RubyGems - saml2 - Versions diffs - 3.1.2 → 3.1.3 - Mend

saml2 3.1.2 → 3.1.3

Files changed (100) hide show

checksums.yaml +4 -4
data/Rakefile +6 -4
data/exe/bulk_verify_responses +94 -0
data/lib/saml2/assertion.rb +7 -7
data/lib/saml2/attribute/x500.rb +31 -28
data/lib/saml2/attribute.rb +53 -49
data/lib/saml2/attribute_consuming_service.rb +29 -31
data/lib/saml2/authn_request.rb +54 -47
data/lib/saml2/authn_statement.rb +31 -20
data/lib/saml2/base.rb +72 -63
data/lib/saml2/bindings/http_post.rb +7 -7
data/lib/saml2/bindings/http_redirect.rb +37 -33
data/lib/saml2/bindings.rb +1 -1
data/lib/saml2/conditions.rb +19 -16
data/lib/saml2/contact.rb +19 -18
data/lib/saml2/endpoint.rb +14 -11
data/lib/saml2/entity.rb +27 -27
data/lib/saml2/identity_provider.rb +13 -10
data/lib/saml2/indexed_object.rb +15 -12
data/lib/saml2/key.rb +43 -34
data/lib/saml2/localized_name.rb +11 -10
data/lib/saml2/logout_request.rb +8 -8
data/lib/saml2/logout_response.rb +4 -4
data/lib/saml2/message.rb +24 -20
data/lib/saml2/name_id.rb +45 -41
data/lib/saml2/namespaces.rb +8 -8
data/lib/saml2/organization.rb +11 -10
data/lib/saml2/organization_and_contacts.rb +5 -5
data/lib/saml2/request.rb +3 -3
data/lib/saml2/requested_authn_context.rb +4 -4
data/lib/saml2/response.rb +45 -33
data/lib/saml2/role.rb +11 -11
data/lib/saml2/schemas.rb +13 -10
data/lib/saml2/service_provider.rb +11 -12
data/lib/saml2/signable.rb +23 -18
data/lib/saml2/sso.rb +5 -5
data/lib/saml2/status.rb +9 -7
data/lib/saml2/status_response.rb +5 -5
data/lib/saml2/subject.rb +28 -28
data/lib/saml2/version.rb +1 -1
data/lib/saml2.rb +7 -7
metadata +78 -137
data/schemas/MetadataExchange.xsd +0 -112
data/schemas/metadata_combined.xsd +0 -13
data/schemas/oasis-200401-wss-wssecurity-secext-1.0.xsd +0 -195
data/schemas/oasis-200401-wss-wssecurity-utility-1.0.xsd +0 -108
data/schemas/saml-schema-assertion-2.0.xsd +0 -283
data/schemas/saml-schema-metadata-2.0.xsd +0 -339
data/schemas/saml-schema-protocol-2.0.xsd +0 -302
data/schemas/sstc-saml-metadata-ext-query.xsd +0 -66
data/schemas/ws-addr.xsd +0 -137
data/schemas/ws-authorization.xsd +0 -145
data/schemas/ws-federation.xsd +0 -471
data/schemas/ws-securitypolicy-1.2.xsd +0 -1205
data/schemas/xenc-schema.xsd +0 -136
data/schemas/xml.xsd +0 -287
data/schemas/xmldsig-core-schema.xsd +0 -309
data/spec/fixtures/FederationMetadata.xml +0 -670
data/spec/fixtures/authnrequest.xml +0 -12
data/spec/fixtures/certificate.pem +0 -24
data/spec/fixtures/entities.xml +0 -13
data/spec/fixtures/external-uri-reference-response.xml +0 -48
data/spec/fixtures/identity_provider.xml +0 -46
data/spec/fixtures/noconditions_response.xml +0 -1
data/spec/fixtures/othercertificate.pem +0 -25
data/spec/fixtures/privatekey.key +0 -27
data/spec/fixtures/response_assertion_signed_reffed_from_response.xml +0 -6
data/spec/fixtures/response_signed.xml +0 -46
data/spec/fixtures/response_tampered_certificate.xml +0 -25
data/spec/fixtures/response_tampered_signature.xml +0 -46
data/spec/fixtures/response_with_attribute_signed.xml +0 -46
data/spec/fixtures/response_with_encrypted_assertion.xml +0 -58
data/spec/fixtures/response_with_rsa_key_value.xml +0 -1
data/spec/fixtures/response_with_signed_assertion_and_encrypted_subject.xml +0 -116
data/spec/fixtures/response_without_keyinfo.xml +0 -1
data/spec/fixtures/service_provider.xml +0 -79
data/spec/fixtures/test3-response.xml +0 -9
data/spec/fixtures/test6-response.xml +0 -10
data/spec/fixtures/test7-response.xml +0 -10
data/spec/fixtures/xml_missigned_assertion.xml +0 -84
data/spec/fixtures/xml_signature_wrapping_attack_duplicate_ids.xml +0 -11
data/spec/fixtures/xml_signature_wrapping_attack_response_attributes.xml +0 -45
