RubyGems - ruby-saml - Versions diffs - 0.8.8 → 0.8.13 - Mend

ruby-saml 0.8.8 → 0.8.13

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of ruby-saml might be problematic. Click here for more details.

Files changed (45) hide show

checksums.yaml +7 -7
data/Gemfile +11 -1
data/README.md +5 -2
data/Rakefile +0 -14
data/lib/onelogin/ruby-saml/authrequest.rb +86 -20
data/lib/onelogin/ruby-saml/logoutrequest.rb +95 -20
data/lib/onelogin/ruby-saml/logoutresponse.rb +5 -28
data/lib/onelogin/ruby-saml/metadata.rb +5 -5
data/lib/onelogin/ruby-saml/response.rb +187 -4
data/lib/onelogin/ruby-saml/setting_error.rb +6 -0
data/lib/onelogin/ruby-saml/settings.rb +146 -10
data/lib/onelogin/ruby-saml/slo_logoutresponse.rb +158 -0
data/lib/onelogin/ruby-saml/utils.rb +169 -0
data/lib/onelogin/ruby-saml/version.rb +1 -1
data/lib/ruby-saml.rb +2 -1
data/lib/xml_security.rb +330 -78
data/test/certificates/ruby-saml-2.crt +15 -0
data/test/certificates/ruby-saml.crt +14 -0
data/test/certificates/ruby-saml.key +15 -0
data/test/logoutrequest_test.rb +177 -44
data/test/logoutresponse_test.rb +25 -29
data/test/request_test.rb +100 -37
data/test/response_test.rb +213 -111
data/test/responses/adfs_response_xmlns.xml +45 -0
data/test/responses/encrypted_new_attack.xml.base64 +1 -0
data/test/responses/invalids/multiple_signed.xml.base64 +1 -0
data/test/responses/invalids/no_signature.xml.base64 +1 -0
data/test/responses/invalids/response_with_concealed_signed_assertion.xml +51 -0
data/test/responses/invalids/response_with_doubled_signed_assertion.xml +49 -0
data/test/responses/invalids/signature_wrapping_attack.xml.base64 +1 -0
data/test/responses/logoutresponse_fixtures.rb +6 -6
data/test/responses/response_with_concealed_signed_assertion.xml +51 -0
data/test/responses/response_with_doubled_signed_assertion.xml +49 -0
data/test/responses/response_with_signed_assertion_3.xml +30 -0
data/test/responses/response_with_signed_message_and_assertion.xml +34 -0
data/test/responses/response_with_undefined_recipient.xml.base64 +1 -0
data/test/responses/response_wrapped.xml.base64 +150 -0
data/test/responses/valid_response.xml.base64 +1 -0
data/test/responses/valid_response_without_x509certificate.xml.base64 +1 -0
data/test/settings_test.rb +7 -7
data/test/slo_logoutresponse_test.rb +226 -0
data/test/test_helper.rb +117 -12
data/test/utils_test.rb +10 -10
data/test/xml_security_test.rb +310 -68
metadata +88 -45

