saml-kit 1.0.15 → 1.0.16
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Rakefile +1 -5
- data/exe/saml-kit-create-self-signed-certificate +6 -2
- data/exe/saml-kit-decode-http-post +2 -1
- data/exe/saml-kit-decode-http-redirect +2 -1
- data/lib/saml/kit/assertion.rb +22 -48
- data/lib/saml/kit/attribute_statement.rb +25 -0
- data/lib/saml/kit/authentication_request.rb +34 -15
- data/lib/saml/kit/bindings/binding.rb +4 -7
- data/lib/saml/kit/bindings/http_post.rb +6 -2
- data/lib/saml/kit/bindings/http_redirect.rb +8 -5
- data/lib/saml/kit/bindings/url_builder.rb +7 -7
- data/lib/saml/kit/bindings.rb +4 -3
- data/lib/saml/kit/builders/assertion.rb +6 -3
- data/lib/saml/kit/builders/authentication_request.rb +4 -2
- data/lib/saml/kit/builders/encrypted_assertion.rb +3 -1
- data/lib/saml/kit/builders/identity_provider_metadata.rb +14 -4
- data/lib/saml/kit/builders/metadata.rb +8 -4
- data/lib/saml/kit/builders/null.rb +0 -1
- data/lib/saml/kit/builders/response.rb +14 -5
- data/lib/saml/kit/builders/service_provider_metadata.rb +10 -3
- data/lib/saml/kit/builders.rb +0 -1
- data/lib/saml/kit/composite_metadata.rb +18 -3
- data/lib/saml/kit/{buildable.rb → concerns/buildable.rb} +0 -0
- data/lib/saml/kit/{requestable.rb → concerns/requestable.rb} +0 -0
- data/lib/saml/kit/{respondable.rb → concerns/respondable.rb} +0 -0
- data/lib/saml/kit/{serializable.rb → concerns/serializable.rb} +0 -0
- data/lib/saml/kit/{translatable.rb → concerns/translatable.rb} +0 -0
- data/lib/saml/kit/{trustable.rb → concerns/trustable.rb} +9 -7
- data/lib/saml/kit/concerns/xml_parseable.rb +62 -0
- data/lib/saml/kit/{xml_templatable.rb → concerns/xml_templatable.rb} +3 -2
- data/lib/saml/kit/{xsd_validatable.rb → concerns/xsd_validatable.rb} +10 -0
- data/lib/saml/kit/conditions.rb +37 -0
- data/lib/saml/kit/configuration.rb +28 -10
- data/lib/saml/kit/default_registry.rb +19 -4
- data/lib/saml/kit/document.rb +21 -67
- data/lib/saml/kit/identity_provider_metadata.rb +34 -15
- data/lib/saml/kit/invalid_document.rb +1 -1
- data/lib/saml/kit/logout_request.rb +11 -6
- data/lib/saml/kit/logout_response.rb +3 -1
- data/lib/saml/kit/metadata.rb +63 -109
- data/lib/saml/kit/namespaces.rb +2 -1
- data/lib/saml/kit/organization.rb +36 -0
- data/lib/saml/kit/parser.rb +28 -0
- data/lib/saml/kit/response.rb +10 -2
- data/lib/saml/kit/rspec/have_xpath.rb +4 -2
- data/lib/saml/kit/service_provider_metadata.rb +2 -1
- data/lib/saml/kit/signature.rb +21 -5
- data/lib/saml/kit/version.rb +1 -1
- data/lib/saml/kit.rb +14 -7
- data/saml-kit.gemspec +0 -1
- metadata +16 -25
data/lib/saml/kit/metadata.rb
CHANGED
@@ -8,46 +8,43 @@ module Saml
|
|
8
8
|
#
|
9
9
|
# It can also be used to generate a new metadata string.
|
10
10
|
#
|
11
|
-
#
|
12
|
-
#
|
13
|
-
#
|
14
|
-
#
|
15
|
-
#
|
16
|
-
#
|
17
|
-
#
|
18
|
-
#
|
19
|
-
#
|
20
|
-
#
|
21
|
-
#
|
22
|
-
#
|
11
|
+
# metadata = Saml::Kit::Metadata.build do |builder|
|
12
|
+
# builder.entity_id = "my-issuer"
|
13
|
+
