ruby-samlnechotech 0.7.31 → 0.7.32

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/lib/onelogin/ruby-samlnechotech/authrequest.rb +7 -7
  3. data/lib/onelogin/ruby-samlnechotech/metadata.rb +2 -2
  4. data/lib/onelogin/ruby-samlnechotech/response.rb +7 -3
  5. data/lib/onelogin/ruby-samlnechotech/settings.rb +1 -1
  6. data/lib/onelogin/ruby-samlnechotech/version.rb +1 -1
  7. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 3bf49be077e9d389a9fa0dc4952d2197d5983149
4
- data.tar.gz: 83da3b834385465d0a1a3cd68ae3f23c9bc1f093
3
+ metadata.gz: 2bb37f4e246d9b31c8bfe72acf8731e8c6ac55ea
4
+ data.tar.gz: 6c08d064ce2b17103ef948a626e4e143debdbdf9
5
5
  SHA512:
6
- metadata.gz: f8c0ef6658fd72a46c1282b04f57b90477062e74b4c8a93436bd0d7b5d4f208525837b2012f850fffb8d38cda2aa8ab46d8cc90bf586dcde5d22bc8137a8c639
7
- data.tar.gz: 0484b14583a4c3f7e8ed0f9cd952c8908a4f34edd2bbfa74b3bd05092a838ae0ddd4631b107a18def478a56af7fd5ff9ad2beba34bda4b210cea9dc04d978ab0
6
+ metadata.gz: 1e0b8c88e5f78181a49990abffca12800aa7bbeac02207a5127172b086c5a96cca0c507d6c4a1fb50254fd266c1d42335f46728376f11c3ae6a7097b266bad77
7
+ data.tar.gz: b09a66df1703f9cdd6e8397c32f5625428e7b9e9f27da59589e3e2e6f5fa0c4da9b520906aa488a52b73257553eee4ec13f1f5e6ef07543024475cc426f63ce9
data/lib/onelogin/ruby-samlnechotech/authrequest.rb CHANGED
@@ -18,7 +18,7 @@ module Onelogin
18
18
  request = ""
19
19
  request_doc.write(request)
20
20
 
21
- Logging.debug "Created AuthnRequest: #{request}"
21
+ Logging.debug "Created AuthnRequest:\n#{request}\n"
22
22
 
23
23
  request = Zlib::Deflate.deflate(request, 9)[2..-5] if settings.compress_request
24
24
  base64_request = Base64.encode64(request)
@@ -36,7 +36,7 @@ module Onelogin
36
36
  def create_authentication_xml_doc(settings)
37
37
  uuid = "_" + UUID.new.generate
38
38
  time = Time.now.utc.strftime("%Y-%m-%dT%H:%M:%SZ")
39
- # Create AuthnRequest root element using REXML
39
+ # Create AuthnRequest root element using REXML
40
40
  request_doc = REXML::Document.new
41
41
 
42
42
  root = request_doc.add_element "samlp:AuthnRequest", { "xmlns:samlp" => "urn:oasis:names:tc:SAML:2.0:protocol" }
@@ -45,7 +45,7 @@ module Onelogin
45
45
  root.attributes['Version'] = "2.0"
46
46
  root.attributes['Destination'] = settings.idp_sso_target_url unless settings.idp_sso_target_url.nil?
47
47
  root.attributes['IsPassive'] = settings.passive unless settings.passive.nil?
48
- root.attributes['ForceAuthN'] = "#{settings.force_authn}" unless settings.force_authn.nil?
48
+ root.attributes['ForceAuthn'] = settings.force_authn unless settings.force_authn.nil?
49
49
 
50
50
  # Conditionally defined elements based on settings
51
51
  if settings.assertion_consumer_service_url != nil
@@ -56,7 +56,7 @@ module Onelogin
56
56
  issuer.text = settings.issuer
57
57
  end
58
58
  if settings.name_identifier_format != nil
59
- root.add_element "samlp:NameIDPolicy", {
59
+ root.add_element "samlp:NameIDPolicy", {
60
60
  "xmlns:samlp" => "urn:oasis:names:tc:SAML:2.0:protocol",
61
61
  # Might want to make AllowCreate a setting?
62
62
  "AllowCreate" => "true",
@@ -65,14 +65,14 @@ module Onelogin
65
65
  end
66
66
 
