saml-kit 0.2.6 → 0.2.7

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 11da72a9a04500f85a856e8bdb82e5d32f930383bacbc4c1b2eacb5908336581
-  data.tar.gz: cb5c231e608a6fc199052c1c3e4922837c51534ec99a3416b1d45aa73efd07db
+  metadata.gz: '029d3a033d81aac8add1be06a783516f239b7b38cec4bb6e701e010c80b82e98'
+  data.tar.gz: a29f4fd46aa450d8392376cdb38fe2510575b7a51e1217987719f1828c1defbc
 SHA512:
-  metadata.gz: 3283b83d0c28a95e3bc1bbf3999bd5eee369dc82dcaa1eb4330dbb89e82ee57be3df06ad1548c416adc6a79f249642fda08d56e11323d88c7ffbd553b0431473
-  data.tar.gz: 49aa1074365a8c48f287e3939d3f9f3deb0d0f45168982a4197b091cf34257b60324eb177311581069a0ba47468bce0354a0d0d133668fc36180d38106add5e2
+  metadata.gz: 694fe63f05d9b011d998f4c144faf75f9b852e63ad01badf522b23e654038c5d6655334a24b9c366d5920df0f01772fbfdf0190c5946cbca79a007b1a74eb64c
+  data.tar.gz: 4b497ec560bbd279cc957ee2765bd1e6f1ea48a591e54a58f434522984bcf0ebcf210e343b8a02ecc0e268d6d95221cd21138fb2b655b008203f0520cc8cebb4

data/lib/saml/kit.rb

@@ -74,7 +74,7 @@ module Saml
       end
 
       def deprecate(message)
-        @deprecation ||= ActiveSupport::Deprecation.new('next-release', 'saml-kit')
+        @deprecation ||= ActiveSupport::Deprecation.new('1.0.0', 'saml-kit')
         @deprecation.deprecation_warning(message)
       end
     end

data/lib/saml/kit/authentication_request.rb

@@ -18,7 +18,7 @@ module Saml
       def response_for(user, binding:, relay_state: nil)
         response_binding = provider.assertion_consumer_service_for(binding: binding)
         builder = Saml::Kit::Response.builder(user, self) do |x|
-          x.sign = provider.want_assertions_signed
+          x.embed_signature = provider.want_assertions_signed
           yield x if block_given?
         end
         response_binding.serialize(builder, relay_state: relay_state)

data/lib/saml/kit/bindings/http_redirect.rb

@@ -9,7 +9,7 @@ module Saml
         end
 
         def serialize(builder, relay_state: nil)
-          builder.sign = false
+          builder.embed_signature = false
           builder.destination = location
           document = builder.build
           [UrlBuilder.new(configuration: builder.configuration).build(document, relay_state: relay_state), {}]

data/lib/saml/kit/builders.rb

@@ -3,6 +3,7 @@ require 'saml/kit/builders/authentication_request'
 require 'saml/kit/builders/identity_provider_metadata'
 require 'saml/kit/builders/logout_request'
 require 'saml/kit/builders/logout_response'
+require 'saml/kit/builders/metadata'
 require 'saml/kit/builders/response'
 require 'saml/kit/builders/service_provider_metadata'
 require 'saml/kit/builders/xml_encryption'

data/lib/saml/kit/builders/assertion.rb

@@ -5,7 +5,7 @@ module Saml
         include Templatable
         extend Forwardable
 
-        def_delegators :@response_builder, :encrypt, :sign, :request, :issuer, :reference_id, :now, :configuration, :user, :version, :destination, :encryption_certificate
+        def_delegators :@response_builder, :encrypt, :embed_signature, :request, :issuer, :reference_id, :now, :configuration, :user, :version, :destination, :encryption_certificate
 
