ruby-saml 0.5.3 → 0.6.0

data/test/responses/adfs_response_sha512.xml

@@ -0,0 +1,46 @@
+<?xml version="1.0"?>
+<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="_0263a07b-205f-479c-90fc-7495715ecbbf" Version="2.0" IssueInstant="2011-06-22T12:49:30.348Z" Destination="https://someone.example.com/endpoint" Consent="urn:oasis:names:tc:SAML:2.0:consent:unspecified" InResponseTo="_fc4a34b0-7efb-012e-caae-782bcb13bb38">
+  <Issuer xmlns="urn:oasis:names:tc:SAML:2.0:assertion">http://login.example.com/issuer</Issuer>
+  <samlp:Status>
+    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+  </samlp:Status>
+  <Assertion xmlns="urn:oasis:names:tc:SAML:2.0:assertion" ID="_721b4a5a-d7e1-4861-9754-a9b197b6f9ab" IssueInstant="2011-06-22T12:49:30.348Z" Version="2.0">
+    <Issuer>http://login.example.com/issuer</Issuer>
+    <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+      <ds:SignedInfo>
+        <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+        <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
+        <ds:Reference URI="#_721b4a5a-d7e1-4861-9754-a9b197b6f9ab">
+          <ds:Transforms>
+            <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+            <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+          </ds:Transforms>
+          <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
+          <ds:DigestValue>ZiOdC+GEvslNaP+yncB5droDFBwPeK9EjIpQ2LEI+y/3KPtIjGlp+eEQTVROxq3pqxJiNmSHJvtHzxytxzZsew==</ds:DigestValue>
+        </ds:Reference>
+      </ds:SignedInfo>
+      <ds:SignatureValue>JyaWS+PkmpsYZOcjb1Hws3RL1hlyfBY9VeUb7R/5UbeaESpS5Pe2dpfbYWZiOmY/3aYmkv9AEgveVwjddwp+wTQ4jZ91LG8L+ObX1Coq/j0Yj8aXeOBMxdueYmvJQGjHSEn2z0oKypGnbzM5gP/V8Aixa+e1/Kv+A/GcOX1K4SA=</ds:SignatureValue>
+      <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+        <ds:X509Data>
+          <ds:X509Certificate>LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURxekNDQXhTZ0F3SUJBZ0lCQVRBTkJna3Foa2lHOXcwQkFRc0ZBRENCaGpFTE1Ba0dBMVVFQmhNQ1FWVXgKRERBS0JnTlZCQWdUQTA1VFZ6RVBNQTBHQTFVRUJ4TUdVM2xrYm1WNU1Rd3dDZ1lEVlFRS0RBTlFTVlF4Q1RBSApCZ05WQkFzTUFERVlNQllHQTFVRUF3d1BiR0YzY21WdVkyVndhWFF1WTI5dE1TVXdJd1lKS29aSWh2Y05BUWtCCkRCWnNZWGR5Wlc1alpTNXdhWFJBWjIxaGFXd3VZMjl0TUI0WERURXlNRFF4T1RJeU5UUXhPRm9YRFRNeU1EUXgKTkRJeU5UUXhPRm93Z1lZeEN6QUpCZ05WQkFZVEFrRlZNUXd3Q2dZRFZRUUlFd05PVTFjeER