ruby-saml 1.11.0 → 1.12.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.


This version of ruby-saml might be problematic. Click here for more details.

Files changed (158) hide show
  1. checksums.yaml +5 -5
  2. data/.travis.yml +14 -12
  3. data/README.md +67 -19
  4. data/changelog.md +23 -0
  5. data/lib/onelogin/ruby-saml/attributes.rb +24 -1
  6. data/lib/onelogin/ruby-saml/authrequest.rb +9 -4
  7. data/lib/onelogin/ruby-saml/idp_metadata_parser.rb +62 -24
  8. data/lib/onelogin/ruby-saml/logoutrequest.rb +7 -1
  9. data/lib/onelogin/ruby-saml/logoutresponse.rb +4 -0
  10. data/lib/onelogin/ruby-saml/metadata.rb +9 -1
  11. data/lib/onelogin/ruby-saml/response.rb +37 -15
  12. data/lib/onelogin/ruby-saml/saml_message.rb +6 -0
  13. data/lib/onelogin/ruby-saml/setting_error.rb +6 -0
  14. data/lib/onelogin/ruby-saml/settings.rb +34 -2
  15. data/lib/onelogin/ruby-saml/slo_logoutrequest.rb +4 -0
  16. data/lib/onelogin/ruby-saml/slo_logoutresponse.rb +27 -14
  17. data/lib/onelogin/ruby-saml/utils.rb +56 -0
  18. data/lib/onelogin/ruby-saml/version.rb +1 -1
  19. data/lib/xml_security.rb +34 -6
  20. data/ruby-saml.gemspec +8 -4
  21. metadata +22 -282
  22. data/test/certificates/certificate.der +0 -0
  23. data/test/certificates/certificate1 +0 -12
  24. data/test/certificates/certificate_without_head_foot +0 -1
  25. data/test/certificates/formatted_certificate +0 -14
  26. data/test/certificates/formatted_chained_certificate +0 -42
  27. data/test/certificates/formatted_private_key +0 -12
  28. data/test/certificates/formatted_rsa_private_key +0 -12
  29. data/test/certificates/invalid_certificate1 +0 -1
  30. data/test/certificates/invalid_certificate2 +0 -1
  31. data/test/certificates/invalid_certificate3 +0 -12
  32. data/test/certificates/invalid_chained_certificate1 +0 -1
  33. data/test/certificates/invalid_private_key1 +0 -1
  34. data/test/certificates/invalid_private_key2 +0 -1
  35. data/test/certificates/invalid_private_key3 +0 -10
  36. data/test/certificates/invalid_rsa_private_key1 +0 -1
  37. data/test/certificates/invalid_rsa_private_key2 +0 -1
  38. data/test/certificates/invalid_rsa_private_key3 +0 -10
  39. data/test/certificates/ruby-saml-2.crt +0 -15
  40. data/test/certificates/ruby-saml.crt +0 -14
  41. data/test/certificates/ruby-saml.key +0 -15
  42. data/test/idp_metadata_parser_test.rb +0 -594
  43. data/test/logging_test.rb +0 -62
  44. data/test/logout_requests/invalid_slo_request.xml +0 -6
  45. data/test/logout_requests/slo_request.xml +0 -4
  46. data/test/logout_requests/slo_request.xml.base64 +0 -1
  47. data/test/logout_requests/slo_request_deflated.xml.base64 +0 -1
  48. data/test/logout_requests/slo_request_with_name_id_format.xml +0 -4
  49. data/test/logout_requests/slo_request_with_session_index.xml +0 -5
  50. data/test/logout_responses/logoutresponse_fixtures.rb +0 -86
  51. data/test/logoutrequest_test.rb +0 -260
  52. data/test/logoutresponse_test.rb +0 -427
  53. data/test/metadata/idp_descriptor.xml +0 -26
  54. data/test/metadata/idp_descriptor_2.xml +0 -56
  55. data/test/metadata/idp_descriptor_3.xml +0 -14
  56. data/test/metadata/idp_descriptor_4.xml +0 -72
  57. data/test/metadata/idp_metadata_different_sign_and_encrypt_cert.xml +0 -72
  58. data/test/metadata/idp_metadata_multi_certs.xml +0 -75
  59. data/test/metadata/idp_metadata_multi_signing_certs.xml +0 -52
  60. data/test/metadata/idp_metadata_same_sign_and_encrypt_cert.xml +0 -71
  61. data/test/metadata/idp_multiple_descriptors.xml +0 -59
  62. data/test/metadata/idp_multiple_descriptors_2.xml +0 -59
  63. data/test/metadata/no_idp_descriptor.xml +0 -21
  64. data/test/metadata_test.rb +0 -331
  65. data/test/request_test.rb +0 -340
  66. data/test/response_test.rb +0 -1629
  67. data/test/responses/adfs_response_sha1.xml +0 -46
  68. data/test/responses/adfs_response_sha256.xml +0 -46
  69. data/test/responses/adfs_response_sha384.xml +0 -46
  70. data/test/responses/adfs_response_sha512.xml +0 -46
  71. data/test/responses/adfs_response_xmlns.xml +0 -45
  72. data/test/responses/attackxee.xml +0 -13
  73. data/test/responses/invalids/duplicated_attributes.xml.base64 +0 -1
