saml2 3.0.6 → 3.0.11
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/saml2/entity.rb +2 -2
- data/lib/saml2/response.rb +2 -0
- data/lib/saml2/schemas.rb +1 -5
- data/lib/saml2/service_provider.rb +2 -0
- data/lib/saml2/signable.rb +5 -5
- data/lib/saml2/version.rb +1 -1
- data/schemas/metadata_combined.xsd +13 -0
- data/schemas/sstc-saml-metadata-ext-query.xsd +66 -0
- data/spec/fixtures/identity_provider.xml +1 -1
- data/spec/fixtures/response_assertion_signed_reffed_from_response.xml +6 -0
- data/spec/fixtures/service_provider.xml +1 -1
- data/spec/lib/attribute_consuming_service_spec.rb +2 -0
- data/spec/lib/attribute_spec.rb +2 -0
- data/spec/lib/authn_request_spec.rb +2 -0
- data/spec/lib/bindings/http_redirect_spec.rb +4 -2
- data/spec/lib/conditions_spec.rb +2 -0
- data/spec/lib/entity_spec.rb +2 -0
- data/spec/lib/identity_provider_spec.rb +6 -0
- data/spec/lib/indexed_object_spec.rb +2 -0
- data/spec/lib/key_spec.rb +2 -0
- data/spec/lib/logout_request_spec.rb +2 -0
- data/spec/lib/logout_response_spec.rb +2 -0
- data/spec/lib/message_spec.rb +2 -0
- data/spec/lib/response_spec.rb +16 -0
- data/spec/lib/service_provider_spec.rb +7 -0
- data/spec/spec_helper.rb +2 -0
- metadata +14 -10
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 953f52449cc1cbab86280c3265ecf74cde4eb8db37946a99aa2d85f59d7a4754
|
|
4
|
+
data.tar.gz: f211ab22f71726b292c5182fba1b5040284c4a243f03458b84f33983f95dadbc
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 271dd3d0bd8325c59b61ed416fd0ed16d1cbc284d957593220f905c3f5c5f8d001bdcc125fcd96e1d28ffe3ad2ec22a6fec027c768df82ddb5dca609ba435c58
|
|
7
|
+
data.tar.gz: 87337ae1fd36828023da486e932582009b76f666e04fd336e4d4b4e0a244366c62c7491255b320b2575c6439d56c856200f883a2087fdc70b82f746927fef8db
|
data/lib/saml2/entity.rb
CHANGED
|
@@ -65,7 +65,7 @@ module SAML2
|
|
|
65
65
|
|
|
66
66
|
# (see Message#valid_schema?)
|
|
67
67
|
def valid_schema?
|
|
68
|
-
Schemas.
|
|
68
|
+
Schemas.metadata.valid?(xml.document)
|
|
69
69
|
end
|
|
70
70
|
|
|
71
71
|
# (see Message#id)
|
|
@@ -101,7 +101,7 @@ module SAML2
|
|
|
101
101
|
|
|
102
102
|
# (see Message#valid_schema?)
|
|
103
103
|
def valid_schema?
|
|
104
|
-
Schemas.
|
|
104
|
+
Schemas.metadata.valid?(xml.document)