6QU5CZ05WQkFjVApCbE41Wkc1bGVURU1NQW9HQTFVRUNnd0RVRWxVTVFrd0J3WURWUVFMREFBeEdEQVdCZ05WQkFNTUQyeGhkM0psCmJtTmxjR2wwTG1OdmJURWxNQ01HQ1NxR1NJYjNEUUVKQVF3V2JHRjNjbVZ1WTJVdWNHbDBRR2R0WVdsc0xtTnYKYlRDQm56QU5CZ2txaGtpRzl3MEJBUUVGQUFPQmpRQXdnWWtDZ1lFQXFqaWUzUjJvaStwRGFldndJeXMvbWJVVApubkdsa3h0ZGlrcnExMXZleHd4SmlQTmhtaHFSVzNtVXVKRXpsbElkVkw2RW14R1lUcXBxZjkzSGxoa3NhZUowCjhVZ2pQOVVtTVlyaFZKdTFqY0ZXVjdmei9yKzIxL2F3VG5EVjlzTVlRcXVJUllZeTdiRzByMU9iaXdkb3ZudGsKN2dGSTA2WjB2WmFjREU1Ym9xVUNBd0VBQWFPQ0FTVXdnZ0VoTUFrR0ExVWRFd1FDTUFBd0N3WURWUjBQQkFRRApBZ1VnTUIwR0ExVWREZ1FXQkJTUk9OOEdKOG8rOGpnRnRqa3R3WmRxeDZCUnlUQVRCZ05WSFNVRUREQUtCZ2dyCkJnRUZCUWNEQVRBZEJnbGdoa2dCaHZoQ0FRMEVFQllPVkdWemRDQllOVEE1SUdObGNuUXdnYk1HQTFVZEl3U0IKcXpDQnFJQVVrVGpmQmlmS1B2STRCYlk1TGNHWGFzZWdVY21oZ1l5a2dZa3dnWVl4Q3pBSkJnTlZCQVlUQWtGVgpNUXd3Q2dZRFZRUUlFd05PVTFjeER6QU5CZ05WQkFjVEJsTjVaRzVsZVRFTU1Bb0dBMVVFQ2d3RFVFbFVNUWt3CkJ3WURWUVFMREFBeEdEQVdCZ05WQkFNTUQyeGhkM0psYm1ObGNHbDBMbU52YlRFbE1DTUdDU3FHU0liM0RRRUoKQVF3V2JHRjNjbVZ1WTJVdWNHbDBRR2R0WVdsc0xtTnZiWUlCQVRBTkJna3Foa2lHOXcwQkFRc0ZBQU9CZ1FDRQpUQWVKVERTQVc2ejFVRlRWN1FyZWg0VUxGT1JhajkrZUN1RjNLV0RIYyswSVFDajlyZG5ERzRRL3dmNy9yYVEwCkpuUFFDU0NkclBMSmV5b1BIN1FhVHdvYUY3ZHpWdzRMQ3N5TkpURld4NGNNNTBWdzZSNWZET2dpQzhic2ZmUzgKQkptb3VscnJaRE5OVmpHOG1XNmNMeHJZdlZRT3JSVmVjQ0ZJZ3NzQ2JBPT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=</ds:X509Certificate>
+        </ds:X509Data>
+      </KeyInfo>
+    </ds:Signature>
+    <Subject>
+      <NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress">hello@example.com</NameID>
+      <SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+        <SubjectConfirmationData InResponseTo="_fc4a34b0-7efb-012e-caae-782bcb13bb38" NotOnOrAfter="2011-06-22T12:54:30.348Z" Recipient="https://someone.example.com/endpoint"/>
+      </SubjectConfirmation>
+    </Subject>
+    <Conditions NotBefore="2011-06-22T12:49:30.332Z" NotOnOrAfter="2011-06-22T13:49:30.332Z">
+      <AudienceRestriction>
+        <Audience>example.com</Audience>
+      </AudienceRestriction>
+    </Conditions>
+    <AuthnStatement AuthnInstant="2011-06-22T12:49:30.112Z" SessionIndex="_721b4a5a-d7e1-4861-9754-a9b197b6f9ab">
+      <AuthnContext>
+        <AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</AuthnContextClassRef>
+      </AuthnContext>
+    </AuthnStatement>
+  </Assertion>
+</samlp:Response>