data/spec/fixtures/xml_signature_wrapping_attack_response_nameid.xml +0 -44
data/spec/fixtures/xslt-transform-response.xml +0 -57
data/spec/lib/attribute_consuming_service_spec.rb +0 -129
data/spec/lib/attribute_spec.rb +0 -149
data/spec/lib/authn_request_spec.rb +0 -52
data/spec/lib/bindings/http_redirect_spec.rb +0 -183
data/spec/lib/conditions_spec.rb +0 -74
data/spec/lib/entity_spec.rb +0 -58
data/spec/lib/identity_provider_spec.rb +0 -43
data/spec/lib/indexed_object_spec.rb +0 -71
data/spec/lib/key_spec.rb +0 -23
data/spec/lib/logout_request_spec.rb +0 -33
data/spec/lib/logout_response_spec.rb +0 -33
data/spec/lib/message_spec.rb +0 -23
data/spec/lib/response_spec.rb +0 -293
data/spec/lib/service_provider_spec.rb +0 -76
data/spec/lib/signable_spec.rb +0 -15
data/spec/spec_helper.rb +0 -8

data/schemas/xmldsig-core-schema.xsd DELETED Viewed

@@ -1,309 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<!-- Schema for XML Signatures
-    http://www.w3.org/2000/09/xmldsig#
-    $Revision: 1.1 $ on $Date: 2002/02/08 20:32:26 $ by $Author: reagle $
-    Copyright 2001 The Internet Society and W3C (Massachusetts Institute
-    of Technology, Institut National de Recherche en Informatique et en
-    Automatique, Keio University). All Rights Reserved.
-    http://www.w3.org/Consortium/Legal/
-    This document is governed by the W3C Software License [1] as described
-    in the FAQ [2].
-    [1] http://www.w3.org/Consortium/Legal/copyright-software-19980720
-    [2] http://www.w3.org/Consortium/Legal/IPR-FAQ-20000620.html#DTD
--->
-<schema xmlns="http://www.w3.org/2001/XMLSchema"
-        xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
-        targetNamespace="http://www.w3.org/2000/09/xmldsig#"
-        version="0.1" elementFormDefault="qualified">
-<!-- Basic Types Defined for Signatures -->
-<simpleType name="CryptoBinary">
-  <restriction base="base64Binary">
-  </restriction>
-</simpleType>
-<!-- Start Signature -->
-<element name="Signature" type="ds:SignatureType"/>
-<complexType name="SignatureType">
-  <sequence>
-    <element ref="ds:SignedInfo"/>
-    <element ref="ds:SignatureValue"/>
-    <element ref="ds:KeyInfo" minOccurs="0"/>
-    <element ref="ds:Object" minOccurs="0" maxOccurs="unbounded"/>
-  </sequence>
-  <attribute name="Id" type="ID" use="optional"/>
-</complexType>
-  <element name="SignatureValue" type="ds:SignatureValueType"/>
-  <complexType name="SignatureValueType">
-    <simpleContent>
-      <extension base="base64Binary">
-        <attribute name="Id" type="ID" use="optional"/>
-      </extension>
-    </simpleContent>
-  </complexType>
-<!-- Start SignedInfo -->
-<element name="SignedInfo" type="ds:SignedInfoType"/>
-<complexType name="SignedInfoType">
-  <sequence>
-    <element ref="ds:CanonicalizationMethod"/>
-    <element ref="ds:SignatureMethod"/>
-    <element ref="ds:Reference" maxOccurs="unbounded"/>
-  </sequence>
-  <attribute name="Id" type="ID" use="optional"/>
-</complexType>
-  <element name="CanonicalizationMethod" type="ds:CanonicalizationMethodType"/>
-  <complexType name="CanonicalizationMethodType" mixed="true">
-    <sequence>
-      <any namespace="##any" minOccurs="0" maxOccurs="unbounded"/>
-      <!-- (0,unbounded) elements from (1,1) namespace -->
-    </sequence>
-    <attribute name="Algorithm" type="anyURI" use="required"/>
-  </complexType>
-  <element name="SignatureMethod" type="ds:SignatureMethodType"/>
-  <complexType name="SignatureMethodType" mixed="true">
-    <sequence>
-      <element name="HMACOutputLength" minOccurs="0" type="ds:HMACOutputLengthType"/>
-      <any namespace="##other" minOccurs="0" maxOccurs="unbounded"/>