67
67
  # BUG fix here -- if an authn_context is defined, add the tags with an "exact"
68
- # match required for authentication to succeed. If this is not defined,
68
+ # match required for authentication to succeed. If this is not defined,
69
69
  # the IdP will choose default rules for authentication. (Shibboleth IdP)
70
70
  if settings.authn_context != nil
71
- requested_context = root.add_element "samlp:RequestedAuthnContext", {
71
+ requested_context = root.add_element "samlp:RequestedAuthnContext", {
72
72
  "xmlns:samlp" => "urn:oasis:names:tc:SAML:2.0:protocol",
73
73
  "Comparison" => "exact",
74
74
  }
75
- class_ref = requested_context.add_element "saml:AuthnContextClassRef", {
75
+ class_ref = requested_context.add_element "saml:AuthnContextClassRef", {
76
76
  "xmlns:saml" => "urn:oasis:names:tc:SAML:2.0:assertion",
77
77
  }
78
78
  class_ref.text = settings.authn_context
data/lib/onelogin/ruby-samlnechotech/metadata.rb CHANGED
@@ -3,7 +3,7 @@ require "rexml/xpath"
3
3
  require "uri"
4
4
 
5
5
  # Class to return SP metadata based on the settings requested.
6
- # Return this XML in a controller, then give that URL to the the
6
+ # Return this XML in a controller, then give that URL to the the
7
7
  # IdP administrator. The IdP will poll the URL and your settings
8
8
  # will be updated automatically
9
9
  module Onelogin
@@ -57,7 +57,7 @@ module Onelogin
57
57
  # pretty print the XML so IdP administrators can easily see what the SP supports
58
58
  meta_doc.write(ret, 1)
59
59
 
60
- Logging.debug "Generated metadata:\n#{ret}"
60
+ Logging.debug "Generated metadata:\n#{ret}\n"
61
61
 
62
62
  ret
63
63
  end
data/lib/onelogin/ruby-samlnechotech/response.rb CHANGED
@@ -35,15 +35,14 @@ module Onelogin
35
35
  base64_cert = document.elements["//ds:X509Certificate"].text
36
36
  cert_text = Base64.decode64(base64_cert)
37
37
  cert = OpenSSL::X509::Certificate.new(cert_text)
38
- r_logger = Rails.logger rescue nil
39
38
  # check cert matches registered idp cert
40
39
  fingerprint = Digest::SHA1.hexdigest(cert.to_der)
41
- r_logger.info("fingerprint = " + fingerprint) if !r_logger.nil?
40
+ Logging.debug "Fingerprint:\n#{fingerprint}\n"
42
41
  valid_flag = fingerprint == idp_cert_fingerprint.gsub(":", "").downcase
43
42
 
44
43
  return valid_flag if !valid_flag
45
44
 
46
- document.validate_doc(base64_cert, r_logger)
45
+ document.validate_doc(base64_cert, Logging)
47
46
  end
48
47
 
49
48
  def validate!
@@ -99,6 +98,7 @@ module Onelogin
99
98
  # Checks the status of the response for a "Success" code
100
99
  # (nechotech: ...or a "NoPassive" secondary status code)
101
100
  def success?
101
+ log()
102
102
  @status_code ||= begin
103
103
  node = REXML::XPath.first(document, "/p:Response/p:Status/p:StatusCode", { "p" => PROTOCOL, "a" => ASSERTION })
104
104
  primary_status = node.attributes["Value"]
@@ -127,6 +127,10 @@ module Onelogin
127
127
  end
128
128
  end
129
129
 
130
+ def log
131
+ Logging.debug "SAML Response:\n#{document}\n"
132
+ end
133
+
130
134
  private
131
135
 
132
136
  def validation_error(message)
data/lib/onelogin/ruby-samlnechotech/settings.rb CHANGED
@@ -22,7 +22,7 @@ module Onelogin
22
22
  attr_accessor :idp_isp_cert
23
23
 
24
24
  private
25
-
25
+
26
26
  DEFAULTS = {:compress_request => true, :double_quote_xml_attribute_values => false}
27
27
  end
28
28
  end
data/lib/onelogin/ruby-samlnechotech/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module Onelogin
2
2
  module Saml
3
- VERSION = '0.7.31'
3
+ VERSION = '0.7.32'
4
4
  end
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: ruby-samlnechotech
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.7.31
4
+ version: 0.7.32
5
5
  platform: ruby
6
6
  authors:
7
7
  - OneLogin LLC, beekermememe
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2013-05-29 00:00:00.000000000 Z
11
+ date: 2013-06-05 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: canonix