saml-kit 1.0.6 → 1.0.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.gitlab-ci.yml +5 -5
- data/.rubocop.yml +92 -0
- data/.rubocop_todo.yml +45 -0
- data/.travis.yml +7 -3
- data/Gemfile +2 -2
- data/Rakefile +5 -3
- data/bin/cibuild +23 -0
- data/bin/console +3 -3
- data/bin/lint +13 -0
- data/bin/setup +1 -1
- data/bin/test +19 -0
- data/exe/saml-kit-create-self-signed-certificate +6 -6
- data/exe/saml-kit-decode-http-redirect +6 -2
- data/lib/saml/kit.rb +42 -39
- data/lib/saml/kit/assertion.rb +67 -25
- data/lib/saml/kit/authentication_request.rb +1 -1
- data/lib/saml/kit/bindings.rb +8 -8
- data/lib/saml/kit/bindings/binding.rb +5 -5
- data/lib/saml/kit/bindings/http_redirect.rb +12 -7
- data/lib/saml/kit/bindings/url_builder.rb +2 -2
- data/lib/saml/kit/buildable.rb +3 -3
- data/lib/saml/kit/builders/assertion.rb +4 -0
- data/lib/saml/kit/builders/authentication_request.rb +3 -3
- data/lib/saml/kit/builders/logout_request.rb +1 -1
- data/lib/saml/kit/builders/logout_response.rb +1 -1
- data/lib/saml/kit/builders/response.rb +2 -8
- data/lib/saml/kit/builders/templates/assertion.builder +1 -1
- data/lib/saml/kit/builders/templates/metadata.builder +4 -4
- data/lib/saml/kit/builders/templates/service_provider_metadata.builder +1 -1
- data/lib/saml/kit/composite_metadata.rb +9 -5
- data/lib/saml/kit/configuration.rb +7 -7
- data/lib/saml/kit/default_registry.rb +1 -1
- data/lib/saml/kit/document.rb +39 -23
- data/lib/saml/kit/identity_provider_metadata.rb +6 -6
- data/lib/saml/kit/invalid_document.rb +2 -2
- data/lib/saml/kit/locales/en.yml +12 -3
- data/lib/saml/kit/logout_request.rb +1 -1
- data/lib/saml/kit/logout_response.rb +1 -1
- data/lib/saml/kit/metadata.rb +43 -41
- data/lib/saml/kit/namespaces.rb +25 -25
- data/lib/saml/kit/null_assertion.rb +17 -0
- data/lib/saml/kit/respondable.rb +2 -3
- data/lib/saml/kit/response.rb +23 -4
- data/lib/saml/kit/rspec/have_query_param.rb +1 -1
- data/lib/saml/kit/service_provider_metadata.rb +3 -3
- data/lib/saml/kit/signature.rb +74 -4
- data/lib/saml/kit/translatable.rb +3 -2
- data/lib/saml/kit/trustable.rb +4 -11
- data/lib/saml/kit/version.rb +1 -1
- data/lib/saml/kit/xml_templatable.rb +10 -5
- data/saml-kit.gemspec +25 -22
- metadata +54 -6
@@ -2,8 +2,9 @@ module Saml
|
|
2
2
|
module Kit
|
3
3
|
module Translatable
|
4
4
|
# @!visibility private
|
5
|
-
def error_message(attribute,
|
6
|
-
|
5
|
+
def error_message(attribute, options = {})
|
6
|
+
default_options = { scope: "saml/kit.errors.#{name}" }
|
7
|
+
I18n.translate(attribute, default_options.merge(options))
|
7
8
|
end
|
8
9
|
end
|
9
10
|
end
|
data/lib/saml/kit/trustable.rb
CHANGED
@@ -16,8 +16,7 @@ module Saml
|
|
16
16
|
|
17
17
|
# @!visibility private
|
18
18
|
def signature
|
19
|
-
|
20
|
-
xml_hash ? Signature.new(xml_hash) : nil
|
19
|
+
@signature ||= Signature.new(at_xpath("/samlp:#{name}/ds:Signature"))
|
21
20
|
end
|
22
21
|
|
23
22
|
# Returns true when documents is signed and the signing certificate belongs to a known service entity.
|
@@ -43,16 +42,10 @@ module Saml
|
|
43
42
|
|
44
43
|
def must_have_valid_signature
|
45
44
|
return if to_xml.blank?
