMLSecurity
   class SignedDocument < REXML::Document
@@ -38,54 +38,54 @@ module XMLSecurity
       base64_cert             = self.elements["//ds:X509Certificate"].text
       cert_text               = Base64.decode64(base64_cert)
       cert                    = OpenSSL::X509::Certificate.new(cert_text)
       # check cert matches registered idp cert
       fingerprint             = Digest::SHA1.hexdigest(cert.to_der)
       valid_flag              = fingerprint == idp_cert_fingerprint.gsub(":", "").downcase
-      return valid_flag if !valid_flag
+      return valid_flag if !valid_flag
       validate_doc(base64_cert, logger)
     end
     def validate_doc(base64_cert, logger)
       # validate references
       # remove signature node
-      sig_element = XPath.first(self, "//ds:Signature", {"ds"=>"http://www.w3.org/2000/09/xmldsig#"})
+      sig_element = REXML::XPath.first(self, "//ds:Signature", {"ds"=>"http://www.w3.org/2000/09/xmldsig#"})
       sig_element.remove
       #check digests
-      XPath.each(sig_element, "//ds:Reference", {"ds"=>"http://www.w3.org/2000/09/xmldsig#"}) do | ref |
+      REXML::XPath.each(sig_element, "//ds:Reference", {"ds"=>"http://www.w3.org/2000/09/xmldsig#"}) do | ref |
         uri                   = ref.attributes.get_attribute("URI").value
-        hashed_element        = XPath.first(self, "//[@ID='#{uri[1,uri.size]}']")
+        hashed_element        = REXML::XPath.first(self, "//[@ID='#{uri[1,uri.size]}']")
         canoner               = XML::Util::XmlCanonicalizer.new(false, true)
         canon_hashed_element  = canoner.canonicalize(hashed_element)
         hash                  = Base64.encode64(Digest::SHA1.digest(canon_hashed_element)).chomp
-        digest_value          = XPath.first(ref, "//ds:DigestValue", {"ds"=>"http://www.w3.org/2000/09/xmldsig#"}).text
-        valid_flag            = hash == digest_value
+        digest_value          = REXML::XPath.first(ref, "//ds:DigestValue", {"ds"=>"http://www.w3.org/2000/09/xmldsig#"}).text
+        valid_flag            = hash == digest_value
         return valid_flag if !valid_flag
       end
       # verify signature
       canoner                 = XML::Util::XmlCanonicalizer.new(false, true)
-      signed_info_element     = XPath.first(sig_element, "//ds:SignedInfo", {"ds"=>"http://www.w3.org/2000/09/xmldsig#"})
+      signed_info_element     = REXML::XPath.first(sig_element, "//ds:SignedInfo", {"ds"=>"http://www.w3.org/2000/09/xmldsig#"})
       canon_string            = canoner.canonicalize(signed_info_element)
-      base64_signature        = XPath.first(sig_element, "//ds:SignatureValue", {"ds"=>"http://www.w3.org/2000/09/xmldsig#"}).text
+      base64_signature        = REXML::XPath.first(sig_element, "//ds:SignatureValue", {"ds"=>"http://www.w3.org/2000/09/xmldsig#"}).text
       signature               = Base64.decode64(base64_signature)
       # get certificate object
       cert_text               = Base64.decode64(base64_cert)
       cert                    = OpenSSL::X509::Certificate.new(cert_text)
       valid_flag              = cert.public_key.verify(OpenSSL::Digest::SHA1.new, signature, canon_string)
       return valid_flag
     end
   end
 end