         def initialize(response_builder)
           @response_builder = response_builder

data/lib/saml/kit/builders/identity_provider_metadata.rb

@@ -3,10 +3,13 @@ module Saml
     module Builders
       class IdentityProviderMetadata
         include Saml::Kit::Templatable
-        attr_accessor :id, :organization_name, :organization_url, :contact_email, :entity_id, :attributes, :name_id_formats
+        extend Forwardable
+        attr_accessor :attributes, :name_id_formats
         attr_accessor :want_authn_requests_signed
         attr_reader :logout_urls, :single_sign_on_urls
         attr_reader :configuration
+        attr_reader :metadata
+        def_delegators :metadata, :id, :id=, :entity_id, :entity_id=, :organization_name, :organization_name=, :organization_url, :organization_url=, :contact_email, :contact_email=, :to_xml
 
         def initialize(configuration: Saml::Kit.configuration)
           @attributes = []
@@ -17,6 +20,8 @@ module Saml
           @name_id_formats = [Namespaces::PERSISTENT]
           @single_sign_on_urls = []
           @want_authn_requests_signed = true
+          @metadata = Saml::Kit::Builders::Metadata.new(configuration: configuration)
+          @metadata.identity_provider = self
         end
 
         def add_single_sign_on_service(url, binding: :http_post)
@@ -43,7 +48,7 @@ module Saml
           }
         end
 
-        def idp_sso_descriptor_options
+        def descriptor_options
           {
             WantAuthnRequestsSigned: want_authn_requests_signed,
             protocolSupportEnumeration: Namespaces::PROTOCOL,

data/lib/saml/kit/builders/metadata.rb

@@ -0,0 +1,50 @@
+module Saml
+  module Kit
+    module Builders
+      class Metadata
+        include Templatable
+
+        attr_accessor :entity_id
+        attr_accessor :id
+        attr_accessor :identity_provider
+        attr_accessor :organization_name, :organization_url, :contact_email
+        attr_accessor :service_provider
+        attr_reader :configuration
+
+        def initialize(configuration: Saml::Kit.configuration)
+          @id = Id.generate
+          @entity_id = configuration.issuer
+          @configuration = configuration
+        end
+
+        def build_service_provider
+          @service_provider = Saml::Kit::ServiceProviderMetadata.builder(configuration: configuration) do |x|
+            yield x if block_given?
+          end
+        end
+
+        def build_identity_provider
+          @identity_provider = Saml::Kit::IdentityProviderMetadata.builder(configuration: configuration) do |x|
+            yield x if block_given?
+          end
+        end
+
+        def build
+          Saml::Kit::Metadata.from(to_xml)
+        end
+
+        private
+
+        def entity_descriptor_options
+          {
+            'xmlns': Namespaces::METADATA,
+            'xmlns:ds': Namespaces::XMLDSIG,
+            'xmlns:saml': Namespaces::ASSERTION,
+            ID: id,
+            entityID: entity_id,
+          }
+        end
+      end
+    end
+  end
+end

data/lib/saml/kit/builders/response.rb

@@ -18,7 +18,7 @@ module Saml
           @version = "2.0"
           @status_code = Namespaces::SUCCESS
           @issuer = configuration.issuer
-          @sign = want_assertions_signed
+          @embed_signature = want_assertions_signed
           @encrypt = encryption_certificate.present?
           @configuration = configuration
         end

data/lib/saml/kit/builders/service_provider_metadata.rb

@@ -3,19 +3,21 @@ module Saml
     module Builders
       class ServiceProviderMetadata
         include Saml::Kit::Templatable
-        attr_accessor :id, :entity_id, :acs_urls, :logout_urls, :name_id_formats
-        attr_accessor :organization_name, :organization_url, :contact_email
+        extend Forwardable
+        attr_accessor :acs_urls, :logout_urls, :name_id_formats
         attr_accessor :want_assertions_signed
         attr_reader :configuration
+        attr_reader :metadata
+        def_delegators :metadata, :id, :id=, :entity_id, :entity_id=, :organization_name, :organization_name=, :organization_url, :organization_url=, :contact_email, :contact_email=, :to_xml
 
         def initialize(configuration: Saml::Kit.configuration)
           @acs_urls = []
           @configuration = configuration
-          @entity_id = configuration.issuer
-          @id = Id.generate
           @logout_urls = []
           @name_id_formats = [Namespaces::PERSISTENT]
           @want_assertions_signed = true
+          @metadata = Saml::Kit::Builders::Metadata.new(configuration: configuration)
+          @metadata.service_provider = self
         end
 
