saml-kit-cli 0.1.1 → 0.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/exe/saml-kit +6 -0
- data/lib/saml/kit/cli.rb +12 -65
- data/lib/saml/kit/cli/certificate.rb +45 -0
- data/lib/saml/kit/cli/decode.rb +41 -0
- data/lib/saml/kit/cli/metadata.rb +30 -0
- data/lib/saml/kit/cli/version.rb +1 -1
- data/lib/saml/kit/cli/yaml_registry.rb +49 -0
- metadata +6 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 0fb542ea66030e180f9b67fe521d4cef1ec02753e148910c7034dadc6ef6fc71
|
|
4
|
+
data.tar.gz: 246689f4c06edfab96903c2db6af5d98e27377febffcdc8d792513f6bee8e318
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: e4851b61cf2ada815b89753456c7bf135250f33ded82292556bbe23293c20994f2d7dd2affde3ef5e6714b8b6118d152c1165da98e1573522dd3cae26a17eec8
|
|
7
|
+
data.tar.gz: a0bc219c9a0c421cfe7543c86f136f2d703fb5b16fa64c88903daefb40b123b858f682ed39a34a0694fbc7a97faf815a70b0f2f245f80aa270aba0196eab72d6
|
data/exe/saml-kit
CHANGED
|
@@ -2,4 +2,10 @@
|
|
|
2
2
|
|
|
3
3
|
require "saml/kit/cli"
|
|
4
4
|
|
|
5
|
+
samlkitrc = ENV.fetch("SAMLKITRC", File.join(Dir.home, ".samlkitrc"))
|
|
6
|
+
Saml::Kit.configure do |configuration|
|
|
7
|
+
configuration.registry = Saml::Kit::Cli::YamlRegistry.new(samlkitrc)
|
|
8
|
+
configuration.logger.level = Logger::FATAL
|
|
9
|
+
end
|
|
10
|
+
|
|
5
11
|
Saml::Kit::Cli::Application.start(ARGV)
|
data/lib/saml/kit/cli.rb
CHANGED
|
@@ -1,78 +1,25 @@
|
|
|
1
1
|
require "saml/kit"
|
|
2
|
-
require "saml/kit/cli/version"
|
|
3
2
|
require "thor"
|
|
3
|
+
require "yaml/store"
|
|
4
|
+
|
|
5
|
+
require "saml/kit/cli/decode"
|
|
6
|
+
require "saml/kit/cli/certificate"
|
|
7
|
+
require "saml/kit/cli/metadata"
|
|
8
|
+
require "saml/kit/cli/version"
|
|
9
|
+
require "saml/kit/cli/yaml_registry"
|
|
4
10
|
|
|
5
11
|
module Saml
|
|
6
12
|
module Kit
|
|
7
13
|
module Cli
|
|
8
|
-
class Decode < Thor
|
|
9
|
-
desc "redirect uri", "Decodes the uri using the HTTP Redirect binding"
|
|
10
|
-
def redirect(uri)
|
|
11
|
-
binding = Saml::Kit::Bindings::HttpRedirect.new(location: '')
|
|
12
|
-
uri = URI.parse(uri)
|
|
13
|
-
query_params = Hash[uri.query.split('&').map { |x| x.split('=', 2) }]
|
|
14
|
-
document = binding.deserialize(query_params)
|
|
15
|
-
|
|
16
|
-
2.times { say "" }
|
|
17
|
-
say_status :success, "Decoded #{document.class}"
|
|
18
|
-
print_table [
|
|
19
|
-
["ID", "Issuer", "Version", "Issue instant"],
|
|
20
|
-
[document.id, document.issuer, document.version, document.issue_instant.iso8601 ]
|
|
21
|
-
]
|
|
22
|
-
say ""
|
|
23
|
-
say document.to_xml(pretty: true), :green
|
|
24
|
-
end
|
|
25
|
-
|
|
26
|
-
desc "post saml", "Decodes the SAMLRequest/SAMLResponse using the HTTP Post binding"
|
|
27
|
-
def post(saml_request)
|
|
28
|
-
binding = Saml::Kit::Bindings::HttpPost.new(location: '')
|
|
29
|
-
document = binding.deserialize('SAMLRequest' => saml_request)
|
|
30
|
-
2.times { say "" }
|
|
31
|
-
say_status :success, "Decoded #{document.class}"
|
|
32
|
-
print_table [
|
|
33
|
-
["ID", "Issuer", "Version", "Issue instant"],
|
|
34
|
-
[document.id, document.issuer, document.version, document.issue_instant.iso8601 ]
|
|
35
|
-
]
|
|
36
|
-
say ""
|
|
37
|
-
say document.to_xml(pretty: true), :green
|
|
38
|
-
end
|
|
39
|
-
end
|
|
40
|
-
|
|
41
|
-
class Generate < Thor
|
|
42
|
-
desc "keypair", "Create a key pair using a self signed certificate."