  74. data/test/responses/invalids/empty_destination.xml.base64 +0 -1
  75. data/test/responses/invalids/empty_nameid.xml.base64 +0 -1
  76. data/test/responses/invalids/encrypted_new_attack.xml.base64 +0 -1
  77. data/test/responses/invalids/invalid_audience.xml.base64 +0 -1
  78. data/test/responses/invalids/invalid_issuer_assertion.xml.base64 +0 -1
  79. data/test/responses/invalids/invalid_issuer_message.xml.base64 +0 -1
  80. data/test/responses/invalids/invalid_signature_position.xml.base64 +0 -1
  81. data/test/responses/invalids/invalid_subjectconfirmation_inresponse.xml.base64 +0 -1
  82. data/test/responses/invalids/invalid_subjectconfirmation_nb.xml.base64 +0 -1
  83. data/test/responses/invalids/invalid_subjectconfirmation_noa.xml.base64 +0 -1
  84. data/test/responses/invalids/invalid_subjectconfirmation_recipient.xml.base64 +0 -1
  85. data/test/responses/invalids/multiple_assertions.xml.base64 +0 -2
  86. data/test/responses/invalids/multiple_signed.xml.base64 +0 -1
  87. data/test/responses/invalids/no_authnstatement.xml.base64 +0 -1
  88. data/test/responses/invalids/no_conditions.xml.base64 +0 -1
  89. data/test/responses/invalids/no_id.xml.base64 +0 -1
  90. data/test/responses/invalids/no_issuer_assertion.xml.base64 +0 -1
  91. data/test/responses/invalids/no_issuer_response.xml.base64 +0 -1
  92. data/test/responses/invalids/no_nameid.xml.base64 +0 -1
  93. data/test/responses/invalids/no_saml2.xml.base64 +0 -1
  94. data/test/responses/invalids/no_signature.xml.base64 +0 -1
  95. data/test/responses/invalids/no_status.xml.base64 +0 -1
  96. data/test/responses/invalids/no_status_code.xml.base64 +0 -1
  97. data/test/responses/invalids/no_subjectconfirmation_data.xml.base64 +0 -1
  98. data/test/responses/invalids/no_subjectconfirmation_method.xml.base64 +0 -1
  99. data/test/responses/invalids/response_invalid_signed_element.xml.base64 +0 -1
  100. data/test/responses/invalids/response_with_concealed_signed_assertion.xml +0 -51
  101. data/test/responses/invalids/response_with_doubled_signed_assertion.xml +0 -49
  102. data/test/responses/invalids/signature_wrapping_attack.xml.base64 +0 -1
  103. data/test/responses/invalids/status_code_responder.xml.base64 +0 -1
  104. data/test/responses/invalids/status_code_responer_and_msg.xml.base64 +0 -1
  105. data/test/responses/invalids/wrong_spnamequalifier.xml.base64 +0 -1
  106. data/test/responses/no_signature_ns.xml +0 -48
  107. data/test/responses/open_saml_response.xml +0 -56
  108. data/test/responses/response_assertion_wrapped.xml.base64 +0 -93
  109. data/test/responses/response_audience_self_closed_tag.xml.base64 +0 -1
  110. data/test/responses/response_double_status_code.xml.base64 +0 -1
  111. data/test/responses/response_encrypted_attrs.xml.base64 +0 -1
  112. data/test/responses/response_encrypted_nameid.xml.base64 +0 -1
  113. data/test/responses/response_eval.xml +0 -7
  114. data/test/responses/response_no_cert_and_encrypted_attrs.xml +0 -29
  115. data/test/responses/response_node_text_attack.xml.base64 +0 -1
  116. data/test/responses/response_node_text_attack2.xml.base64 +0 -1
  117. data/test/responses/response_node_text_attack3.xml.base64 +0 -1
  118. data/test/responses/response_unsigned_xml_base64 +0 -1
  119. data/test/responses/response_with_ampersands.xml +0 -139
  120. data/test/responses/response_with_ampersands.xml.base64 +0 -93
  121. data/test/responses/response_with_ds_namespace_at_the_root.xml.base64 +0 -1
  122. data/test/responses/response_with_multiple_attribute_statements.xml +0 -72
  123. data/test/responses/response_with_multiple_attribute_values.xml +0 -67
  124. data/test/responses/response_with_retrieval_method.xml +0 -26
  125. data/test/responses/response_with_saml2_namespace.xml.base64 +0 -102
  126. data/test/responses/response_with_signed_assertion.xml.base64 +0 -66
  127. data/test/responses/response_with_signed_assertion_2.xml.base64 +0 -1
  128. data/test/responses/response_with_signed_assertion_3.xml +0 -30
  129. data/test/responses/response_with_signed_message_and_assertion.xml +0 -34
  130. data/test/responses/response_with_undefined_recipient.xml.base64 +0 -1
