saml-kit 1.0.31 → 1.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 7b715995b6b91d7666c906d6d7e0c280ba3b6c83
-  data.tar.gz: 293b70ea861c807cc5324fbcb6f47b5a3d78e117
+SHA256:
+  metadata.gz: 39ae4610f337b0423a14f71aa9d03ea254ee6f453d3680970039b19cc6c3d0c1
+  data.tar.gz: 175432ff893cb775e91128bbef17f1cf111a062152d7ae1b59015ded4af2933e
 SHA512:
-  metadata.gz: d4e61a1b4d67b00379b5d2c6add15d5ea61062873196207a53a49fbe842af7d77127c370763daece236791f9d595b0356acee7654c1c2b8c9243ecf31ae1e90a
-  data.tar.gz: 42e2a80ffdf050f1a4f449d0d6bea8dfabd5b98c81b2bd3653e5abafcd790e8d80d09929f9f012171e7b62cce4d28cfa35fb26bc6c4dfa573b2410f538ec8e84
+  metadata.gz: 1fed3dfc0ca5ac7e5ed4991799df62ad44096419568fe87d3239049b2e64b56529285aca87e53f026c4a7dca2265fecffe8491189e8676d3861ff69577709633
+  data.tar.gz: a107ff7beab021f235dd6940a99cbd5897a07094d836104075c142f7d256e3d605e0a4bc85613c4aa0f88df768679466bfc2f861e99063045d655317bd0c8796

data/CHANGELOG.md

@@ -1,4 +1,5 @@
-Version 1.0.31
+Version 1.1.0
+
 # Changelog
 All notable changes to this project will be documented in this file.
 
@@ -8,6 +9,19 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ## [Unreleased]
 - nil
 
+## [1.1.0] - 2019-04-30
+### Added
+- Add support for ForceAuthn attribute on AuthnRequest
+
+### Removed
+- Drop support for ruby 2.2
+- Drop support for ruby 2.3
+
+### Changed
+- Rescue from invalid signature validation
+- Change minimum ruby version to 2.4
+- Change minimum bundler to 2.0
+
 ## [1.0.31] - 2019-04-17
 ### Changed
 - Rescue from all decryption errors
@@ -69,7 +83,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ### Removed
 - Removed optional SessionNotOnOrAfter attribute from AuthnStatement.
 
-[Unreleased]: https://github.com/saml-kit/saml-kit/compare/v1.0.31...HEAD
+[Unreleased]: https://github.com/saml-kit/saml-kit/compare/v1.1.0...HEAD
+[1.1.0]: https://github.com/saml-kit/saml-kit/compare/v1.0.31...v1.1.0
 [1.0.31]: https://github.com/saml-kit/saml-kit/compare/v1.0.30...v1.0.31
 [1.0.30]: https://github.com/saml-kit/saml-kit/compare/v1.0.29...v1.0.30
 [1.0.29]: https://github.com/saml-kit/saml-kit/compare/v1.0.28...v1.0.29

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    saml-kit (1.0.31)
+    saml-kit (1.1.0)
       activemodel (>= 4.2.0)
       net-hippie (~> 0.1)
       xml-kit (>= 0.3.0, < 1.0.0)
@@ -19,8 +19,9 @@ GEM
     addressable (2.6.0)
       public_suffix (>= 2.0.2, < 4.0)
     ast (2.4.0)
-    benchmark-perf (0.4.0)
-    benchmark-trend (0.2.0)
+    benchmark-malloc (0.1.0)
+    benchmark-perf (0.5.0)
+    benchmark-trend (0.3.0)
     builder (3.2.3)
     bundler-audit (0.6.1)
       bundler (>= 1.2.0, < 3)
@@ -31,15 +32,15 @@ GEM
     diff-lcs (1.3)
     docile (1.3.1)
     ffaker (2.11.0)
-    hashdiff (0.3.8)
-    i18n (1.5.1)
+    hashdiff (0.3.9)
+    i18n (1.6.0)
       concurrent-ruby (~> 1.0)
     jaro_winkler (1.5.2)
     json (2.2.0)
     mini_portile2 (2.4.0)
     minitest (5.11.3)
     net-hippie (0.2.5)
-    nokogiri (1.9.1)
+    nokogiri (1.10.3)
       mini_portile2 (~> 2.4.0)
     parallel (1.17.0)
     parser (2.6.2.1)
@@ -52,13 +53,14 @@ GEM
       rspec-core (~> 3.8.0)
       rspec-expectations (~> 3.8.0)
       rspec-mocks (~> 3.8.0)
-    rspec-benchmark (0.4.0)
-      benchmark-perf (~> 0.4.0)
-      benchmark-trend (~> 0.2.0)
+    rspec-benchmark (0.5.0)
+      benchmark-malloc (~> 0.1.0)
+      benchmark-perf (~> 0.5.0)
+      benchmark-trend (~> 0.3.0)
       rspec (>= 3.0.0, < 4.0.0)
     rspec-core (3.8.0)
       rspec-support (~> 3.8.0)
-    rspec-expectations (3.8.2)
+    rspec-expectations (3.8.3)
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.8.0)
     rspec-mocks (3.8.0)
@@ -106,7 +108,7 @@ PLATFORMS
   ruby
 