-      <!-- (0,unbounded) elements from (1,1) external namespace -->
-    </sequence>
-    <attribute name="Algorithm" type="anyURI" use="required"/>
-  </complexType>
-<!-- Start Reference -->
-<element name="Reference" type="ds:ReferenceType"/>
-<complexType name="ReferenceType">
-  <sequence>
-    <element ref="ds:Transforms" minOccurs="0"/>
-    <element ref="ds:DigestMethod"/>
-    <element ref="ds:DigestValue"/>
-  </sequence>
-  <attribute name="Id" type="ID" use="optional"/>
-  <attribute name="URI" type="anyURI" use="optional"/>
-  <attribute name="Type" type="anyURI" use="optional"/>
-</complexType>
-  <element name="Transforms" type="ds:TransformsType"/>
-  <complexType name="TransformsType">
-    <sequence>
-      <element ref="ds:Transform" maxOccurs="unbounded"/>
-    </sequence>
-  </complexType>
-  <element name="Transform" type="ds:TransformType"/>
-  <complexType name="TransformType" mixed="true">
-    <choice minOccurs="0" maxOccurs="unbounded">
-      <any namespace="##other" processContents="lax"/>
-      <!-- (1,1) elements from (0,unbounded) namespaces -->
-      <element name="XPath" type="string"/>
-    </choice>
-    <attribute name="Algorithm" type="anyURI" use="required"/>
-  </complexType>
-<!-- End Reference -->
-<element name="DigestMethod" type="ds:DigestMethodType"/>
-<complexType name="DigestMethodType" mixed="true">
-  <sequence>
-    <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
-  </sequence>
-  <attribute name="Algorithm" type="anyURI" use="required"/>
-</complexType>
-<element name="DigestValue" type="ds:DigestValueType"/>
-<simpleType name="DigestValueType">
-  <restriction base="base64Binary"/>
-</simpleType>
-<!-- End SignedInfo -->
-<!-- Start KeyInfo -->
-<element name="KeyInfo" type="ds:KeyInfoType"/>
-<complexType name="KeyInfoType" mixed="true">
-  <choice maxOccurs="unbounded">
-    <element ref="ds:KeyName"/>
-    <element ref="ds:KeyValue"/>
-    <element ref="ds:RetrievalMethod"/>
-    <element ref="ds:X509Data"/>
-    <element ref="ds:PGPData"/>
-    <element ref="ds:SPKIData"/>
-    <element ref="ds:MgmtData"/>
-    <any processContents="lax" namespace="##other"/>
-    <!-- (1,1) elements from (0,unbounded) namespaces -->
-  </choice>
-  <attribute name="Id" type="ID" use="optional"/>
-</complexType>
-  <element name="KeyName" type="string"/>
-  <element name="MgmtData" type="string"/>
-  <element name="KeyValue" type="ds:KeyValueType"/>
-  <complexType name="KeyValueType" mixed="true">
-   <choice>
-     <element ref="ds:DSAKeyValue"/>
-     <element ref="ds:RSAKeyValue"/>
-     <any namespace="##other" processContents="lax"/>
-   </choice>
-  </complexType>
-  <element name="RetrievalMethod" type="ds:RetrievalMethodType"/>
-  <complexType name="RetrievalMethodType">
-    <sequence>
-      <element ref="ds:Transforms" minOccurs="0"/>
-    </sequence>
-    <attribute name="URI" type="anyURI"/>
-    <attribute name="Type" type="anyURI" use="optional"/>
-  </complexType>
-<!-- Start X509Data -->
-<element name="X509Data" type="ds:X509DataType"/>
-<complexType name="X509DataType">
-  <sequence maxOccurs="unbounded">
-    <choice>
-      <element name="X509IssuerSerial" type="ds:X509IssuerSerialType"/>
-      <element name="X509SKI" type="base64Binary"/>
-      <element name="X509SubjectName" type="string"/>
-      <element name="X509Certificate" type="base64Binary"/>
-      <element name="X509CRL" type="base64Binary"/>
-      <any namespace="##other" processContents="lax"/>
-    </choice>
-  </sequence>
-</complexType>
-<complexType name="X509IssuerSerialType">
-  <sequence>
-    <element name="X509IssuerName" type="string"/>