  131. data/test/responses/response_without_attributes.xml.base64 +0 -79
  132. data/test/responses/response_without_reference_uri.xml.base64 +0 -1
  133. data/test/responses/response_wrapped.xml.base64 +0 -150
  134. data/test/responses/signed_message_encrypted_signed_assertion.xml.base64 +0 -1
  135. data/test/responses/signed_message_encrypted_unsigned_assertion.xml.base64 +0 -1
  136. data/test/responses/signed_nameid_in_atts.xml +0 -47
  137. data/test/responses/signed_unqual_nameid_in_atts.xml +0 -47
  138. data/test/responses/simple_saml_php.xml +0 -71
  139. data/test/responses/starfield_response.xml.base64 +0 -1
  140. data/test/responses/test_sign.xml +0 -43
  141. data/test/responses/unsigned_encrypted_adfs.xml +0 -23
  142. data/test/responses/unsigned_message_aes128_encrypted_signed_assertion.xml.base64 +0 -1
  143. data/test/responses/unsigned_message_aes192_encrypted_signed_assertion.xml.base64 +0 -1
  144. data/test/responses/unsigned_message_aes256_encrypted_signed_assertion.xml.base64 +0 -1
  145. data/test/responses/unsigned_message_des192_encrypted_signed_assertion.xml.base64 +0 -1
  146. data/test/responses/unsigned_message_encrypted_assertion_without_saml_namespace.xml.base64 +0 -1
  147. data/test/responses/unsigned_message_encrypted_signed_assertion.xml.base64 +0 -1
  148. data/test/responses/unsigned_message_encrypted_unsigned_assertion.xml.base64 +0 -1
  149. data/test/responses/valid_response.xml.base64 +0 -1
  150. data/test/responses/valid_response_with_formatted_x509certificate.xml.base64 +0 -1
  151. data/test/responses/valid_response_without_x509certificate.xml.base64 +0 -1
  152. data/test/saml_message_test.rb +0 -56
  153. data/test/settings_test.rb +0 -338
  154. data/test/slo_logoutrequest_test.rb +0 -467
  155. data/test/slo_logoutresponse_test.rb +0 -233
  156. data/test/test_helper.rb +0 -333
  157. data/test/utils_test.rb +0 -259
  158. data/test/xml_security_test.rb +0 -421
@@ -1,5 +1,5 @@
1
1
  module OneLogin
2
2
  module RubySaml
3
- VERSION = '1.11.0'
3
+ VERSION = '1.12.0'
4
4
  end
5
5
  end
data/lib/xml_security.rb CHANGED
@@ -212,7 +212,7 @@ module XMLSecurity
212
212
  begin
213
213
  cert = OpenSSL::X509::Certificate.new(cert_text)
214
214
  rescue OpenSSL::X509::CertificateError => _e
215
- return append_error("Certificate Error", soft)
215
+ return append_error("Document Certificate Error", soft)
216
216
  end
217
217
 
218
218
  if options[:fingerprint_alg]
@@ -224,7 +224,6 @@ module XMLSecurity
224
224
 
225
225
  # check cert matches registered idp cert
226
226
  if fingerprint != idp_cert_fingerprint.gsub(/[^a-zA-Z0-9]/,"").downcase
227
- @errors << "Fingerprint mismatch"
228
227
  return append_error("Fingerprint mismatch", soft)
229
228
  end
230
229
  else
@@ -241,7 +240,7 @@ module XMLSecurity
241
240
  validate_signature(base64_cert, soft)
242
241
  end
243
242
 
244
- def validate_document_with_cert(idp_cert)
243
+ def validate_document_with_cert(idp_cert, soft = true)
245
244
  # get cert from response
246
245
  cert_element = REXML::XPath.first(
247
246
  self,
@@ -255,12 +254,12 @@ module XMLSecurity
255
254
  begin
256
255
  cert = OpenSSL::X509::Certificate.new(cert_text)
257
256
  rescue OpenSSL::X509::CertificateError => _e
258
- return append_error("Certificate Error", soft)
257
+ return append_error("Document Certificate Error", soft)
259
258
  end
260
259
 
261
260
  # check saml response cert matches provided idp cert
262
261
  if idp_cert.to_pem != cert.to_pem
263
- return false
262
+ return append_error("Certificate of the Signature element does not match provided certificate", soft)
264
263
  end
265
264
  else
266
265
  base64_cert = Base64.encode64(idp_cert.to_pem)
@@ -326,6 +325,9 @@ module XMLSecurity
326
325
  '//ds:CanonicalizationMethod',
327
326
  { "ds" => DSIG }
328
327
  )
328
+
329
+ canon_algorithm = process_transforms(ref, canon_algorithm)
330
+
329
331
  canon_hashed_element = hashed_element.canonicalize(canon_algorithm, inclusive_namespaces)
330
332
 
331
333
  digest_algorithm = algorithm(REXML::XPath.first(
@@ -342,7 +344,6 @@ module XMLSecurity