# builder.build_service_provider do |x|
|
14
|
+
# x.add_assertion_consumer_service(assertions_url, binding: :http_post)
|
15
|
+
# x.add_single_logout_service(logout_url, binding: :http_post)
|
16
|
+
# end
|
17
|
+
# builder.build_identity_provider do |x|
|
18
|
+
# x.add_single_sign_on_service(login_url, binding: :http_redirect)
|
19
|
+
# x.add_single_logout_service(logout_url, binding: :http_post)
|
20
|
+
# end
|
21
|
+
# end
|
22
|
+
# puts metadata.to_xml(pretty: true)
|
23
23
|
#
|
24
|
-
# See {Saml::Kit::Builders::ServiceProviderMetadata} and
|
24
|
+
# See {Saml::Kit::Builders::ServiceProviderMetadata} and
|
25
|
+
# {Saml::Kit::Builders::IdentityProviderMetadata}
|
25
26
|
# for a list of options that can be specified.
|
26
27
|
# {include:file:spec/examples/metadata_spec.rb}
|
27
28
|
class Metadata
|
28
29
|
include ActiveModel::Validations
|
29
|
-
include XsdValidatable
|
30
|
-
include Translatable
|
31
30
|
include Buildable
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
samlp: Namespaces::PROTOCOL,
|
39
|
-
}.freeze
|
31
|
+
include Translatable
|
32
|
+
include XmlParseable
|
33
|
+
include XsdValidatable
|
34
|
+
extend Forwardable
|
35
|
+
|
36
|
+
def_delegator :organization, :organization_name, :organization_url
|
40
37
|
|
41
38
|
validates_presence_of :metadata
|
42
39
|
validate :must_contain_descriptor
|
43
40
|
validate :must_match_xsd
|
44
41
|
validate :must_have_valid_signature
|
45
42
|
|
46
|
-
attr_reader :name
|
43
|
+
attr_reader :name, :content
|
47
44
|
|
48
|
-
def initialize(name,
|
45
|
+
def initialize(name, content)
|
49
46
|
@name = name
|
50
|
-
@
|
47
|
+
@content = content
|
51
48
|
end
|
52
49
|
|
53
50
|
# Returns the /EntityDescriptor/@entityID
|
@@ -60,14 +57,8 @@ module Saml
|
|
60
57
|
search("/md:EntityDescriptor/md:#{name}/md:NameIDFormat").map(&:text)
|
61
58
|
end
|
62
59
|
|
63
|
-
|
64
|
-
|
65
|
-
at_xpath('/md:EntityDescriptor/md:Organization/md:OrganizationName').try(:text)
|
66
|
-
end
|
67
|
-
|
68
|
-
# Returns the Organization URL
|
69
|
-
def organization_url
|
70
|
-
at_xpath('/md:EntityDescriptor/md:Organization/md:OrganizationURL').try(:text)
|
60
|
+
def organization(xpath = '/md:EntityDescriptor/md:Organization')
|
61
|
+
@organization ||= Organization.new(at_xpath(xpath))
|
71
62
|
end
|
72
63
|
|
73
64
|
# Returns the Company
|
@@ -76,10 +67,15 @@ module Saml
|
|
76
67
|
end
|
77
68
|
|
78
69
|
# Returns each of the X509 certificates.
|
79
|
-
def certificates
|
80
|
-
|
81
|
-
|
82
|
-
|
70
|
+
def certificates(
|
71
|
+
xpath = "/md:EntityDescriptor/md:#{name}/md:KeyDescriptor"
|
72
|
+
)
|
73
|
+
@certificates ||= search(xpath).map do |item|
|
74
|
+
xpath = './ds:KeyInfo/ds:X509Data/ds:X509Certificate'
|
75
|
+
namespaces = { 'ds' => ::Xml::Kit::Namespaces::XMLDSIG }
|
76
|
+
cert = item.at_xpath(xpath, namespaces).try(:text)
|
77
|
+
use_attribute = item.attribute('use')
|
78
|
+
::Xml::Kit::Certificate.new(cert, use: use_attribute.try(:value))