data/test/responses/no_signature_ns.xml

@@ -0,0 +1,48 @@
+<?xml version="1.0"?>
+<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="_6b02a2b5-496b-4acc-a3c5-c86d0e9a3825" Version="2.0" IssueInstant="2012-04-04T07:33:10.921Z" Destination="https://example.com/endpoint">
+  <saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">idp.example.com</saml:Issuer>
+  <samlp:Status>
+    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+  </samlp:Status>
+  <saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" Version="2.0" ID="_cc084213-c9df-45ef-87a0-263f4da4f79b" IssueInstant="2012-04-04T07:33:10.923Z">
+    <saml:Issuer>idp.myexample.org</saml:Issuer>
+    <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
+      <SignedInfo>
+        <CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+        <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+        <Reference URI="#_cc084213-c9df-45ef-87a0-263f4da4f79b">
+          <Transforms>
+            <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+            <Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
+              <InclusiveNamespaces xmlns="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="#default saml ds xs xsi"/>
+            </Transform>
+          </Transforms>
+          <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+          <DigestValue>WFNjs7vC+IquRrJ7v7Q2YGGa7R0=</DigestValue>
+        </Reference>
+      </SignedInfo>
+      <SignatureValue>MmuXQdjutiuP7soIaB7nk9wSR8OGkmyH5n9aelMTOrV7gTVNDazgQ/GXMmYXTTrhdvGN65duLO0oYdsYGxwNIjlA1lYhoGeBgYuIB/4iKZ6oLSDgjMcQxHkSW1OJ8pIEuUa/3MPUUjaSlTg0me4WRxVdXp34A9Mtlj0DgrK9m0A=</SignatureValue>
+      <KeyInfo>
+        <X509Data>
+      <X509Certificate>LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUQwRENDQXptZ0F3SUJBZ0lCQVRBTkJna3Foa2lHOXcwQkFRVUZBRENCaGpFTE1Ba0dBMVVFQmhNQ1FWVXgKRERBS0JnTlZCQWdUQTA1VFZ6RVBNQTBHQTFVRUJ4TUdVM2xrYm1WNU1Rd3dDZ1lEVlFRS0RBTlFTVlF4Q1RBSApCZ05WQkFzTUFERVlNQllHQTFVRUF3d1BiR0YzY21WdVkyVndhWFF1WTI5dE1TVXdJd1lKS29aSWh2Y05BUWtCCkRCWnNZWGR5Wlc1alpTNXdhWFJBWjIxaGFXd3VZMjl0TUI0WERURXlNRFF4T0RBMU1qVTFPVm9YRFRNeU1EUXgKTXpBMU1qVTFPVm93Z1lZeEN6QUpCZ05WQkFZVEFrRlZNUXd3Q2dZRFZRUUlFd05PVTFjeER6QU5CZ05WQkFjVApCbE41Wkc1bGVURU1NQW9HQTFVRUNnd0RVRWxVTVFrd0J3WURWUVFMREFBeEdEQVdCZ05WQkFNTUQyeGhkM0psCmJtTmxjR2wwTG1OdmJURWxNQ01HQ1NxR1NJYjNEUUVKQVF3V2JHRjNjbVZ1WTJVdWNHbDBRR2R0WVdsc0xtTnYKYlRDQm56QU5CZ2txaGtpRzl3MEJBUUVGQUFPQmpRQXdnWWtDZ1lFQW9mR3p4NFZvQzZDSENYdFJPdkVLSFRzRAppNkFBWCtoVWpiSVloeERsZUxMZUNVemZDaVVXOFkwbTVrWkVKbjJXSmt5Si8wRFdPZmE5b0c1ZUg1eXNKSWpVCnpTUjVkMGJldmJZMEV1OHJDTmh3S001UzdYaXltTzBGc09mcnh6TkJxbVRBblE2VFJYT25nY1BYTitXRWd4cmQKZDVoV1V5ZXh2dkQ2d05McWdVRUNBd0VBQWFPQ0FVb3dnZ0ZHTUFrR0ExVWRFd1FDTUFBd0N3WURWUjBQQkFRRApBZ1VnTUIwR0ExVWREZ1FXQkJRMk1xTFZwRnlyVmNNaGFXMzRHanFkTVF6c3dqQVRCZ05WSFNVRUREQUtCZ2dyCkJnRUZCUWNEQVRCQ0JnbGdoa2dCaHZoQ0FRMEVOUll6VkdWemRDQllOVEE1SUdObGNuUWdZM0psWVhSbFpDQm0KYjNJZ1QyNWxURzluYVc0Z1lua2dUR0YzY21WdVkyVWdVR2wwTUlHekJnTlZIU01FZ2Fzd2dhaUFGRFl5b3RXawpYS3RWd3lGcGJmZ2FPcDB4RE96Q29ZR01wSUdKTUlHR01Rc3dDUVlEVlFRR0V3SkJWVEVNTUFvR0ExVUVDQk1EClRsTlhNUTh3RFFZRFZRUUhFd1pUZVdSdVpYa3hEREFLQmdOVkJBb01BMUJKVkRFSk1BY0dBMVVFQ3d3QU1SZ3cKRmdZRFZRUUREQTlzWVhkeVpXNWpaWEJwZEM1amIyMHhKVEFqQmdrcWhraUc5dzBCQ1FFTUZteGhkM0psYm1ObApMbkJwZEVCbmJXRnBiQzVqYjIyQ0FRRXdEUVlKS29aSWh2Y05BUUVGQlFBRGdZRUFOM2VRMUM5T0JJbVgvdWZGClNIUC9FeUxPQjJPQ1dqdlNpSytNbndQRWsralRRdDZZYXIxMkRacWVnRGhrWC92OGplTWh4VnpwaStBcHA4M0YKYWFmUE54UFJYc01FTFRCblhDQUJ1YzZEakxBaFlvNGQ4TDhCWUovVjlxLzZRMzdNYVZmc0ZKWVVKNmFBQUppWQpwd1RMUWJidFpqaytZc0s5TzZFR1U4ZjE5djg9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K</X509Certificate>
+        </X509Data>
+      </KeyInfo>
+    </Signature>
+    <saml:Subject>
+      <saml:NameID NameQualifier="idp.example.com" Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress">someone@example.org</saml:NameID>
+      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+        <saml:SubjectConfirmationData Recipient="https://example.com/endpoint" InResponseTo="_f7201940-6055-012f-3bc1-782bcb13c426"/>
+      </saml:SubjectConfirmation>
+    </saml:Subject>
+    <saml:Conditions NotBefore="2012-04-04T07:28:11.442Z" NotOnOrAfter="2012-04-04T07:38:11.442Z">
+      <saml:AudienceRestriction>
+        <saml:Audience>example.com</saml:Audience>
+      </saml:AudienceRestriction>
+    </saml:Conditions>
+    <saml:AuthnStatement AuthnInstant="2012-04-04T07:33:11.442Z">
+      <saml:AuthnContext>
+        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml:AuthnContextClassRef>
+      </saml:AuthnContext>
+    </saml:AuthnStatement>
+  </saml:Assertion>
+</samlp:Response>