342
344
  digest_value = Base64.decode64(OneLogin::RubySaml::Utils.element_text(encoded_digest_value))
343
345
 
344
346
  unless digests_match?(hash, digest_value)
345
- @errors << "Digest mismatch"
346
347
  return append_error("Digest mismatch", soft)
347
348
  end
348
349
 
@@ -360,6 +361,33 @@ module XMLSecurity
360
361
 
361
362
  private
362
363
 
364
+ def process_transforms(ref, canon_algorithm)
365
+ transforms = REXML::XPath.match(
366
+ ref,
367
+ "//ds:Transforms/ds:Transform",
368
+ { "ds" => DSIG }
369
+ )
370
+
371
+ transforms.each do |transform_element|
372
+ if transform_element.attributes && transform_element.attributes["Algorithm"]
373
+ algorithm = transform_element.attributes["Algorithm"]
374
+ case algorithm
375
+ when "http://www.w3.org/TR/2001/REC-xml-c14n-20010315",
376
+ "http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"
377
+ canon_algorithm = Nokogiri::XML::XML_C14N_1_0
378
+ when "http://www.w3.org/2006/12/xml-c14n11",
379
+ "http://www.w3.org/2006/12/xml-c14n11#WithComments"
380
+ canon_algorithm = Nokogiri::XML::XML_C14N_1_1
381
+ when "http://www.w3.org/2001/10/xml-exc-c14n#",
382
+ "http://www.w3.org/2001/10/xml-exc-c14n#WithComments"
383
+ canon_algorithm = Nokogiri::XML::XML_C14N_EXCLUSIVE_1_0
384
+ end
385
+ end
386
+ end
387
+
388
+ canon_algorithm
389
+ end
390
+
363
391
  def digests_match?(hash, digest_value)
364
392
  hash == digest_value
365
393
  end
data/ruby-saml.gemspec CHANGED
@@ -15,14 +15,13 @@ Gem::Specification.new do |s|
15
15
  "LICENSE",
16
16
  "README.md"
17
17
  ]
18
- s.files = `git ls-files`.split("\n")
19
- s.homepage = %q{http://github.com/onelogin/ruby-saml}
18
+ s.files = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
19
+ s.homepage = %q{https://github.com/onelogin/ruby-saml}
20
20
  s.rdoc_options = ["--charset=UTF-8"]
21
21
  s.require_paths = ["lib"]
22
22
  s.rubygems_version = %q{1.3.7}
23
23
  s.required_ruby_version = '>= 1.8.7'
24
24
  s.summary = %q{SAML Ruby Tookit}
25
- s.test_files = `git ls-files test/*`.split("\n")
26
25
 
27
26
  # Because runtime dependencies are determined at build time, we cannot make
28
27
  # Nokogiri's version dependent on the Ruby version, even though we would
@@ -31,6 +30,7 @@ Gem::Specification.new do |s|
31
30
  if JRUBY_VERSION < '9.2.0.0'
32
31
  s.add_runtime_dependency('nokogiri', '>= 1.8.2', '<= 1.8.5')
33
32
  s.add_runtime_dependency('jruby-openssl', '>= 0.9.8')
33
+ s.add_runtime_dependency('json', '< 2.3.0')
34
34
  else
35
35
  s.add_runtime_dependency('nokogiri', '>= 1.8.2')
36
36
  end
@@ -39,8 +39,12 @@ Gem::Specification.new do |s|
39
39
  s.add_runtime_dependency('nokogiri', '<= 1.5.11')
40
40
  elsif RUBY_VERSION < '2.1'
41
41
  s.add_runtime_dependency('nokogiri', '>= 1.5.10', '<= 1.6.8.1')
42
+ s.add_runtime_dependency('json', '< 2.3.0')
43
+ elsif RUBY_VERSION < '2.3'
44
+ s.add_runtime_dependency('nokogiri', '>= 1.9.1', '<= 1.10.0')
42
45
  else
43
- s.add_runtime_dependency('nokogiri', '>= 1.5.10')
46
+ s.add_runtime_dependency('nokogiri', '>= 1.10.5')
47
+ s.add_runtime_dependency('rexml')
44
48
  end
45
49
 
46
50
  s.add_development_dependency('coveralls')
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: ruby-saml
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.11.0
4
+ version: 1.12.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - OneLogin LLC
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2019-07-24 00:00:00.000000000 Z
11
+ date: 2021-02-19 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: nokogiri
@@ -16,14 +16,28 @@ dependencies:
16
16
  requirements:
17
17
  - - ">="
18
18
  - !ruby/object:Gem::Version
19
- version: 1.5.10
19
+ version: 1.10.5
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - ">="
25
25
  - !ruby/object:Gem::Version
26
- version: 1.5.10
26
+ version: 1.10.5
27
+ - !ruby/object:Gem::Dependency
28
+ name: rexml
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - ">="
32
+ - !ruby/object:Gem::Version
33
+ version: '0'
34
+ type: :runtime
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - ">="
39
+ - !ruby/object:Gem::Version
40
+ version: '0'
27
41
  - !ruby/object:Gem::Dependency