|
83
79
|
end
|
84
80
|
end
|
85
81
|
|
@@ -95,7 +91,8 @@ module Saml
|
|
95
91
|
|
96
92
|
# Returns each of the service endpoints supported by this metadata.
|
97
93
|
#
|
98
|
-
# @param type [String] the type of service.
|
94
|
+
# @param type [String] the type of service.
|
95
|
+
# .E.g. `AssertionConsumerServiceURL`
|
99
96
|
def services(type)
|
100
97
|
search("/md:EntityDescriptor/md:#{name}/md:#{type}").map do |item|
|
101
98
|
binding = item.attribute('Binding').value
|
@@ -107,10 +104,12 @@ module Saml
|
|
107
104
|
# Returns a specifing service binding.
|
108
105
|
#
|
109
106
|
# @param binding [Symbol] can be `:http_post` or `:http_redirect`.
|
110
|
-
# @param type [Symbol] can be on the service element like
|
107
|
+
# @param type [Symbol] can be on the service element like
|
108
|
+
# `AssertionConsumerServiceURL`, `SingleSignOnService` or
|
109
|
+
# `SingleLogoutService`.
|
111
110
|
def service_for(binding:, type:)
|
112
111
|
binding = Saml::Kit::Bindings.binding_for(binding)
|
113
|
-
services(type).find { |
|
112
|
+
services(type).find { |x| x.binding?(binding) }
|
114
113
|
end
|
115
114
|
|
116
115
|
# Returns each of the SingleLogoutService bindings
|
@@ -127,99 +126,56 @@ module Saml
|
|
127
126
|
|
128
127
|
# Creates a serialized LogoutRequest.
|
129
128
|
#
|
130
|
-
# @param user [Object] a user object that responds to `name_id_for` and
|
129
|
+
# @param user [Object] a user object that responds to `name_id_for` and
|
130
|
+
# `assertion_attributes_for`.
|
131
131
|
# @param binding [Symbol] can be `:http_post` or `:http_redirect`.
|
132
132
|
# @param relay_state [String] the relay state to have echo'd back.
|
133
|
-
# @return [Array] Returns an array with a url and Hash of parameters to
|
133
|
+
# @return [Array] Returns an array with a url and Hash of parameters to
|
134
|
+
# send to the other party.
|
134
135
|
def logout_request_for(user, binding: :http_post, relay_state: nil)
|
135
|
-
builder =
|
136
|
+
builder = LogoutRequest.builder(user) { |x| yield x if block_given? }
|
136
137
|
request_binding = single_logout_service_for(binding: binding)
|
137
138
|
request_binding.serialize(builder, relay_state: relay_state)
|
138
139
|
end
|
139
140
|
|
140
141
|
# Returns the certificate that matches the fingerprint
|
141
142
|
#
|
142
|
-
# @param fingerprint [Saml::Kit::Fingerprint] the fingerprint to search
|
143
|
-
# @param use [Symbol] the type of certificates to look at.
|
144
|
-
#
|
143
|
+
# @param fingerprint [Saml::Kit::Fingerprint] the fingerprint to search.
|
144
|
+
# @param use [Symbol] the type of certificates to look at.
|
145
|
+
# Can be `:signing` or `:encryption`.
|
146
|
+
# @return [Xml::Kit::Certificate] returns the matching
|
147
|
+
# `{Xml::Kit::Certificate}`
|
145
148
|
def matches?(fingerprint, use: :signing)
|
146
|
-
certificates.find { |
|
147
|
-
end
|
148
|
-
|
149
|
-
# Returns the XML document converted to a Hash.
|
150
|
-
def to_h
|
151
|
-
@to_h ||= Hash.from_xml(to_xml)
|
152
|
-
end
|
153
|
-
|
154
|
-
# Returns the XML document as a String.
|
155
|
-
#
|
156
|
-
# @param pretty [Boolean] true to return a human friendly version of the XML.
|
157
|
-
def to_xml(pretty: nil)