|
|
105
105
|
end
|
|
106
106
|
|
|
107
107
|
# @return [String]
|
data/lib/saml2/response.rb
CHANGED
|
@@ -13,6 +13,8 @@ module SAML2
|
|
|
13
13
|
attr_reader :assertions
|
|
14
14
|
|
|
15
15
|
# Respond to an {AuthnRequest}
|
|
16
|
+
#
|
|
17
|
+
# {AuthnRequest#resolve} needs to have been previously called on the {AuthnRequest}.
|
|
16
18
|
# @param authn_request [AuthnRequest]
|
|
17
19
|
# @param issuer [NameID]
|
|
18
20
|
# @param name_id [NameID] The Subject
|
data/lib/saml2/schemas.rb
CHANGED
|
@@ -2,12 +2,8 @@
|
|
|
2
2
|
|
|
3
3
|
module SAML2
|
|
4
4
|
module Schemas
|
|
5
|
-
def self.federation
|
|
6
|
-
@federation ||= schema('ws-federation.xsd')
|
|
7
|
-
end
|
|
8
|
-
|
|
9
5
|
def self.metadata
|
|
10
|
-
@metadata ||= schema('
|
|
6
|
+
@metadata ||= schema('metadata_combined.xsd')
|
|
11
7
|
end
|
|
12
8
|
|
|
13
9
|
def self.protocol
|
data/lib/saml2/signable.rb
CHANGED
|
@@ -7,16 +7,16 @@ module SAML2
|
|
|
7
7
|
# @return [Nokogiri::XML::Element, nil]
|
|
8
8
|
def signature
|
|
9
9
|
unless instance_variable_defined?(:@signature)
|
|
10
|
-
@signature = xml.
|
|
11
|
-
|
|
12
|
-
signed_node = @signature.at_xpath('dsig:SignedInfo/dsig:Reference', Namespaces::ALL)['URI']
|
|
10
|
+
@signature = xml.xpath('//dsig:Signature', Namespaces::ALL).find do |signature|
|
|
11
|
+
signed_node = signature.at_xpath('dsig:SignedInfo/dsig:Reference', Namespaces::ALL)['URI']
|
|
13
12
|
if signed_node == ''
|
|
14
|
-
|
|
13
|
+
true if xml == xml.document.root
|
|
15
14
|
elsif signed_node != "##{xml['ID']}"
|
|
16
|
-
|
|
15
|
+
false
|
|
17
16
|
else
|
|
18
17
|
# validating the schema will automatically add ID attributes, so check that first
|
|
19
18
|
xml.set_id_attribute('ID') unless xml.document.get_id(xml['ID'])
|
|
19
|
+
true
|
|
20
20
|
end
|
|
21
21
|
end
|
|
22
22
|
end
|
data/lib/saml2/version.rb
CHANGED
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
<?xml version="1.0" encoding="UTF-8"?>
|
|
2
|
+
|
|
3
|
+
<schema
|
|
4
|
+
targetNamespace="https://www.instructure.com/ruby-saml2/metadata-combined"
|
|
5
|
+
xmlns="http://www.w3.org/2001/XMLSchema"
|
|
6
|
+
version="2.0">
|
|
7
|
+
|
|
8
|
+
<import namespace="http://docs.oasis-open.org/wsfed/federation/200706"
|
|
9
|
+
schemaLocation="ws-federation.xsd"/>
|
|
10
|
+
<import namespace="urn:oasis:names:tc:SAML:metadata:ext:query"
|
|
11
|
+
schemaLocation="sstc-saml-metadata-ext-query.xsd"/>
|
|
12
|
+
|
|
13
|
+
</schema>
|
|
@@ -0,0 +1,66 @@
|
|
|
1
|
+
<?xml version="1.0" encoding="UTF-8"?>
|
|
2
|
+
|
|
3
|
+
<schema
|
|
4
|
+
targetNamespace="urn:oasis:names:tc:SAML:metadata:ext:query"
|
|
5
|
+
xmlns="http://www.w3.org/2001/XMLSchema"
|
|
6
|
+
xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"
|
|
7
|
+
xmlns:query="urn:oasis:names:tc:SAML:metadata:ext:query"
|
|
8
|
+
elementFormDefault="unqualified"
|
|
9
|
+
attributeFormDefault="unqualified"
|
|
10
|
+
blockDefault="substitution"
|
|
11
|
+
version="2.0">
|
|
12
|
+
|
|
13
|
+
<annotation>
|
|
14
|
+
<documentation>
|
|
15
|
+
Document title: SAML Metadata Extension Schema for SAML V2.0 and V1.x Query Requesters
|
|
16
|
+
Document identifier: sstc-saml-metadata-ext-query.xsd
|
|
17
|
+
Location: http://www.oasis-open.org/committees/documents.php?wg_abbrev=security
|
|
18
|
+
Revision history:
|
|
19
|
+
V1.0 (May 2007):
|
|
20
|
+
Initial version.
