saml_camel 1.0.0 → 1.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -1,18 +1,19 @@
1
- namespace :saml_camel do
2
- desc "Generate Files for Saml"
3
- task :generate_saml do
1
+ # frozen_string_literal: true
2
+
3
+ namespace :saml_camel do # rubocop:disable Metrics/BlockLength
4
+ desc 'Generate Files for Saml'
5
+ task :generate_saml do # rubocop:disable Metrics/BlockLength
4
6
  dir = "#{Rails.root}/config/saml/"
5
- FileUtils.mkdir(dir) unless Dir.exists?(dir)
7
+ FileUtils.mkdir(dir) unless Dir.exist?(dir)
6
8
 
7
9
  specified_env = ENV['environment']
8
- default_envs = ["production","test","development"]
10
+ default_envs = %w[production test development]
9
11
  key = generate_key
10
12
  cert = generate_cert(key)
11
13
  settings = generate_saml_settings.to_json
12
14
 
13
-
14
- #TODO pull in specified idp certificate
15
- idp_cert = """MIIEWjCCA0KgAwIBAgIJAP1rB/FjRgy6MA0GCSqGSIb3DQEBBQUAMHsxCzAJBgNV
15
+ # TODO: pull in specified idp certificate
16
+ idp_cert = "MIIEWjCCA0KgAwIBAgIJAP1rB/FjRgy6MA0GCSqGSIb3DQEBBQUAMHsxCzAJBgNV
16
17
  BAYTAlVTMRcwFQYDVQQIEw5Ob3J0aCBDYXJvbGluYTEPMA0GA1UEBxMGRHVyaGFt
17
18
  MRgwFgYDVQQKEw9EdWtlIFVuaXZlcnNpdHkxDDAKBgNVBAsTA09JVDEaMBgGA1UE
18
19
  AxMRc2hpYi5vaXQuZHVrZS5lZHUwHhcNMTAwOTA5MTI0NDU1WhcNMjgwOTA0MTI0
@@ -35,103 +36,104 @@ Ifvsa0jf4FRsEOwH/x8354/0wyv4RwuavX25kjpmoFn3O+eKokyzsc7/Q2gsm0mv
35
36
  V8XQo+5b+4we8AFYlAVp26nLeIqAiJM8xZJ9yHuzVL1O4yxIWIKECWHLqY5+1nas
36
37
  XNiLURrHhsK5pZUPLuhzJFgZuJT62TtnrjJXlrRhJ389VSkh6R64C6ncjNkg6/Cu
37
38
  tA6SX0infqNRyPRNJK+bnQd1yOP4++tjD/lAPE+5tiD/waI3fArt43ZE/qp7pYMS
38
- 9TEfyQ5QpfRYAUFWXBc=
39
- """
39
+ 9TEfyQ5QpfRYAUFWXBc="
40
40
 