|
158
|
-
pretty ? to_nokogiri.to_xml(indent: 2) : to_s
|
159
|
-
end
|
160
|
-
|
161
|
-
# Returns the XML document as a [String].
|
162
|
-
def to_s
|
163
|
-
@xml
|
149
|
+
certificates.find { |x| x.for?(use) && x.fingerprint == fingerprint }
|
164
150
|
end
|
165
151
|
|
166
152
|
# Verifies the signature and data using the signing certificates.
|
167
153
|
#
|
168
|
-
# @param algorithm [OpenSSL::Digest] the digest algorithm to use.
|
154
|
+
# @param algorithm [OpenSSL::Digest] the digest algorithm to use.
|
155
|
+
# E.g. `OpenSSL::Digest::SHA256`
|
169
156
|
# @param signature [String] the signature to verify
|
170
157
|
# @param data [String] the data that is used to produce the signature.
|
171
|
-
# @return [Xml::Kit::Certificate] the certificate that was used to
|
158
|
+
# @return [Xml::Kit::Certificate] the certificate that was used to
|
159
|
+
# produce the signature.
|
172
160
|
def verify(algorithm, signature, data)
|
173
161
|
signing_certificates.find do |certificate|
|
174
162
|
certificate.public_key.verify(algorithm, signature, data)
|
175
163
|
end
|
176
164
|
end
|
177
165
|
|
178
|
-
def signature
|
179
|
-
@signature ||= Signature.new(at_xpath(
|
180
|
-
end
|
181
|
-
|
182
|
-
class << self
|
183
|
-
# Creates a `{Saml::Kit::Metadata}` object from a raw XML [String].
|
184
|
-
#
|
185
|
-
# @param content [String] the raw metadata XML.
|
186
|
-
# @return [Saml::Kit::Metadata] the metadata document or subclass.
|
187
|
-
def from(content)
|
188
|
-
document = Nokogiri::XML(content)
|
189
|
-
return unless document.at_xpath('/md:EntityDescriptor', NAMESPACES)
|
190
|
-
sp = document.at_xpath('/md:EntityDescriptor/md:SPSSODescriptor', NAMESPACES)
|
191
|
-
idp = document.at_xpath('/md:EntityDescriptor/md:IDPSSODescriptor', NAMESPACES)
|
192
|
-
if sp && idp
|
193
|
-
Saml::Kit::CompositeMetadata.new(content)
|
194
|
-
elsif sp
|
195
|
-
Saml::Kit::ServiceProviderMetadata.new(content)
|
196
|
-
elsif idp
|
197
|
-
Saml::Kit::IdentityProviderMetadata.new(content)
|
198
|
-
end
|
199
|
-
end
|
200
|
-
|
201
|
-
# @!visibility private
|
202
|
-
def builder_class
|
203
|
-
Saml::Kit::Builders::Metadata
|
204
|
-
end
|
166
|
+
def signature(xpath = '/md:EntityDescriptor/ds:Signature')
|
167
|
+
@signature ||= Signature.new(at_xpath(xpath))
|
205
168
|
end
|
206
169
|
|
207
|
-
|
208
|
-
|
209
|
-
attr_reader :xml
|
210
|
-
|
211
|
-
# @!visibility private
|
212
|
-
def to_nokogiri
|
213
|
-
@to_nokogiri ||= Nokogiri::XML(xml)
|
170
|
+
def self.from(content)
|
171
|
+
Saml::Kit::Parser.new.metadata_from(content)
|
214
172
|
end
|
215
173
|
|
216
|
-
def
|
217
|
-
|
174
|
+
def self.builder_class
|
175
|
+
Saml::Kit::Builders::Metadata
|
218
176
|
end
|
219
177
|
|
220
|
-
|
221
|
-
to_nokogiri.search(xpath, NAMESPACES)
|
222
|
-
end
|
178
|
+
private
|
223
179
|
|
224
180
|
def metadata
|
225
181
|
at_xpath("/md:EntityDescriptor/md:#{name}").present?
|
@@ -234,9 +190,7 @@ module Saml
|
|
234
190
|
end
|
235
191
|
|
236
192
|
def must_have_valid_signature
|
237
|
-
return
|
238
|
-
|
239
|
-
signature.valid?
|
193
|
+
return if !signature.present? || signature.valid?
