ruby-saml 1.12.3 → 1.13.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of ruby-saml might be problematic. Click here for more details.
- checksums.yaml +5 -5
- data/.github/workflows/test.yml +25 -0
- data/{changelog.md → CHANGELOG.md} +19 -9
- data/README.md +288 -226
- data/UPGRADING.md +149 -0
- data/lib/onelogin/ruby-saml/authrequest.rb +2 -3
- data/lib/onelogin/ruby-saml/idp_metadata_parser.rb +110 -77
- data/lib/onelogin/ruby-saml/logoutrequest.rb +3 -3
- data/lib/onelogin/ruby-saml/logoutresponse.rb +1 -1
- data/lib/onelogin/ruby-saml/metadata.rb +59 -22
- data/lib/onelogin/ruby-saml/response.rb +13 -15
- data/lib/onelogin/ruby-saml/saml_message.rb +6 -7
- data/lib/onelogin/ruby-saml/settings.rb +76 -68
- data/lib/onelogin/ruby-saml/slo_logoutrequest.rb +12 -4
- data/lib/onelogin/ruby-saml/slo_logoutresponse.rb +2 -2
- data/lib/onelogin/ruby-saml/utils.rb +27 -22
- data/lib/onelogin/ruby-saml/version.rb +1 -1
- data/lib/xml_security.rb +12 -27
- metadata +10 -8
- data/.travis.yml +0 -48
data/lib/xml_security.rb
CHANGED
|
@@ -159,15 +159,13 @@ module XMLSecurity
|
|
|
159
159
|
x509_cert_element.text = Base64.encode64(certificate.to_der).gsub(/\n/, "")
|
|
160
160
|
|
|
161
161
|
# add the signature
|
|
162
|
-
issuer_element =
|
|
162
|
+
issuer_element = elements["//saml:Issuer"]
|
|
163
163
|
if issuer_element
|
|
164
|
-
|
|
164
|
+
root.insert_after(issuer_element, signature_element)
|
|
165
|
+
elsif first_child = root.children[0]
|
|
166
|
+
root.insert_before(first_child, signature_element)
|
|
165
167
|
else
|
|
166
|
-
|
|
167
|
-
self.root.insert_before sp_sso_descriptor, signature_element
|
|
168
|
-
else
|
|
169
|
-
self.root.add_element(signature_element)
|
|
170
|
-
end
|
|
168
|
+
root.add_element(signature_element)
|
|
171
169
|
end
|
|
172
170
|
end
|
|
173
171
|
|
|
@@ -312,30 +310,17 @@ module XMLSecurity
|
|
|
312
310
|
canon_string = noko_signed_info_element.canonicalize(canon_algorithm)
|
|
313
311
|
noko_sig_element.remove
|
|
314
312
|
|
|
315
|
-
# get signed info
|
|
316
|
-
signed_info_element = REXML::XPath.first(
|
|
317
|
-
sig_element,
|
|
318
|
-
"./ds:SignedInfo",
|
|
319
|
-
{ "ds" => DSIG }
|
|
320
|
-
)
|
|
321
|
-
|
|
322
313
|
# get inclusive namespaces
|
|
323
314
|
inclusive_namespaces = extract_inclusive_namespaces
|
|
324
315
|
|
|
325
316
|
# check digests
|
|
326
|
-
ref = REXML::XPath.first(
|
|
327
|
-
|
|
328
|
-
reference_nodes = document.xpath("//*[@ID=$id]", nil, { 'id' => extract_signed_element_id })
|
|
317
|
+
ref = REXML::XPath.first(sig_element, "//ds:Reference", {"ds"=>DSIG})
|
|
329
318
|
|
|
330
|
-
|
|
331
|
-
return append_error("Duplicated IDs found", soft)
|
|
332
|
-
end
|
|
333
|
-
|
|
334
|
-
hashed_element = reference_nodes[0]
|
|
319
|
+
hashed_element = document.at_xpath("//*[@ID=$id]", nil, { 'id' => extract_signed_element_id })
|
|
335
320
|
|
|
336
321
|
canon_algorithm = canon_algorithm REXML::XPath.first(
|
|
337
|
-
|
|
338
|
-
'
|
|
322
|
+
ref,
|
|
323
|
+
'//ds:CanonicalizationMethod',
|
|
339
324
|
{ "ds" => DSIG }
|
|
340
325
|
)
|
|
341
326
|
|
|
@@ -345,13 +330,13 @@ module XMLSecurity
|
|
|
345
330
|
|
|
346
331
|
digest_algorithm = algorithm(REXML::XPath.first(
|
|
347
332
|
ref,
|
|
348
|
-
"
|
|
333
|
+
"//ds:DigestMethod",
|
|
349
334
|
{ "ds" => DSIG }
|
|
350
335
|
))
|
|
351
336
|
hash = digest_algorithm.digest(canon_hashed_element)
|
|
352
337
|
encoded_digest_value = REXML::XPath.first(
|
|
353
338
|
ref,
|
|
354
|
-
"
|
|
339
|
+
"//ds:DigestValue",
|