         def add_assertion_consumer_service(url, binding: :http_post)

data/lib/saml/kit/builders/templates/identity_provider_metadata.builder

@@ -1,32 +1,21 @@
-xml.instruct!
-xml.EntityDescriptor entity_descriptor_options do
-  signature_for(reference_id: id, xml: xml)
-  xml.IDPSSODescriptor idp_sso_descriptor_options do
-    configuration.certificates(use: :signing).each do |certificate|
-      render certificate, xml: xml
-    end
-    configuration.certificates(use: :encryption).each do |certificate|
-      render certificate, xml: xml
-    end
-    logout_urls.each do |item|
-      xml.SingleLogoutService Binding: item[:binding], Location: item[:location]
-    end
-    name_id_formats.each do |format|
-      xml.NameIDFormat format
-    end
-    single_sign_on_urls.each do |item|
-      xml.SingleSignOnService Binding: item[:binding], Location: item[:location]
-    end
-    attributes.each do |attribute|
-      xml.tag! 'saml:Attribute', Name: attribute
-    end
+signature_for(reference_id: id, xml: xml)
+xml.IDPSSODescriptor descriptor_options do
+  configuration.certificates(use: :signing).each do |certificate|
+    render certificate, xml: xml
   end
-  xml.Organization do
-    xml.OrganizationName organization_name, 'xml:lang': "en"
-    xml.OrganizationDisplayName organization_name, 'xml:lang': "en"
-    xml.OrganizationURL organization_url, 'xml:lang': "en"
+  configuration.certificates(use: :encryption).each do |certificate|
+    render certificate, xml: xml
   end
-  xml.ContactPerson contactType: "technical" do
-    xml.Company "mailto:#{contact_email}"
+  logout_urls.each do |item|
+    xml.SingleLogoutService Binding: item[:binding], Location: item[:location]
+  end
+  name_id_formats.each do |format|
+    xml.NameIDFormat format
+  end
+  single_sign_on_urls.each do |item|
+    xml.SingleSignOnService Binding: item[:binding], Location: item[:location]
+  end
+  attributes.each do |attribute|
+    xml.tag! 'saml:Attribute', Name: attribute
   end
 end

data/lib/saml/kit/builders/templates/metadata.builder

@@ -0,0 +1,13 @@
+xml.instruct!
+xml.EntityDescriptor entity_descriptor_options do
+  render identity_provider, xml: xml
+  render service_provider, xml: xml
+  xml.Organization do
+    xml.OrganizationName organization_name, 'xml:lang': "en"
+    xml.OrganizationDisplayName organization_name, 'xml:lang': "en"
+    xml.OrganizationURL organization_url, 'xml:lang': "en"
+  end
+  xml.ContactPerson contactType: "technical" do
+    xml.Company "mailto:#{contact_email}"
+  end
+end

data/lib/saml/kit/builders/templates/service_provider_metadata.builder

@@ -1,29 +1,18 @@
-xml.instruct!
-xml.EntityDescriptor entity_descriptor_options do
-  signature_for(reference_id: id, xml: xml)
-  xml.SPSSODescriptor descriptor_options do
-    configuration.certificates(use: :signing).each do |certificate|
-      render certificate, xml: xml
-    end
-    configuration.certificates(use: :encryption).each do |certificate|
-      render certificate, xml: xml
-    end
-    logout_urls.each do |item|
-      xml.SingleLogoutService Binding: item[:binding], Location: item[:location]
-    end
-    name_id_formats.each do |format|
-      xml.NameIDFormat format
-    end
-    acs_urls.each_with_index do |item, index|
-      xml.AssertionConsumerService Binding: item[:binding], Location: item[:location], index: index, isDefault: index == 0 ? true : false
-    end
+signature_for(reference_id: id, xml: xml)
+xml.SPSSODescriptor descriptor_options do
+  configuration.certificates(use: :signing).each do |certificate|
+    render certificate, xml: xml
   end
-  xml.Organization do
-    xml.OrganizationName organization_name, 'xml:lang': "en"
-    xml.OrganizationDisplayName organization_name, 'xml:lang': "en"
-    xml.OrganizationURL organization_url, 'xml:lang': "en"
+  configuration.certificates(use: :encryption).each do |certificate|
+    render certificate, xml: xml
   end
-  xml.ContactPerson contactType: "technical" do
-    xml.Company "mailto:#{contact_email}"
+  logout_urls.each do |item|
+    xml.SingleLogoutService Binding: item[:binding], Location: item[:location]
+  end
+  name_id_formats.each do |format|
+    xml.NameIDFormat format
+  end
+  acs_urls.each_with_index do |item, index|
+    xml.AssertionConsumerService Binding: item[:binding], Location: item[:location], index: index, isDefault: index == 0 ? true : false
   end
 end

