RubyGems - ruby-saml - Versions diffs - 0.8.10 → 0.8.15 - Mend

ruby-saml 0.8.10 → 0.8.15

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of ruby-saml might be problematic. Click here for more details.

Files changed (37) hide show

checksums.yaml +4 -4
data/Gemfile +3 -1
data/Rakefile +0 -14
data/lib/onelogin/ruby-saml/authrequest.rb +3 -2
data/lib/onelogin/ruby-saml/logoutrequest.rb +3 -0
data/lib/onelogin/ruby-saml/logoutresponse.rb +1 -24
data/lib/onelogin/ruby-saml/response.rb +206 -20
data/lib/onelogin/ruby-saml/setting_error.rb +6 -0
data/lib/onelogin/ruby-saml/settings.rb +26 -0
data/lib/onelogin/ruby-saml/slo_logoutresponse.rb +3 -2
data/lib/onelogin/ruby-saml/utils.rb +90 -0
data/lib/onelogin/ruby-saml/version.rb +1 -1
data/lib/xml_security.rb +222 -87
data/test/certificates/ruby-saml-2.crt +15 -0
data/test/logoutrequest_test.rb +124 -126
data/test/logoutresponse_test.rb +22 -28
data/test/response_test.rb +348 -129
data/test/responses/adfs_response_xmlns.xml +45 -0
data/test/responses/encrypted_new_attack.xml.base64 +1 -0
data/test/responses/invalids/multiple_signed.xml.base64 +1 -0
data/test/responses/invalids/no_signature.xml.base64 +1 -0
data/test/responses/invalids/response_with_concealed_signed_assertion.xml +51 -0
data/test/responses/invalids/response_with_doubled_signed_assertion.xml +49 -0
data/test/responses/invalids/signature_wrapping_attack.xml.base64 +1 -0
data/test/responses/response_with_concealed_signed_assertion.xml +51 -0
data/test/responses/response_with_doubled_signed_assertion.xml +49 -0
data/test/responses/response_with_signed_assertion_3.xml +30 -0
data/test/responses/response_with_signed_message_and_assertion.xml +34 -0
data/test/responses/response_with_undefined_recipient.xml.base64 +1 -0
data/test/responses/response_wrapped.xml.base64 +150 -0
data/test/responses/valid_response.xml.base64 +1 -0
data/test/responses/valid_response_without_x509certificate.xml.base64 +1 -0
data/test/settings_test.rb +5 -5
data/test/test_helper.rb +110 -41
data/test/utils_test.rb +10 -10
data/test/xml_security_test.rb +359 -68
metadata +38 -5