|
355
340
|
{ "ds" => DSIG }
|
|
356
341
|
)
|
|
357
342
|
digest_value = Base64.decode64(OneLogin::RubySaml::Utils.element_text(encoded_digest_value))
|
|
@@ -377,7 +362,7 @@ module XMLSecurity
|
|
|
377
362
|
def process_transforms(ref, canon_algorithm)
|
|
378
363
|
transforms = REXML::XPath.match(
|
|
379
364
|
ref,
|
|
380
|
-
"
|
|
365
|
+
"//ds:Transforms/ds:Transform",
|
|
381
366
|
{ "ds" => DSIG }
|
|
382
367
|
)
|
|
383
368
|
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: ruby-saml
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.13.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- OneLogin LLC
|
|
8
|
-
autorequire:
|
|
8
|
+
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2021-09-06 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: nokogiri
|
|
@@ -173,13 +173,14 @@ extra_rdoc_files:
|
|
|
173
173
|
- README.md
|
|
174
174
|
files:
|
|
175
175
|
- ".document"
|
|
176
|
+
- ".github/workflows/test.yml"
|
|
176
177
|
- ".gitignore"
|
|
177
|
-
-
|
|
178
|
+
- CHANGELOG.md
|
|
178
179
|
- Gemfile
|
|
179
180
|
- LICENSE
|
|
180
181
|
- README.md
|
|
181
182
|
- Rakefile
|
|
182
|
-
-
|
|
183
|
+
- UPGRADING.md
|
|
183
184
|
- gemfiles/nokogiri-1.5.gemfile
|
|
184
185
|
- lib/onelogin/ruby-saml.rb
|
|
185
186
|
- lib/onelogin/ruby-saml/attribute_service.rb
|
|
@@ -220,7 +221,7 @@ homepage: https://github.com/onelogin/ruby-saml
|
|
|
220
221
|
licenses:
|
|
221
222
|
- MIT
|
|
222
223
|
metadata: {}
|
|
223
|
-
post_install_message:
|
|
224
|
+
post_install_message:
|
|
224
225
|
rdoc_options:
|
|
225
226
|
- "--charset=UTF-8"
|
|
226
227
|
require_paths:
|
|
@@ -236,8 +237,9 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
236
237
|
- !ruby/object:Gem::Version
|
|
237
238
|
version: '0'
|
|
238
239
|
requirements: []
|
|
239
|
-
|
|
240
|
-
|
|
240
|
+
rubyforge_project:
|
|
241
|
+
rubygems_version: 2.5.2.1
|
|
242
|
+
signing_key:
|
|
241
243
|
specification_version: 4
|
|
242
244
|
summary: SAML Ruby Tookit
|
|
243
245
|
test_files: []
|
data/.travis.yml
DELETED
|
@@ -1,48 +0,0 @@
|
|
|
1
|
-
language: ruby
|
|
2
|
-
rvm:
|
|
3
|
-
- 1.9.3
|
|
4
|
-
- 2.0.0
|
|
5
|
-
- 2.1.10
|
|
6
|
-
- 2.2.10
|
|
7
|
-
- 2.3.8
|
|
8
|
-
- 2.4.6
|
|
9
|
-
- 2.5.8
|
|
10
|
-
- 2.6.6
|
|
11
|
-
- 2.7.2
|
|
12
|
-
- 3.0.0
|
|
13
|
-
- jruby-1.7.27
|
|
14
|
-
- jruby-9.1.17.0
|
|
15
|
-
- jruby-9.2.13.0
|
|
16
|
-
gemfile:
|
|
17
|
-
- Gemfile
|
|
18
|
-
- gemfiles/nokogiri-1.5.gemfile
|
|
19
|
-
before_install:
|
|
20
|
-
- gem update bundler
|
|
21
|
-
matrix:
|
|
22
|
-
exclude:
|
|
23
|
-
- rvm: jruby-1.7.27
|
|
24
|
-
gemfile: gemfiles/nokogiri-1.5.gemfile
|
|
25
|
-
- rvm: jruby-9.1.17.0
|
|
26
|
-
gemfile: gemfiles/nokogiri-1.5.gemfile
|
|
27
|
-
- rvm: jruby-9.2.13.0
|
|
28
|
-
gemfile: gemfiles/nokogiri-1.5.gemfile
|
|
29
|
-
- rvm: 2.1.5
|
|
30
|
-
gemfile: gemfiles/nokogiri-1.5.gemfile
|
|
31
|
-
- rvm: 2.1.10
|
|
32
|
-
gemfile: gemfiles/nokogiri-1.5.gemfile
|
|
33
|
-
- rvm: 2.2.10
|
|
34
|
-
gemfile: gemfiles/nokogiri-1.5.gemfile
|
|
35
|
-
- rvm: 2.3.8
|
|
36
|
-
gemfile: gemfiles/nokogiri-1.5.gemfile
|
|
37
|
-
- rvm: 2.4.6
|
|
38
|
-
gemfile: gemfiles/nokogiri-1.5.gemfile
|
|
39
|
-
- rvm: 2.5.8
|
|
40
|
-
gemfile: gemfiles/nokogiri-1.5.gemfile
|
|
41
|
-
- rvm: 2.6.6
|
|
42
|
-
gemfile: gemfiles/nokogiri-1.5.gemfile
|
|
43
|
-
- rvm: 2.7.2
|
|
44
|
-
gemfile: gemfiles/nokogiri-1.5.gemfile
|
|
45
|
-
- rvm: 3.0.0
|
|
46
|
-
gemfile: gemfiles/nokogiri-1.5.gemfile
|
|
47
|
-
env:
|
|
48
|
-
- JRUBY_OPTS="--debug"
|