|
240
194
|
signature.errors.each do |attribute, error|
|
241
195
|
errors[attribute] << error
|
242
196
|
end
|
data/lib/saml/kit/namespaces.rb
CHANGED
@@ -18,7 +18,8 @@ module Saml
|
|
18
18
|
INVALID_NAME_ID_POLICY = "#{STATUS}:InvalidNameIDPolicy".freeze
|
19
19
|
METADATA = "#{SAML_2_0}:metadata".freeze
|
20
20
|
PASSWORD = "#{SAML_2_0}:ac:classes:Password".freeze
|
21
|
-
PASSWORD_PROTECTED =
|
21
|
+
PASSWORD_PROTECTED =
|
22
|
+
"#{SAML_2_0}:ac:classes:PasswordProtectedTransport".freeze
|
22
23
|
PERSISTENT = "#{NAME_ID_FORMAT_2_0}:persistent".freeze
|
23
24
|
PROTOCOL = "#{SAML_2_0}:protocol".freeze
|
24
25
|
REQUESTER_ERROR = "#{STATUS}:Requester".freeze
|
@@ -0,0 +1,36 @@
|
|
1
|
+
module Saml
|
2
|
+
module Kit
|
3
|
+
class Organization
|
4
|
+
include XmlParseable
|
5
|
+
|
6
|
+
attr_reader :content
|
7
|
+
|
8
|
+
def initialize(node)
|
9
|
+
@to_nokogiri = node
|
10
|
+
@content = node.to_s
|
11
|
+
end
|
12
|
+
|
13
|
+
# Returns the Organization Name
|
14
|
+
def name
|
15
|
+
at_xpath('./md:OrganizationName').try(:text)
|
16
|
+
end
|
17
|
+
|
18
|
+
# Returns the Organization URL
|
19
|
+
def url
|
20
|
+
at_xpath('./md:OrganizationURL').try(:text)
|
21
|
+
end
|
22
|
+
|
23
|
+
# @deprecated
|
24
|
+
def organization_name
|
25
|
+
Saml::Kit.deprecate('`organization_name` is deprecated. Use `organization.name`')
|
26
|
+
name
|
27
|
+
end
|
28
|
+
|
29
|
+
# @deprecated
|
30
|
+
def organization_url
|
31
|
+
Saml::Kit.deprecate('`organization_url` is deprecated. Use `organization.url`')
|
32
|
+
url
|
33
|
+
end
|
34
|
+
end
|
35
|
+
end
|
36
|
+
end
|
@@ -0,0 +1,28 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Saml
|
4
|
+
module Kit
|
5
|
+
class Parser
|
6
|
+
# Creates a `{Saml::Kit::Metadata}` object from a raw XML [String].
|
7
|
+
#
|
8
|
+
# @param content [String] the raw metadata XML.
|
9
|
+
# @return [Saml::Kit::Metadata] the metadata document or subclass.
|
10
|
+
def metadata_from(content)
|
11
|
+
document = Nokogiri::XML(content)
|
12
|
+
return unless document.at_xpath('/md:EntityDescriptor', XmlParseable::NAMESPACES)
|
13
|
+
|
14
|
+
xpath = '/md:EntityDescriptor/md:SPSSODescriptor'
|
15
|
+
sp = document.at_xpath(xpath, XmlParseable::NAMESPACES)
|
16
|
+
xpath = '/md:EntityDescriptor/md:IDPSSODescriptor'
|
17
|
+
idp = document.at_xpath(xpath, XmlParseable::NAMESPACES)
|
18
|
+
if sp && idp
|
19
|
+
Saml::Kit::CompositeMetadata.new(content)
|
20
|
+
elsif sp
|
21
|
+
Saml::Kit::ServiceProviderMetadata.new(content)
|
22
|
+
elsif idp
|
23
|
+
Saml::Kit::IdentityProviderMetadata.new(content)
|
24
|
+
end
|
25
|
+
end
|
26
|
+
end
|
27
|
+
end
|
28
|
+
end
|
data/lib/saml/kit/response.rb
CHANGED
@@ -14,7 +14,11 @@ module Saml
|
|
14
14
|
validate :must_be_valid_assertion
|
15
15
|
validate :must_contain_single_assertion
|
16
16
|
|
17
|
-
def initialize(
|
17
|
+
def initialize(
|
18
|
+
xml,
|
19
|
+
request_id: nil,
|
20
|
+
configuration: Saml::Kit.configuration
|
21
|
+
)
|
18
22
|
@request_id = request_id
|
19
23
|
super(xml, name: 'Response', configuration: configuration)
|
20
24
|
end
|
@@ -26,7 +30,11 @@ module Saml
|
|
26
30
|
if node.nil?