 DEPENDENCIES
-  bundler (~> 1.17)
+  bundler (~> 2.0)
   bundler-audit (~> 0.6)
   ffaker (~> 2.7)
   rake (~> 10.0)
@@ -120,4 +122,4 @@ DEPENDENCIES
   webmock (~> 3.1)
 
 BUNDLED WITH
-   1.17.3
+   2.0.1

data/lib/saml/kit/authentication_request.rb

@@ -47,6 +47,11 @@ module Saml
         at_xpath('./*/@AssertionConsumerServiceURL').try(:value)
       end
 
+      # Returns the ForceAuthn attribute as a boolean.
+      def force_authn
+        at_xpath('./*/@ForceAuthn').try(:value) == 'true'
+      end
+
       def name_id_format
         name_id_policy
       end

data/lib/saml/kit/bindings.rb

@@ -11,10 +11,10 @@ module Saml
     # the different SAML bindings that are
     # supported by this gem.
     module Bindings
-      BINDINGS_2_0 = 'urn:oasis:names:tc:SAML:2.0:bindings'.freeze
-      HTTP_ARTIFACT = "#{BINDINGS_2_0}:HTTP-Artifact".freeze
-      HTTP_POST = "#{BINDINGS_2_0}:HTTP-POST".freeze
-      HTTP_REDIRECT = "#{BINDINGS_2_0}:HTTP-Redirect".freeze
+      BINDINGS_2_0 = 'urn:oasis:names:tc:SAML:2.0:bindings'
+      HTTP_ARTIFACT = "#{BINDINGS_2_0}:HTTP-Artifact"
+      HTTP_POST = "#{BINDINGS_2_0}:HTTP-POST"
+      HTTP_REDIRECT = "#{BINDINGS_2_0}:HTTP-Redirect"
       ALL = {
         http_post: HTTP_POST,
         http_redirect: HTTP_REDIRECT,

data/lib/saml/kit/builders/authentication_request.rb

@@ -10,6 +10,7 @@ module Saml
         attr_accessor :id, :now, :issuer, :assertion_consumer_service_url
         attr_accessor :name_id_format, :destination
         attr_accessor :version
+        attr_accessor :force_authn
         attr_reader :configuration
 
         def initialize(configuration: Saml::Kit.configuration)
@@ -36,10 +37,8 @@ module Saml
             IssueInstant: now.utc.iso8601,
             Destination: destination,
           }
-          if assertion_consumer_service_url.present?
-            options[:AssertionConsumerServiceURL] =
-              assertion_consumer_service_url
-          end
+          options[:ForceAuthn] = force_authn unless force_authn.nil?
+          options[:AssertionConsumerServiceURL] = assertion_consumer_service_url if assertion_consumer_service_url.present?
           options
         end
       end

data/lib/saml/kit/deprecated/metadata.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module Saml
   module Kit
     class Metadata

data/lib/saml/kit/namespaces.rb

@@ -3,33 +3,33 @@
 module Saml
   module Kit
     module Namespaces
-      SAML_2_0 = 'urn:oasis:names:tc:SAML:2.0'.freeze
-      SAML_1_1 = 'urn:oasis:names:tc:SAML:1.1'.freeze
-      ATTR_NAME_FORMAT = "#{SAML_2_0}:attrname-format".freeze
-      NAME_ID_FORMAT_1_1 = "#{SAML_1_1}:nameid-format".freeze
-      NAME_ID_FORMAT_2_0 = "#{SAML_2_0}:nameid-format".freeze
-      STATUS = "#{SAML_2_0}:status".freeze
+      SAML_2_0 = 'urn:oasis:names:tc:SAML:2.0'
+      SAML_1_1 = 'urn:oasis:names:tc:SAML:1.1'
+      ATTR_NAME_FORMAT = "#{SAML_2_0}:attrname-format"
+      NAME_ID_FORMAT_1_1 = "#{SAML_1_1}:nameid-format"
+      NAME_ID_FORMAT_2_0 = "#{SAML_2_0}:nameid-format"
+      STATUS = "#{SAML_2_0}:status"
 