data/test/settings_test.rb

@@ -8,8 +8,9 @@ class SettingsTest < Test::Unit::TestCase
     end
     should "should provide getters and settings" do
       accessors = [
-        :assertion_consumer_service_url, :issuer, :sp_name_qualifier, :sp_name_qualifier,
-        :idp_sso_target_url, :idp_cert_fingerprint, :name_identifier_format
+        :assertion_consumer_service_url, :issuer, :sp_name_qualifier,
+        :idp_sso_target_url, :idp_cert_fingerprint, :name_identifier_format,
+        :idp_slo_target_url, :name_identifier_value, :sessionindex
       ]
 
       accessors.each do |accessor|
@@ -18,6 +19,25 @@ class SettingsTest < Test::Unit::TestCase
         assert_equal value, @settings.send(accessor)
       end
     end
+
+    should "create settings from hash" do
+
+      config = {
+          :assertion_consumer_service_url => "http://app.muda.no/sso",
+          :issuer => "http://muda.no",
+          :sp_name_qualifier => "http://sso.muda.no",
+          :idp_sso_target_url => "http://sso.muda.no/sso",
+          :idp_slo_target_url => "http://sso.muda.no/slo",
+          :idp_cert_fingerprint => "00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00",
+          :name_identifier_format => "urn:oasis:names:tc:SAML:2.0:nameid-format:transient",
+      }
+      @settings = Onelogin::Saml::Settings.new(config)
+
+      config.each do |k,v|
+        assert_equal v, @settings.send(k)
+      end
+    end
+
   end
 
 end

data/test/test_helper.rb

@@ -8,6 +8,8 @@ $LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
 $LOAD_PATH.unshift(File.dirname(__FILE__))
 require 'ruby-saml'
 
