RubyGems - saml-kit - Versions diffs - 0.2.9 → 0.2.10 - Mend

saml-kit 0.2.9 → 0.2.10

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

checksums.yaml +4 -4
data/lib/saml/kit/bindings/http_redirect.rb +29 -9
data/lib/saml/kit/trustable.rb +3 -2
data/lib/saml/kit/version.rb +1 -1
metadata +1 -1

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 0bf388798a57928e726edb29bf5a4998f43a62139b4cb5da662a73e434b23dae
-  data.tar.gz: 3c5d2bc07e37dcc6f95779bde81cfdff175f5f61929370dcd7fa6950e3614676
+  metadata.gz: e2deef2c819d3c504c5f5555e8a23aa0acb264f6770873262749454ebfdbd196
+  data.tar.gz: d626b0565324c8395bc8d13d5952e798919cabb1462ac64101a04f696b5842b0
 SHA512:
-  metadata.gz: ee450ff950b85fa7f4d6c6f32a97015eb0cb6ddf530560a243b97a9c5bab3f488f32be5a94bf439614f3d3378eeb8f5bbcbc92d9935d2bdf3f161d08a29ee466
-  data.tar.gz: 81eceb240153a8095a00f82e315b1b623ad3b1c27bb86ce59b2294ebf143d7bc4a57193d2a6ca2a1e31b251e19991d9f0b99d11f914f457972ebc7d27f58a04e
+  metadata.gz: 8f9c61f5c92f27893418dd16bf79e6eb092374c88083a7f1764e758484182f55624c6b6956b14dc9ff78b14175313fbca9492873996488309ed6ba4ab4076f6d
+  data.tar.gz: 247d482f32aa92924cc8601d773d3d988b6d3646c08c28911ce6f25449d8264ffa141fd28cf431dd64807acdf6473e41c034222a1585de0acd80e9fdc49047a5

data/lib/saml/kit/bindings/http_redirect.rb CHANGED Viewed

@@ -16,9 +16,9 @@ module Saml
         end
         def deserialize(params, configuration: Saml::Kit.configuration)
-          document = deserialize_document_from!(params, configuration)
-          ensure_valid_signature!(params, document)
-          document.signature_verified!
+          parameters = normalize(params)
+          document = deserialize_document_from!(parameters, configuration)
+          ensure_valid_signature!(parameters, document)
           document
         end
@@ -26,21 +26,24 @@ module Saml
         def deserialize_document_from!(params, configuration)
           xml = inflate(decode(unescape(saml_param_from(params))))
-          Saml::Kit.logger.debug(xml)
           Saml::Kit::Document.to_saml_document(xml, configuration: configuration)
         end
         def ensure_valid_signature!(params, document)
-          return if params['Signature'].blank? || params['SigAlg'].blank?
+          return if params[:Signature].blank? || params[:SigAlg].blank?
-          signature = decode(params['Signature'])
-          canonical_form = ['SAMLRequest', 'SAMLResponse', 'RelayState', 'SigAlg'].map do |key|
+          signature = decode(params[:Signature])
+          canonical_form = [:SAMLRequest, :SAMLResponse, :RelayState, :SigAlg].map do |key|
             value = params[key]
             value.present? ? "#{key}=#{value}" : nil
           end.compact.join('&')
-          valid = document.provider.verify(algorithm_for(params['SigAlg']), signature, canonical_form)
-          raise ArgumentError.new("Invalid Signature") unless valid
+          return if document.provider.nil?
+          if document.provider.verify(algorithm_for(params[:SigAlg]), signature, canonical_form)
+            document.signature_verified!
+          else
+            raise ArgumentError.new("Invalid Signature")
+          end
         end
         def algorithm_for(algorithm)
@@ -55,6 +58,23 @@ module Saml
             OpenSSL::Digest::SHA1.new
           end
         end
+        def normalize(params)
+          if params.respond_to? :inject
+            params.inject({}) do |memo, (key, value)|
+              memo[key.to_sym] = value
+              memo
+            end
+          else
+            {
+              SAMLRequest: params['SAMLRequest'] || params[:SAMLRequest],
+              SAMLResponse: params['SAMLResponse'] || params[:SAMLResponse],
+              RelayState: params['RelayState'] || params[:RelayState],
+              Signature: params['Signature'] || params[:Signature],
+              SigAlg: params['SigAlg'] || params[:SigAlg],
+            }
+          end
+        end
       end
     end
   end

data/lib/saml/kit/trustable.rb CHANGED Viewed

@@ -6,11 +6,11 @@ module Saml
       included do
         validate :must_have_valid_signature, unless: :signature_manually_verified
         validate :must_be_registered
-        validate :must_be_trusted, unless: :signature_manually_verified
+        validate :must_be_trusted
       end
       def signed?
-        signature.present?
+        signature_manually_verified || signature.present?
       end
       def signature
@@ -19,6 +19,7 @@ module Saml
       end
       def trusted?
+        return true if signature_manually_verified
         return false unless signed?
         signature.trusted?(provider)
       end

data/lib/saml/kit/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 module Saml
   module Kit
-    VERSION = "0.2.9"
+    VERSION = "0.2.10"
   end
 end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: saml-kit
 version: !ruby/object:Gem::Version
-  version: 0.2.9
+  version: 0.2.10
 platform: ruby
 authors:
 - mo khan