28
42
  name: coveralls
29
43
  requirement: !ruby/object:Gem::Requirement
@@ -180,6 +194,7 @@ files:
180
194
  - lib/onelogin/ruby-saml/metadata.rb
181
195
  - lib/onelogin/ruby-saml/response.rb
182
196
  - lib/onelogin/ruby-saml/saml_message.rb
197
+ - lib/onelogin/ruby-saml/setting_error.rb
183
198
  - lib/onelogin/ruby-saml/settings.rb
184
199
  - lib/onelogin/ruby-saml/slo_logoutrequest.rb
185
200
  - lib/onelogin/ruby-saml/slo_logoutresponse.rb
@@ -201,144 +216,7 @@ files:
201
216
  - lib/schemas/xmldsig-core-schema.xsd
202
217
  - lib/xml_security.rb
203
218
  - ruby-saml.gemspec
204
- - test/certificates/certificate.der
205
- - test/certificates/certificate1
206
- - test/certificates/certificate_without_head_foot
207
- - test/certificates/formatted_certificate
208
- - test/certificates/formatted_chained_certificate
209
- - test/certificates/formatted_private_key
210
- - test/certificates/formatted_rsa_private_key
211
- - test/certificates/invalid_certificate1
212
- - test/certificates/invalid_certificate2
213
- - test/certificates/invalid_certificate3
214
- - test/certificates/invalid_chained_certificate1
215
- - test/certificates/invalid_private_key1
216
- - test/certificates/invalid_private_key2
217
- - test/certificates/invalid_private_key3
218
- - test/certificates/invalid_rsa_private_key1
219
- - test/certificates/invalid_rsa_private_key2
220
- - test/certificates/invalid_rsa_private_key3
221
- - test/certificates/ruby-saml-2.crt
222
- - test/certificates/ruby-saml.crt
223
- - test/certificates/ruby-saml.key
224
- - test/idp_metadata_parser_test.rb
225
- - test/logging_test.rb
226
- - test/logout_requests/invalid_slo_request.xml
227
- - test/logout_requests/slo_request.xml
228
- - test/logout_requests/slo_request.xml.base64
229
- - test/logout_requests/slo_request_deflated.xml.base64
230
- - test/logout_requests/slo_request_with_name_id_format.xml
231
- - test/logout_requests/slo_request_with_session_index.xml
232
- - test/logout_responses/logoutresponse_fixtures.rb
233
- - test/logoutrequest_test.rb
234
- - test/logoutresponse_test.rb
235
- - test/metadata/idp_descriptor.xml
236
- - test/metadata/idp_descriptor_2.xml
237
- - test/metadata/idp_descriptor_3.xml
238
- - test/metadata/idp_descriptor_4.xml
239
- - test/metadata/idp_metadata_different_sign_and_encrypt_cert.xml
240
- - test/metadata/idp_metadata_multi_certs.xml
241
- - test/metadata/idp_metadata_multi_signing_certs.xml
242
- - test/metadata/idp_metadata_same_sign_and_encrypt_cert.xml
243
- - test/metadata/idp_multiple_descriptors.xml
244
- - test/metadata/idp_multiple_descriptors_2.xml
245
- - test/metadata/no_idp_descriptor.xml
246
- - test/metadata_test.rb
247
- - test/request_test.rb
248
- - test/response_test.rb
249
- - test/responses/adfs_response_sha1.xml
250
- - test/responses/adfs_response_sha256.xml
251
- - test/responses/adfs_response_sha384.xml
252
- - test/responses/adfs_response_sha512.xml
253
- - test/responses/adfs_response_xmlns.xml
254
- - test/responses/attackxee.xml
255
- - test/responses/invalids/duplicated_attributes.xml.base64
256
- - test/responses/invalids/empty_destination.xml.base64
257
- - test/responses/invalids/empty_nameid.xml.base64
258
- - test/responses/invalids/encrypted_new_attack.xml.base64
259
- - test/responses/invalids/invalid_audience.xml.base64
260
- - test/responses/invalids/invalid_issuer_assertion.xml.base64
261
- - test/responses/invalids/invalid_issuer_message.xml.base64
262
- - test/responses/invalids/invalid_signature_position.xml.base64
263
- - test/responses/invalids/invalid_subjectconfirmation_inresponse.xml.base64
264
- - test/responses/invalids/invalid_subjectconfirmation_nb.xml.base64
265
- - test/responses/invalids/invalid_subjectconfirmation_noa.xml.base64
266
- - test/responses/invalids/invalid_subjectconfirmation_recipient.xml.base64
267
- - test/responses/invalids/multiple_assertions.xml.base64
268
- - test/responses/invalids/multiple_signed.xml.base64
269
- - test/responses/invalids/no_authnstatement.xml.base64
270
- - test/responses/invalids/no_conditions.xml.base64
271
- - test/responses/invalids/no_id.xml.base64
272