|
|
21
|
+
</documentation>
|
|
22
|
+
</annotation>
|
|
23
|
+
|
|
24
|
+
<import namespace="urn:oasis:names:tc:SAML:2.0:metadata"
|
|
25
|
+
schemaLocation="saml-schema-metadata-2.0.xsd"/>
|
|
26
|
+
|
|
27
|
+
<complexType name="QueryDescriptorType" abstract="true">
|
|
28
|
+
<complexContent>
|
|
29
|
+
<extension base="md:RoleDescriptorType">
|
|
30
|
+
<sequence>
|
|
31
|
+
<element ref="md:NameIDFormat" minOccurs="0" maxOccurs="unbounded"/>
|
|
32
|
+
</sequence>
|
|
33
|
+
<attribute name="WantAssertionsSigned" type="boolean" use="optional"/>
|
|
34
|
+
</extension>
|
|
35
|
+
</complexContent>
|
|
36
|
+
</complexType>
|
|
37
|
+
|
|
38
|
+
<complexType name="AuthnQueryDescriptorType">
|
|
39
|
+
<complexContent>
|
|
40
|
+
<extension base="query:QueryDescriptorType"/>
|
|
41
|
+
</complexContent>
|
|
42
|
+
</complexType>
|
|
43
|
+
|
|
44
|
+
<complexType name="AttributeQueryDescriptorType">
|
|
45
|
+
<complexContent>
|
|
46
|
+
<extension base="query:QueryDescriptorType">
|
|
47
|
+
<sequence>
|
|
48
|
+
<element ref="md:AttributeConsumingService" minOccurs="0" maxOccurs="unbounded"/>
|
|
49
|
+
</sequence>
|
|
50
|
+
</extension>
|
|
51
|
+
</complexContent>
|
|
52
|
+
</complexType>
|
|
53
|
+
|
|
54
|
+
<element name="ActionNamespace" type="anyURI"/>
|
|
55
|
+
|
|
56
|
+
<complexType name="AuthzDecisionQueryDescriptorType">
|
|
57
|
+
<complexContent>
|
|
58
|
+
<extension base="query:QueryDescriptorType">
|
|
59
|
+
<sequence>
|
|
60
|
+
<element ref="query:ActionNamespace" minOccurs="0" maxOccurs="unbounded"/>
|
|
61
|
+
</sequence>
|
|
62
|
+
</extension>
|
|
63
|
+
</complexContent>
|
|
64
|
+
</complexType>
|
|
65
|
+
|
|
66
|
+
</schema>
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
<?xml version="1.0"?>
|
|
2
2
|
<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" entityID="https://sso.school.edu/idp/shibboleth">
|
|
3
|
-
<IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
|
|
3
|
+
<IDPSSODescriptor WantAuthnRequestsSigned="true" protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
|
|
4
4
|
<KeyDescriptor use="signing">
|
|
5
5
|
<ds:KeyInfo>
|
|
6
6
|
<ds:X509Data>
|
|
@@ -0,0 +1,6 @@
|
|
|
1
|
+
<samlp:Response ID="eppcgfbmldefddomokfgiljnkflhppmoflakahld" IssueInstant="2020-08-11T18:19:49Z" Destination="https://wscc.instructure.com/login/saml" Consent="urn:oasis:names:tc:SAML:2.0:consent:unspecified" Version="2.0" xmlns="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"><Signature xmlns="http://www.w3.org/2000/09/xmldsig#"><SignedInfo><CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /><SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" /><Reference