ruby-saml 0.3.2 → 0.3.3
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of ruby-saml might be problematic. Click here for more details.
- data/VERSION +1 -1
- data/lib/onelogin/saml/response.rb +11 -6
- data/ruby-saml.gemspec +4 -3
- data/test/{response.txt → responses/response1.xml.base64} +0 -0
- data/test/responses/response2.xml.base64 +79 -0
- data/test/ruby-saml_test.rb +7 -0
- data/test/test_helper.rb +5 -1
- metadata +6 -5
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
0.3.
|
|
1
|
+
0.3.3
|
|
@@ -3,12 +3,17 @@ require "time"
|
|
|
3
3
|
|
|
4
4
|
module Onelogin::Saml
|
|
5
5
|
class Response
|
|
6
|
-
attr_accessor :response, :document, :logger, :settings
|
|
6
|
+
attr_accessor :response, :document, :logger, :settings, :namespace
|
|
7
7
|
|
|
8
8
|
def initialize(response)
|
|
9
9
|
raise ArgumentError.new("Response cannot be nil") if response.nil?
|
|
10
|
-
self.response
|
|
11
|
-
self.document
|
|
10
|
+
self.response = response
|
|
11
|
+
self.document = XMLSecurity::SignedDocument.new(Base64.decode64(response))
|
|
12
|
+
self.namespace = "saml"
|
|
13
|
+
|
|
14
|
+
if document.elements["/#{namespace}p:Response/"].nil?
|
|
15
|
+
self.namespace = "saml2"
|
|
16
|
+
end
|
|
12
17
|
end
|
|
13
18
|
|
|
14
19
|
def is_valid?
|
|
@@ -21,12 +26,12 @@ module Onelogin::Saml
|
|
|
21
26
|
|
|
22
27
|
# The value of the user identifier as designated by the initialization request response
|
|
23
28
|
def name_id
|
|
24
|
-
@name_id ||= document.elements["
|
|
29
|
+
@name_id ||= document.elements["/#{namespace}p:Response/#{namespace}:Assertion/#{namespace}:Subject/#{namespace}:NameID"].text
|
|
25
30
|
end
|
|
26
31
|
|
|
27
32
|
# A hash of alle the attributes with the response. Assuming there is onlye one value for each key
|
|
28
33
|
def attributes
|
|
29
|
-
saml_attribute_statements = document.elements["
|
|
34
|
+
saml_attribute_statements = document.elements["/#{namespace}p:Response/#{namespace}:Assertion/#{namespace}:AttributeStatement"].elements
|
|
30
35
|
statements = saml_attribute_statements.map do |child|
|
|
31
36
|
child.attributes.map do |key, attribute|
|
|
32
37
|
[attribute, child.elements.first.text]
|
|
@@ -39,7 +44,7 @@ module Onelogin::Saml
|
|
|
39
44
|
|
|
40
45
|
# When this user session should expire at latest
|
|
41
46
|
def session_expires_at
|
|
42
|
-
@expires_at ||= Time.parse(document.elements["
|
|
47
|
+
@expires_at ||= Time.parse(document.elements["/#{namespace}p:Response/#{namespace}:Assertion/#{namespace}:AuthnStatement"].attributes["SessionNotOnOrAfter"])
|
|
43
48
|
end
|
|
44
49
|
|
|
45
50
|
private
|
data/ruby-saml.gemspec
CHANGED
|
@@ -5,11 +5,11 @@
|
|
|
5
5
|
|
|
6
6
|
Gem::Specification.new do |s|
|
|
7
7
|
s.name = %q{ruby-saml}
|
|
8
|
-
s.version = "0.3.
