ruby-samlnechotech 0.7.26 → 0.7.27

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: ddc653946e9eff4b045bf7a9dffc2308c447b541
4
- data.tar.gz: a6fa9283329ab95e31d9b0d5a07499f8b69f46d6
3
+ metadata.gz: b9926b344ac2ffd7ab1a925d954d23c704f55715
4
+ data.tar.gz: 683b5078e34c45c96b9b75634ee1884a37412e30
5
5
  SHA512:
6
- metadata.gz: cae580d90ebbb622d7f3312f0f73ded688a9937a67a46fcf8a4de3f5c2c80243146262a02f63c5f1c749e157039437780188fdd0f8ceccb0faffd88e6b5438e3
7
- data.tar.gz: 931b35a3eb86557160ecf45806bb880a904b18a9a2806ca86c776cbd48056285d4bb002ab6a7617b263bf5951d732acd00f562b168093b3e24dde0cea40fbfa1
6
+ metadata.gz: ab84a37576bf427a111293a8bc3ee4aef9a8a92d95cb50c282274dd852dca75ca3a5e64cc15edc3354402dfc4761210f2261efd283cf42fb73bd9220967fec03
7
+ data.tar.gz: a2854bd8f4e93b5f25891291c052ce262456b5acb99eb824782216613e885b68b3b64f589f83f5cecb344408f80d694ea144cbc219e6399d9a17220e6677bb9a
@@ -29,6 +29,23 @@ module Onelogin
29
29
  validate
30
30
  end
31
31
 
32
+ def xml_cert_validate(idp_cert_fingerprint, logger)
33
+
34
+ # get cert from response
35
+ base64_cert = self.elements["//ds:X509Certificate"].text
36
+ cert_text = Base64.decode64(base64_cert)
37
+ cert = OpenSSL::X509::Certificate.new(cert_text)
38
+
39
+ # check cert matches registered idp cert
40
+ fingerprint = Digest::SHA1.hexdigest(cert.to_der)
41
+ logger.info("fingerprint = " + fingerprint) if !logger.nil?
42
+ valid_flag = fingerprint == idp_cert_fingerprint.gsub(":", "").downcase
43
+
44
+ return valid_flag if !valid_flag
45
+
46
+ document.validate_doc(base64_cert, logger)
47
+ end
48
+
32
49
  def validate!
33
50
  validate(false)
34
51
  end
@@ -110,7 +127,7 @@ module Onelogin
110
127
  validate_structure(soft) &&
111
128
  validate_response_state(soft) &&
112
129
  validate_conditions(soft) &&
113
- document.validate(get_fingerprint, soft) &&
130
+ xml_cert_validate(get_fingerprint, soft) &&
114
131
  success?
115
132
  end
116
133
 
@@ -1,5 +1,5 @@
1
1
  module Onelogin
2
2
  module Saml
3
- VERSION = '0.7.26'
3
+ VERSION = '0.7.27'
4
4
  end
5
5
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: ruby-samlnechotech
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.7.26
4
+ version: 0.7.27
5
5
  platform: ruby
6
6
  authors:
7
7
  - OneLogin LLC, beekermememe