URI="#enmnbnkdhfhnbjeifihomffcoanmnjdaocnhgnhc"><Transforms><Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" /><Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /></Transforms><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /><DigestValue>cyBkaF5MxEOSX9hLm0g/BWMJpQA=</DigestValue></Reference></SignedInfo><SignatureValue>BqXuyorfBboZI3sSSi4PC3GnJMKyLSQ/897M1RYmgVHx8Pbg1ANy75mpjRQQxGOIz/nSTh6eTPkkFEAT34nhxBSd+JfHof0RfLl/lBI1klSmpi/YoHCKLdVt+iwAemmBNw5Rxw59EepgrbcVtgjsjWISdvMyY7Wqb3nyJDwTGWw=</SignatureValue><KeyInfo><KeyValue><RSAKeyValue><Modulus>yPxoJ9DLOTzn9j91xlqGTX/8Hs5hxjImPalS9qTOc6BYJgXSC7HtxBLMc0usJG58/OaHgWFlaDi4HSBlZe2vLzecaWL1HYxJtW6s+UpD5i+uoxGTPM1ITNlZudGQblh3XTUESrPUZVwSt1N+Vqd4AUHux0E078meTqj9+EMcgsk=</Modulus><Exponent>AQAB</Exponent></RSAKeyValue></KeyValue><X509Data><X509Certificate>MIIB4TCCAU6gAwIBAgIQhv64tDcg/45BI6qmDbJfKDAJBgUrDgMCHQUAMA8xDTALBgNVBAMTBFRFU1QwIBcNMjAwMTI3MTkxNzMxWhgPMjA4MDEyMzEwNTAwMDBaMA8xDTALBgNVBAMTBFRFU1QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMj8aCfQyzk85/Y/dcZahk1//B7OYcYyJj2pUvakznOgWCYF0gux7cQSzHNLrCRufPzmh4FhZWg4uB0gZWXtry83nGli9R2MSbVurPlKQ+YvrqMRkzzNSEzZWbnRkG5Yd101BEqz1GVcErdTflaneAFB7sdBNO/Jnk6o/fhDHILJAgMBAAGjRDBCMEAGA1UdAQQ5MDeAEFm8dl7/zBigioh82gZb6WGhETAPMQ0wCwYDVQQDEwRURVNUghCG/ri0NyD/jkEjqqYNsl8oMAkGBSsOAwIdBQADgYEAotOROUrAiZr7oA3iaZLxq+B6sN+JdWSBquvDUzaMgIWRvUBZPqmOKpXK0+XSLXChgklpVXBXAo78Juy0zza/ZAMyGPbYlSZSME6GlApjp8hi6wi0ti/usi/D8SQSJ9ephwz2JAvI5WP16PzIruYUlf3uI72hKT0NW8Pl3PhT8z8=</X509Certificate></X509Data></KeyInfo></Signature><samlp:Status><samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success" /></samlp:Status><Assertion ID="enmnbnkdhfhnbjeifihomffcoanmnjdaocnhgnhc" IssueInstant="2020-08-11T18:19:49Z" Version="2.0" xmlns="urn:oasis:names:tc:SAML:2.0:assertion"><Issuer>
|
|
2
|
+
https://my.wscc.edu/idp
|
|
3
|
+
</Issuer><Subject><NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress">narnold@wscc.edu</NameID><SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"><SubjectConfirmationData Recipient="" NotOnOrAfter="2020-08-11T18:29:49Z" InResponseTo="_bd878908-34c0-4e6e-b429-90cc8bfae27c" /></SubjectConfirmation></Subject><Conditions NotBefore="2020-08-11T18:14:49Z" NotOnOrAfter="2020-08-11T18:29:49Z"><AudienceRestriction><Audience>http://wscc.instructure.com/saml2</Audience></AudienceRestriction></Conditions><AttributeStatement><Attribute Name="email"><AttributeValue>narnold@wscc.edu</AttributeValue></Attribute><Attribute Name="display_name"><AttributeValue>Nicholas Arnold</AttributeValue></Attribute><Attribute Name="given_name"><AttributeValue>Nicholas</AttributeValue></Attribute><Attribute Name="integration_id"><AttributeValue>Ed18RSTYO0ivqnZuzQPehQ==</AttributeValue></Attribute><Attribute