|
|
8
|
+
s.version = "0.3.3"
|
|
9
9
|
|
|
10
10
|
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
|
11
11
|
s.authors = ["OneLogin LLC"]
|
|
12
|
-
s.date = %q{2011-
|
|
12
|
+
s.date = %q{2011-04-18}
|
|
13
13
|
s.description = %q{SAML toolkit for Ruby on Rails}
|
|
14
14
|
s.email = %q{support@onelogin.com}
|
|
15
15
|
s.extra_rdoc_files = [
|
|
@@ -30,7 +30,8 @@ Gem::Specification.new do |s|
|
|
|
30
30
|
"lib/ruby-saml.rb",
|
|
31
31
|
"lib/xml_security.rb",
|
|
32
32
|
"ruby-saml.gemspec",
|
|
33
|
-
"test/
|
|
33
|
+
"test/responses/response1.xml.base64",
|
|
34
|
+
"test/responses/response2.xml.base64",
|
|
34
35
|
"test/ruby-saml_test.rb",
|
|
35
36
|
"test/test_helper.rb",
|
|
36
37
|
"test/xml_security_test.rb"
|
|
File without changes
|
|
@@ -0,0 +1,79 @@
|
|
|
1
|
+
PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz4KPHNhbWwy
|
|
2
|
+
cDpSZXNwb25zZSB4bWxuczpzYW1sMnA9InVybjpvYXNpczpuYW1lczp0YzpT
|
|
3
|
+
QU1MOjIuMDpwcm90b2NvbCIgRGVzdGluYXRpb249Imh0dHBzOi8vd2liYmxl
|
|
4
|
+
MTI5OTY5MzIwOC5leGFtcGxlLmNvbS9hY2Nlc3Mvc2FtbCIgSUQ9ImlkMTMw
|
|
5
|
+
MzEzOTUyNjA0ODY2MjAwMDE1OTIzNzMwNDciIElzc3VlSW5zdGFudD0iMjAx
|
|
6
|
+
MS0wNC0xOFQxNToxMjowNS45OTRaIiBWZXJzaW9uPSIyLjAiPgogIDxzYW1s
|
|
7
|
+
MjpJc3N1ZXIgeG1sbnM6c2FtbDI9InVybjpvYXNpczpuYW1lczp0YzpTQU1M
|
|
8
|
+
OjIuMDphc3NlcnRpb24iIEZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNB
|
|
9
|
+
TUw6Mi4wOm5hbWVpZC1mb3JtYXQ6ZW50aXR5Ij53aWJibGU8L3NhbWwyOklz
|
|
10
|
+
c3Vlcj4KICA8c2FtbDJwOlN0YXR1cyB4bWxuczpzYW1sMnA9InVybjpvYXNp
|
|
11
|
+
czpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCI+CiAgICA8c2FtbDJwOlN0
|
|
12
|
+
YXR1c0NvZGUgVmFsdWU9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpz
|
|
13
|
+
dGF0dXM6U3VjY2VzcyIvPgogIDwvc2FtbDJwOlN0YXR1cz4KICA8c2FtbDI6
|
|
14
|
+
QXNzZXJ0aW9uIHhtbG5zOnNhbWwyPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FN
|
|
15
|
+
TDoyLjA6YXNzZXJ0aW9uIiBJRD0iaWQxMzAzMTM5NTI2MDU2NjkzMDAwOTI4
|
|
16
|
+
Mzg2OTY2IiBJc3N1ZUluc3RhbnQ9IjIwMTEtMDQtMThUMTU6MTI6MDUuOTk0
|
|
17
|
+
WiIgVmVyc2lvbj0iMi4wIj4KICAgIDxzYW1sMjpJc3N1ZXIgeG1sbnM6c2Ft
|
|
18
|
+
bDI9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iIEZv
|
|
19
|
+
cm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOm5hbWVpZC1mb3Jt
|
|
20
|
+
YXQ6ZW50aXR5Ij53aWJibGU8L3NhbWwyOklzc3Vlcj4KICAgIDxkczpTaWdu
|
|
21
|
+
YXR1cmUgeG1sbnM6ZHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1s