|
45
|
+
return unless signature.present?
|
46
46
|
|
47
|
-
|
48
|
-
|
49
|
-
"ds": ::Xml::Kit::Namespaces::XMLDSIG,
|
50
|
-
"md": Namespaces::METADATA,
|
51
|
-
"saml": Namespaces::ASSERTION,
|
52
|
-
"samlp": Namespaces::PROTOCOL,
|
53
|
-
})
|
54
|
-
xml.valid?
|
55
|
-
xml.errors.each do |attribute, error|
|
47
|
+
signature.valid?
|
48
|
+
signature.errors.each do |attribute, error|
|
56
49
|
errors[attribute] << error
|
57
50
|
end
|
58
51
|
end
|
data/lib/saml/kit/version.rb
CHANGED
@@ -4,16 +4,21 @@ module Saml
|
|
4
4
|
include ::Xml::Kit::Templatable
|
5
5
|
|
6
6
|
def template_path
|
7
|
-
root_path =
|
8
|
-
template_name = "#{self.class.name.split(
|
9
|
-
File.join(root_path,
|
7
|
+
root_path = __dir__
|
8
|
+
template_name = "#{self.class.name.split('::').last.underscore}.builder"
|
9
|
+
File.join(root_path, 'builders/templates/', template_name)
|
10
10
|
end
|
11
11
|
|
12
12
|
# Returns true if an embedded signature is requested and at least one signing certificate is available via the configuration.
|
13
13
|
def sign?
|
14
14
|
return configuration.sign? if embed_signature.nil?
|
15
15
|
(embed_signature && configuration.sign?) ||
|
16
|
-
(embed_signature &&
|
16
|
+
(embed_signature && signing_key_pair.present?)
|
17
|
+
end
|
18
|
+
|
19
|
+
def encrypt_with(key_pair)
|
20
|
+
self.encrypt = true
|
21
|
+
self.encryption_certificate = key_pair.certificate
|
17
22
|
end
|
18
23
|
|
19
24
|
def digest_method
|
@@ -25,7 +30,7 @@ module Saml
|
|
25
30
|
end
|
26
31
|
|
27
32
|
def signing_key_pair
|
28
|
-
configuration.key_pairs(use: :signing).last
|
33
|
+
@signing_key_pair || configuration.key_pairs(use: :signing).last
|
29
34
|
end
|
30
35
|
end
|
31
36
|
end
|
data/saml-kit.gemspec
CHANGED
@@ -1,34 +1,37 @@
|
|
1
|
-
|
2
|
-
lib = File.expand_path(
|
1
|
+
|
2
|
+
lib = File.expand_path('../lib', __FILE__)
|
3
3
|
$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
4
|
-
require
|
4
|
+
require 'saml/kit/version'
|
5
5
|
|
6
6
|
Gem::Specification.new do |spec|
|
7
|
-
spec.name =
|
7
|
+
spec.name = 'saml-kit'
|
8
8
|
spec.version = Saml::Kit::VERSION
|
9
|
-
spec.authors = [
|
10
|
-
spec.email = [
|
9
|
+
spec.authors = ['mo khan']
|
10
|
+
spec.email = ['mo@mokhan.ca']
|
11
11
|
|
12
|
-
spec.summary =
|
13
|
-
spec.description =
|
14
|
-
spec.homepage =
|
15
|
-
spec.license =
|
12
|
+
spec.summary = 'A simple toolkit for working with SAML.'
|
13
|
+
spec.description = 'A simple toolkit for working with SAML.'