-    <element name="X509SerialNumber" type="integer"/>
-  </sequence>
-</complexType>
-<!-- End X509Data -->
-<!-- Begin PGPData -->
-<element name="PGPData" type="ds:PGPDataType"/>
-<complexType name="PGPDataType">
-  <choice>
-    <sequence>
-      <element name="PGPKeyID" type="base64Binary"/>
-      <element name="PGPKeyPacket" type="base64Binary" minOccurs="0"/>
-      <any namespace="##other" processContents="lax" minOccurs="0"
-       maxOccurs="unbounded"/>
-    </sequence>
-    <sequence>
-      <element name="PGPKeyPacket" type="base64Binary"/>
-      <any namespace="##other" processContents="lax" minOccurs="0"
-       maxOccurs="unbounded"/>
-    </sequence>
-  </choice>
-</complexType>
-<!-- End PGPData -->
-<!-- Begin SPKIData -->
-<element name="SPKIData" type="ds:SPKIDataType"/>
-<complexType name="SPKIDataType">
-  <sequence maxOccurs="unbounded">
-    <element name="SPKISexp" type="base64Binary"/>
-    <any namespace="##other" processContents="lax" minOccurs="0"/>
-  </sequence>
-</complexType>
-<!-- End SPKIData -->
-<!-- End KeyInfo -->
-<!-- Start Object (Manifest, SignatureProperty) -->
-<element name="Object" type="ds:ObjectType"/>
-<complexType name="ObjectType" mixed="true">
-  <sequence minOccurs="0" maxOccurs="unbounded">
-    <any namespace="##any" processContents="lax"/>
-  </sequence>
-  <attribute name="Id" type="ID" use="optional"/>
-  <attribute name="MimeType" type="string" use="optional"/> <!-- add a grep facet -->
-  <attribute name="Encoding" type="anyURI" use="optional"/>
-</complexType>
-<element name="Manifest" type="ds:ManifestType"/>
-<complexType name="ManifestType">
-  <sequence>
-    <element ref="ds:Reference" maxOccurs="unbounded"/>
-  </sequence>
-  <attribute name="Id" type="ID" use="optional"/>
-</complexType>
-<element name="SignatureProperties" type="ds:SignaturePropertiesType"/>
-<complexType name="SignaturePropertiesType">
-  <sequence>
-    <element ref="ds:SignatureProperty" maxOccurs="unbounded"/>
-  </sequence>
-  <attribute name="Id" type="ID" use="optional"/>
-</complexType>
-   <element name="SignatureProperty" type="ds:SignaturePropertyType"/>
-   <complexType name="SignaturePropertyType" mixed="true">
-     <choice maxOccurs="unbounded">
-       <any namespace="##other" processContents="lax"/>
-       <!-- (1,1) elements from (1,unbounded) namespaces -->
-     </choice>
-     <attribute name="Target" type="anyURI" use="required"/>
-     <attribute name="Id" type="ID" use="optional"/>
-   </complexType>
-<!-- End Object (Manifest, SignatureProperty) -->
-<!-- Start Algorithm Parameters -->
-<simpleType name="HMACOutputLengthType">
-  <restriction base="integer"/>
-</simpleType>
-<!-- Start KeyValue Element-types -->
-<element name="DSAKeyValue" type="ds:DSAKeyValueType"/>
-<complexType name="DSAKeyValueType">
-  <sequence>
-    <sequence minOccurs="0">
-      <element name="P" type="ds:CryptoBinary"/>
-      <element name="Q" type="ds:CryptoBinary"/>
-    </sequence>
-    <element name="G" type="ds:CryptoBinary" minOccurs="0"/>
-    <element name="Y" type="ds:CryptoBinary"/>
-    <element name="J" type="ds:CryptoBinary" minOccurs="0"/>
-    <sequence minOccurs="0">
-      <element name="Seed" type="ds:CryptoBinary"/>
-      <element name="PgenCounter" type="ds:CryptoBinary"/>
-    </sequence>
-  </sequence>
-</complexType>
-<element name="RSAKeyValue" type="ds:RSAKeyValueType"/>
-<complexType name="RSAKeyValueType">
-  <sequence>
-    <element name="Modulus" type="ds:CryptoBinary"/>
-    <element name="Exponent" type="ds:CryptoBinary"/>
-  </sequence>
-</complexType>
-<!-- End KeyValue Element-types -->
-<!-- End Signature -->
-</schema>