ruby-saml 1.12.3 → 1.13.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of ruby-saml might be problematic. Click here for more details.
- checksums.yaml +5 -5
- data/.github/workflows/test.yml +25 -0
- data/{changelog.md → CHANGELOG.md} +19 -9
- data/README.md +288 -226
- data/UPGRADING.md +149 -0
- data/lib/onelogin/ruby-saml/authrequest.rb +2 -3
- data/lib/onelogin/ruby-saml/idp_metadata_parser.rb +110 -77
- data/lib/onelogin/ruby-saml/logoutrequest.rb +3 -3
- data/lib/onelogin/ruby-saml/logoutresponse.rb +1 -1
- data/lib/onelogin/ruby-saml/metadata.rb +59 -22
- data/lib/onelogin/ruby-saml/response.rb +13 -15
- data/lib/onelogin/ruby-saml/saml_message.rb +6 -7
- data/lib/onelogin/ruby-saml/settings.rb +76 -68
- data/lib/onelogin/ruby-saml/slo_logoutrequest.rb +12 -4
- data/lib/onelogin/ruby-saml/slo_logoutresponse.rb +2 -2
- data/lib/onelogin/ruby-saml/utils.rb +27 -22
- data/lib/onelogin/ruby-saml/version.rb +1 -1
- data/lib/xml_security.rb +12 -27
- metadata +10 -8
- data/.travis.yml +0 -48
data/lib/xml_security.rb
CHANGED
@@ -159,15 +159,13 @@ module XMLSecurity
|
|
159
159
|
x509_cert_element.text = Base64.encode64(certificate.to_der).gsub(/\n/, "")
|
160
160
|
|
161
161
|
# add the signature
|
162
|
-
issuer_element =
|
162
|
+
issuer_element = elements["//saml:Issuer"]
|
163
163
|
if issuer_element
|
164
|
-
|
164
|
+
root.insert_after(issuer_element, signature_element)
|
165
|
+
elsif first_child = root.children[0]
|
166
|
+
root.insert_before(first_child, signature_element)
|
165
167
|
else
|
166
|
-
|
167
|
-
self.root.insert_before sp_sso_descriptor, signature_element
|
168
|
-
else
|
169
|
-
self.root.add_element(signature_element)
|
170
|
-
end
|
168
|
+
root.add_element(signature_element)
|
171
169
|
end
|
172
170
|
end
|
173
171
|
|
@@ -312,30 +310,17 @@ module XMLSecurity
|
|
312
310
|
canon_string = noko_signed_info_element.canonicalize(canon_algorithm)
|
313
311
|
noko_sig_element.remove
|
314
312
|
|
315
|
-
# get signed info
|
316
|
-
signed_info_element = REXML::XPath.first(
|
317
|
-
sig_element,
|
318
|
-
"./ds:SignedInfo",
|
319
|
-
{ "ds" => DSIG }
|
320
|
-
)
|
321
|
-
|
322
313
|
# get inclusive namespaces
|
323
314
|
inclusive_namespaces = extract_inclusive_namespaces
|
324
315
|
|
325
316
|
# check digests
|
326
|
-
ref = REXML::XPath.first(
|
327
|
-
|
328
|
-
reference_nodes = document.xpath("//*[@ID=$id]", nil, { 'id' => extract_signed_element_id })
|
317
|
+
ref = REXML::XPath.first(sig_element, "//ds:Reference", {"ds"=>DSIG})
|
329
318
|
|
330
|
-
|
331
|
-
return append_error("Duplicated IDs found", soft)
|
332
|
-
end
|
333
|
-
|
334
|
-
hashed_element = reference_nodes[0]
|
319
|
+
hashed_element = document.at_xpath("//*[@ID=$id]", nil, { 'id' => extract_signed_element_id })
|
335
320
|
|
336
321
|
canon_algorithm = canon_algorithm REXML::XPath.first(
|
337
|
-
|
338
|
-
'
|
322
|
+
ref,
|
323
|
+
'//ds:CanonicalizationMethod',
|
339
324
|
{ "ds" => DSIG }
|
340
325
|
)
|
341
326
|
|
@@ -345,13 +330,13 @@ module XMLSecurity
|
|
345
330
|
|
346
331
|
digest_algorithm = algorithm(REXML::XPath.first(
|
347
332
|
ref,
|
348
|
-
"
|
333
|
+
"//ds:DigestMethod",
|
349
334
|
{ "ds" => DSIG }
|
350
335
|
))
|
351
336
|
hash = digest_algorithm.digest(canon_hashed_element)
|
352
337
|
encoded_digest_value = REXML::XPath.first(
|
353
338
|
ref,
|
354
|
-
"
