saml-kit 1.0.24 → 1.0.25
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/saml/kit/assertion.rb +5 -0
- data/lib/saml/kit/bindings/binding.rb +1 -0
- data/lib/saml/kit/bindings/http_redirect.rb +2 -0
- data/lib/saml/kit/builders/assertion.rb +1 -0
- data/lib/saml/kit/builders/templates/assertion.builder +7 -1
- data/lib/saml/kit/concerns/trustable.rb +3 -0
- data/lib/saml/kit/concerns/xml_parseable.rb +1 -0
- data/lib/saml/kit/concerns/xml_templatable.rb +1 -0
- data/lib/saml/kit/document.rb +1 -0
- data/lib/saml/kit/identity_provider_metadata.rb +1 -0
- data/lib/saml/kit/logout_request.rb +1 -0
- data/lib/saml/kit/metadata.rb +1 -0
- data/lib/saml/kit/response.rb +1 -0
- data/lib/saml/kit/service_provider_metadata.rb +1 -0
- data/lib/saml/kit/signature.rb +3 -0
- data/lib/saml/kit/version.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 0132eba52685773a829377a13a8a7dae40319e8cbd70b1359107c0f5790c6c26
|
4
|
+
data.tar.gz: 390adce2967ee14b748259cb46d9f0d41d5de5fdaeb5f04fecd1d4feb7099cc7
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 7d12c7fd8d1d2ae2d851bb3d1f016ca56e9b1ad6f951c08ba5875bb51fa15f13fcf1dcd779283898d1ad46eff748ec3a15013272beb69fb2f11231786ca11cd1
|
7
|
+
data.tar.gz: c97f7e3f0acfbbbc4f21608b411b4785fe19cfae3c8f37c0b1ab41ba74c2aaa6bb46f67d39b989bd3d55558f92e3bb46084b7511fb04018d81317a86df8c5e56
|
data/lib/saml/kit/assertion.rb
CHANGED
@@ -90,6 +90,7 @@ module Saml
|
|
90
90
|
|
91
91
|
def decryptable?
|
92
92
|
return true unless encrypted?
|
93
|
+
|
93
94
|
!@cannot_decrypt
|
94
95
|
end
|
95
96
|
|
@@ -103,6 +104,7 @@ module Saml
|
|
103
104
|
encrypted_assertion = at_xpath('./xmlenc:EncryptedData')
|
104
105
|
@encrypted = encrypted_assertion.present?
|
105
106
|
return unless @encrypted
|
107
|
+
|
106
108
|
@to_nokogiri = decryptor.decrypt_node(encrypted_assertion)
|
107
109
|
rescue Xml::Kit::DecryptionError => error
|
108
110
|
@cannot_decrypt = true
|
@@ -111,16 +113,19 @@ module Saml
|
|
111
113
|
|
112
114
|
def must_match_issuer
|
113
115
|
return if audiences.empty? || audiences.include?(configuration.entity_id)
|
116
|
+
|
114
117
|
errors[:audience] << error_message(:must_match_issuer)
|
115
118
|
end
|
116
119
|
|
117
120
|
def must_be_active_session
|
118
121
|
return if active?
|
122
|
+
|
119
123
|
errors[:base] << error_message(:expired)
|
120
124
|
end
|
121
125
|
|
122
126
|
def must_have_valid_signature
|
123
127
|
return if !signed? || signature.valid?
|
128
|
+
|
124
129
|
signature.errors.each do |attribute, message|
|
125
130
|
errors.add(attribute, message)
|
126
131
|
end
|
@@ -58,6 +58,7 @@ module Saml
|
|
58
58
|
}
|
59
59
|
return parameters[:SAMLRequest] if parameters[:SAMLRequest].present?
|
60
60
|
return parameters[:SAMLResponse] if parameters[:SAMLResponse].present?
|
61
|
+
|
61
62
|
message = 'SAMLRequest or SAMLResponse parameter is required.'