- - test/responses/invalids/no_issuer_assertion.xml.base64
273
- - test/responses/invalids/no_issuer_response.xml.base64
274
- - test/responses/invalids/no_nameid.xml.base64
275
- - test/responses/invalids/no_saml2.xml.base64
276
- - test/responses/invalids/no_signature.xml.base64
277
- - test/responses/invalids/no_status.xml.base64
278
- - test/responses/invalids/no_status_code.xml.base64
279
- - test/responses/invalids/no_subjectconfirmation_data.xml.base64
280
- - test/responses/invalids/no_subjectconfirmation_method.xml.base64
281
- - test/responses/invalids/response_invalid_signed_element.xml.base64
282
- - test/responses/invalids/response_with_concealed_signed_assertion.xml
283
- - test/responses/invalids/response_with_doubled_signed_assertion.xml
284
- - test/responses/invalids/signature_wrapping_attack.xml.base64
285
- - test/responses/invalids/status_code_responder.xml.base64
286
- - test/responses/invalids/status_code_responer_and_msg.xml.base64
287
- - test/responses/invalids/wrong_spnamequalifier.xml.base64
288
- - test/responses/no_signature_ns.xml
289
- - test/responses/open_saml_response.xml
290
- - test/responses/response_assertion_wrapped.xml.base64
291
- - test/responses/response_audience_self_closed_tag.xml.base64
292
- - test/responses/response_double_status_code.xml.base64
293
- - test/responses/response_encrypted_attrs.xml.base64
294
- - test/responses/response_encrypted_nameid.xml.base64
295
- - test/responses/response_eval.xml
296
- - test/responses/response_no_cert_and_encrypted_attrs.xml
297
- - test/responses/response_node_text_attack.xml.base64
298
- - test/responses/response_node_text_attack2.xml.base64
299
- - test/responses/response_node_text_attack3.xml.base64
300
- - test/responses/response_unsigned_xml_base64
301
- - test/responses/response_with_ampersands.xml
302
- - test/responses/response_with_ampersands.xml.base64
303
- - test/responses/response_with_ds_namespace_at_the_root.xml.base64
304
- - test/responses/response_with_multiple_attribute_statements.xml
305
- - test/responses/response_with_multiple_attribute_values.xml
306
- - test/responses/response_with_retrieval_method.xml
307
- - test/responses/response_with_saml2_namespace.xml.base64
308
- - test/responses/response_with_signed_assertion.xml.base64
309
- - test/responses/response_with_signed_assertion_2.xml.base64
310
- - test/responses/response_with_signed_assertion_3.xml
311
- - test/responses/response_with_signed_message_and_assertion.xml
312
- - test/responses/response_with_undefined_recipient.xml.base64
313
- - test/responses/response_without_attributes.xml.base64
314
- - test/responses/response_without_reference_uri.xml.base64
315
- - test/responses/response_wrapped.xml.base64
316
- - test/responses/signed_message_encrypted_signed_assertion.xml.base64
317
- - test/responses/signed_message_encrypted_unsigned_assertion.xml.base64
318
- - test/responses/signed_nameid_in_atts.xml
319
- - test/responses/signed_unqual_nameid_in_atts.xml
320
- - test/responses/simple_saml_php.xml
321
- - test/responses/starfield_response.xml.base64
322
- - test/responses/test_sign.xml
323
- - test/responses/unsigned_encrypted_adfs.xml
324
- - test/responses/unsigned_message_aes128_encrypted_signed_assertion.xml.base64
325
- - test/responses/unsigned_message_aes192_encrypted_signed_assertion.xml.base64
326
- - test/responses/unsigned_message_aes256_encrypted_signed_assertion.xml.base64
327
- - test/responses/unsigned_message_des192_encrypted_signed_assertion.xml.base64
328
- - test/responses/unsigned_message_encrypted_assertion_without_saml_namespace.xml.base64
329
- - test/responses/unsigned_message_encrypted_signed_assertion.xml.base64
330
- - test/responses/unsigned_message_encrypted_unsigned_assertion.xml.base64
331
- - test/responses/valid_response.xml.base64
332
- - test/responses/valid_response_with_formatted_x509certificate.xml.base64
333
- - test/responses/valid_response_without_x509certificate.xml.base64
334
- - test/saml_message_test.rb
335
- - test/settings_test.rb
336
- - test/slo_logoutrequest_test.rb
337
- - test/slo_logoutresponse_test.rb
338
- - test/test_helper.rb
339
- - test/utils_test.rb
340
