ruby-saml 0.8.17 → 0.8.18

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 1ec15a6a64795cd0b10b796d6aef230a7d7d439c
-  data.tar.gz: a07ddee9fb7bfe9ca2f20cde2c9cadfd5bbac121
+  metadata.gz: f7f02b4fb1490e44140c1e24ea61bf0ef061f0da
+  data.tar.gz: 3b2fec942140bb2fd2e49a17fc29dd0d0327d814
 SHA512:
-  metadata.gz: 013b1a3b9b2eb015253dcc4992a1d8be73a3dce996271d701375914e3e7f3e64f6eff3094af1ade43fc807ce452093d05c071cf79b5b2cc8b63d3041688f9344
-  data.tar.gz: ed258b192c0cbd0b5c589183ecacd9591dad637783430130a9dfd97b6c68c1062520cf91255ed997adf693f1c7f344d84cf0184a821202c8c8ea85509c069864
+  metadata.gz: a2dade6d6d672b213a3f8d3af088edfa208f3af4482aae033a40ff8ac9c500ca48fded7eee073e67dd6f37daa27786a6303777e0381a3338f987f87a63f460a2
+  data.tar.gz: 0cc6bb2264de5c688545bcb24794313758a97cca3c9bfa5c69b07331ffbc719acb1a69039ec39aa2e5e6817e8917e7495da7c07a41eff120d57f30e9708962bc

data/lib/onelogin/ruby-saml/authrequest.rb

@@ -9,7 +9,7 @@ module OneLogin
 
     class Authrequest
       # AuthNRequest ID
-      attr_reader :uuid
+      attr_accessor :uuid
 
       # Initializes the AuthNRequest. An Authrequest Object.
       # Asigns an ID, a random uuid.
@@ -18,6 +18,10 @@ module OneLogin
         @uuid = OneLogin::RubySaml::Utils.uuid
       end
 
+      def request_id
+        @uuid
+      end
+
       def create(settings, params = {})
         params = create_params(settings, params)
         params_prefix = (settings.idp_sso_target_url =~ /\?/) ? '&' : '?'

data/lib/onelogin/ruby-saml/logoutrequest.rb

@@ -10,12 +10,16 @@ module OneLogin
 
     class Logoutrequest
 
-      attr_reader :uuid # Can be obtained if neccessary
+      attr_accessor :uuid
 
       def initialize
         @uuid = OneLogin::RubySaml::Utils.uuid
       end
 
+      def request_id
+        @uuid
+      end
+
       def create(settings, params={})
         params = create_params(settings, params)
         params_prefix = (settings.idp_slo_target_url =~ /\?/) ? '&' : '?'

data/lib/onelogin/ruby-saml/logoutresponse.rb

@@ -32,6 +32,17 @@ module OneLogin
         @document = XMLSecurity::SignedDocument.new(@response)
       end
 
+      def response_id
+        @response_id ||= begin
+          node = REXML::XPath.first(
+            document,
+            "/p:LogoutResponse",
+            { "p" => PROTOCOL }
+          )
+          node.nil? ? nil : node.attributes['ID']
+        end
+      end
+
       def validate!
         validate(false)
       end

data/lib/onelogin/ruby-saml/response.rb

@@ -27,6 +27,24 @@ module OneLogin
         @document = XMLSecurity::SignedDocument.new(@response)
       end
 
+      def response_id
+        @response_id ||= begin
+          node = REXML::XPath.first(
+            document,
+            "/p:Response",
+            { "p" => PROTOCOL }
+          )
+          node.nil? ? nil : node.attributes['ID']
+        end
+      end
+
+      def assertion_id
+        @assertion_id ||= begin
+          node = xpath_first_from_signed_assertion("")
+          node.nil? ? nil : node.attributes['ID']
+        end
+      end
+
       def is_valid?
         validate
       end

data/lib/onelogin/ruby-saml/slo_logoutrequest.rb

@@ -26,6 +26,17 @@ module OneLogin
         @document = XMLSecurity::SignedDocument.new(@request)
       end
 