|
|
22
|
+
ZHNpZyMiPgogICAgICA8ZHM6U2lnbmVkSW5mbyB4bWxuczpkcz0iaHR0cDov
|
|
23
|
+
L3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnIyI+CiAgICAgICAgPGRzOkNh
|
|
24
|
+
bm9uaWNhbGl6YXRpb25NZXRob2QgeG1sbnM6ZHM9Imh0dHA6Ly93d3cudzMu
|
|
25
|
+
b3JnLzIwMDAvMDkveG1sZHNpZyMiIEFsZ29yaXRobT0iaHR0cDovL3d3dy53
|
|
26
|
+
My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+CiAgICAgICAgPGRzOlNp
|
|
27
|
+
Z25hdHVyZU1ldGhvZCB4bWxuczpkcz0iaHR0cDovL3d3dy53My5vcmcvMjAw
|
|
28
|
+
MC8wOS94bWxkc2lnIyIgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8y
|
|
29
|
+
MDAwLzA5L3htbGRzaWcjcnNhLXNoYTEiLz4KICAgICAgICA8ZHM6UmVmZXJl
|
|
30
|
+
bmNlIHhtbG5zOmRzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRz
|
|
31
|
+
aWcjIiBVUkk9IiNpZDEzMDMxMzk1MjYwNTY2OTMwMDA5MjgzODY5NjYiPgog
|
|
32
|
+
ICAgICAgICAgPGRzOlRyYW5zZm9ybXMgeG1sbnM6ZHM9Imh0dHA6Ly93d3cu
|
|
33
|
+
dzMub3JnLzIwMDAvMDkveG1sZHNpZyMiPgogICAgICAgICAgICA8ZHM6VHJh
|
|
34
|
+
bnNmb3JtIHhtbG5zOmRzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3ht
|
|
35
|
+
bGRzaWcjIiBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkv
|
|
36
|
+
eG1sZHNpZyNlbnZlbG9wZWQtc2lnbmF0dXJlIi8+CiAgICAgICAgICAgIDxk
|
|
37
|
+
czpUcmFuc2Zvcm0geG1sbnM6ZHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAv
|
|
38
|
+
MDkveG1sZHNpZyMiIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAw
|
|
39
|
+
MS8xMC94bWwtZXhjLWMxNG4jIj4KICAgICAgICAgICAgICA8ZWM6SW5jbHVz
|
|
40
|
+
aXZlTmFtZXNwYWNlcyB4bWxuczplYz0iaHR0cDovL3d3dy53My5vcmcvMjAw
|
|
41
|
+
MS8xMC94bWwtZXhjLWMxNG4jIiBQcmVmaXhMaXN0PSJkcyBzYW1sMiIvPgog
|
|
42
|
+
ICAgICAgICAgICA8L2RzOlRyYW5zZm9ybT4KICAgICAgICAgIDwvZHM6VHJh
|
|
43
|
+
bnNmb3Jtcz4KICAgICAgICAgIDxkczpEaWdlc3RNZXRob2QgeG1sbnM6ZHM9
|
|
44
|
+
Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiIEFsZ29yaXRo
|
|
45
|
+
bT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI3NoYTEiLz4K
|
|
46
|
+
ICAgICAgICAgIDxkczpEaWdlc3RWYWx1ZSB4bWxuczpkcz0iaHR0cDovL3d3
|
|
47
|
+
dy53My5vcmcvMjAwMC8wOS94bWxkc2lnIyI+RGlnZXN0IFN0dWZmPC9kczpE
|
|
48
|
+
aWdlc3RWYWx1ZT4KICAgICAgICA8L2RzOlJlZmVyZW5jZT4KICAgICAgPC9k
|
|
49
|
+
czpTaWduZWRJbmZvPgogICAgICA8ZHM6U2lnbmF0dXJlVmFsdWUgeG1sbnM6
|
|
50
|
+
ZHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiPlNpZ25h
|
|
51
|
+
dHVyZSBTdHVmZjwvZHM6U2lnbmF0dXJlVmFsdWU+CiAgICAgIDxkczpLZXlJ
|
|
52
|
+