|
339
|
+
"//ds:DigestValue",
|
355
340
|
{ "ds" => DSIG }
|
356
341
|
)
|
357
342
|
digest_value = Base64.decode64(OneLogin::RubySaml::Utils.element_text(encoded_digest_value))
|
@@ -377,7 +362,7 @@ module XMLSecurity
|
|
377
362
|
def process_transforms(ref, canon_algorithm)
|
378
363
|
transforms = REXML::XPath.match(
|
379
364
|
ref,
|
380
|
-
"
|
365
|
+
"//ds:Transforms/ds:Transform",
|
381
366
|
{ "ds" => DSIG }
|
382
367
|
)
|
383
368
|
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: ruby-saml
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.13.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- OneLogin LLC
|
8
|
-
autorequire:
|
8
|
+
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2021-09-06 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: nokogiri
|
@@ -173,13 +173,14 @@ extra_rdoc_files:
|
|
173
173
|
- README.md
|
174
174
|
files:
|
175
175
|
- ".document"
|
176
|
+
- ".github/workflows/test.yml"
|
176
177
|
- ".gitignore"
|
177
|
-
-
|
178
|
+
- CHANGELOG.md
|
178
179
|
- Gemfile
|
179
180
|
- LICENSE
|
180
181
|
- README.md
|
181
182
|
- Rakefile
|
182
|
-
-
|
183
|
+
- UPGRADING.md
|
183
184
|
- gemfiles/nokogiri-1.5.gemfile
|
184
185
|
- lib/onelogin/ruby-saml.rb
|
185
186
|
- lib/onelogin/ruby-saml/attribute_service.rb
|
@@ -220,7 +221,7 @@ homepage: https://github.com/onelogin/ruby-saml
|
|
220
221
|
licenses:
|
221
222
|
- MIT
|
222
223
|
metadata: {}
|
223
|
-
post_install_message:
|
224
|
+
post_install_message:
|
224
225
|
rdoc_options:
|
225
226
|
- "--charset=UTF-8"
|
226
227
|
require_paths:
|
@@ -236,8 +237,9 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
236
237
|
- !ruby/object:Gem::Version
|
237
238
|
version: '0'
|
238
239
|
requirements: []
|
239
|
-
|
240
|
-
|
240
|
+
rubyforge_project:
|
241
|
+
rubygems_version: 2.5.2.1
|
242
|
+
signing_key:
|
241
243
|
specification_version: 4
|
242
244
|
summary: SAML Ruby Tookit
|
243
245
|
test_files: []
|
data/.travis.yml
DELETED
@@ -1,48 +0,0 @@
|
|
1
|
-
language: ruby
|
2
|
-
rvm:
|
3
|
-
- 1.9.3
|
4
|
-
- 2.0.0
|
5
|
-
- 2.1.10
|
6
|
-
- 2.2.10
|
7
|
-
- 2.3.8
|
8
|
-
- 2.4.6
|
9
|
-
- 2.5.8
|
10
|
-
- 2.6.6
|
11
|
-
- 2.7.2
|
12
|
-
- 3.0.0
|
13
|
-
- jruby-1.7.27
|
14
|
-
- jruby-9.1.17.0
|
15
|
-
- jruby-9.2.13.0
|
16
|
-
gemfile:
|
17
|
-
- Gemfile
|
18
|
-
- gemfiles/nokogiri-1.5.gemfile
|
19
|
-
before_install:
|
20
|
-
- gem update bundler
|
21
|
-
matrix:
|
22
|
-
exclude:
|
23
|
-
- rvm: jruby-1.7.27
|
24
|
-
gemfile: gemfiles/nokogiri-1.5.gemfile
|
25
|
-
- rvm: jruby-9.1.17.0
|
26
|
-
gemfile: gemfiles/nokogiri-1.5.gemfile
|
27
|
-
- rvm: jruby-9.2.13.0
|
28
|
-
gemfile: gemfiles/nokogiri-1.5.gemfile
|
29
|
-
- rvm: 2.1.5
|
30
|
-
gemfile: gemfiles/nokogiri-1.5.gemfile
|
31
|
-
- rvm: 2.1.10
|
32
|
-
gemfile: gemfiles/nokogiri-1.5.gemfile
|
33
|
-
- rvm: 2.2.10
|
34
|
-
gemfile: gemfiles/nokogiri-1.5.gemfile
|
35
|
-
- rvm: 2.3.8
|
36
|
-
gemfile: gemfiles/nokogiri-1.5.gemfile
|
37
|
-
- rvm: 2.4.6
|
38
|
-
gemfile: gemfiles/nokogiri-1.5.gemfile
|
39
|
-
- rvm: 2.5.8
|
40
|
-
gemfile: gemfiles/nokogiri-1.5.gemfile
|
41
|
-
- rvm: 2.6.6
|
42
|
-
gemfile: gemfiles/nokogiri-1.5.gemfile
|
43
|
-
- rvm: 2.7.2
|
44
|
-
gemfile: gemfiles/nokogiri-1.5.gemfile
|
45
|
-
- rvm: 3.0.0
|
46
|
-
gemfile: gemfiles/nokogiri-1.5.gemfile
|
47
|
-
env:
|
48
|
-
- JRUBY_OPTS="--debug"
|