data/lib/saml/kit/builders/xml_signature.rb

@@ -17,7 +17,7 @@ module Saml
           SHA512: "http://www.w3.org/2001/04/xmlenc#sha512",
         }.freeze
 
-        attr_reader :sign, :configuration
+        attr_reader :embed_signature, :configuration
         attr_reader :reference_id
         attr_reader :x509_certificate
 

data/lib/saml/kit/identity_provider_metadata.rb

@@ -31,7 +31,7 @@ module Saml
 
       def login_request_for(binding:, relay_state: nil)
         builder = Saml::Kit::AuthenticationRequest.builder do |x|
-          x.sign = want_authn_requests_signed
+          x.embed_signature = want_authn_requests_signed
           yield x if block_given?
         end
         request_binding = single_sign_on_service_for(binding: binding)

data/lib/saml/kit/metadata.rb

@@ -109,6 +109,10 @@ module Saml
         end
       end
 
+      def self.builder_class
+        Saml::Kit::Builders::Metadata
+      end
+
       private
 
       def document

data/lib/saml/kit/templatable.rb

@@ -1,7 +1,12 @@
 module Saml
   module Kit
     module Templatable
-      attr_accessor :sign
+      attr_accessor :embed_signature
+
+      def sign=(value)
+        Saml::Kit.deprecate("sign= is deprecated. Use embed_signature= instead")
+        self.embed_signature = value
+      end
 
       def to_xml(xml: ::Builder::XmlMarkup.new)
         signatures.complete(render(self, xml: xml))
@@ -13,7 +18,7 @@ module Saml
       end
 
       def sign?
-        sign.nil? ? configuration.sign? : sign && configuration.sign?
+        embed_signature.nil? ? configuration.sign? : embed_signature && configuration.sign?
       end
 
       def signatures

data/lib/saml/kit/version.rb

@@ -1,5 +1,5 @@
 module Saml
   module Kit
-    VERSION = "0.2.6"
+    VERSION = "0.2.7"
   end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: saml-kit
 version: !ruby/object:Gem::Version
-  version: 0.2.6
+  version: 0.2.7
 platform: ruby
 authors:
 - mo khan
@@ -202,6 +202,7 @@ files:
 - lib/saml/kit/builders/identity_provider_metadata.rb
 - lib/saml/kit/builders/logout_request.rb
 - lib/saml/kit/builders/logout_response.rb
+- lib/saml/kit/builders/metadata.rb
 - lib/saml/kit/builders/response.rb
 - lib/saml/kit/builders/service_provider_metadata.rb
 - lib/saml/kit/builders/templates/assertion.builder
@@ -210,6 +211,7 @@ files:
 - lib/saml/kit/builders/templates/identity_provider_metadata.builder
 - lib/saml/kit/builders/templates/logout_request.builder
 - lib/saml/kit/builders/templates/logout_response.builder
+- lib/saml/kit/builders/templates/metadata.builder
 - lib/saml/kit/builders/templates/nil_class.builder
 - lib/saml/kit/builders/templates/response.builder
 - lib/saml/kit/builders/templates/service_provider_metadata.builder