+ENV["ruby-saml/testing"] = "1"
+
 class Test::Unit::TestCase
   def fixture(document, base64 = true)
     response = Dir.glob(File.join(File.dirname(__FILE__), "responses", "#{document}*")).first

data/test/xml_security_test.rb

@@ -3,22 +3,121 @@ require 'xml_security'
 
 class XmlSecurityTest < Test::Unit::TestCase
   include XMLSecurity
+
   context "XmlSecurity" do
     setup do
       @document = XMLSecurity::SignedDocument.new(Base64.decode64(response_document))
+      @base64cert = @document.elements["//ds:X509Certificate"].text
     end
 
     should "should run validate without throwing NS related exceptions" do
-      base64cert = @document.elements["//ds:X509Certificate"].text
-      @document.validate_doc(base64cert, true)
+      assert !@document.validate_doc(@base64cert, true)
+    end
+
+    should "should run validate with throwing NS related exceptions" do
+      assert_raise(Onelogin::Saml::ValidationError) do
+        @document.validate_doc(@base64cert, false)
+      end
+    end
+    
+    should "not raise an error when softly validating the document multiple times" do
+      assert_nothing_raised do
+        2.times { @document.validate_doc(@base64cert, true) }
+      end
+    end
+
+    should "should raise Fingerprint mismatch" do
+      exception = assert_raise(Onelogin::Saml::ValidationError) do
+        @document.validate("no:fi:ng:er:pr:in:t", false)
+      end
+      assert_equal("Fingerprint mismatch", exception.message)
+    end
+
+    should "should raise Digest mismatch" do
+      exception = assert_raise(Onelogin::Saml::ValidationError) do
+        @document.validate_doc(@base64cert, false)
+      end
+      assert_equal("Digest mismatch", exception.message)
+    end
+
+    should "should raise Key validation error" do
+      response = Base64.decode64(response_document)
+      response.sub!("<ds:DigestValue>pJQ7MS/ek4KRRWGmv/H43ReHYMs=</ds:DigestValue>",
+                    "<ds:DigestValue>b9xsAXLsynugg3Wc1CI3kpWku+0=</ds:DigestValue>")
+      document = XMLSecurity::SignedDocument.new(response)
+      base64cert = document.elements["//ds:X509Certificate"].text
+      exception = assert_raise(Onelogin::Saml::ValidationError) do
+        document.validate_doc(base64cert, false)
+      end
+      assert_equal("Key validation error", exception.message)
     end
   end
 
-  context "Digest" do
+  context "Algorithms" do
+    should "validate using SHA1" do
+      @document = XMLSecurity::SignedDocument.new(fixture(:adfs_response_sha1, false))
+      assert @document.validate("F1:3C:6B:80:90:5A:03:0E:6C:91:3E:5D:15:FA:DD:B0:16:45:48:72")
+    end
+
     should "validate using SHA256" do
-      @document = XMLSecurity::SignedDocument.new(fixture(:adfs_response, false))
+      @document = XMLSecurity::SignedDocument.new(fixture(:adfs_response_sha256, false))
       assert @document.validate("28:74:9B:E8:1F:E8:10:9C:A8:7C:A9:C3:E3:C5:01:6C:92:1C:B4:BA")
     end
+
+    should "validate using SHA384" do
+      @document = XMLSecurity::SignedDocument.new(fixture(:adfs_response_sha384, false))
+      assert @document.validate("F1:3C:6B:80:90:5A:03:0E:6C:91:3E:5D:15:FA:DD:B0:16:45:48:72")
+    end
+
+    should "validate using SHA512" do
+      @document = XMLSecurity::SignedDocument.new(fixture(:adfs_response_sha512, false))
+      assert @document.validate("F1:3C:6B:80:90:5A:03:0E:6C:91:3E:5D:15:FA:DD:B0:16:45:48:72")
+    end
   end
+  
+  context "XmlSecurity::SignedDocument" do
+    
+    context "#extract_inclusive_namespaces" do
+      should "support explicit namespace resolution for exclusive canonicalization" do
+        response = fixture(:open_saml_response, false)
+        document = XMLSecurity::SignedDocument.new(response)
+        inclusive_namespaces = document.send(:extract_inclusive_namespaces)
+        
+        assert_equal %w[ xs ], inclusive_namespaces
+      end
+      
+      should "support implicit namespace resolution for exclusive canonicalization" do
+        response = fixture(:no_signature_ns, false)
+        document = XMLSecurity::SignedDocument.new(response)
+        inclusive_namespaces = document.send(:extract_inclusive_namespaces)
+        
+        assert_equal %w[ #default saml ds xs xsi ], inclusive_namespaces
+      end
+
+      should_eventually 'support inclusive canonicalization' do
+
+        response = Onelogin::Saml::Response.new(fixture("tdnf_response.xml"))
+        response.stubs(:conditions).returns(nil)
+        assert !response.is_valid?
+        settings = Onelogin::Saml::Settings.new
+        assert !response.is_valid?
+        response.settings = settings
+        assert !response.is_valid?
+        settings.idp_cert_fingerprint = "e6 38 9a 20 b7 4f 13 db 6a bc b1 42 6a e7 52 1d d6 56 d4 1b".upcase.gsub(" ", ":")
+        assert response.validate!
+      end
 