Name="sis_user_id"><AttributeValue>0097365</AttributeValue></Attribute><Attribute Name="sortable_name"><AttributeValue>Arnold, Nicholas</AttributeValue></Attribute><Attribute Name="surname"><AttributeValue>Arnold</AttributeValue></Attribute><Attribute Name="time_zone"><AttributeValue>US/Eastern</AttributeValue></Attribute></AttributeStatement><AuthnStatement AuthnInstant="2020-08-11T18:19:49Z"><AuthnContext><AuthnContextClassRef>
|
|
4
|
+
urn:oasis:names:tc:SAML:2.0:ac:classes:Password
|
|
5
|
+
</AuthnContextClassRef></AuthnContext></AuthnStatement></Assertion></samlp:Response>
|
|
6
|
+
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
<?xml version="1.0"?>
|
|
2
2
|
<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="http://siteadmin.instructure.com/saml2" ID="unique">
|
|
3
|
-
<SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
|
|
3
|
+
<SPSSODescriptor AuthnRequestsSigned="true" WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
|
|
4
4
|
|
|
5
5
|
<KeyDescriptor use="encryption">
|
|
6
6
|
<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
|
data/spec/lib/attribute_spec.rb
CHANGED
|
@@ -1,3 +1,5 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
1
3
|
require_relative '../../spec_helper'
|
|
2
4
|
|
|
3
5
|
require 'openssl'
|
|
@@ -86,10 +88,10 @@ module SAML2
|
|
|
86
88
|
end
|
|
87
89
|
|
|
88
90
|
it "raises on unsupported signature algorithm" do
|
|
89
|
-
x = url
|
|
91
|
+
x = url.dup
|
|
90
92
|
# SigAlg is now sha10
|
|
91
93
|
x << "0"
|
|
92
|
-
expect { Bindings::HTTPRedirect.decode(
|
|
94
|
+
expect { Bindings::HTTPRedirect.decode(x, public_key: certificate) }.to raise_error(UnsupportedSignatureAlgorithm)
|
|
93
95
|
end
|
|
94
96
|
|
|
95
97
|
it "allows the caller to detect an unsigned message" do
|
data/spec/lib/conditions_spec.rb
CHANGED
data/spec/lib/entity_spec.rb
CHANGED
|
@@ -1,3 +1,5 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
1
3
|
require_relative '../spec_helper'
|
|
2
4
|
|
|
3
5
|
module SAML2
|
|
@@ -32,6 +34,10 @@ module SAML2
|
|
|
32
34
|
it "should find the signing certificate" do
|
|
33
35
|
expect(idp.keys.first.x509).to match(/MIIE8TCCA9mgAwIBAgIJAITusxON60cKMA0GCSqGSIb3DQEBBQUAMIGrMQswCQYD/)
|
|
34
36
|
end
|
|
37
|
+
|
|
38
|
+
it "loads identity provider attributes" do
|
|
39
|
+
expect(idp.want_authn_requests_signed?).to be_truthy
|
|
40
|
+
end
|
|
35
41
|
end
|
|
36
42
|
end
|
|
37
43
|
end
|
data/spec/lib/key_spec.rb
CHANGED
data/spec/lib/message_spec.rb
CHANGED
data/spec/lib/response_spec.rb
CHANGED
|
@@ -1,3 +1,5 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
1
3
|
require_relative '../spec_helper'
|
|
2
4
|
|
|
3
5
|
module SAML2
|
|