|
14
|
+
spec.homepage = 'https://github.com/saml-kit/saml-kit'
|
15
|
+
spec.license = 'MIT'
|
16
16
|
spec.required_ruby_version = '>= 2.2.0'
|
17
17
|
|
18
|
-
spec.files
|
18
|
+
spec.files = `git ls-files -z`.split("\x0").reject do |f|
|
19
19
|
f.match(%r{^(test|spec|features)/})
|
20
20
|
end
|
21
|
-
spec.metadata[
|
22
|
-
spec.bindir =
|
21
|
+
spec.metadata['yard.run'] = 'yri'
|
22
|
+
spec.bindir = 'exe'
|
23
23
|
spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
|
24
|
-
spec.require_paths = [
|
24
|
+
spec.require_paths = ['lib']
|
25
25
|
|
26
|
-
spec.add_dependency
|
27
|
-
spec.add_dependency
|
28
|
-
spec.add_development_dependency
|
29
|
-
spec.add_development_dependency
|
30
|
-
spec.add_development_dependency
|
31
|
-
spec.add_development_dependency
|
32
|
-
spec.add_development_dependency
|
33
|
-
spec.add_development_dependency
|
26
|
+
spec.add_dependency 'activemodel', '>= 4.2.0'
|
27
|
+
spec.add_dependency 'xml-kit', '>= 0.1.10', '<= 1.0.0'
|
28
|
+
spec.add_development_dependency 'bundler', '~> 1.15'
|
29
|
+
spec.add_development_dependency 'ffaker', '~> 2.7'
|
30
|
+
spec.add_development_dependency 'rake', '~> 10.0'
|
31
|
+
spec.add_development_dependency 'rspec', '~> 3.0'
|
32
|
+
spec.add_development_dependency 'rubocop', '~> 0.52'
|
33
|
+
spec.add_development_dependency 'rubocop-rspec', '~> 1.22'
|
34
|
+
spec.add_development_dependency 'simplecov', '~> 0.15'
|
35
|
+
spec.add_development_dependency 'webmock', '~> 3.1'
|
36
|
+
spec.add_development_dependency 'rspec-benchmark', '~> 0.3'
|
34
37
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: saml-kit
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.0.
|
4
|
+
version: 1.0.7
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- mo khan
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2018-02-
|
11
|
+
date: 2018-02-17 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: activemodel
|
@@ -30,7 +30,7 @@ dependencies:
|
|
30
30
|
requirements:
|
31
31
|
- - ">="
|
32
32
|
- !ruby/object:Gem::Version
|
33
|
-
version: 0.1.
|
33
|
+
version: 0.1.10
|
34
34
|
- - "<="
|
35
35
|
- !ruby/object:Gem::Version
|
36
36
|
version: 1.0.0
|
@@ -40,7 +40,7 @@ dependencies:
|
|
40
40
|
requirements:
|
41
41
|
- - ">="
|
42
42
|
- !ruby/object:Gem::Version
|
43
|
-
version: 0.1.