|
|
43
|
-
method_option :format, default: "pem", required: false, enum: ["pem", "env"]
|
|
44
|
-
method_option :passphrase, default: nil, required: false
|
|
45
|
-
def keypair
|
|
46
|
-
passphrase = options[:passphrase]
|
|
47
|
-
format = options[:format]
|
|
48
|
-
generator = ::Xml::Kit::SelfSignedCertificate.new
|
|
49
|
-
certificate, private_key = generator.create(passphrase: passphrase)
|
|
50
|
-
|
|
51
|
-
if "pem" == format
|
|
52
|
-
say "** BEGIN PEM Format **", :green
|
|
53
|
-
print certificate
|
|
54
|
-
say private_key
|
|
55
|
-
say "***********************", :green
|
|
56
|
-
else
|
|
57
|
-
say "** BEGIN ENV Format **", :green
|
|
58
|
-
say "X509_CERTIFICATE=" + certificate.inspect
|
|
59
|
-
say
|
|
60
|
-
say "PRIVATE_KEY=" + private_key.inspect
|
|
61
|
-
say "***********************", :green
|
|
62
|
-
end
|
|
63
|
-
|
|
64
|
-
say
|
|
65
|
-
say "Private Key Passphrase:", :green
|
|
66
|
-
say passphrase.inspect
|
|
67
|
-
end
|
|
68
|
-
end
|
|
69
|
-
|
|
70
14
|
class Application < Thor
|
|
71
15
|
desc "decode SUBCOMMAND ...ARGS", "decode SAMLRequest/SAMLResponse."
|
|
72
16
|
subcommand "decode", Decode
|
|
73
17
|
|
|
74
|
-
desc "
|
|
75
|
-
subcommand "
|
|
18
|
+
desc "certificate SUBCOMMAND ...ARGS", "Work with SAML Certificates."
|
|
19
|
+
subcommand "certificate", Certificate
|
|
20
|
+
|
|
21
|
+
desc "metadata SUBCOMMAND ...ARGS", "Work with SAML Metadata."
|
|
22
|
+
subcommand "metadata", Metadata
|
|
76
23
|
end
|
|
77
24
|
end
|
|
78
25
|
end
|
|
@@ -0,0 +1,45 @@
|
|
|
1
|
+
module Saml
|
|
2
|
+
module Kit
|
|
3
|
+
module Cli
|
|
4
|
+
class Certificate < Thor
|
|
5
|
+
desc "keypair", "Create a key pair using a self signed certificate."
|
|
6
|
+
method_option :format, default: "pem", required: false, enum: ["pem", "env"]
|
|
7
|
+
method_option :passphrase, default: nil, required: false
|
|
8
|
+
def keypair
|
|
9
|
+
passphrase = options[:passphrase]
|
|
10
|
+
format = options[:format]
|
|
11
|
+
generator = ::Xml::Kit::SelfSignedCertificate.new
|
|
12
|
+
certificate, private_key = generator.create(passphrase: passphrase)
|
|
13
|
+
|
|
14
|
+
if "pem" == format
|
|
15
|
+
say "** BEGIN PEM Format **", :green
|
|
16
|
+
print certificate
|
|
17
|
+
say private_key
|
|
18
|
+
say "***********************", :green
|
|
19
|
+
else
|
|
20
|
+
say "** BEGIN ENV Format **", :green
|
|
21
|
+
say "X509_CERTIFICATE=" + certificate.inspect
|
|
22
|
+
say
|
|
23
|
+
say "PRIVATE_KEY=" + private_key.inspect
|
|
24
|
+
say "***********************", :green
|
|
25
|
+
end
|
|
26
|
+
|
|
27
|
+
say
|
|
28
|
+
say "Private Key Passphrase:", :green
|
|
29
|
+
say passphrase.inspect
|
|
30
|
+
end
|
|
31
|
+
|
|
32
|
+
desc "dump", "Dump the details of a X509 Certificate."