- - test/xml_security_test.rb
341
- homepage: http://github.com/onelogin/ruby-saml
219
+ homepage: https://github.com/onelogin/ruby-saml
342
220
  licenses:
343
221
  - MIT
344
222
  metadata: {}
@@ -358,146 +236,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
358
236
  - !ruby/object:Gem::Version
359
237
  version: '0'
360
238
  requirements: []
361
- rubyforge_project:
362
- rubygems_version: 2.5.2.1
239
+ rubygems_version: 3.0.8
363
240
  signing_key:
364
241
  specification_version: 4
365
242
  summary: SAML Ruby Tookit
366
- test_files:
367
- - test/certificates/certificate.der
368
- - test/certificates/certificate1
369
- - test/certificates/certificate_without_head_foot
370
- - test/certificates/formatted_certificate
371
- - test/certificates/formatted_chained_certificate
372
- - test/certificates/formatted_private_key
373
- - test/certificates/formatted_rsa_private_key
374
- - test/certificates/invalid_certificate1
375
- - test/certificates/invalid_certificate2
376
- - test/certificates/invalid_certificate3
377
- - test/certificates/invalid_chained_certificate1
378
- - test/certificates/invalid_private_key1
379
- - test/certificates/invalid_private_key2
380
- - test/certificates/invalid_private_key3
381
- - test/certificates/invalid_rsa_private_key1
382
- - test/certificates/invalid_rsa_private_key2
383
- - test/certificates/invalid_rsa_private_key3
384
- - test/certificates/ruby-saml-2.crt
385
- - test/certificates/ruby-saml.crt
386
- - test/certificates/ruby-saml.key
387
- - test/idp_metadata_parser_test.rb
388
- - test/logging_test.rb
389
- - test/logout_requests/invalid_slo_request.xml
390
- - test/logout_requests/slo_request.xml
391
- - test/logout_requests/slo_request.xml.base64
392
- - test/logout_requests/slo_request_deflated.xml.base64
393
- - test/logout_requests/slo_request_with_name_id_format.xml
394
- - test/logout_requests/slo_request_with_session_index.xml
395
- - test/logout_responses/logoutresponse_fixtures.rb
396
- - test/logoutrequest_test.rb
397
- - test/logoutresponse_test.rb
398
- - test/metadata/idp_descriptor.xml
399
- - test/metadata/idp_descriptor_2.xml
400
- - test/metadata/idp_descriptor_3.xml
401
- - test/metadata/idp_descriptor_4.xml
402
- - test/metadata/idp_metadata_different_sign_and_encrypt_cert.xml
403
- - test/metadata/idp_metadata_multi_certs.xml
404
- - test/metadata/idp_metadata_multi_signing_certs.xml
405
- - test/metadata/idp_metadata_same_sign_and_encrypt_cert.xml
406
- - test/metadata/idp_multiple_descriptors.xml
407
- - test/metadata/idp_multiple_descriptors_2.xml
408
- - test/metadata/no_idp_descriptor.xml
409
- - test/metadata_test.rb
410
- - test/request_test.rb
411
- - test/response_test.rb
412
- - test/responses/adfs_response_sha1.xml
413
- - test/responses/adfs_response_sha256.xml
414
- - test/responses/adfs_response_sha384.xml
415
- - test/responses/adfs_response_sha512.xml
416
- - test/responses/adfs_response_xmlns.xml
417
- - test/responses/attackxee.xml
418
- - test/responses/invalids/duplicated_attributes.xml.base64
419
- - test/responses/invalids/empty_destination.xml.base64
420
- - test/responses/invalids/empty_nameid.xml.base64
421
- - test/responses/invalids/encrypted_new_attack.xml.base64
422
- - test/responses/invalids/invalid_audience.xml.base64
423
- - test/responses/invalids/invalid_issuer_assertion.xml.base64
424
- - test/responses/invalids/invalid_issuer_message.xml.base64
425
- - test/responses/invalids/invalid_signature_position.xml.base64
426
- - test/responses/invalids/invalid_subjectconfirmation_inresponse.xml.base64
427
- - test/responses/invalids/invalid_subjectconfirmation_nb.xml.base64
428
- - test/responses/invalids/invalid_subjectconfirmation_noa.xml.base64
429
- - test/responses/invalids/invalid_subjectconfirmation_recipient.xml.base64
430
- - test/responses/invalids/multiple_assertions.xml.base64
431
- - test/responses/invalids/multiple_signed.xml.base64
432
- - test/responses/invalids/no_authnstatement.xml.base64
433
- - test/responses/invalids/no_conditions.xml.base64
434
- - test/responses/invalids/no_id.xml.base64
435
- - test/responses/invalids/no_issuer_assertion.xml.base64
436
