RubyGems - ruby-samlnechotech - Versions diffs - 0.7.26 → 0.7.27 - Mend

ruby-samlnechotech 0.7.26 → 0.7.27

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

checksums.yaml +4 -4
data/lib/onelogin/ruby-samlnechotech/response.rb +18 -1
data/lib/onelogin/ruby-samlnechotech/version.rb +1 -1
metadata +1 -1

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: ddc653946e9eff4b045bf7a9dffc2308c447b541
-  data.tar.gz: a6fa9283329ab95e31d9b0d5a07499f8b69f46d6
+  metadata.gz: b9926b344ac2ffd7ab1a925d954d23c704f55715
+  data.tar.gz: 683b5078e34c45c96b9b75634ee1884a37412e30
 SHA512:
-  metadata.gz: cae580d90ebbb622d7f3312f0f73ded688a9937a67a46fcf8a4de3f5c2c80243146262a02f63c5f1c749e157039437780188fdd0f8ceccb0faffd88e6b5438e3
-  data.tar.gz: 931b35a3eb86557160ecf45806bb880a904b18a9a2806ca86c776cbd48056285d4bb002ab6a7617b263bf5951d732acd00f562b168093b3e24dde0cea40fbfa1
+  metadata.gz: ab84a37576bf427a111293a8bc3ee4aef9a8a92d95cb50c282274dd852dca75ca3a5e64cc15edc3354402dfc4761210f2261efd283cf42fb73bd9220967fec03
+  data.tar.gz: a2854bd8f4e93b5f25891291c052ce262456b5acb99eb824782216613e885b68b3b64f589f83f5cecb344408f80d694ea144cbc219e6399d9a17220e6677bb9a

data/lib/onelogin/ruby-samlnechotech/response.rb CHANGED Viewed

@@ -29,6 +29,23 @@ module Onelogin
         validate
       end
+      def xml_cert_validate(idp_cert_fingerprint, logger)
+        # get cert from response
+        base64_cert = self.elements["//ds:X509Certificate"].text
+        cert_text = Base64.decode64(base64_cert)
+        cert = OpenSSL::X509::Certificate.new(cert_text)
+        # check cert matches registered idp cert
+        fingerprint = Digest::SHA1.hexdigest(cert.to_der)
+        logger.info("fingerprint = " + fingerprint) if !logger.nil?
+        valid_flag = fingerprint == idp_cert_fingerprint.gsub(":", "").downcase
+        return valid_flag if !valid_flag
+        document.validate_doc(base64_cert, logger)
+      end
       def validate!
         validate(false)
       end
@@ -110,7 +127,7 @@ module Onelogin
         validate_structure(soft)      &&
         validate_response_state(soft) &&
         validate_conditions(soft)     &&
-        document.validate(get_fingerprint, soft) &&
+        xml_cert_validate(get_fingerprint, soft) &&
         success?
       end

data/lib/onelogin/ruby-samlnechotech/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 module Onelogin
   module Saml
-    VERSION = '0.7.26'
+    VERSION = '0.7.27'
   end
 end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: ruby-samlnechotech
 version: !ruby/object:Gem::Version
-  version: 0.7.26
+  version: 0.7.27
 platform: ruby
 authors:
 - OneLogin LLC, beekermememe