|
|
33
|
+
def dump(raw)
|
|
34
|
+
certificate = ::Xml::Kit::Certificate.new(raw, use: :unknown)
|
|
35
|
+
x509 = certificate.x509
|
|
36
|
+
print_table [
|
|
37
|
+
["Subject", "Issuer", "Serial", "Not Before", "Not After", "Fingerprint"],
|
|
38
|
+
[x509.subject, x509.issuer, x509.serial, x509.not_before, x509.not_after, certificate.fingerprint]
|
|
39
|
+
]
|
|
40
|
+
say x509.to_text, :green
|
|
41
|
+
end
|
|
42
|
+
end
|
|
43
|
+
end
|
|
44
|
+
end
|
|
45
|
+
end
|
|
@@ -0,0 +1,41 @@
|
|
|
1
|
+
module Saml
|
|
2
|
+
module Kit
|
|
3
|
+
module Cli
|
|
4
|
+
class Decode < Thor
|
|
5
|
+
desc "redirect uri", "Decodes the uri using the HTTP Redirect binding"
|
|
6
|
+
def redirect(uri)
|
|
7
|
+
binding = Saml::Kit::Bindings::HttpRedirect.new(location: '')
|
|
8
|
+
uri = URI.parse(uri)
|
|
9
|
+
query_params = Hash[uri.query.split('&').map { |x| x.split('=', 2) }]
|
|
10
|
+
document = binding.deserialize(query_params)
|
|
11
|
+
|
|
12
|
+
2.times { say "" }
|
|
13
|
+
say_status :success, "Decoded #{document.class}"
|
|
14
|
+
print_table [
|
|
15
|
+
["ID", "Issuer", "Version", "Issue instant"],
|
|
16
|
+
[document.id, document.issuer, document.version, document.issue_instant.iso8601 ]
|
|
17
|
+
]
|
|
18
|
+
say ""
|
|
19
|
+
say document.to_xml(pretty: true), :green
|
|
20
|
+
end
|
|
21
|
+
|
|
22
|
+
desc "post saml", "Decodes the SAMLRequest/SAMLResponse using the HTTP Post binding"
|
|
23
|
+
def post(saml_request)
|
|
24
|
+
binding = Saml::Kit::Bindings::HttpPost.new(location: '')
|
|
25
|
+
document = binding.deserialize('SAMLRequest' => saml_request)
|
|
26
|
+
2.times { say "" }
|
|
27
|
+
say_status :success, "Decoded #{document.class}"
|
|
28
|
+
print_table [
|
|
29
|
+
["ID", "Issuer", "Version", "Issue instant", "Type", "Valid", "Signed", "Trusted"],
|
|
30
|
+
[document.id, document.issuer, document.version, document.issue_instant.iso8601, document.class, document.valid?, document.signed?, document.trusted? ]
|
|
31
|
+
]
|
|
32
|
+
document.errors.full_messages.each do |error|
|
|
33
|
+
say_status :error, error, :red
|
|
34
|
+
end
|
|
35
|
+
say ""
|
|
36
|
+
say document.to_xml(pretty: true), :green
|
|
37
|
+
end
|
|
38
|
+
end
|
|
39
|
+
end
|
|
40
|
+
end
|
|
41
|
+
end
|
|
@@ -0,0 +1,30 @@
|
|
|
1
|
+
module Saml
|
|
2
|
+
module Kit
|
|
3
|
+
module Cli
|
|
4
|
+
class Metadata < Thor
|
|
5
|
+
desc "register url", "Registers the Metadata from the remote url."