|
43
|
+
version: 0.1.10
|
44
44
|
- - "<="
|
45
45
|
- !ruby/object:Gem::Version
|
46
46
|
version: 1.0.0
|
@@ -100,20 +100,48 @@ dependencies:
|
|
100
100
|
- - "~>"
|
101
101
|
- !ruby/object:Gem::Version
|
102
102
|
version: '3.0'
|
103
|
+
- !ruby/object:Gem::Dependency
|
104
|
+
name: rubocop
|
105
|
+
requirement: !ruby/object:Gem::Requirement
|
106
|
+
requirements:
|
107
|
+
- - "~>"
|
108
|
+
- !ruby/object:Gem::Version
|
109
|
+
version: '0.52'
|
110
|
+
type: :development
|
111
|
+
prerelease: false
|
112
|
+
version_requirements: !ruby/object:Gem::Requirement
|
113
|
+
requirements:
|
114
|
+
- - "~>"
|
115
|
+
- !ruby/object:Gem::Version
|
116
|
+
version: '0.52'
|
117
|
+
- !ruby/object:Gem::Dependency
|
118
|
+
name: rubocop-rspec
|
119
|
+
requirement: !ruby/object:Gem::Requirement
|
120
|
+
requirements:
|
121
|
+
- - "~>"
|
122
|
+
- !ruby/object:Gem::Version
|
123
|
+
version: '1.22'
|
124
|
+
type: :development
|
125
|
+
prerelease: false
|
126
|
+
version_requirements: !ruby/object:Gem::Requirement
|
127
|
+
requirements:
|
128
|
+
- - "~>"
|
129
|
+
- !ruby/object:Gem::Version
|
130
|
+
version: '1.22'
|
103
131
|
- !ruby/object:Gem::Dependency
|
104
132
|
name: simplecov
|
105
133
|
requirement: !ruby/object:Gem::Requirement
|
106
134
|
requirements:
|
107
135
|
- - "~>"
|
108
136
|
- !ruby/object:Gem::Version
|
109
|
-
version: 0.15
|
137
|
+
version: '0.15'
|
110
138
|
type: :development
|
111
139
|
prerelease: false
|
112
140
|
version_requirements: !ruby/object:Gem::Requirement
|
113
141
|
requirements:
|
114
142
|
- - "~>"
|
115
143
|
- !ruby/object:Gem::Version
|
116
|
-
version: 0.15
|
144
|
+
version: '0.15'
|
117
145
|
- !ruby/object:Gem::Dependency
|
118
146
|
name: webmock
|
119
147
|
requirement: !ruby/object:Gem::Requirement
|
@@ -128,6 +156,20 @@ dependencies:
|
|
128
156
|
- - "~>"
|
129
157
|
- !ruby/object:Gem::Version
|
130
158
|
version: '3.1'
|
159
|
+
- !ruby/object:Gem::Dependency
|
160
|
+
name: rspec-benchmark
|
161
|
+
requirement: !ruby/object:Gem::Requirement
|
162
|
+
requirements:
|
163
|
+
- - "~>"
|
164
|
+
- !ruby/object:Gem::Version
|
165
|
+
version: '0.3'
|
166
|
+
type: :development
|
167
|
+
prerelease: false
|
168
|
+
version_requirements: !ruby/object:Gem::Requirement
|
169
|
+
requirements:
|
170
|
+
- - "~>"
|
171
|
+
- !ruby/object:Gem::Version
|
172
|
+
version: '0.3'
|
131
173
|
description: A simple toolkit for working with SAML.
|
132
174
|
email:
|
133
175
|
- mo@mokhan.ca
|
@@ -141,13 +183,18 @@ files:
|
|
141
183
|
- ".gitignore"
|
142
184
|
- ".gitlab-ci.yml"
|
143
185
|
- ".rspec"
|
186
|
+
- ".rubocop.yml"
|
187
|
+
- ".rubocop_todo.yml"
|
144
188
|
- ".travis.yml"
|
145
189
|
- Gemfile
|
146
190
|
- LICENSE.txt
|
147
191
|
- README.md
|
148
192
|
- Rakefile
|
193
|
+
- bin/cibuild
|
149
194
|
- bin/console
|
195
|
+
- bin/lint
|
150
196
|
- bin/setup
|
197
|
+
- bin/test
|
151
198
|
- exe/saml-kit-create-self-signed-certificate
|
152
199
|
- exe/saml-kit-decode-http-post
|
153
200
|
- exe/saml-kit-decode-http-redirect
|
@@ -191,6 +238,7 @@ files:
|
|
191
238
|
- lib/saml/kit/logout_response.rb
|
192
239
|
- lib/saml/kit/metadata.rb
|
193
240
|
- lib/saml/kit/namespaces.rb
|
241
|
+
- lib/saml/kit/null_assertion.rb
|
194
242
|
- lib/saml/kit/requestable.rb
|
195
243
|
- lib/saml/kit/respondable.rb
|
196
244
|
- lib/saml/kit/response.rb
|