data/ruby-saml.gemspec CHANGED Viewed

@@ -1,45 +1,49 @@
 # Generated by jeweler
 # DO NOT EDIT THIS FILE DIRECTLY
-# Instead, edit Jeweler::Tasks in Rakefile, and run 'rake gemspec'
+# Instead, edit Jeweler::Tasks in Rakefile, and run the gemspec command
 # -*- encoding: utf-8 -*-
 Gem::Specification.new do |s|
   s.name = %q{ruby-saml}
-  s.version = "0.2.1"
+  s.version = "0.2.2"
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.authors = ["OneLogin LLC"]
-  s.date = %q{2010-12-01}
+  s.date = %q{2011-02-01}
   s.description = %q{SAML toolkit for Ruby on Rails}
   s.email = %q{support@onelogin.com}
   s.extra_rdoc_files = [
     "LICENSE",
-    "README.rdoc"
+     "README.rdoc"
   ]
   s.files = [
     ".document",
-    "LICENSE",
-    "README.rdoc",
-    "Rakefile",
-    "VERSION",
-    "lib/onelogin/saml.rb",
-    "lib/onelogin/saml/authrequest.rb",
-    "lib/onelogin/saml/response.rb",
-    "lib/onelogin/saml/settings.rb",
-    "lib/ruby-saml.rb",
-    "lib/xml_sec.rb",
-    "ruby-saml.gemspec",
-    "test/response.txt",
-    "test/ruby-saml_test.rb",
-    "test/test_helper.rb"
+     ".gitignore",
+     "LICENSE",
+     "README.rdoc",
+     "Rakefile",
+     "VERSION",
+     "lib/onelogin/saml.rb",
+     "lib/onelogin/saml/authrequest.rb",
+     "lib/onelogin/saml/response.rb",
+     "lib/onelogin/saml/settings.rb",
+     "lib/ruby-saml.rb",
+     "lib/xml_security.rb",
+     "ruby-saml.gemspec",
+     "test/response.txt",
+     "test/ruby-saml_test.rb",
+     "test/test_helper.rb",
+     "test/xml_security_test.rb"
   ]
   s.homepage = %q{http://github.com/onelogin/ruby-saml}
+  s.rdoc_options = ["--charset=UTF-8"]
   s.require_paths = ["lib"]
   s.rubygems_version = %q{1.3.7}
   s.summary = %q{SAML Ruby Tookit}
   s.test_files = [
     "test/ruby-saml_test.rb",
-    "test/test_helper.rb"
+     "test/test_helper.rb",
+     "test/xml_security_test.rb"
   ]
   if s.respond_to? :specification_version then

data/test/xml_security_test.rb ADDED Viewed

@@ -0,0 +1,16 @@
+require 'test_helper'
+require 'xml_security'
+class XmlSecurityTest < Test::Unit::TestCase
+  include XMLSecurity
+  context "XmlSecurity" do
+    setup do
+      @document = XMLSecurity::SignedDocument.new(Base64.decode64(response_document))
+    end
+    should "should provide getters and settings" do
+      base64cert = @document.elements["//ds:X509Certificate"].text
+      @document.validate_doc(base64cert, nil)
+    end
+  end
+end

metadata CHANGED Viewed

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification
 name: ruby-saml
 version: !ruby/object:Gem::Version
-  hash: 21
+  hash: 19
   prerelease: false
   segments:
   - 0
   - 2
-  - 1
-  version: 0.2.1
+  - 2
+  version: 0.2.2
 platform: ruby
 authors:
 - OneLogin LLC
@@ -15,7 +15,7 @@ autorequire:
 bindir: bin
 cert_chain: []
-date: 2010-12-01 00:00:00 -06:00
+date: 2011-02-01 00:00:00 +01:00
 default_executable:
 dependencies:
 - !ruby/object:Gem::Dependency
@@ -89,6 +89,7 @@ extra_rdoc_files:
 - README.rdoc
 files:
 - .document
+- .gitignore
 - LICENSE
 - README.rdoc
 - Rakefile
@@ -98,18 +99,19 @@ files:
 - lib/onelogin/saml/response.rb
 - lib/onelogin/saml/settings.rb
 - lib/ruby-saml.rb
-- lib/xml_sec.rb
+- lib/xml_security.rb
 - ruby-saml.gemspec
 - test/response.txt
 - test/ruby-saml_test.rb
 - test/test_helper.rb
+- test/xml_security_test.rb
 has_rdoc: true
 homepage: http://github.com/onelogin/ruby-saml
 licenses: []
 post_install_message:
-rdoc_options: []
+rdoc_options:
+- --charset=UTF-8
 require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
@@ -140,3 +142,4 @@ summary: SAML Ruby Tookit
 test_files:
 - test/ruby-saml_test.rb
 - test/test_helper.rb
+- test/xml_security_test.rb