-      ASSERTION = "#{SAML_2_0}:assertion".freeze
-      ATTR_SPLAT = "#{ATTR_NAME_FORMAT}:*".freeze
-      BASIC = "#{ATTR_NAME_FORMAT}:basic".freeze
-      BEARER = "#{SAML_2_0}:cm:bearer".freeze
-      EMAIL_ADDRESS = "#{NAME_ID_FORMAT_1_1}:emailAddress".freeze
-      INVALID_NAME_ID_POLICY = "#{STATUS}:InvalidNameIDPolicy".freeze
-      METADATA = "#{SAML_2_0}:metadata".freeze
-      PASSWORD = "#{SAML_2_0}:ac:classes:Password".freeze
+      ASSERTION = "#{SAML_2_0}:assertion"
+      ATTR_SPLAT = "#{ATTR_NAME_FORMAT}:*"
+      BASIC = "#{ATTR_NAME_FORMAT}:basic"
+      BEARER = "#{SAML_2_0}:cm:bearer"
+      EMAIL_ADDRESS = "#{NAME_ID_FORMAT_1_1}:emailAddress"
+      INVALID_NAME_ID_POLICY = "#{STATUS}:InvalidNameIDPolicy"
+      METADATA = "#{SAML_2_0}:metadata"
+      PASSWORD = "#{SAML_2_0}:ac:classes:Password"
       PASSWORD_PROTECTED =
-        "#{SAML_2_0}:ac:classes:PasswordProtectedTransport".freeze
-      PERSISTENT = "#{NAME_ID_FORMAT_2_0}:persistent".freeze
-      PROTOCOL = "#{SAML_2_0}:protocol".freeze
-      REQUESTER_ERROR = "#{STATUS}:Requester".freeze
-      RESPONDER_ERROR = "#{STATUS}:Responder".freeze
-      SUCCESS = "#{STATUS}:Success".freeze
-      TRANSIENT = "#{NAME_ID_FORMAT_2_0}:transient".freeze
-      UNSPECIFIED = "#{SAML_2_0}:consent:unspecified".freeze
-      UNSPECIFIED_NAMEID = "#{NAME_ID_FORMAT_1_1}:unspecified".freeze
-      URI = "#{ATTR_NAME_FORMAT}:uri".freeze
-      VERSION_MISMATCH_ERROR = "#{STATUS}:VersionMismatch".freeze
+        "#{SAML_2_0}:ac:classes:PasswordProtectedTransport"
+      PERSISTENT = "#{NAME_ID_FORMAT_2_0}:persistent"
+      PROTOCOL = "#{SAML_2_0}:protocol"
+      REQUESTER_ERROR = "#{STATUS}:Requester"
+      RESPONDER_ERROR = "#{STATUS}:Responder"
+      SUCCESS = "#{STATUS}:Success"
+      TRANSIENT = "#{NAME_ID_FORMAT_2_0}:transient"
+      UNSPECIFIED = "#{SAML_2_0}:consent:unspecified"
+      UNSPECIFIED_NAMEID = "#{NAME_ID_FORMAT_1_1}:unspecified"
+      URI = "#{ATTR_NAME_FORMAT}:uri"
+      VERSION_MISMATCH_ERROR = "#{STATUS}:VersionMismatch"
     end
   end
 end

data/lib/saml/kit/organization.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module Saml
   module Kit
     class Organization

data/lib/saml/kit/signature.rb

@@ -105,7 +105,7 @@ module Saml
         dsignature.errors.each do |attribute|
           errors.add(attribute, error_message(attribute))
         end
-      rescue Xmldsig::SchemaError => error
+      rescue StandardError => error
         errors.add(:base, error.message)
       end
 

data/lib/saml/kit/version.rb

@@ -2,6 +2,6 @@
 
 module Saml
   module Kit
-    VERSION = '1.0.31'.freeze
+    VERSION = '1.1.0'
   end
 end

data/saml-kit.gemspec

@@ -14,7 +14,7 @@ Gem::Specification.new do |spec|
   spec.description   = 'A simple toolkit for working with SAML.'
   spec.homepage      = 'https://github.com/saml-kit/saml-kit'
   spec.license       = 'MIT'
-  spec.required_ruby_version = '>= 2.2.0'
+  spec.required_ruby_version = '~> 2.4'
 
   spec.files = `git ls-files -z`.split("\x0").reject do |f|
     (
@@ -31,7 +31,7 @@ Gem::Specification.new do |spec|
   spec.add_dependency 'activemodel', '>= 4.2.0'
   spec.add_dependency 'net-hippie', '~> 0.1'
   spec.add_dependency 'xml-kit', '>= 0.3.0', '< 1.0.0'
-  spec.add_development_dependency 'bundler', '~> 1.17'
+  spec.add_development_dependency 'bundler', '~> 2.0'
   spec.add_development_dependency 'bundler-audit', '~> 0.6'
   spec.add_development_dependency 'ffaker', '~> 2.7'
   spec.add_development_dependency 'rake', '~> 10.0'

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: saml-kit
 version: !ruby/object:Gem::Version
-  version: 1.0.31
+  version: 1.1.0
 platform: ruby
 authors:
 - mo khan
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2019-04-17 00:00:00.000000000 Z
+date: 2019-04-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activemodel
@@ -64,14 +64,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.17'
+        version: '2.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.17'
+        version: '2.0'
 - !ruby/object:Gem::Dependency
   name: bundler-audit
   requirement: !ruby/object:Gem::Requirement
@@ -334,17 +334,16 @@ require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">="
+  - - "~>"
     - !ruby/object:Gem::Version
-      version: 2.2.0
+      version: '2.4'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.4.5.1
+rubygems_version: 3.0.3
 signing_key: 
 specification_version: 4
 summary: A simple toolkit for working with SAML.