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: ruby-saml
 version: !ruby/object:Gem::Version
-  version: 0.8.10
+  version: 0.8.15
 platform: ruby
 authors:
 - OneLogin LLC
-autorequire:
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2019-07-25 00:00:00.000000000 Z
+date: 2020-10-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: uuid
@@ -61,6 +61,7 @@ files:
 - lib/onelogin/ruby-saml/logoutresponse.rb
 - lib/onelogin/ruby-saml/metadata.rb
 - lib/onelogin/ruby-saml/response.rb
+- lib/onelogin/ruby-saml/setting_error.rb
 - lib/onelogin/ruby-saml/settings.rb
 - lib/onelogin/ruby-saml/slo_logoutresponse.rb
 - lib/onelogin/ruby-saml/utils.rb
@@ -75,6 +76,7 @@ files:
 - ruby-saml.gemspec
 - test/certificates/certificate1
 - test/certificates/r1_certificate2_base64
+- test/certificates/ruby-saml-2.crt
 - test/certificates/ruby-saml.crt
 - test/certificates/ruby-saml.key
 - test/logoutrequest_test.rb
@@ -85,6 +87,13 @@ files:
 - test/responses/adfs_response_sha256.xml
 - test/responses/adfs_response_sha384.xml
 - test/responses/adfs_response_sha512.xml
+- test/responses/adfs_response_xmlns.xml
+- test/responses/encrypted_new_attack.xml.base64
+- test/responses/invalids/multiple_signed.xml.base64
+- test/responses/invalids/no_signature.xml.base64
+- test/responses/invalids/response_with_concealed_signed_assertion.xml
+- test/responses/invalids/response_with_doubled_signed_assertion.xml
+- test/responses/invalids/signature_wrapping_attack.xml.base64
 - test/responses/logoutresponse_fixtures.rb
 - test/responses/no_signature_ns.xml
 - test/responses/open_saml_response.xml
@@ -98,10 +107,18 @@ files:
 - test/responses/response_node_text_attack.xml.base64
 - test/responses/response_with_ampersands.xml
 - test/responses/response_with_ampersands.xml.base64
+- test/responses/response_with_concealed_signed_assertion.xml
+- test/responses/response_with_doubled_signed_assertion.xml
 - test/responses/response_with_multiple_attribute_statements.xml
 - test/responses/response_with_multiple_attribute_values.xml
+- test/responses/response_with_signed_assertion_3.xml
+- test/responses/response_with_signed_message_and_assertion.xml
+- test/responses/response_with_undefined_recipient.xml.base64
+- test/responses/response_wrapped.xml.base64
 - test/responses/simple_saml_php.xml
 - test/responses/starfield_response.xml.base64
+- test/responses/valid_response.xml.base64
+- test/responses/valid_response_without_x509certificate.xml.base64
 - test/responses/wrapped_response_2.xml.base64
 - test/settings_test.rb
 - test/slo_logoutresponse_test.rb
@@ -111,7 +128,7 @@ files:
 homepage: http://github.com/onelogin/ruby-saml
 licenses: []
 metadata: {}
-post_install_message:
+post_install_message:
 rdoc_options:
 - "--charset=UTF-8"
 require_paths:
@@ -128,12 +145,13 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubygems_version: 3.0.4
-signing_key:
+signing_key:
 specification_version: 4
 summary: SAML Ruby Tookit
 test_files:
 - test/certificates/certificate1
 - test/certificates/r1_certificate2_base64
+- test/certificates/ruby-saml-2.crt
 - test/certificates/ruby-saml.crt
 - test/certificates/ruby-saml.key
 - test/logoutrequest_test.rb
@@ -144,6 +162,13 @@ test_files:
 - test/responses/adfs_response_sha256.xml
 - test/responses/adfs_response_sha384.xml
 - test/responses/adfs_response_sha512.xml
+- test/responses/adfs_response_xmlns.xml
+- test/responses/encrypted_new_attack.xml.base64
+- test/responses/invalids/multiple_signed.xml.base64
+- test/responses/invalids/no_signature.xml.base64
+- test/responses/invalids/response_with_concealed_signed_assertion.xml
+- test/responses/invalids/response_with_doubled_signed_assertion.xml
+- test/responses/invalids/signature_wrapping_attack.xml.base64
 - test/responses/logoutresponse_fixtures.rb
 - test/responses/no_signature_ns.xml
 - test/responses/open_saml_response.xml
@@ -157,10 +182,18 @@ test_files:
 - test/responses/response_node_text_attack.xml.base64
 - test/responses/response_with_ampersands.xml
 - test/responses/response_with_ampersands.xml.base64
+- test/responses/response_with_concealed_signed_assertion.xml
+- test/responses/response_with_doubled_signed_assertion.xml
 - test/responses/response_with_multiple_attribute_statements.xml
 - test/responses/response_with_multiple_attribute_values.xml
+- test/responses/response_with_signed_assertion_3.xml
+- test/responses/response_with_signed_message_and_assertion.xml
+- test/responses/response_with_undefined_recipient.xml.base64
+- test/responses/response_wrapped.xml.base64
 - test/responses/simple_saml_php.xml
 - test/responses/starfield_response.xml.base64
+- test/responses/valid_response.xml.base64
+- test/responses/valid_response_without_x509certificate.xml.base64
 - test/responses/wrapped_response_2.xml.base64
 - test/settings_test.rb
 - test/slo_logoutresponse_test.rb