@@ -272,6 +274,20 @@ MIIB/jCCAWegAwIBAgIBCjANBgkqhkiG9w0BAQQFADAkMSIwIAYDVQQDExlhZGRlcjEuaXRzLnVuaW1l
|
|
|
272
274
|
expect(response.errors).to eq []
|
|
273
275
|
expect(response.assertions.first.subject.name_id.id).to eq 'testuserint.sso@staff.oimtest.unimelb.edu.au'
|
|
274
276
|
end
|
|
277
|
+
|
|
278
|
+
it "finds signatures the sign the assertion, not inside the assertion" do
|
|
279
|
+
response = Response.parse(fixture("response_assertion_signed_reffed_from_response.xml"))
|
|
280
|
+
sp_entity.entity_id = 'http://wscc.instructure.com/saml2'
|
|
281
|
+
idp_entity.entity_id = 'https://my.wscc.edu/idp'
|
|
282
|
+
idp_entity.identity_providers.first.keys.clear
|
|
283
|
+
idp_entity.identity_providers.first.fingerprints << "c4f473274116a3cbc295c3abf77c7ed1ade9b904"
|
|
284
|
+
|
|
285
|
+
sp_entity.valid_response?(response, idp_entity, verification_time: response.issue_instant)
|
|
286
|
+
expect(response.errors).to eq []
|
|
287
|
+
expect(response.assertions.first.subject.name_id.id).to eq 'narnold@wscc.edu'
|
|
288
|
+
expect(response).not_to be_signed
|
|
289
|
+
expect(response.assertions.first).to be_signed
|
|
290
|
+
end
|
|
275
291
|
end
|
|
276
292
|
end
|
|
277
293
|
end
|
|
@@ -1,3 +1,5 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
1
3
|
require_relative '../spec_helper'
|
|
2
4
|
|
|
3
5
|
module SAML2
|
|
@@ -64,6 +66,11 @@ module SAML2
|
|
|
64
66
|
expect(sp.keys.first.encryption_methods.first.algorithm).to eq KeyDescriptor::EncryptionMethod::Algorithm::AES128_CBC
|
|
65
67
|
expect(sp.keys.first.encryption_methods.first.key_size).to eq 128
|
|
66
68
|
end
|
|
69
|
+
|
|
70
|
+
it "loads service provider attributes" do
|
|
71
|
+
expect(sp.authn_requests_signed?).to be_truthy
|
|
72
|
+
expect(sp.want_assertions_signed?).to be_truthy
|
|
73
|
+
end
|
|
67
74
|
end
|
|
68
75
|
end
|
|
69
76
|
end
|
data/spec/spec_helper.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: saml2
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 3.0.
|
|
4
|
+
version: 3.0.11
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Cody Cutrer
|
|
8
|
-
autorequire:
|
|
8
|
+
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2021-01-08 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: nokogiri
|
|
@@ -19,7 +19,7 @@ dependencies:
|
|
|
19
19
|
version: 1.5.8
|
|
20
20
|
- - "<"
|
|
21
21
|
- !ruby/object:Gem::Version
|
|
22
|
-
version: '1.
|
|
22
|
+
version: '1.12'
|
|
23
23
|
type: :runtime
|
|
24
24
|
prerelease: false
|
|
25
25
|
version_requirements: !ruby/object:Gem::Requirement
|
|
@@ -29,7 +29,7 @@ dependencies:
|
|
|
29
29
|
version: 1.5.8
|
|
30
30
|
- - "<"
|
|
31
31
|
- !ruby/object:Gem::Version
|
|
32
|
-
version: '1.