41
- unless specified_env
41
+ if specified_env
42
+ dir = "#{Rails.root}/config/saml/#{specified_env}"
43
+ FileUtils.mkdir(dir) unless Dir.exist?(dir)
44
+ File.open("#{Rails.root}/config/saml/#{specified_env}/saml_certificate.crt", 'w+') { |f| f.write(cert) } # rubocop:disable Metrics/LineLength
45
+ File.open("#{Rails.root}/config/saml/#{specified_env}/saml_key.key", 'w+') { |f| f.write(key) } # rubocop:disable Metrics/LineLength
46
+ File.open("#{Rails.root}/config/saml/#{specified_env}/idp_certificate.crt", 'w+') { |f| f.write(idp_cert) } # rubocop:disable Metrics/LineLength
47
+ File.open("#{Rails.root}/config/saml/#{specified_env}/settings.json", 'w+') { |f| f.write(settings) } # rubocop:disable Metrics/LineLength
48
+ File.open('.gitignore', 'a') { |f| f.write("config/saml/#{specified_env}/saml_key.key") }
49
+ else
42
50
  default_envs.each do |e|
43
51
  dir = "#{Rails.root}/config/saml/#{e}"
44
- FileUtils.mkdir(dir) unless Dir.exists?(dir)
45
- File.open("#{Rails.root}/config/saml/#{e}/saml_certificate.crt","w+") {|f| f.write(cert) }
46
- File.open("#{Rails.root}/config/saml/#{e}/saml_key.key","w+") {|f| f.write(key) }
47
- File.open("#{Rails.root}/config/saml/#{e}/idp_certificate.crt","w+") {|f| f.write(idp_cert) }
48
- File.open("#{Rails.root}/config/saml/#{e}/settings.json","w+") {|f| f.write(settings) }
49
- File.open('.gitignore', 'a') { |f| f.write("config/saml/#{e}/saml_key.key\n") }
52
+ FileUtils.mkdir(dir) unless Dir.exist?(dir)
53
+ File.open("#{Rails.root}/config/saml/#{e}/saml_certificate.crt", 'w+') { |f| f.write(cert) } # rubocop:disable Metrics/LineLength
54
+ File.open("#{Rails.root}/config/saml/#{e}/saml_key.key", 'w+') { |f| f.write(key) } # rubocop:disable Metrics/LineLength
55
+ File.open("#{Rails.root}/config/saml/#{e}/idp_certificate.crt", 'w+') { |f| f.write(idp_cert) } # rubocop:disable Metrics/LineLength
56
+ File.open("#{Rails.root}/config/saml/#{e}/settings.json", 'w+') { |f| f.write(settings) } # rubocop:disable Metrics/LineLength
57
+ File.open('.gitignore', 'a') { |f| f.write("config/saml/#{e}/saml_key.key\n") } # rubocop:disable Metrics/LineLength
50
58
  end
51
- else
52
- dir = "#{Rails.root}/config/saml/#{specified_env}"
53
- FileUtils.mkdir(dir) unless Dir.exists?(dir)
54
- File.open("#{Rails.root}/config/saml/#{specified_env}/saml_certificate.crt","w+") {|f| f.write(cert) }
55
- File.open("#{Rails.root}/config/saml/#{specified_env}/saml_key.key","w+") {|f| f.write(key) }
56
- File.open("#{Rails.root}/config/saml/#{specified_env}/idp_certificate.crt","w+") {|f| f.write(idp_cert) }
57
- File.open("#{Rails.root}/config/saml/#{specified_env}/settings.json","w+") {|f| f.write(settings) }
58
- File.open('.gitignore', 'a') { |f| f.write("config/saml/#{specified_env}/saml_key.key") }
59
59
  end
60
60
  end
61
61
 