+      should "return an empty list when inclusive namespace element is missing" do
+        response = fixture(:no_signature_ns, false)
+        response.slice! %r{<InclusiveNamespaces xmlns="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="#default saml ds xs xsi"/>}
+        
+        document = XMLSecurity::SignedDocument.new(response)
+        inclusive_namespaces = document.send(:extract_inclusive_namespaces)
+        
+        assert inclusive_namespaces.empty?
+      end
+    end
+    
+  end
+  
 end

metadata

@@ -1,126 +1,103 @@
---- !ruby/object:Gem::Specification 
+--- !ruby/object:Gem::Specification
 name: ruby-saml
-version: !ruby/object:Gem::Version 
-  hash: 13
+version: !ruby/object:Gem::Version
+  version: 0.6.0
   prerelease: 
-  segments: 
-  - 0
-  - 5
-  - 3
-  version: 0.5.3
 platform: ruby
-authors: 
+authors:
 - OneLogin LLC
 autorequire: 
 bindir: bin
 cert_chain: []
-
-date: 2012-04-18 00:00:00 -07:00
-default_executable: 
-dependencies: 
-- !ruby/object:Gem::Dependency 
+date: 2012-11-02 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
   name: canonix
-  prerelease: false
-  requirement: &id001 !ruby/object:Gem::Requirement 
+  requirement: !ruby/object:Gem::Requirement
     none: false
-    requirements: 
-    - - ~>
-      - !ruby/object:Gem::Version 
-        hash: 9
-        segments: 
-        - 0
-        - 1
-        version: "0.1"
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 0.1.1
   type: :runtime
-  version_requirements: *id001
-- !ruby/object:Gem::Dependency 
-  name: uuid
   prerelease: false
-  requirement: &id002 !ruby/object:Gem::Requirement 
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 0.1.1
+- !ruby/object:Gem::Dependency
+  name: uuid
+  requirement: !ruby/object:Gem::Requirement
     none: false
-    requirements: 
+    requirements:
     - - ~>
-      - !ruby/object:Gem::Version 
-        hash: 5
-        segments: 
-        - 2
-        - 3
-        version: "2.3"
+      - !ruby/object:Gem::Version
+        version: '2.3'
   type: :runtime
-  version_requirements: *id002
-- !ruby/object:Gem::Dependency 
-  name: shoulda
   prerelease: false
-  requirement: &id003 !ruby/object:Gem::Requirement 
+  version_requirements: !ruby/object:Gem::Requirement
     none: false
-    requirements: 
-    - - ">="
-      - !ruby/object:Gem::Version 
-        hash: 3
-        segments: 
-        - 0
-        version: "0"
-  type: :development
-  version_requirements: *id003
-- !ruby/object:Gem::Dependency 
-  name: ruby-debug
-  prerelease: false
-  requirement: &id004 !ruby/object:Gem::Requirement 
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '2.3'
+- !ruby/object:Gem::Dependency
+  name: nokogiri
+  requirement: !ruby/object:Gem::Requirement
     none: false
-    requirements: 
-    - - ">="
-      - !ruby/object:Gem::Version 
-        hash: 3
-        segments: 
-        - 0
-        version: "0"
-  type: :development
-  version_requirements: *id004
-- !ruby/object:Gem::Dependency 
-  name: mocha
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
   prerelease: false
-  requirement: &id005 !ruby/object:Gem::Requirement 
+  version_requirements: !ruby/object:Gem::Requirement
     none: false
-    requirements: 