|
|
32
|
+
version: '1.12'
|
|
33
33
|
- !ruby/object:Gem::Dependency
|
|
34
34
|
name: nokogiri-xmlsec-instructure
|
|
35
35
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -59,7 +59,7 @@ dependencies:
|
|
|
59
59
|
version: '3.2'
|
|
60
60
|
- - "<"
|
|
61
61
|
- !ruby/object:Gem::Version
|
|
62
|
-
version: '
|
|
62
|
+
version: '6.2'
|
|
63
63
|
type: :runtime
|
|
64
64
|
prerelease: false
|
|
65
65
|
version_requirements: !ruby/object:Gem::Requirement
|
|
@@ -69,7 +69,7 @@ dependencies:
|
|
|
69
69
|
version: '3.2'
|
|
70
70
|
- - "<"
|
|
71
71
|
- !ruby/object:Gem::Version
|
|
72
|
-
version: '
|
|
72
|
+
version: '6.2'
|
|
73
73
|
- !ruby/object:Gem::Dependency
|
|
74
74
|
name: byebug
|
|
75
75
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -168,11 +168,13 @@ files:
|
|
|
168
168
|
- lib/saml2/subject.rb
|
|
169
169
|
- lib/saml2/version.rb
|
|
170
170
|
- schemas/MetadataExchange.xsd
|
|
171
|
+
- schemas/metadata_combined.xsd
|
|
171
172
|
- schemas/oasis-200401-wss-wssecurity-secext-1.0.xsd
|
|
172
173
|
- schemas/oasis-200401-wss-wssecurity-utility-1.0.xsd
|
|
173
174
|
- schemas/saml-schema-assertion-2.0.xsd
|
|
174
175
|
- schemas/saml-schema-metadata-2.0.xsd
|
|
175
176
|
- schemas/saml-schema-protocol-2.0.xsd
|
|
177
|
+
- schemas/sstc-saml-metadata-ext-query.xsd
|
|
176
178
|
- schemas/ws-addr.xsd
|
|
177
179
|
- schemas/ws-authorization.xsd
|
|
178
180
|
- schemas/ws-federation.xsd
|
|
@@ -189,6 +191,7 @@ files:
|
|
|
189
191
|
- spec/fixtures/noconditions_response.xml
|
|
190
192
|
- spec/fixtures/othercertificate.pem
|
|
191
193
|
- spec/fixtures/privatekey.key
|
|
194
|
+
- spec/fixtures/response_assertion_signed_reffed_from_response.xml
|
|
192
195
|
- spec/fixtures/response_signed.xml
|
|
193
196
|
- spec/fixtures/response_tampered_certificate.xml
|
|
194
197
|
- spec/fixtures/response_tampered_signature.xml
|
|
@@ -224,7 +227,7 @@ homepage: https://github.com/instructure/ruby-saml2
|
|
|
224
227
|
licenses:
|
|
225
228
|
- MIT
|
|
226
229
|
metadata: {}
|
|
227
|
-
post_install_message:
|
|
230
|
+
post_install_message:
|
|
228
231
|
rdoc_options: []
|
|
229
232
|
require_paths:
|
|
230
233
|
- lib
|
|
@@ -239,8 +242,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
239
242
|
- !ruby/object:Gem::Version
|
|
240
243
|
version: '0'
|
|
241
244
|
requirements: []
|
|
242
|
-
rubygems_version: 3.
|
|
243
|
-
signing_key:
|
|
245
|
+
rubygems_version: 3.1.4
|
|
246
|
+
signing_key:
|
|
244
247
|
specification_version: 4
|
|
245
248
|
summary: SAML 2.0 Library
|
|
246
249
|
test_files:
|
|
@@ -269,6 +272,7 @@ test_files:
|
|
|
269
272
|
- spec/fixtures/certificate.pem
|
|
270
273
|
- spec/fixtures/noconditions_response.xml
|
|
271
274
|
- spec/fixtures/entities.xml
|
|
275
|
+
- spec/fixtures/response_assertion_signed_reffed_from_response.xml
|
|
272
276
|
- spec/fixtures/xml_signature_wrapping_attack_duplicate_ids.xml
|
|
273
277
|
- spec/fixtures/response_without_keyinfo.xml
|
|
274
278
|
- spec/fixtures/response_with_signed_assertion_and_encrypted_subject.xml
|