bmZvPgogICAgICAgIDxkczpYNTA5RGF0YT4KICAgICAgICAgIDxkczpYNTA5
|
|
53
|
+
Q2VydGlmaWNhdGU+Q2VydGlmaWNhdGUgU3R1ZmY8L2RzOlg1MDlDZXJ0aWZp
|
|
54
|
+
Y2F0ZT4KICAgICAgICA8L2RzOlg1MDlEYXRhPgogICAgICA8L2RzOktleUlu
|
|
55
|
+
Zm8+CiAgICA8L2RzOlNpZ25hdHVyZT4KICAgIDxzYW1sMjpTdWJqZWN0IHht
|
|
56
|
+
bG5zOnNhbWwyPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXNzZXJ0
|
|
57
|
+
aW9uIj4KICAgICAgPHNhbWwyOk5hbWVJRD53aWJibGVAd2liYmxlLmNvbTwv
|
|
58
|
+
c2FtbDI6TmFtZUlEPgogICAgICA8c2FtbDI6U3ViamVjdENvbmZpcm1hdGlv
|
|
59
|
+
biBNZXRob2Q9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpjbTpiZWFy
|
|
60
|
+
ZXIiPgogICAgICAgIDxzYW1sMjpTdWJqZWN0Q29uZmlybWF0aW9uRGF0YSBO
|
|
61
|
+
b3RPbk9yQWZ0ZXI9IjIwMTEtMDQtMThUMTU6MTc6MDYuMDY0WiIgUmVjaXBp
|
|
62
|
+
ZW50PSJodHRwczovL3dpYmJsZTEyOTk2OTMyMDguZXhhbXBsZS5jb20vYWNj
|
|
63
|
+
ZXNzL3NhbWwvIi8+CiAgICAgIDwvc2FtbDI6U3ViamVjdENvbmZpcm1hdGlv
|
|
64
|
+
bj4KICAgIDwvc2FtbDI6U3ViamVjdD4KICAgIDxzYW1sMjpDb25kaXRpb25z
|
|
65
|
+
IHhtbG5zOnNhbWwyPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXNz
|
|
66
|
+
ZXJ0aW9uIiBOb3RCZWZvcmU9IjIwMTEtMDQtMThUMTU6MDc6MDYuMDY3WiIg
|
|
67
|
+
Tm90T25PckFmdGVyPSIyMDExLTA0LTE4VDE1OjE3OjA2LjA2NFoiPgogICAg
|
|
68
|
+
ICA8c2FtbDI6QXVkaWVuY2VSZXN0cmljdGlvbj4KICAgICAgICA8c2FtbDI6
|
|
69
|
+
QXVkaWVuY2U+ZXhhbXBsZS5jb208L3NhbWwyOkF1ZGllbmNlPgogICAgICA8
|
|
70
|
+
L3NhbWwyOkF1ZGllbmNlUmVzdHJpY3Rpb24+CiAgICA8L3NhbWwyOkNvbmRp
|
|
71
|
+
dGlvbnM+CiAgICA8c2FtbDI6QXV0aG5TdGF0ZW1lbnQgeG1sbnM6c2FtbDI9
|
|
72
|
+
InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iIEF1dGhu
|
|
73
|
+
SW5zdGFudD0iMjAxMS0wNC0xOFQxNToxMjowNS45OTRaIj4KICAgICAgPHNh
|
|
74
|
+
bWwyOkF1dGhuQ29udGV4dD4KICAgICAgICA8c2FtbDI6QXV0aG5Db250ZXh0
|
|
75
|
+
Q2xhc3NSZWY+dXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFjOmNsYXNz
|
|
76
|
+
ZXM6UGFzc3dvcmRQcm90ZWN0ZWRUcmFuc3BvcnQ8L3NhbWwyOkF1dGhuQ29u
|
|
77
|
+
dGV4dENsYXNzUmVmPgogICAgICA8L3NhbWwyOkF1dGhuQ29udGV4dD4KICAg
|
|
78
|
+
IDwvc2FtbDI6QXV0aG5TdGF0ZW1lbnQ+CiAgPC9zYW1sMjpBc3NlcnRpb24+
|
|
79
|
+
Cjwvc2FtbDJwOlJlc3BvbnNlPgo=
|
data/test/ruby-saml_test.rb
CHANGED
|
@@ -30,6 +30,13 @@ class RubySamlTest < Test::Unit::TestCase
|
|
|
30
30
|
assert_raises(ArgumentError) { Onelogin::Saml::Response.new(nil) }
|
|
31
31
|
end
|
|
32
32
|
|
|
33
|
+
should "adapt namespace" do
|
|
34
|
+
response = Onelogin::Saml::Response.new(response_document)
|
|
35
|
+
assert !response.name_id.nil?