- - test/responses/invalids/no_issuer_response.xml.base64
437
- - test/responses/invalids/no_nameid.xml.base64
438
- - test/responses/invalids/no_saml2.xml.base64
439
- - test/responses/invalids/no_signature.xml.base64
440
- - test/responses/invalids/no_status.xml.base64
441
- - test/responses/invalids/no_status_code.xml.base64
442
- - test/responses/invalids/no_subjectconfirmation_data.xml.base64
443
- - test/responses/invalids/no_subjectconfirmation_method.xml.base64
444
- - test/responses/invalids/response_invalid_signed_element.xml.base64
445
- - test/responses/invalids/response_with_concealed_signed_assertion.xml
446
- - test/responses/invalids/response_with_doubled_signed_assertion.xml
447
- - test/responses/invalids/signature_wrapping_attack.xml.base64
448
- - test/responses/invalids/status_code_responder.xml.base64
449
- - test/responses/invalids/status_code_responer_and_msg.xml.base64
450
- - test/responses/invalids/wrong_spnamequalifier.xml.base64
451
- - test/responses/no_signature_ns.xml
452
- - test/responses/open_saml_response.xml
453
- - test/responses/response_assertion_wrapped.xml.base64
454
- - test/responses/response_audience_self_closed_tag.xml.base64
455
- - test/responses/response_double_status_code.xml.base64
456
- - test/responses/response_encrypted_attrs.xml.base64
457
- - test/responses/response_encrypted_nameid.xml.base64
458
- - test/responses/response_eval.xml
459
- - test/responses/response_no_cert_and_encrypted_attrs.xml
460
- - test/responses/response_node_text_attack.xml.base64
461
- - test/responses/response_node_text_attack2.xml.base64
462
- - test/responses/response_node_text_attack3.xml.base64
463
- - test/responses/response_unsigned_xml_base64
464
- - test/responses/response_with_ampersands.xml
465
- - test/responses/response_with_ampersands.xml.base64
466
- - test/responses/response_with_ds_namespace_at_the_root.xml.base64
467
- - test/responses/response_with_multiple_attribute_statements.xml
468
- - test/responses/response_with_multiple_attribute_values.xml
469
- - test/responses/response_with_retrieval_method.xml
470
- - test/responses/response_with_saml2_namespace.xml.base64
471
- - test/responses/response_with_signed_assertion.xml.base64
472
- - test/responses/response_with_signed_assertion_2.xml.base64
473
- - test/responses/response_with_signed_assertion_3.xml
474
- - test/responses/response_with_signed_message_and_assertion.xml
475
- - test/responses/response_with_undefined_recipient.xml.base64
476
- - test/responses/response_without_attributes.xml.base64
477
- - test/responses/response_without_reference_uri.xml.base64
478
- - test/responses/response_wrapped.xml.base64
479
- - test/responses/signed_message_encrypted_signed_assertion.xml.base64
480
- - test/responses/signed_message_encrypted_unsigned_assertion.xml.base64
481
- - test/responses/signed_nameid_in_atts.xml
482
- - test/responses/signed_unqual_nameid_in_atts.xml
483
- - test/responses/simple_saml_php.xml
484
- - test/responses/starfield_response.xml.base64
485
- - test/responses/test_sign.xml
486
- - test/responses/unsigned_encrypted_adfs.xml
487
- - test/responses/unsigned_message_aes128_encrypted_signed_assertion.xml.base64
488
- - test/responses/unsigned_message_aes192_encrypted_signed_assertion.xml.base64
489
- - test/responses/unsigned_message_aes256_encrypted_signed_assertion.xml.base64
490
- - test/responses/unsigned_message_des192_encrypted_signed_assertion.xml.base64
491
- - test/responses/unsigned_message_encrypted_assertion_without_saml_namespace.xml.base64
492
- - test/responses/unsigned_message_encrypted_signed_assertion.xml.base64
493
- - test/responses/unsigned_message_encrypted_unsigned_assertion.xml.base64
494
- - test/responses/valid_response.xml.base64
495
- - test/responses/valid_response_with_formatted_x509certificate.xml.base64
496
- - test/responses/valid_response_without_x509certificate.xml.base64
497
- - test/saml_message_test.rb
498
- - test/settings_test.rb
499
- - test/slo_logoutrequest_test.rb
500
- - test/slo_logoutresponse_test.rb
501
- - test/test_helper.rb
502
- - test/utils_test.rb
503
- - test/xml_security_test.rb
243
+ test_files: []