+      def request_id
+        @request_id ||= begin
+          node = REXML::XPath.first(
+            document,
+            "/p:LogoutRequest",
+            { "p" => PROTOCOL }
+          )
+          node.nil? ? nil : node.attributes['ID']
+        end
+      end
+
       def validate!
         validate(false)
       end

data/lib/onelogin/ruby-saml/slo_logoutresponse.rb

@@ -12,7 +12,7 @@ module OneLogin
     class SloLogoutresponse
 
       # Logout Response ID
-      attr_reader :uuid
+      attr_accessor :uuid
 
       # Initializes the Logout Response. A SloLogoutresponse Object.
       # Asigns an ID, a random uuid.
@@ -21,6 +21,10 @@ module OneLogin
         @uuid = OneLogin::RubySaml::Utils.uuid
       end
 
+      def response_id
+        @uuid
+      end
+
       # Creates the Logout Response string.
       # @param settings [OneLogin::RubySaml::Settings|nil] Toolkit settings
       # @param request_id [String] The ID of the LogoutRequest sent by this SP to the IdP. That ID will be placed as the InResponseTo in the logout response
@@ -104,6 +108,7 @@ module OneLogin
       # @param settings [OneLogin::RubySaml::Settings|nil] Toolkit settings
       # @param request_id [String] The ID of the LogoutRequest sent by this SP to the IdP. That ID will be placed as the InResponseTo in the logout response
       # @param logout_message [String] The Message to be placed as StatusMessage in the logout response
+      # @param logout_status_code [String] The StatusCode to be placed as StatusMessage in the logout response
       # @return [String] The SAMLResponse String.
       #
       def create_logout_response_xml_doc(settings, request_id = nil, logout_message = nil, logout_status_code = nil)
@@ -129,15 +134,15 @@ module OneLogin
           issuer.text = settings.sp_entity_id
         end
 
-        # add success message
+        # add status
         status = root.add_element 'samlp:Status'
 
-        # success status code
+        # status code
         status_code ||= 'urn:oasis:names:tc:SAML:2.0:status:Success'
         status_code_elem = status.add_element 'samlp:StatusCode'
         status_code_elem.attributes['Value'] = status_code
 
-        # success status message
+        # status message
         logout_message ||= 'Successfully Signed Out'
         status_message = status.add_element 'samlp:StatusMessage'
         status_message.text = logout_message

data/lib/onelogin/ruby-saml/version.rb

@@ -1,5 +1,5 @@
 module OneLogin
   module RubySaml
-    VERSION = '0.8.17'
+    VERSION = '0.8.18'
   end
 end

data/test/logoutrequest_test.rb

@@ -240,5 +240,16 @@ class LogoutRequestTest < Minitest::Test
         assert cert.public_key.verify(signature_algorithm.new, Base64.decode64(params['Signature']), query_string)
       end
     end
+
+    describe "#manipulate request_id" do
+      it "be able to modify the request id" do
+        logoutrequest = OneLogin::RubySaml::Logoutrequest.new
+        request_id = logoutrequest.request_id
+        assert_equal request_id, logoutrequest.uuid
+        logoutrequest.uuid = "new_uuid"
+        assert_equal logoutrequest.request_id, logoutrequest.uuid
+        assert_equal "new_uuid", logoutrequest.request_id
+      end
+    end
   end
 end

data/test/logoutresponse_test.rb

@@ -33,7 +33,7 @@ class LogoutResponseTest < Minitest::Test
       it "validate the response" do
         in_relation_to_request_id = random_id
         settings.idp_entity_id = "https://example.com/idp"
-        logoutresponse = OneLogin::RubySaml::Logoutresponse.new(valid_response({:uuid => in_relation_to_request_id}), settings)
+        logoutresponse = OneLogin::RubySaml::Logoutresponse.new(valid_response({:uuid2 => in_relation_to_request_id}), settings)
 
         assert logoutresponse.validate
 
@@ -94,5 +94,12 @@ class LogoutResponseTest < Minitest::Test
       end
     end
 
+    describe "#response_id" do
+      it "extract the value of the Response ID" do
+        logoutresponse = OneLogin::RubySaml::Logoutresponse.new(valid_response, settings)
+        assert_equal "_28024690-000e-0130-b6d2-38f6b112be8b", logoutresponse.response_id
+      end
+    end
+
   end
 end

data/test/request_test.rb

@@ -224,6 +224,16 @@ class RequestTest < Minitest::Test
       end
     end
 
+    describe "#manipulate request_id" do
+      it "be able to modify the request id" do
+        authnrequest = OneLogin::RubySaml::Authrequest.new
+        request_id = authnrequest.request_id
+        assert_equal request_id, authnrequest.uuid
+        authnrequest.uuid = "new_uuid"
+        assert_equal authnrequest.request_id, authnrequest.uuid
+        assert_equal "new_uuid", authnrequest.request_id
+      end
+    end
   end
 
 end

data/test/requests/logoutrequest_fixtures.rb

@@ -16,7 +16,7 @@ def valid_request(opts = {})
   "<samlp:LogoutRequest
         xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\"
         xmlns:saml=\"urn:oasis:names:tc:SAML:2.0:assertion\"
-        ID=\"#{random_id}\" Version=\"2.0\"
+        ID=\"#{opts[:uuid]}\" Version=\"2.0\"
         IssueInstant=\"#{opts[:issue_instant]}\"
         Destination=\"#{opts[:settings].idp_slo_target_url}\">
       <saml:Issuer>#{opts[:settings].idp_entity_id}</saml:Issuer>

data/test/response_test.rb

@@ -384,6 +384,13 @@ class ResponseTest <  Minitest::Test
       end
     end
 
+    describe "#response_id and assertion_id" do
+      it "extract the value of the Response and Assertion IDs" do
+        response = OneLogin::RubySaml::Response.new(response_document)
+        assert_equal "GOSAMLR12901174571794", response.response_id
+        assert_equal "pfxa46574df-b3b0-a06a-23c8-636413198772", response.assertion_id
+      end
+    end
 
     describe "#check_conditions" do
       it "check time conditions" do

data/test/responses/logoutresponse_fixtures.rb

@@ -3,6 +3,7 @@
 def default_response_opts
   {
       :uuid => "_28024690-000e-0130-b6d2-38f6b112be8b",
+      :uuid2 => "_48024690-100e-1130-e6d2-28f6b112be71",
       :issue_instant => Time.now.strftime('%Y-%m-%dT%H:%M:%SZ'),
       :settings => settings
   }
@@ -13,10 +14,10 @@ def valid_response(opts = {})
 
   "<samlp:LogoutResponse
         xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\"
-        ID=\"#{random_id}\" Version=\"2.0\"
+        ID=\"#{opts[:uuid]}\" Version=\"2.0\"
         IssueInstant=\"#{opts[:issue_instant]}\"
         Destination=\"#{opts[:settings].idp_slo_target_url}\"
-        InResponseTo=\"#{opts[:uuid]}\">
+        InResponseTo=\"#{opts[:uuid2]}\">
       <saml:Issuer xmlns:saml=\"urn:oasis:names:tc:SAML:2.0:assertion\">#{opts[:settings].idp_entity_id}</saml:Issuer>
       <samlp:Status xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\">
       <samlp:StatusCode xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\"

data/test/slo_logoutrequest_test.rb

@@ -62,5 +62,12 @@ class SloLogoutrequestTest < Minitest::Test
       end
     end
 
+    describe "#request_id" do
+      it "extract the value of the Response ID" do
+        logoutrequest = OneLogin::RubySaml::SloLogoutrequest.new(valid_request, settings)
+        assert_equal "_28024690-000e-0130-b6d2-38f6b112be8b", logoutrequest.request_id
+      end
+    end
+
   end
 end

data/test/slo_logoutresponse_test.rb

@@ -230,5 +230,16 @@ class SloLogoutresponseTest < Minitest::Test
         assert cert.public_key.verify(signature_algorithm.new, Base64.decode64(params['Signature']), query_string)
       end
     end
+
+    describe "#manipulate response_id" do
+      it "be able to modify the response id" do
+        logoutresponse = OneLogin::RubySaml::SloLogoutresponse.new
+        response_id = logoutresponse.response_id
+        assert_equal response_id, logoutresponse.uuid
+        logoutresponse.uuid = "new_uuid"
+        assert_equal logoutresponse.response_id, logoutresponse.uuid
+        assert_equal "new_uuid", logoutresponse.response_id
+      end
+    end
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: ruby-saml
 version: !ruby/object:Gem::Version
-  version: 0.8.17
+  version: 0.8.18
 platform: ruby
 authors:
 - OneLogin LLC
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-02-03 00:00:00.000000000 Z
+date: 2021-09-21 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: uuid
@@ -165,7 +165,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: http://www.rubygems.org/gems/ruby-saml
-rubygems_version: 2.6.8
+rubygems_version: 2.4.8
 signing_key: 
 specification_version: 4
 summary: SAML Ruby Tookit