|
|
36
|
+
response = Onelogin::Saml::Response.new(response_document_2)
|
|
37
|
+
assert !response.name_id.nil?
|
|
38
|
+
end
|
|
39
|
+
|
|
33
40
|
context "#is_valid?" do
|
|
34
41
|
should "return false when response is initialized with blank data" do
|
|
35
42
|
response = Onelogin::Saml::Response.new('')
|
data/test/test_helper.rb
CHANGED
|
@@ -9,6 +9,10 @@ require 'ruby-saml'
|
|
|
9
9
|
|
|
10
10
|
class Test::Unit::TestCase
|
|
11
11
|
def response_document
|
|
12
|
-
@response_document ||= File.read(File.join(File.dirname(__FILE__), '
|
|
12
|
+
@response_document ||= File.read(File.join(File.dirname(__FILE__), 'responses', 'response1.xml.base64'))
|
|
13
|
+
end
|
|
14
|
+
|
|
15
|
+
def response_document_2
|
|
16
|
+
@response_document2 ||= File.read(File.join(File.dirname(__FILE__), 'responses', 'response2.xml.base64'))
|
|
13
17
|
end
|
|
14
18
|
end
|
metadata
CHANGED
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: ruby-saml
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
hash:
|
|
4
|
+
hash: 21
|
|
5
5
|
prerelease: false
|
|
6
6
|
segments:
|
|
7
7
|
- 0
|
|
8
8
|
- 3
|
|
9
|
-
-
|
|
10
|
-
version: 0.3.
|
|
9
|
+
- 3
|
|
10
|
+
version: 0.3.3
|
|
11
11
|
platform: ruby
|
|
12
12
|
authors:
|
|
13
13
|
- OneLogin LLC
|
|
@@ -15,7 +15,7 @@ autorequire:
|
|
|
15
15
|
bindir: bin
|
|
16
16
|
cert_chain: []
|
|
17
17
|
|
|
18
|
-
date: 2011-
|
|
18
|
+
date: 2011-04-18 00:00:00 +02:00
|
|
19
19
|
default_executable:
|
|
20
20
|
dependencies:
|
|
21
21
|
- !ruby/object:Gem::Dependency
|
|
@@ -101,7 +101,8 @@ files:
|
|
|
101
101
|
- lib/ruby-saml.rb
|
|
102
102
|
- lib/xml_security.rb
|
|
103
103
|
- ruby-saml.gemspec
|
|
104
|
-
- test/
|
|
104
|
+
- test/responses/response1.xml.base64
|
|
105
|
+
- test/responses/response2.xml.base64
|
|
105
106
|
- test/ruby-saml_test.rb
|
|
106
107
|
- test/test_helper.rb
|
|
107
108
|
- test/xml_security_test.rb
|