|
62
63
|
raise ArgumentError, message
|
63
64
|
end
|
@@ -52,6 +52,7 @@ module Saml
|
|
52
52
|
decode(signature),
|
53
53
|
canonicalize(params)
|
54
54
|
)
|
55
|
+
|
55
56
|
raise ArgumentError, 'Invalid Signature'
|
56
57
|
end
|
57
58
|
|
@@ -87,6 +88,7 @@ module Saml
|
|
87
88
|
|
88
89
|
def params_to_hash(value)
|
89
90
|
return value unless value.is_a?(String)
|
91
|
+
|
90
92
|
Hash[URI.parse(value).query.split('&').map { |xx| xx.split('=', 2) }]
|
91
93
|
end
|
92
94
|
end
|
@@ -25,7 +25,13 @@ xml.Assertion(assertion_options) do
|
|
25
25
|
xml.AttributeStatement do
|
26
26
|
assertion_attributes.each do |key, value|
|
27
27
|
xml.Attribute Name: key do
|
28
|
-
|
28
|
+
if value.respond_to?(:each)
|
29
|
+
value.each do |x|
|
30
|
+
xml.AttributeValue x.to_s
|
31
|
+
end
|
32
|
+
else
|
33
|
+
xml.AttributeValue value.to_s
|
34
|
+
end
|
29
35
|
end
|
30
36
|
end
|
31
37
|
end
|
@@ -30,6 +30,7 @@ module Saml
|
|
30
30
|
def trusted?
|
31
31
|
return true if signature_verified
|
32
32
|
return false unless signed?
|
33
|
+
|
33
34
|
signature.trusted?(provider)
|
34
35
|
end
|
35
36
|
|
@@ -60,12 +61,14 @@ module Saml
|
|
60
61
|
def must_be_registered
|
61
62
|
return unless expected_type?
|
62
63
|
return if provider.present?
|
64
|
+
|
63
65
|
errors[:provider] << error_message(:unregistered)
|
64
66
|
end
|
65
67
|
|
66
68
|
def must_be_trusted
|
67
69
|
return if trusted?
|
68
70
|
return if provider.present? && !signed?
|
71
|
+
|
69
72
|
errors[:fingerprint] << error_message(:invalid_fingerprint)
|
70
73
|
end
|
71
74
|
end
|
data/lib/saml/kit/document.rb
CHANGED
data/lib/saml/kit/metadata.rb
CHANGED
data/lib/saml/kit/response.rb
CHANGED
data/lib/saml/kit/signature.rb
CHANGED
@@ -24,6 +24,7 @@ module Saml
|
|
24
24
|
xpath = './ds:KeyInfo/ds:X509Data/ds:X509Certificate'
|
25
25
|
value = at_xpath(xpath).try(:text)
|
26
26
|
return if value.nil?
|
27
|
+
|
27
28
|
::Xml::Kit::Certificate.new(value, use: :signing)
|
28
29
|
end
|
29
30
|
|
@@ -31,6 +32,7 @@ module Saml
|
|
31
32
|
# the certificates registered in the metadata.
|
32
33
|
def trusted?(metadata)
|
33
34
|
return false if metadata.nil?
|
35
|
+
|
34
36
|
metadata.matches?(certificate.fingerprint, use: :signing).present?
|
35
37
|
end
|
36
38
|
|
@@ -121,6 +123,7 @@ module Saml
|
|
121
123
|
|
122
124
|
def at_xpath(xpath)
|
123
125
|
return nil unless node
|
126
|
+
|
124
127
|
node.at_xpath(xpath, Saml::Kit::Document::NAMESPACES)
|
125
128
|
end
|
126
129
|
|
data/lib/saml/kit/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: saml-kit
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.0.
|
4
|
+
version: 1.0.25
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- mo khan
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2018-
|
11
|
+
date: 2018-10-17 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: activemodel
|
@@ -342,7 +342,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
342
342
|
version: '0'
|
343
343
|
requirements: []
|
344
344
|
rubyforge_project:
|
345
|
-
rubygems_version: 2.7.
|
345
|
+
rubygems_version: 2.7.6
|
346
346
|
signing_key:
|
347
347
|
specification_version: 4
|
348
348
|
summary: A simple toolkit for working with SAML.
|