-    - - ">="
-      - !ruby/object:Gem::Version 
-        hash: 3
-        segments: 
-        - 0
-        version: "0"
-  type: :development
-  version_requirements: *id005
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
 description: SAML toolkit for Ruby on Rails
 email: support@onelogin.com
 executables: []
-
 extensions: []
-
-extra_rdoc_files: 
+extra_rdoc_files:
 - LICENSE
-- README.rdoc
-files: 
+- README.md
+files:
 - .document
 - .gitignore
+- .travis.yml
 - Gemfile
-- Gemfile.lock
 - LICENSE
-- README.rdoc
+- README.md
 - Rakefile
 - lib/onelogin/ruby-saml/authrequest.rb
 - lib/onelogin/ruby-saml/logging.rb
+- lib/onelogin/ruby-saml/logoutrequest.rb
 - lib/onelogin/ruby-saml/metadata.rb
 - lib/onelogin/ruby-saml/response.rb
 - lib/onelogin/ruby-saml/settings.rb
 - lib/onelogin/ruby-saml/validation_error.rb
 - lib/onelogin/ruby-saml/version.rb
 - lib/ruby-saml.rb
+- lib/schemas/saml20assertion_schema.xsd
+- lib/schemas/saml20protocol_schema.xsd
+- lib/schemas/xenc_schema.xsd
+- lib/schemas/xmldsig_schema.xsd
 - lib/xml_security.rb
 - ruby-saml.gemspec
 - test/certificates/certificate1
+- test/logoutrequest_test.rb
 - test/request_test.rb
 - test/response_test.rb
-- test/responses/adfs_response.xml
+- test/responses/adfs_response_sha1.xml
+- test/responses/adfs_response_sha256.xml
+- test/responses/adfs_response_sha384.xml
+- test/responses/adfs_response_sha512.xml
+- test/responses/no_signature_ns.xml
 - test/responses/open_saml_response.xml
 - test/responses/response1.xml.base64
 - test/responses/response2.xml.base64
@@ -134,45 +111,41 @@ files:
 - test/settings_test.rb
 - test/test_helper.rb
 - test/xml_security_test.rb
-has_rdoc: true
 homepage: http://github.com/onelogin/ruby-saml
 licenses: []
-
 post_install_message: 
-rdoc_options: 
+rdoc_options:
 - --charset=UTF-8
-require_paths: 
+require_paths:
 - lib
-required_ruby_version: !ruby/object:Gem::Requirement 
+required_ruby_version: !ruby/object:Gem::Requirement
   none: false
-  requirements: 
-  - - ">="
-    - !ruby/object:Gem::Version 
-      hash: 3
-      segments: 
-      - 0
-      version: "0"
-required_rubygems_version: !ruby/object:Gem::Requirement 
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
   none: false
-  requirements: 
-  - - ">="
-    - !ruby/object:Gem::Version 
-      hash: 3
-      segments: 
-      - 0
-      version: "0"
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
 requirements: []
-
 rubyforge_project: http://www.rubygems.org/gems/ruby-saml
-rubygems_version: 1.5.3
+rubygems_version: 1.8.24
 signing_key: 
 specification_version: 3
 summary: SAML Ruby Tookit
-test_files: 
+test_files:
 - test/certificates/certificate1
+- test/logoutrequest_test.rb
 - test/request_test.rb
 - test/response_test.rb
-- test/responses/adfs_response.xml
+- test/responses/adfs_response_sha1.xml
+- test/responses/adfs_response_sha256.xml
+- test/responses/adfs_response_sha384.xml
+- test/responses/adfs_response_sha512.xml
+- test/responses/no_signature_ns.xml
 - test/responses/open_saml_response.xml
 - test/responses/response1.xml.base64
 - test/responses/response2.xml.base64
@@ -186,3 +159,4 @@ test_files:
 - test/settings_test.rb
 - test/test_helper.rb
 - test/xml_security_test.rb
+has_rdoc: