ruby-saml 0.5.2 → 0.5.3

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of ruby-saml might be problematic. Click here for more details.

data/Gemfile ADDED
@@ -0,0 +1,8 @@
1
+ source 'http://rubygems.org'
2
+
3
+ gem 'rake'
4
+ gem 'shoulda', "~>3.0.1"
5
+ gem 'mocha', "~>0.10.5"
6
+ gem 'ruby-debug', "~>0.10.4"
7
+ gem 'uuid', "~>2.3.5"
8
+ gem 'xmlcanonicalizer', "~>0.1.1"
@@ -0,0 +1,38 @@
1
+ GEM
2
+ remote: http://rubygems.org/
3
+ specs:
4
+ columnize (0.3.6)
5
+ linecache (0.46)
6
+ rbx-require-relative (> 0.0.4)
7
+ macaddr (1.5.0)
8
+ systemu (>= 2.4.0)
9
+ metaclass (0.0.1)
10
+ mocha (0.10.5)
11
+ metaclass (~> 0.0.1)
12
+ rake (0.8.7)
13
+ rbx-require-relative (0.0.9)
14
+ ruby-debug (0.10.4)
15
+ columnize (>= 0.1)
16
+ ruby-debug-base (~> 0.10.4.0)
17
+ ruby-debug-base (0.10.4)
18
+ linecache (>= 0.3)
19
+ shoulda (3.0.1)
20
+ shoulda-context (~> 1.0.0)
21
+ shoulda-matchers (~> 1.0.0)
22
+ shoulda-context (1.0.0)
23
+ shoulda-matchers (1.0.0)
24
+ systemu (2.5.0)
25
+ uuid (2.3.5)
26
+ macaddr (~> 1.0)
27
+ xmlcanonicalizer (0.1.1)
28
+
29
+ PLATFORMS
30
+ ruby
31
+
32
+ DEPENDENCIES
33
+ mocha (~> 0.10.5)
34
+ rake
35
+ ruby-debug (~> 0.10.4)
36
+ shoulda (~> 3.0.1)
37
+ uuid (~> 2.3.5)
38
+ xmlcanonicalizer (~> 0.1.1)
@@ -29,8 +29,8 @@ module Onelogin
29
29
  # The value of the user identifier as designated by the initialization request response
30
30
  def name_id
31
31
  @name_id ||= begin
32
- node = REXML::XPath.first(document, "/p:Response/a:Assertion[@ID='#{document.signed_element_id[1,document.signed_element_id.size]}']/a:Subject/a:NameID", { "p" => PROTOCOL, "a" => ASSERTION })
33
- node ||= REXML::XPath.first(document, "/p:Response[@ID='#{document.signed_element_id[1,document.signed_element_id.size]}']/a:Assertion/a:Subject/a:NameID", { "p" => PROTOCOL, "a" => ASSERTION })
32
+ node = REXML::XPath.first(document, "/p:Response/a:Assertion[@ID='#{document.signed_element_id}']/a:Subject/a:NameID", { "p" => PROTOCOL, "a" => ASSERTION })
33
+ node ||= REXML::XPath.first(document, "/p:Response[@ID='#{document.signed_element_id}']/a:Assertion/a:Subject/a:NameID", { "p" => PROTOCOL, "a" => ASSERTION })
34
34
  node.nil? ? nil : node.text
35
35
  end
36
36
  end
@@ -69,7 +69,7 @@ module Onelogin
69
69
  # Conditions (if any) for the assertion to run
70
70
  def conditions
71
71
  @conditions ||= begin
72
- REXML::XPath.first(document, "/p:Response/a:Assertion[@ID='#{document.signed_element_id[1,document.signed_element_id.size]}']/a:Conditions", { "p" => PROTOCOL, "a" => ASSERTION })
72
+ REXML::XPath.first(document, "/p:Response/a:Assertion[@ID='#{document.signed_element_id}']/a:Conditions", { "p" => PROTOCOL, "a" => ASSERTION })
73
73
  end
74
74
  end
75
75
 
@@ -1,5 +1,5 @@
1
1
  module Onelogin
2
2
  module Saml
3
- VERSION = '0.5.2'
3
+ VERSION = '0.5.3'
4
4
  end
5
5
  end
@@ -28,6 +28,7 @@ require "rexml/xpath"
28
28
  require "openssl"
29
29
  require "xmlcanonicalizer"
30
30
  require "digest/sha1"
31
+ require "digest/sha2"
31
32
  require "onelogin/ruby-saml/validation_error"
32
33
 
33
34
  module XMLSecurity
@@ -60,30 +61,31 @@ module XMLSecurity
60
61
 
61
62
  def validate_doc(base64_cert, soft = true)
62
63
  # validate references
63
-
64
+
64
65
  # check for inclusive namespaces
65
-
66
+
66
67
  inclusive_namespaces = []
67
68
  inclusive_namespace_element = REXML::XPath.first(self, "//ec:InclusiveNamespaces")
68
-
69
+
69
70
  if inclusive_namespace_element
70
71
  prefix_list = inclusive_namespace_element.attributes.get_attribute('PrefixList').value
71
72
  inclusive_namespaces = prefix_list.split(" ")
72
73
  end
73
74
 
74
75
  # remove signature node
75
- sig_element = REXML::XPath.first(self, "//ds:Signature", {"ds"=>"http://www.w3.org/2000/09/xmldsig#"})
76
+ sig_element = REXML::XPath.first(self, "//ds:Signature", {"ds"=>DSIG})
76
77
  sig_element.remove
77
78
 
78
79
  # check digests
79
- REXML::XPath.each(sig_element, "//ds:Reference", {"ds"=>"http://www.w3.org/2000/09/xmldsig#"}) do |ref|
80
+ REXML::XPath.each(sig_element, "//ds:Reference", {"ds"=>DSIG}) do |ref|
80
81
  uri = ref.attributes.get_attribute("URI").value
81
- hashed_element = REXML::XPath.first(self, "//[@ID='#{uri[1,uri.size]}']")
82
+ hashed_element = REXML::XPath.first(self, "//[@ID='#{uri[1..-1]}']")
82
83
  canoner = XML::Util::XmlCanonicalizer.new(false, true)
83
84
  canoner.inclusive_namespaces = inclusive_namespaces if canoner.respond_to?(:inclusive_namespaces) && !inclusive_namespaces.empty?
84
85
  canon_hashed_element = canoner.canonicalize(hashed_element).gsub('&','&')
85
- hash = Base64.encode64(Digest::SHA1.digest(canon_hashed_element)).chomp
86
- digest_value = REXML::XPath.first(ref, "//ds:DigestValue", {"ds"=>"http://www.w3.org/2000/09/xmldsig#"}).text
86
+ algorithm = digest_algorithm(REXML::XPath.first(ref, "//ds:DigestMethod"))
87
+ hash = Base64.encode64(algorithm.digest(canon_hashed_element)).chomp
88
+ digest_value = REXML::XPath.first(ref, "//ds:DigestValue", {"ds"=>DSIG}).text
87
89
 
88
90
  unless digests_match?(hash, digest_value)
89
91
  return soft ? false : (raise Onelogin::Saml::ValidationError.new("Digest mismatch"))
@@ -92,17 +94,20 @@ module XMLSecurity
92
94
 
93
95
  # verify signature
94
96
  canoner = XML::Util::XmlCanonicalizer.new(false, true)
95
- signed_info_element = REXML::XPath.first(sig_element, "//ds:SignedInfo", {"ds"=>"http://www.w3.org/2000/09/xmldsig#"})
97
+ signed_info_element = REXML::XPath.first(sig_element, "//ds:SignedInfo", {"ds"=>DSIG})
96
98
  canon_string = canoner.canonicalize(signed_info_element)
97
99
 
98
- base64_signature = REXML::XPath.first(sig_element, "//ds:SignatureValue", {"ds"=>"http://www.w3.org/2000/09/xmldsig#"}).text
100
+ base64_signature = REXML::XPath.first(sig_element, "//ds:SignatureValue", {"ds"=>DSIG}).text
99
101
  signature = Base64.decode64(base64_signature)
100
102
 
101
103
  # get certificate object
102
104
  cert_text = Base64.decode64(base64_cert)
103
105
  cert = OpenSSL::X509::Certificate.new(cert_text)
104
106
 
105
- if !cert.public_key.verify(OpenSSL::Digest::SHA1.new, signature, canon_string)
107
+ # signature method
108
+ algorithm = signature_algorithm(REXML::XPath.first(signed_info_element, "//ds:SignatureMethod"))
109
+
110
+ if !cert.public_key.verify(algorithm.new, signature, canon_string)
106
111
  return soft ? false : (raise ValidationError.new("Key validation error"))
107
112
  end
108
113
 
@@ -117,7 +122,28 @@ module XMLSecurity
117
122
 
118
123
  def extract_signed_element_id
119
124
  reference_element = REXML::XPath.first(self, "//ds:Signature/ds:SignedInfo/ds:Reference", {"ds"=>DSIG})
120
- self.signed_element_id = reference_element.attribute("URI").value unless reference_element.nil?
125
+ self.signed_element_id = reference_element.attribute("URI").value[1..-1] unless reference_element.nil?
126
+ end
127
+
128
+ def digest_algorithm(element)
129
+ algorithm = element.attribute("Algorithm").value if element
130
+ algorithm && algorithm =~ /sha(256|384|512)$/ ? Digest::SHA2 : Digest::SHA1
121
131
  end
132
+
133
+ def signature_algorithm(element)
134
+ algorithm = element.attribute("Algorithm").value if element
135
+ if algorithm
136
+ algorithm =~ /sha(.*?)$/i
137
+ algorithm = $1.to_i
138
+ end
139
+ case algorithm
140
+ when 256 then OpenSSL::Digest::SHA256
141
+ when 384 then OpenSSL::Digest::SHA384
142
+ when 512 then OpenSSL::Digest::SHA512
143
+ else
144
+ OpenSSL::Digest::SHA1
145
+ end
146
+ end
147
+
122
148
  end
123
149
  end
@@ -5,9 +5,9 @@ class RequestTest < Test::Unit::TestCase
5
5
  context "Authrequest" do
6
6
  should "create the deflated SAMLRequest URL parameter" do
7
7
  settings = Onelogin::Saml::Settings.new
8
- settings.idp_sso_target_url = "http://stuff.com"
8
+ settings.idp_sso_target_url = "http://example.com"
9
9
  auth_url = Onelogin::Saml::Authrequest.new.create(settings)
10
- assert auth_url =~ /^http:\/\/stuff\.com\?SAMLRequest=/
10
+ assert auth_url =~ /^http:\/\/example\.com\?SAMLRequest=/
11
11
  payload = CGI.unescape(auth_url.split("=").last)
12
12
  decoded = Base64.decode64(payload)
13
13
 
@@ -21,7 +21,7 @@ class RequestTest < Test::Unit::TestCase
21
21
 
22
22
  should "accept extra parameters" do
23
23
  settings = Onelogin::Saml::Settings.new
24
- settings.idp_sso_target_url = "http://stuff.com"
24
+ settings.idp_sso_target_url = "http://example.com"
25
25
 
26
26
  auth_url = Onelogin::Saml::Authrequest.new.create(settings, { :hello => "there" })
27
27
  assert auth_url =~ /&hello=there$/
@@ -33,20 +33,20 @@ class RequestTest < Test::Unit::TestCase
33
33
  context "when the target url doesn't contain a query string" do
34
34
  should "create the SAMLRequest parameter correctly" do
35
35
  settings = Onelogin::Saml::Settings.new
36
- settings.idp_sso_target_url = "http://stuff.com"
36
+ settings.idp_sso_target_url = "http://example.com"
37
37
 
38
38
  auth_url = Onelogin::Saml::Authrequest.new.create(settings)
39
- assert auth_url =~ /^http:\/\/stuff.com\?SAMLRequest/
39
+ assert auth_url =~ /^http:\/\/example.com\?SAMLRequest/
40
40
  end
41
41
  end
42
42
 
43
43
  context "when the target url contains a query string" do
44
44
  should "create the SAMLRequest parameter correctly" do
45
45
  settings = Onelogin::Saml::Settings.new
46
- settings.idp_sso_target_url = "http://stuff.com?field=value"
46
+ settings.idp_sso_target_url = "http://example.com?field=value"
47
47
 
48
48
  auth_url = Onelogin::Saml::Authrequest.new.create(settings)
49
- assert auth_url =~ /^http:\/\/stuff.com\?field=value&SAMLRequest/
49
+ assert auth_url =~ /^http:\/\/example.com\?field=value&SAMLRequest/
50
50
  end
51
51
  end
52
52
  end
@@ -89,11 +89,11 @@ class RubySamlTest < Test::Unit::TestCase
89
89
  assert response.name_id == "test@onelogin.com"
90
90
  end
91
91
 
92
- should_eventually "validate ADFS assertions" do
92
+ should "validate ADFS assertions" do
93
93
  response = Onelogin::Saml::Response.new(fixture(:adfs_response))
94
94
  response.stubs(:conditions).returns(nil)
95
95
  settings = Onelogin::Saml::Settings.new
96
- settings.idp_cert_fingerprint = "17:54:07:27:53:55:D1:93:67:A4:95:0A:6A:E4:D6:1E:FA:4A:94:1D"
96
+ settings.idp_cert_fingerprint = "28:74:9B:E8:1F:E8:10:9C:A8:7C:A9:C3:E3:C5:01:6C:92:1C:B4:BA"
97
97
  response.settings = settings
98
98
  assert response.validate!
99
99
  end
@@ -0,0 +1,46 @@
1
+ <?xml version="1.0"?>
2
+ <samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="_0263a07b-205f-479c-90fc-7495715ecbbf" Version="2.0" IssueInstant="2011-06-22T12:49:30.348Z" Destination="https://someone.example.com/endpoint" Consent="urn:oasis:names:tc:SAML:2.0:consent:unspecified" InResponseTo="_fc4a34b0-7efb-012e-caae-782bcb13bb38">
3
+ <Issuer xmlns="urn:oasis:names:tc:SAML:2.0:assertion">http://login.example.com/issuer</Issuer>
4
+ <samlp:Status>
5
+ <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
6
+ </samlp:Status>
7
+ <Assertion xmlns="urn:oasis:names:tc:SAML:2.0:assertion" ID="_721b4a5a-d7e1-4861-9754-a9b197b6f9ab" IssueInstant="2011-06-22T12:49:30.348Z" Version="2.0">
8
+ <Issuer>http://login.example.com/issuer</Issuer>
9
+ <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
10
+ <ds:SignedInfo>
11
+ <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
12
+ <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
13
+ <ds:Reference URI="#_721b4a5a-d7e1-4861-9754-a9b197b6f9ab">
14
+ <ds:Transforms>
15
+ <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
16
+ <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
17
+ </ds:Transforms>
18
+ <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
19
+ <ds:DigestValue>5mUndDm7OQSGNYVTevsJw3JRVZiwvlDnR2nprJ+6Mhc=</ds:DigestValue>
20
+ </ds:Reference>
21
+ </ds:SignedInfo>
22
+ <ds:SignatureValue>MmuXQdjutiuP7soIaB7nk9wSR8OGkmyH5n9aelMTOrV7gTVNDazgQ/GXMmYXTTrhdvGN65duLO0oYdsYGxwNIjlA1lYhoGeBgYuIB/4iKZ6oLSDgjMcQxHkSW1OJ8pIEuUa/3MPUUjaSlTg0me4WRxVdXp34A9Mtlj0DgrK9m0A=</ds:SignatureValue>
23
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
24
+ <ds:X509Data>
25
+ <ds:X509Certificate>LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUQwRENDQXptZ0F3SUJBZ0lCQVRBTkJna3Foa2lHOXcwQkFRVUZBRENCaGpFTE1Ba0dBMVVFQmhNQ1FWVXgKRERBS0JnTlZCQWdUQTA1VFZ6RVBNQTBHQTFVRUJ4TUdVM2xrYm1WNU1Rd3dDZ1lEVlFRS0RBTlFTVlF4Q1RBSApCZ05WQkFzTUFERVlNQllHQTFVRUF3d1BiR0YzY21WdVkyVndhWFF1WTI5dE1TVXdJd1lKS29aSWh2Y05BUWtCCkRCWnNZWGR5Wlc1alpTNXdhWFJBWjIxaGFXd3VZMjl0TUI0WERURXlNRFF4T0RBMU1qVTFPVm9YRFRNeU1EUXgKTXpBMU1qVTFPVm93Z1lZeEN6QUpCZ05WQkFZVEFrRlZNUXd3Q2dZRFZRUUlFd05PVTFjeER6QU5CZ05WQkFjVApCbE41Wkc1bGVURU1NQW9HQTFVRUNnd0RVRWxVTVFrd0J3WURWUVFMREFBeEdEQVdCZ05WQkFNTUQyeGhkM0psCmJtTmxjR2wwTG1OdmJURWxNQ01HQ1NxR1NJYjNEUUVKQVF3V2JHRjNjbVZ1WTJVdWNHbDBRR2R0WVdsc0xtTnYKYlRDQm56QU5CZ2txaGtpRzl3MEJBUUVGQUFPQmpRQXdnWWtDZ1lFQW9mR3p4NFZvQzZDSENYdFJPdkVLSFRzRAppNkFBWCtoVWpiSVloeERsZUxMZUNVemZDaVVXOFkwbTVrWkVKbjJXSmt5Si8wRFdPZmE5b0c1ZUg1eXNKSWpVCnpTUjVkMGJldmJZMEV1OHJDTmh3S001UzdYaXltTzBGc09mcnh6TkJxbVRBblE2VFJYT25nY1BYTitXRWd4cmQKZDVoV1V5ZXh2dkQ2d05McWdVRUNBd0VBQWFPQ0FVb3dnZ0ZHTUFrR0ExVWRFd1FDTUFBd0N3WURWUjBQQkFRRApBZ1VnTUIwR0ExVWREZ1FXQkJRMk1xTFZwRnlyVmNNaGFXMzRHanFkTVF6c3dqQVRCZ05WSFNVRUREQUtCZ2dyCkJnRUZCUWNEQVRCQ0JnbGdoa2dCaHZoQ0FRMEVOUll6VkdWemRDQllOVEE1SUdObGNuUWdZM0psWVhSbFpDQm0KYjNJZ1QyNWxURzluYVc0Z1lua2dUR0YzY21WdVkyVWdVR2wwTUlHekJnTlZIU01FZ2Fzd2dhaUFGRFl5b3RXawpYS3RWd3lGcGJmZ2FPcDB4RE96Q29ZR01wSUdKTUlHR01Rc3dDUVlEVlFRR0V3SkJWVEVNTUFvR0ExVUVDQk1EClRsTlhNUTh3RFFZRFZRUUhFd1pUZVdSdVpYa3hEREFLQmdOVkJBb01BMUJKVkRFSk1BY0dBMVVFQ3d3QU1SZ3cKRmdZRFZRUUREQTlzWVhkeVpXNWpaWEJwZEM1amIyMHhKVEFqQmdrcWhraUc5dzBCQ1FFTUZteGhkM0psYm1ObApMbkJwZEVCbmJXRnBiQzVqYjIyQ0FRRXdEUVlKS29aSWh2Y05BUUVGQlFBRGdZRUFOM2VRMUM5T0JJbVgvdWZGClNIUC9FeUxPQjJPQ1dqdlNpSytNbndQRWsralRRdDZZYXIxMkRacWVnRGhrWC92OGplTWh4VnpwaStBcHA4M0YKYWFmUE54UFJYc01FTFRCblhDQUJ1YzZEakxBaFlvNGQ4TDhCWUovVjlxLzZRMzdNYVZmc0ZKWVVKNmFBQUppWQpwd1RMUWJidFpqaytZc0s5TzZFR1U4ZjE5djg9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K</ds:X509Certificate>
26
+ </ds:X509Data>
27
+ </KeyInfo>
28
+ </ds:Signature>
29
+ <Subject>
30
+ <NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress">hello@example.com</NameID>
31
+ <SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
32
+ <SubjectConfirmationData InResponseTo="_fc4a34b0-7efb-012e-caae-782bcb13bb38" NotOnOrAfter="2011-06-22T12:54:30.348Z" Recipient="https://someone.example.com/endpoint"/>
33
+ </SubjectConfirmation>
34
+ </Subject>
35
+ <Conditions NotBefore="2011-06-22T12:49:30.332Z" NotOnOrAfter="2011-06-22T13:49:30.332Z">
36
+ <AudienceRestriction>
37
+ <Audience>example.com</Audience>
38
+ </AudienceRestriction>
39
+ </Conditions>
40
+ <AuthnStatement AuthnInstant="2011-06-22T12:49:30.112Z" SessionIndex="_721b4a5a-d7e1-4861-9754-a9b197b6f9ab">
41
+ <AuthnContext>
42
+ <AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</AuthnContextClassRef>
43
+ </AuthnContext>
44
+ </AuthnStatement>
45
+ </Assertion>
46
+ </samlp:Response>
@@ -13,4 +13,12 @@ class XmlSecurityTest < Test::Unit::TestCase
13
13
  @document.validate_doc(base64cert, true)
14
14
  end
15
15
  end
16
+
17
+ context "Digest" do
18
+ should "validate using SHA256" do
19
+ @document = XMLSecurity::SignedDocument.new(fixture(:adfs_response, false))
20
+ assert @document.validate("28:74:9B:E8:1F:E8:10:9C:A8:7C:A9:C3:E3:C5:01:6C:92:1C:B4:BA")
21
+ end
22
+ end
23
+
16
24
  end
metadata CHANGED
@@ -1,12 +1,13 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: ruby-saml
3
3
  version: !ruby/object:Gem::Version
4
- prerelease: false
4
+ hash: 13
5
+ prerelease:
5
6
  segments:
6
7
  - 0
7
8
  - 5
8
- - 2
9
- version: 0.5.2
9
+ - 3
10
+ version: 0.5.3
10
11
  platform: ruby
11
12
  authors:
12
13
  - OneLogin LLC
@@ -14,16 +15,18 @@ autorequire:
14
15
  bindir: bin
15
16
  cert_chain: []
16
17
 
17
- date: 2012-04-14 00:00:00 -07:00
18
+ date: 2012-04-18 00:00:00 -07:00
18
19
  default_executable:
19
20
  dependencies:
20
21
  - !ruby/object:Gem::Dependency
21
22
  name: canonix
22
23
  prerelease: false
23
24
  requirement: &id001 !ruby/object:Gem::Requirement
25
+ none: false
24
26
  requirements:
25
27
  - - ~>
26
28
  - !ruby/object:Gem::Version
29
+ hash: 9
27
30
  segments:
28
31
  - 0
29
32
  - 1
@@ -34,9 +37,11 @@ dependencies:
34
37
  name: uuid
35
38
  prerelease: false
36
39
  requirement: &id002 !ruby/object:Gem::Requirement
40
+ none: false
37
41
  requirements:
38
42
  - - ~>
39
43
  - !ruby/object:Gem::Version
44
+ hash: 5
40
45
  segments:
41
46
  - 2
42
47
  - 3
@@ -47,9 +52,11 @@ dependencies:
47
52
  name: shoulda
48
53
  prerelease: false
49
54
  requirement: &id003 !ruby/object:Gem::Requirement
55
+ none: false
50
56
  requirements:
51
57
  - - ">="
52
58
  - !ruby/object:Gem::Version
59
+ hash: 3
53
60
  segments:
54
61
  - 0
55
62
  version: "0"
@@ -59,9 +66,11 @@ dependencies:
59
66
  name: ruby-debug
60
67
  prerelease: false
61
68
  requirement: &id004 !ruby/object:Gem::Requirement
69
+ none: false
62
70
  requirements:
63
71
  - - ">="
64
72
  - !ruby/object:Gem::Version
73
+ hash: 3
65
74
  segments:
66
75
  - 0
67
76
  version: "0"
@@ -71,9 +80,11 @@ dependencies:
71
80
  name: mocha
72
81
  prerelease: false
73
82
  requirement: &id005 !ruby/object:Gem::Requirement
83
+ none: false
74
84
  requirements:
75
85
  - - ">="
76
86
  - !ruby/object:Gem::Version
87
+ hash: 3
77
88
  segments:
78
89
  - 0
79
90
  version: "0"
@@ -91,6 +102,8 @@ extra_rdoc_files:
91
102
  files:
92
103
  - .document
93
104
  - .gitignore
105
+ - Gemfile
106
+ - Gemfile.lock
94
107
  - LICENSE
95
108
  - README.rdoc
96
109
  - Rakefile
@@ -107,7 +120,7 @@ files:
107
120
  - test/certificates/certificate1
108
121
  - test/request_test.rb
109
122
  - test/response_test.rb
110
- - test/responses/adfs_response.xml.base64
123
+ - test/responses/adfs_response.xml
111
124
  - test/responses/open_saml_response.xml
112
125
  - test/responses/response1.xml.base64
113
126
  - test/responses/response2.xml.base64
@@ -131,23 +144,27 @@ rdoc_options:
131
144
  require_paths:
132
145
  - lib
133
146
  required_ruby_version: !ruby/object:Gem::Requirement
147
+ none: false
134
148
  requirements:
135
149
  - - ">="
136
150
  - !ruby/object:Gem::Version
151
+ hash: 3
137
152
  segments:
138
153
  - 0
139
154
  version: "0"
140
155
  required_rubygems_version: !ruby/object:Gem::Requirement
156
+ none: false
141
157
  requirements:
142
158
  - - ">="
143
159
  - !ruby/object:Gem::Version
160
+ hash: 3
144
161
  segments:
145
162
  - 0
146
163
  version: "0"
147
164
  requirements: []
148
165
 
149
166
  rubyforge_project: http://www.rubygems.org/gems/ruby-saml
150
- rubygems_version: 1.3.6
167
+ rubygems_version: 1.5.3
151
168
  signing_key:
152
169
  specification_version: 3
153
170
  summary: SAML Ruby Tookit
@@ -155,7 +172,7 @@ test_files:
155
172
  - test/certificates/certificate1
156
173
  - test/request_test.rb
157
174
  - test/response_test.rb
158
- - test/responses/adfs_response.xml.base64
175
+ - test/responses/adfs_response.xml
159
176
  - test/responses/open_saml_response.xml
160
177
  - test/responses/response1.xml.base64
161
178
  - test/responses/response2.xml.base64
@@ -1,91 +0,0 @@
1
- PD94bWwgdmVyc2lvbj0iMS4wIj8+CjxzYW1scDpSZXNwb25zZSB4bWxuczpz
2
- YW1scD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnByb3RvY29sIiBJ
3
- RD0iXzAyNjNhMDdiLTIwNWYtNDc5Yy05MGZjLTc0OTU3MTVlY2JiZiIgVmVy
4
- c2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTEtMDYtMjJUMTI6NDk6MzAu
5
- MzQ4WiIgRGVzdGluYXRpb249Imh0dHBzOi8vc29tZW9uZS5leGFtcGxlLmNv
6
- bS9lbmRwb2ludCIgQ29uc2VudD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6
7
- Mi4wOmNvbnNlbnQ6dW5zcGVjaWZpZWQiIEluUmVzcG9uc2VUbz0iX2ZjNGEz
8
- NGIwLTdlZmItMDEyZS1jYWFlLTc4MmJjYjEzYmIzOCI+CiAgPElzc3VlciB4
9
- bWxucz0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiI+
10
- aHR0cDovL2xvZ2luLmV4YW1wbGUuY29tL2lzc3VlcjwvSXNzdWVyPgogIDxz
11
- YW1scDpTdGF0dXM+CiAgICA8c2FtbHA6U3RhdHVzQ29kZSBWYWx1ZT0idXJu
12
- Om9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnN0YXR1czpTdWNjZXNzIi8+CiAg
13
- PC9zYW1scDpTdGF0dXM+CiAgPEFzc2VydGlvbiB4bWxucz0idXJuOm9hc2lz
14
- Om5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiIgSUQ9Il83MjFiNGE1YS1k
15
- N2UxLTQ4NjEtOTc1NC1hOWIxOTdiNmY5YWIiIElzc3VlSW5zdGFudD0iMjAx
16
- MS0wNi0yMlQxMjo0OTozMC4zNDhaIiBWZXJzaW9uPSIyLjAiPgogICAgPElz
17
- c3Vlcj5odHRwOi8vbG9naW4uZXhhbXBsZS5jb20vaXNzdWVyPC9Jc3N1ZXI+
18
- CiAgICA8ZHM6U2lnbmF0dXJlIHhtbG5zOmRzPSJodHRwOi8vd3d3LnczLm9y
19
- Zy8yMDAwLzA5L3htbGRzaWcjIj4KICAgICAgPGRzOlNpZ25lZEluZm8+CiAg
20
- ICAgICAgPGRzOkNhbm9uaWNhbGl6YXRpb25NZXRob2QgQWxnb3JpdGhtPSJo
21
- dHRwOi8vd3d3LnczLm9yZy8yMDAxLzEwL3htbC1leGMtYzE0biMiLz4KICAg
22
- ICAgICA8ZHM6U2lnbmF0dXJlTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3
23
- dy53My5vcmcvMjAwMS8wNC94bWxkc2lnLW1vcmUjcnNhLXNoYTI1NiIvPgog
24
- ICAgICAgIDxkczpSZWZlcmVuY2UgVVJJPSIjXzcyMWI0YTVhLWQ3ZTEtNDg2
25
- MS05NzU0LWE5YjE5N2I2ZjlhYiI+CiAgICAgICAgICA8ZHM6VHJhbnNmb3Jt
26
- cz4KICAgICAgICAgICAgPGRzOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6
27
- Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNlbnZlbG9wZWQtc2lnbmF0
28
- dXJlIi8+CiAgICAgICAgICAgIDxkczpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJo
29
- dHRwOi8vd3d3LnczLm9yZy8yMDAxLzEwL3htbC1leGMtYzE0biMiLz4KICAg
30
- ICAgICAgIDwvZHM6VHJhbnNmb3Jtcz4KICAgICAgICAgIDxkczpEaWdlc3RN
31
- ZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3ht
32
- bGVuYyNzaGEyNTYiLz4KICAgICAgICAgIDxkczpEaWdlc3RWYWx1ZT52NTN3
33
- cW80ZllESzhVY3JPVWNPV2cyemxKL2NIVnVtWVMwS2pycm5WdUprPTwvZHM6
34
- RGlnZXN0VmFsdWU+CiAgICAgICAgPC9kczpSZWZlcmVuY2U+CiAgICAgIDwv
35
- ZHM6U2lnbmVkSW5mbz4KICAgICAgPGRzOlNpZ25hdHVyZVZhbHVlPlowOXBl
36
- d1k3ekZ2OTFobjkwbHgwRUVubE1HTkw5elVKWk14SVI2cW9mTFpPWk1sVG5Y
37
- TjV6RnNmKzFYUFBJWVpMdzVsQ0dqanRtZE5seGR2NzJ6TkZsTVROUnFaN0lp
38
- SXd2azVHUk0zenZBV3NOT1k2ZEI0YzVxamU0UkhxL2ZySkdCZ04vZ2VWeFZt
39
- bjNMWmQ1WmNrdWh1UzFzN0ZKQW9MVWNaRUxKL25jZ1JEZGdqQUUrcjhHdGFO
40
- a3U0VVRCUkdBZnRsMFBXbUFTMDdsbGU2bGFTVVBSQmRCRE5sVlN6R0FQT3lY
41
- UDE2ZUkxOWJvbllMaGpiOHVoY0N0bWdicnJhbkpVVGxZc1htcnhvaGNGdW4r
42
- eWZxVFdXd2l4OW1SUXRBdEFFOW5nSUUwVkRkTC9reFR0NktOb1B6d2tlajVW
43
- eFNMRkFncTJ1M3JaTWN1WUdadTFIUT09PC9kczpTaWduYXR1cmVWYWx1ZT4K
44
- ICAgICAgPEtleUluZm8geG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAv
45
- MDkveG1sZHNpZyMiPgogICAgICAgIDxkczpYNTA5RGF0YT4KICAgICAgICAg
46
- IDxkczpYNTA5Q2VydGlmaWNhdGU+TUlJQzVEQ0NBY3lnQXdJQkFnSVFOQlRr
47
- dDdxaWNhcEtOc0lYTWNrOHhUQU5CZ2txaGtpRzl3MEJBUXNGQURBdU1Td3dL
48
- Z1lEVlFRREV5TkJSRVpUSUZOcFoyNXBibWNnTFNCc2IyZHBiaTVrY21WemIz
49
- VnlZMlZ6TG1OdmJUQWVGdzB4TVRBMk1UQXhPRFUyTURGYUZ3MHhNakEyTURr
50
- eE9EVTJNREZhTUM0eExEQXFCZ05WQkFNVEkwRkVSbE1nVTJsbmJtbHVaeUF0
51
- SUd4dloybHVMbVJ5WlhOdmRYSmpaWE11WTI5dE1JSUJJakFOQmdrcWhraUc5
52
- dzBCQVFFRkFBT0NBUThBTUlJQkNnS0NBUUVBcTdBTURHbkJISUd3dDlLUHRM
53
- RDBNMEVYR3VabldHQW1iNXAyRkRjRnp0SkhPSThXWVBxZVJwaHpWU0VrZ1h0
54
- UEloNUp4M2VsUzZoVm43SFZqMld2eklENmpwQjQ1bzhpRGs4UFdnaTE0ZnhH
55
- V0U1bzFQaUI4WHJlMWM1dnMySUc1YVBXSUQ1dUM2YkQwWGduTDk1TWdPOUhH
56
- UFBTUVJGbnVqS05xekZRZHRvQkpJSmF3QWVEL2kveHM3RmpGazl4MWZBMEV5
57
- TENuaCtlYWZmSXBvcmIrMXh4VzJENkQzbVJUZ2ZIeFhyV1I4VzRqSG5pZ2da
58
- aHFkRGhVeHZFYWlRRlRiSU4yRCt6eUI3YVF3UUNIU0ZwZXJCYytSNUZsbGdu
59
- R0FhK3NqYjZnMUZYYmVobUVHd1NheHdSWklEQWhqSVFtYTV3WDV5V0pEeEZ6
60
- UjRwc1RlRlJRSURBUUFCTUEwR0NTcUdTSWIzRFFFQkN3VUFBNElCQVFCekFQ
61
- QzJRUStVdHZrcVFZMm8vam9IR3RudUx5Zmt3ZDc2NERjR0RsY1lLVktFYURD
62
- dm5KeDNneXdSVU9ERVJoRGh1Zkpid3I3T29YVmRodzcwTnRURU11Z0pGcjI5
63
- U2d4bjNDaVRpeVBGU0RHang5MTFhYkt4dEpTQkludkkwMEFqWCtWbElaaG95
64
- ODNZWU9SWEZjeWIrVXZoMnIyU1pVM0FDTnA4TTNjWlI2SjFFREJoUEtZd0VF
65
- VWs4TlRNbVpMM3ZXanFMWldUeVRUaFRyUUYvbEg5UENsdzlPMjl1d2lmaXEy
66
- WHpTeVNyMy9QSHh6cE1Sa0w5YzRFaTQ1UURtYWdlckFVUndlcTVwVVc4QzNV
67
- QVVqTExWY1hrLzJwZXZaRU43MFlndDVwMmZBZ3M4NE9KaERSS2lIR3BhcmlF
68
- bWo0THNKR1pzcDdxRkpwbjErTWlqUmU8L2RzOlg1MDlDZXJ0aWZpY2F0ZT4K
69
- ICAgICAgICA8L2RzOlg1MDlEYXRhPgogICAgICA8L0tleUluZm8+CiAgICA8
70
- L2RzOlNpZ25hdHVyZT4KICAgIDxTdWJqZWN0PgogICAgICA8TmFtZUlEIEZv
71
- cm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6MS4xOm5hbWVpZC1mb3Jt
72
- YXQ6ZW1haWxBZGRyZXNzIj5oZWxsb0BleGFtcGxlLmNvbTwvTmFtZUlEPgog
73
- ICAgICA8U3ViamVjdENvbmZpcm1hdGlvbiBNZXRob2Q9InVybjpvYXNpczpu
74
- YW1lczp0YzpTQU1MOjIuMDpjbTpiZWFyZXIiPgogICAgICAgIDxTdWJqZWN0
75
- Q29uZmlybWF0aW9uRGF0YSBJblJlc3BvbnNlVG89Il9mYzRhMzRiMC03ZWZi
76
- LTAxMmUtY2FhZS03ODJiY2IxM2JiMzgiIE5vdE9uT3JBZnRlcj0iMjAxMS0w
77
- Ni0yMlQxMjo1NDozMC4zNDhaIiBSZWNpcGllbnQ9Imh0dHBzOi8vc29tZW9u
78
- ZS5leGFtcGxlLmNvbS9lbmRwb2ludCIvPgogICAgICA8L1N1YmplY3RDb25m
79
- aXJtYXRpb24+CiAgICA8L1N1YmplY3Q+CiAgICA8Q29uZGl0aW9ucyBOb3RC
80
- ZWZvcmU9IjIwMTEtMDYtMjJUMTI6NDk6MzAuMzMyWiIgTm90T25PckFmdGVy
81
- PSIyMDExLTA2LTIyVDEzOjQ5OjMwLjMzMloiPgogICAgICA8QXVkaWVuY2VS
82
- ZXN0cmljdGlvbj4KICAgICAgICA8QXVkaWVuY2U+ZXhhbXBsZS5jb208L0F1
83
- ZGllbmNlPgogICAgICA8L0F1ZGllbmNlUmVzdHJpY3Rpb24+CiAgICA8L0Nv
84
- bmRpdGlvbnM+CiAgICA8QXV0aG5TdGF0ZW1lbnQgQXV0aG5JbnN0YW50PSIy
85
- MDExLTA2LTIyVDEyOjQ5OjMwLjExMloiIFNlc3Npb25JbmRleD0iXzcyMWI0
86
- YTVhLWQ3ZTEtNDg2MS05NzU0LWE5YjE5N2I2ZjlhYiI+CiAgICAgIDxBdXRo
87
- bkNvbnRleHQ+CiAgICAgICAgPEF1dGhuQ29udGV4dENsYXNzUmVmPnVybjpv
88
- YXNpczpuYW1lczp0YzpTQU1MOjIuMDphYzpjbGFzc2VzOlBhc3N3b3JkUHJv
89
- dGVjdGVkVHJhbnNwb3J0PC9BdXRobkNvbnRleHRDbGFzc1JlZj4KICAgICAg
90
- PC9BdXRobkNvbnRleHQ+CiAgICA8L0F1dGhuU3RhdGVtZW50PgogIDwvQXNz
91
- ZXJ0aW9uPgo8L3NhbWxwOlJlc3BvbnNlPgo=