|
27
31
|
Saml::Kit::NullAssertion.new
|
28
32
|
else
|
29
|
-
Saml::Kit::Assertion.new(
|
33
|
+
Saml::Kit::Assertion.new(
|
34
|
+
node,
|
35
|
+
configuration: @configuration,
|
36
|
+
private_keys: private_keys
|
37
|
+
)
|
30
38
|
end
|
31
39
|
end
|
32
40
|
end
|
@@ -6,11 +6,13 @@ RSpec::Matchers.define :have_xpath do |xpath|
|
|
6
6
|
end
|
7
7
|
|
8
8
|
failure_message do |actual|
|
9
|
-
|
9
|
+
xml = xml_pretty_print(actual)
|
10
|
+
"Expected xpath: #{xpath.inspect} to match in:\n #{xml}"
|
10
11
|
end
|
11
12
|
|
12
13
|
failure_message_when_negated do |actual|
|
13
|
-
|
14
|
+
xml = xml_pretty_print(actual)
|
15
|
+
"Expected xpath: #{xpath.inspect} not to match in:\n #{xml}"
|
14
16
|
end
|
15
17
|
|
16
18
|
def xml_pretty_print(raw_xml)
|
@@ -25,7 +25,8 @@ module Saml
|
|
25
25
|
|
26
26
|
# Returns true when the metadata demands that Assertions must be signed.
|
27
27
|
def want_assertions_signed
|
28
|
-
|
28
|
+
element = at_xpath("/md:EntityDescriptor/md:#{name}")
|
29
|
+
attribute = element.attribute('WantAssertionsSigned')
|
29
30
|
return true if attribute.nil?
|
30
31
|
attribute.text.casecmp('true').zero?
|
31
32
|
end
|
data/lib/saml/kit/signature.rb
CHANGED
@@ -21,12 +21,14 @@ module Saml
|
|
21
21
|
|
22
22
|
# Returns the embedded X509 Certificate
|
23
23
|
def certificate
|
24
|
-
|
24
|
+
xpath = './ds:KeyInfo/ds:X509Data/ds:X509Certificate'
|
25
|
+
value = at_xpath(xpath).try(:text)
|
25
26
|
return if value.nil?
|
26
27
|
::Xml::Kit::Certificate.new(value, use: :signing)
|
27
28
|
end
|
28
29
|
|
29
|
-
# Returns true when the fingerprint of the certificate matches one of
|
30
|
+
# Returns true when the fingerprint of the certificate matches one of
|
31
|
+
# the certificates registered in the metadata.
|
30
32
|
def trusted?(metadata)
|
31
33
|
return false if metadata.nil?
|
32
34
|
metadata.matches?(certificate.fingerprint, use: :signing).present?
|
@@ -44,7 +46,8 @@ module Saml
|
|
44
46
|
end
|
45
47
|
|
46
48
|
def digest_method
|
47
|
-
|
49
|
+
xpath = './ds:SignedInfo/ds:Reference/ds:DigestMethod/@Algorithm'
|
50
|
+
at_xpath(xpath).try(:value)
|
48
51
|
end
|
49
52
|
|
50
53
|
def signature_value
|
@@ -56,11 +59,20 @@ module Saml
|
|
56
59
|
end
|
57
60
|
|
58
61
|
def canonicalization_method
|
59
|
-
|
62
|
+
xpath = './ds:SignedInfo/ds:CanonicalizationMethod/@Algorithm'
|
63
|
+
at_xpath(xpath).try(:value)
|
60
64
|
end
|
61
65
|
|
62
66
|
def transforms
|
63
|
-
|
67
|
+
xpath = xpath_for([
|
68
|
+
'.',
|
69
|
+
'ds:SignedInfo',
|
70
|
+
'ds:Reference',
|
71
|
+
'ds:Transforms',
|
72
|
+
'ds:Transform',
|
73
|
+
'@Algorithm',
|
74
|
+
])
|
75
|
+
node.search(xpath, Saml::Kit::Document::NAMESPACES).try(:map, &:value)