|
|
6
|
+
def register(url)
|
|
7
|
+
say registry.register_url(url).to_xml(pretty: true), :green
|
|
8
|
+
end
|
|
9
|
+
|
|
10
|
+
desc "list", "List each of the registered entityId's"
|
|
11
|
+
def list
|
|
12
|
+
registry.each do |x|
|
|
13
|
+
say x.entity_id, :green
|
|
14
|
+
end
|
|
15
|
+
end
|
|
16
|
+
|
|
17
|
+
desc "show entity_id", "show the metadata associated with an entityId"
|
|
18
|
+
def show(entity_id)
|
|
19
|
+
say registry.metadata_for(entity_id).to_xml(pretty: true), :green
|
|
20
|
+
end
|
|
21
|
+
|
|
22
|
+
private
|
|
23
|
+
|
|
24
|
+
def registry
|
|
25
|
+
Saml::Kit.registry
|
|
26
|
+
end
|
|
27
|
+
end
|
|
28
|
+
end
|
|
29
|
+
end
|
|
30
|
+
end
|
data/lib/saml/kit/cli/version.rb
CHANGED
|
@@ -0,0 +1,49 @@
|
|
|
1
|
+
module Saml
|
|
2
|
+
module Kit
|
|
3
|
+
module Cli
|
|
4
|
+
class YamlRegistry < ::Saml::Kit::DefaultRegistry
|
|
5
|
+
def initialize(path)
|
|
6
|
+
@items = YAML::Store.new(path)
|
|
7
|
+
end
|
|
8
|
+
|
|
9
|
+
def register(metadata)
|
|
10
|
+
with_transaction do |db|
|
|
11
|
+
db[metadata.entity_id] = metadata.to_xml
|
|
12
|
+
end
|
|
13
|
+
metadata
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
def metadata_for(entity_id)
|
|
17
|
+
with_transaction do |db|
|
|
18
|
+
xml = db[entity_id]
|
|
19
|
+
return nil if xml.nil?
|
|
20
|
+
Saml::Kit::Metadata.from(xml)
|
|
21
|
+
end
|
|
22
|
+
end
|
|
23
|
+
|
|
24
|
+
def each
|
|
25
|
+
with_transaction do |db|
|
|
26
|
+
db.roots.each do |key|
|
|
27
|
+
yield metadata_for(key)
|
|
28
|
+
end
|
|
29
|
+
end
|
|
30
|
+
end
|
|
31
|
+
|
|
32
|
+
private
|
|
33
|
+
|
|
34
|
+
def with_transaction
|
|
35
|
+
if @in_transaction
|
|
36
|
+
yield @items
|
|
37
|
+
else
|
|
38
|
+
@items.transaction do
|
|
39
|
+
@in_transaction = true
|
|
40
|
+
yield @items
|
|
41
|
+
ensure
|
|
42
|
+
@in_transaction = false
|
|
43
|
+
end
|
|
44
|
+
end
|
|
45
|
+
end
|
|
46
|
+
end
|
|
47
|
+
end
|
|
48
|
+
end
|
|
49
|
+
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: saml-kit-cli
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.2.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- mo khan
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2018-02-
|
|
11
|
+
date: 2018-02-07 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: saml-kit
|
|
@@ -99,7 +99,11 @@ files:
|
|
|
99
99
|
- bin/setup
|
|
100
100
|
- exe/saml-kit
|
|
101
101
|
- lib/saml/kit/cli.rb
|
|
102
|
+
- lib/saml/kit/cli/certificate.rb
|
|
103
|
+
- lib/saml/kit/cli/decode.rb
|
|
104
|
+
- lib/saml/kit/cli/metadata.rb
|
|
102
105
|
- lib/saml/kit/cli/version.rb
|
|
106
|
+
- lib/saml/kit/cli/yaml_registry.rb
|
|
103
107
|
- saml-kit-cli.gemspec
|
|
104
108
|
homepage: http://www.mokhan.ca/
|
|
105
109
|
licenses:
|