metadata CHANGED

@@ -1,49 +1,54 @@
---- !ruby/object:Gem::Specification
+--- !ruby/object:Gem::Specification
 name: ruby-saml
-version: !ruby/object:Gem::Version
-  version: 0.8.8
+version: !ruby/object:Gem::Version
+  version: 0.8.13
 platform: ruby
-authors:
+authors:
 - OneLogin LLC
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2019-03-21 00:00:00 Z
-dependencies:
-- !ruby/object:Gem::Dependency
+date: 2020-07-23 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
   name: uuid
-  prerelease: false
-  requirement: &id001 !ruby/object:Gem::Requirement
-    requirements:
-    - - ~>
-      - !ruby/object:Gem::Version
-        version: "2.3"
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.3'
   type: :runtime
-  version_requirements: *id001
-- !ruby/object:Gem::Dependency
-  name: nokogiri
   prerelease: false
-  requirement: &id002 !ruby/object:Gem::Requirement
-    requirements:
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.3'
+- !ruby/object:Gem::Dependency
+  name: nokogiri
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
     - - ">="
-      - !ruby/object:Gem::Version
+      - !ruby/object:Gem::Version
         version: 1.5.0
   type: :runtime
-  version_requirements: *id002
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.5.0
 description: SAML toolkit for Ruby on Rails
 email: support@onelogin.com
 executables: []
 extensions: []
-extra_rdoc_files:
+extra_rdoc_files:
 - LICENSE
 - README.md
-files:
-- .document
-- .gitignore
-- .travis.yml
+files:
+- ".document"
+- ".gitignore"
+- ".travis.yml"
 - Gemfile
 - LICENSE
 - README.md
@@ -56,7 +61,9 @@ files:
 - lib/onelogin/ruby-saml/logoutresponse.rb
 - lib/onelogin/ruby-saml/metadata.rb
 - lib/onelogin/ruby-saml/response.rb
+- lib/onelogin/ruby-saml/setting_error.rb
 - lib/onelogin/ruby-saml/settings.rb
+- lib/onelogin/ruby-saml/slo_logoutresponse.rb
 - lib/onelogin/ruby-saml/utils.rb
 - lib/onelogin/ruby-saml/validation_error.rb
 - lib/onelogin/ruby-saml/version.rb
@@ -69,6 +76,9 @@ files:
 - ruby-saml.gemspec
 - test/certificates/certificate1
 - test/certificates/r1_certificate2_base64
+- test/certificates/ruby-saml-2.crt
+- test/certificates/ruby-saml.crt
+- test/certificates/ruby-saml.key
 - test/logoutrequest_test.rb
 - test/logoutresponse_test.rb
 - test/request_test.rb
@@ -77,6 +87,13 @@ files:
 - test/responses/adfs_response_sha256.xml
 - test/responses/adfs_response_sha384.xml
 - test/responses/adfs_response_sha512.xml
+- test/responses/adfs_response_xmlns.xml
+- test/responses/encrypted_new_attack.xml.base64
+- test/responses/invalids/multiple_signed.xml.base64
+- test/responses/invalids/no_signature.xml.base64
+- test/responses/invalids/response_with_concealed_signed_assertion.xml
+- test/responses/invalids/response_with_doubled_signed_assertion.xml
+- test/responses/invalids/signature_wrapping_attack.xml.base64
 - test/responses/logoutresponse_fixtures.rb
 - test/responses/no_signature_ns.xml
 - test/responses/open_saml_response.xml
@@ -90,44 +107,54 @@ files:
 - test/responses/response_node_text_attack.xml.base64
 - test/responses/response_with_ampersands.xml
 - test/responses/response_with_ampersands.xml.base64
+- test/responses/response_with_concealed_signed_assertion.xml
+- test/responses/response_with_doubled_signed_assertion.xml
 - test/responses/response_with_multiple_attribute_statements.xml
 - test/responses/response_with_multiple_attribute_values.xml
+- test/responses/response_with_signed_assertion_3.xml
+- test/responses/response_with_signed_message_and_assertion.xml
+- test/responses/response_with_undefined_recipient.xml.base64
+- test/responses/response_wrapped.xml.base64
 - test/responses/simple_saml_php.xml
 - test/responses/starfield_response.xml.base64
+- test/responses/valid_response.xml.base64
+- test/responses/valid_response_without_x509certificate.xml.base64
 - test/responses/wrapped_response_2.xml.base64
 - test/settings_test.rb
+- test/slo_logoutresponse_test.rb
 - test/test_helper.rb
 - test/utils_test.rb
 - test/xml_security_test.rb
 homepage: http://github.com/onelogin/ruby-saml
 licenses: []
 metadata: {}
 post_install_message:
-rdoc_options:
-- --charset=UTF-8
-require_paths:
+rdoc_options:
+- "--charset=UTF-8"
+require_paths:
 - lib
-required_ruby_version: !ruby/object:Gem::Requirement
-  requirements:
-  - &id003
-    - ">="
-    - !ruby/object:Gem::Version
-      version: "0"
-required_rubygems_version: !ruby/object:Gem::Requirement
-  requirements:
-  - *id003
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
 requirements: []
 rubyforge_project: http://www.rubygems.org/gems/ruby-saml
-rubygems_version: 2.7.7
+rubygems_version: 2.4.8
 signing_key:
 specification_version: 4
 summary: SAML Ruby Tookit
-test_files:
+test_files:
 - test/certificates/certificate1
 - test/certificates/r1_certificate2_base64
+- test/certificates/ruby-saml-2.crt
+- test/certificates/ruby-saml.crt
+- test/certificates/ruby-saml.key
 - test/logoutrequest_test.rb
 - test/logoutresponse_test.rb
 - test/request_test.rb
@@ -136,6 +163,13 @@ test_files:
 - test/responses/adfs_response_sha256.xml
 - test/responses/adfs_response_sha384.xml
 - test/responses/adfs_response_sha512.xml
+- test/responses/adfs_response_xmlns.xml
+- test/responses/encrypted_new_attack.xml.base64
+- test/responses/invalids/multiple_signed.xml.base64
+- test/responses/invalids/no_signature.xml.base64
+- test/responses/invalids/response_with_concealed_signed_assertion.xml
+- test/responses/invalids/response_with_doubled_signed_assertion.xml
+- test/responses/invalids/signature_wrapping_attack.xml.base64
 - test/responses/logoutresponse_fixtures.rb
 - test/responses/no_signature_ns.xml
 - test/responses/open_saml_response.xml
@@ -149,12 +183,21 @@ test_files:
 - test/responses/response_node_text_attack.xml.base64
 - test/responses/response_with_ampersands.xml
 - test/responses/response_with_ampersands.xml.base64
+- test/responses/response_with_concealed_signed_assertion.xml
+- test/responses/response_with_doubled_signed_assertion.xml
 - test/responses/response_with_multiple_attribute_statements.xml
 - test/responses/response_with_multiple_attribute_values.xml
+- test/responses/response_with_signed_assertion_3.xml
+- test/responses/response_with_signed_message_and_assertion.xml
+- test/responses/response_with_undefined_recipient.xml.base64
+- test/responses/response_wrapped.xml.base64
 - test/responses/simple_saml_php.xml
 - test/responses/starfield_response.xml.base64
+- test/responses/valid_response.xml.base64
+- test/responses/valid_response_without_x509certificate.xml.base64
 - test/responses/wrapped_response_2.xml.base64
 - test/settings_test.rb
+- test/slo_logoutresponse_test.rb
 - test/test_helper.rb
 - test/utils_test.rb
 - test/xml_security_test.rb