|
64
76
|
end
|
65
77
|
|
66
78
|
# Returns the XML Hash.
|
@@ -115,6 +127,10 @@ module Saml
|
|
115
127
|
def dsignature
|
116
128
|
@dsignature ||= Xmldsig::Signature.new(node, 'ID=$uri or @Id')
|
117
129
|
end
|
130
|
+
|
131
|
+
def xpath_for(segments)
|
132
|
+
segments.join('/')
|
133
|
+
end
|
118
134
|
end
|
119
135
|
end
|
120
136
|
end
|
data/lib/saml/kit/version.rb
CHANGED
data/lib/saml/kit.rb
CHANGED
@@ -17,26 +17,33 @@ require 'securerandom'
|
|
17
17
|
require 'uri'
|
18
18
|
require 'xml/kit'
|
19
19
|
|
20
|
-
require 'saml/kit/buildable'
|
20
|
+
require 'saml/kit/concerns/buildable'
|
21
|
+
require 'saml/kit/concerns/requestable'
|
22
|
+
require 'saml/kit/concerns/respondable'
|
23
|
+
require 'saml/kit/concerns/serializable'
|
24
|
+
require 'saml/kit/concerns/translatable'
|
25
|
+
require 'saml/kit/concerns/trustable'
|
26
|
+
require 'saml/kit/concerns/xml_parseable'
|
27
|
+
require 'saml/kit/concerns/xml_templatable'
|
28
|
+
require 'saml/kit/concerns/xsd_validatable'
|
29
|
+
|
21
30
|
require 'saml/kit/builders'
|
22
31
|
require 'saml/kit/namespaces'
|
23
|
-
require 'saml/kit/serializable'
|
24
|
-
require 'saml/kit/xsd_validatable'
|
25
|
-
require 'saml/kit/respondable'
|
26
|
-
require 'saml/kit/requestable'
|
27
|
-
require 'saml/kit/trustable'
|
28
|
-
require 'saml/kit/translatable'
|
29
32
|
require 'saml/kit/document'
|
30
33
|
|
31
34
|
require 'saml/kit/assertion'
|
35
|
+
require 'saml/kit/attribute_statement'
|
32
36
|
require 'saml/kit/authentication_request'
|
33
37
|
require 'saml/kit/bindings'
|
38
|
+
require 'saml/kit/conditions'
|
34
39
|
require 'saml/kit/configuration'
|
35
40
|
require 'saml/kit/default_registry'
|
36
41
|
require 'saml/kit/logout_response'
|
37
42
|
require 'saml/kit/logout_request'
|
38
43
|
require 'saml/kit/metadata'
|
39
44
|
require 'saml/kit/null_assertion'
|
45
|
+
require 'saml/kit/organization'
|
46
|
+
require 'saml/kit/parser'
|
40
47
|
require 'saml/kit/composite_metadata'
|
41
48
|
require 'saml/kit/response'
|
42
49
|
require 'saml/kit/identity_provider_metadata'
|
data/saml-kit.gemspec
CHANGED
@@ -34,7 +34,6 @@ Gem::Specification.new do |spec|
|
|
34
34
|
spec.add_development_dependency 'bundler-audit', '~> 0.6'
|
35
35
|
spec.add_development_dependency 'ffaker', '~> 2.7'
|
36
36
|
spec.add_development_dependency 'rake', '~> 10.0'
|
37
|
-
spec.add_development_dependency 'reek', '~> 4.8'
|
38
37
|
spec.add_development_dependency 'rspec', '~> 3.0'
|
39
38
|
spec.add_development_dependency 'rspec-benchmark', '~> 0.3'
|
40
39
|
spec.add_development_dependency 'rubocop', '~> 0.52'
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: saml-kit
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.0.
|
4
|
+
version: 1.0.16
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- mo khan
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2018-
|
11
|
+
date: 2018-08-09 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: activemodel
|
@@ -100,20 +100,6 @@ dependencies:
|
|
100
100
|
- - "~>"
|
101
101
|
- !ruby/object:Gem::Version
|
102
102
|
version: '10.0'
|
103
|
-
- !ruby/object:Gem::Dependency
|
104
|
-
name: reek
|
105
|
-
requirement: !ruby/object:Gem::Requirement
|
106
|
-
requirements:
|
107
|
-
- - "~>"
|
108
|
-
- !ruby/object:Gem::Version
|
109
|
-
version: '4.8'
|
110
|
-
type: :development
|
111
|
-
prerelease: false
|
112
|
-
version_requirements: !ruby/object:Gem::Requirement
|
113
|
-
requirements:
|
114
|
-
- - "~>"
|
115
|
-
- !ruby/object:Gem::Version
|
116
|
-
version: '4.8'
|
117
103
|
- !ruby/object:Gem::Dependency
|
118
104
|
name: rspec
|
119
105
|
requirement: !ruby/object:Gem::Requirement
|
@@ -232,13 +218,13 @@ files:
|
|
232
218
|
- lib/saml-kit.rb
|
233
219
|
- lib/saml/kit.rb
|
234
220
|
- lib/saml/kit/assertion.rb
|
221
|
+
- lib/saml/kit/attribute_statement.rb
|
235
222
|
- lib/saml/kit/authentication_request.rb
|
236
223
|
- lib/saml/kit/bindings.rb
|
237
224
|
- lib/saml/kit/bindings/binding.rb
|
238
225
|
- lib/saml/kit/bindings/http_post.rb
|
239
226
|
- lib/saml/kit/bindings/http_redirect.rb
|
240
227
|
- lib/saml/kit/bindings/url_builder.rb
|
241
|
-
- lib/saml/kit/buildable.rb
|
242
228
|
- lib/saml/kit/builders.rb
|
243
229
|
- lib/saml/kit/builders/assertion.rb
|
244
230
|
- lib/saml/kit/builders/authentication_request.rb
|
@@ -261,6 +247,16 @@ files:
|
|
261
247
|
- lib/saml/kit/builders/templates/response.builder
|
262
248
|
- lib/saml/kit/builders/templates/service_provider_metadata.builder
|
263
249
|
- lib/saml/kit/composite_metadata.rb
|
250
|
+
- lib/saml/kit/concerns/buildable.rb
|
251
|
+
- lib/saml/kit/concerns/requestable.rb
|
252
|
+
- lib/saml/kit/concerns/respondable.rb
|
253
|
+
- lib/saml/kit/concerns/serializable.rb
|
254
|
+
- lib/saml/kit/concerns/translatable.rb
|
255
|
+
- lib/saml/kit/concerns/trustable.rb
|
256
|
+
- lib/saml/kit/concerns/xml_parseable.rb
|
257
|
+
- lib/saml/kit/concerns/xml_templatable.rb
|
258
|
+
- lib/saml/kit/concerns/xsd_validatable.rb
|
259
|
+
- lib/saml/kit/conditions.rb
|
264
260
|
- lib/saml/kit/configuration.rb
|
265
261
|
- lib/saml/kit/default_registry.rb
|
266
262
|
- lib/saml/kit/document.rb
|
@@ -272,19 +268,15 @@ files:
|
|
272
268
|
- lib/saml/kit/metadata.rb
|
273
269
|
- lib/saml/kit/namespaces.rb
|
274
270
|
- lib/saml/kit/null_assertion.rb
|
275
|
-
- lib/saml/kit/
|
276
|
-
- lib/saml/kit/
|
271
|
+
- lib/saml/kit/organization.rb
|
272
|
+
- lib/saml/kit/parser.rb
|
277
273
|
- lib/saml/kit/response.rb
|
278
274
|
- lib/saml/kit/rspec.rb
|
279
275
|
- lib/saml/kit/rspec/have_query_param.rb
|
280
276
|
- lib/saml/kit/rspec/have_xpath.rb
|
281
|
-
- lib/saml/kit/serializable.rb
|
282
277
|
- lib/saml/kit/service_provider_metadata.rb
|
283
278
|
- lib/saml/kit/signature.rb
|
284
|
-
- lib/saml/kit/translatable.rb
|
285
|
-
- lib/saml/kit/trustable.rb
|
286
279
|
- lib/saml/kit/version.rb
|
287
|
-
- lib/saml/kit/xml_templatable.rb
|
288
280
|
- lib/saml/kit/xsd/MetadataExchange.xsd
|
289
281
|
- lib/saml/kit/xsd/oasis-200401-wss-wssecurity-secext-1.0.xsd
|
290
282
|
- lib/saml/kit/xsd/oasis-200401-wss-wssecurity-utility-1.0.xsd
|
@@ -304,7 +296,6 @@ files:
|
|
304
296
|
- lib/saml/kit/xsd/xenc-schema.xsd
|
305
297
|
- lib/saml/kit/xsd/xml.xsd
|
306
298
|
- lib/saml/kit/xsd/xmldsig-core-schema.xsd
|
307
|
-
- lib/saml/kit/xsd_validatable.rb
|
308
299
|
- saml-kit.gemspec
|
309
300
|
- spec/examples/authentication_request_spec.rb
|
310
301
|
- spec/examples/identity_provider_metadata_spec.rb
|
@@ -336,7 +327,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
336
327
|
version: '0'
|
337
328
|
requirements: []
|
338
329
|
rubyforge_project:
|
339
|
-
rubygems_version: 2.7.
|
330
|
+
rubygems_version: 2.7.7
|
340
331
|
signing_key:
|
341
332
|
specification_version: 4
|
342
333
|
summary: A simple toolkit for working with SAML.
|