62
-
63
- def generate_saml_settings
62
+ def generate_saml_settings # rubocop:disable Metrics/MethodLength
64
63
  {
65
- _comment: "note you will need to restart the application when you make changes to this file",
64
+ _comment: 'note you will need to restart the application when you make changes to this file',
66
65
  settings: {
67
- acs: "http://localhost:3000/saml/consumeSaml" ,
68
- entity_id: "https://your-entity-id.com",
69
- sso_url: "https://shib.oit.duke.edu/idp/profile/SAML2/Redirect/SSO",
70
- logout_url: "https://shib.oit.duke.edu/cgi-bin/logout.pl",
71
- primary_id: "eduPersonPrincipalName",
66
+ acs: 'http://localhost:3000/saml/consumeSaml',
67
+ raw_response_acs: 'http://localhost:3000/saml/consumeSaml/rawResponse',
68
+ entity_id: 'https://your-entity-id.com',
69
+ sso_url: 'https://shib.oit.duke.edu/idp/profile/SAML2/Redirect/SSO',
70
+ logout_url: 'https://shib.oit.duke.edu/cgi-bin/logout.pl',
71
+ primary_id: 'eduPersonPrincipalName',
72
72
  sp_session_timeout: 1,
73
73
  sp_session_lifetime: 8,
74
- saml_logging: true
74
+ test_auth_path: true,
75
+ saml_logging: true,
76
+ debug: false
75
77
  },
76
- "attribute_map": {
77
- "urn:oid:1.3.6.1.4.1.5923.1.1.1.9": "eduPersonScopedAffiliation",
78
- "urn:oid:1.3.6.1.4.1.5923.1.1.1.6": "eduPersonPrincipalName",
79
- "urn:oid:2.5.4.3": "cn",
80
- "urn:oid:0.9.2342.19200300.100.1.1": "uid",
81
- "urn:oid:0.9.2342.19200300.100.1.3": "mail",
82
- "urn:oid:1.3.6.1.4.1.5923.1.1.1.5": "eduPersonPrimaryAffiliation",
83
- "urn:oid:2.16.840.1.113730.3.1.241": "displayName",
84
- "urn:mace:duke.edu:idms:unique-id": "duDukeID",
85
- "urn:mace:duke.edu:idms:dku-id": "dku-id",
86
- "urn:oid:1.3.6.1.4.1.5923.1.5.1.1": "isMemberOf",
87
- "urn:oid:2.5.4.42": "givenName",
88
- "urn:oid:2.5.4.4": "sn",
89
- "urn:oid:2.5.4.11": "ou",
90
- "urn:oid:1.3.6.1.4.1.5923.1.1.1.1": "eduPersonAffiliation",
91
- "urn:oid:2.5.4.20": "telephoneNumber",
92
- "urn:oid:2.5.4.12": "title",
93
- "urn:mace:duke.edu:idms:middle-name1": "duMiddleName1",
94
- "urn:mace:duke.edu:idms:proxy-token": "duProxyToken"
78
+ 'attribute_map': {
79
+ 'urn:oid:1.3.6.1.4.1.5923.1.1.1.9': 'eduPersonScopedAffiliation',
80
+ 'urn:oid:1.3.6.1.4.1.5923.1.1.1.6': 'eduPersonPrincipalName',
81
+ 'urn:oid:2.5.4.3': 'cn',
82
+ 'urn:oid:0.9.2342.19200300.100.1.1': 'uid',
83
+ 'urn:oid:0.9.2342.19200300.100.1.3': 'mail',
84
+ 'urn:oid:1.3.6.1.4.1.5923.1.1.1.5': 'eduPersonPrimaryAffiliation',
85
+ 'urn:oid:2.16.840.1.113730.3.1.241': 'displayName',
86
+ 'urn:mace:duke.edu:idms:unique-id': 'duDukeID',
87
+ 'urn:mace:duke.edu:idms:dku-id': 'dku-id',
88
+ 'urn:oid:1.3.6.1.4.1.5923.1.5.1.1': 'isMemberOf',
89
+ 'urn:oid:2.5.4.42': 'givenName',
90
+ 'urn:oid:2.5.4.4': 'sn',
91
+ 'urn:oid:2.5.4.11': 'ou',
92
+ 'urn:oid:1.3.6.1.4.1.5923.1.1.1.1': 'eduPersonAffiliation',
93
+ 'urn:oid:2.5.4.20': 'telephoneNumber',
94
+ 'urn:oid:2.5.4.12': 'title',
95
+ 'urn:mace:duke.edu:idms:middle-name1': 'duMiddleName1',
96
+ 'urn:mace:duke.edu:idms:proxy-token': 'duProxyToken'
95
97
  }
96
98
  }
97
99
  end
98
100
 
99
-
100
101
  def generate_key
101
102
  OpenSSL::PKey::RSA.new(2048)
102
103
  end
103
104
 
104
- def generate_cert(key)
105
- puts "\n\nPlease provide the following details to generate your saml key and certificate:"
106
- STDOUT.puts "Country Name (2 letter code) [AU]:"
105
+ def generate_cert(key) # rubocop:disable Metrics/MethodLength, Metrics/AbcSize
106
+ puts '\n\nPlease provide the following details to generate your saml key and certificate:'
107
+ STDOUT.puts 'Country Name (2 letter code) [AU]:'
107
108
  country = STDIN.gets.strip
108
109
 
109
- STDOUT.puts "State or Province Name (full name) [Some-State]:"
110
+ STDOUT.puts 'State or Province Name (full name) [Some-State]:'
110
111
  state = STDIN.gets.strip
111
112
 
112
- STDOUT.puts "Locality Name (eg, city):"
113
+ STDOUT.puts 'Locality Name (eg, city):'
113
114
  city = STDIN.gets.strip
114
115
 
115
- STDOUT.puts "Organization Name (eg, company):"
116
+ STDOUT.puts 'Organization Name (eg, company):'
116
117
  org = STDIN.gets.strip
117
118
 
118
- STDOUT.puts "Organizational Unit Name (eg, section):"
119
+ STDOUT.puts 'Organizational Unit Name (eg, section):'
119
120
  unit = STDIN.gets.strip
120
121
 
121
- STDOUT.puts "Common Name (non url name, remember this is not a server cert):"
122
+ STDOUT.puts 'Common Name (non url name, remember this is not a server cert):'
122
123
  cn = STDIN.gets.strip
123
124
 
124
- STDOUT.puts "Email Address:"
125
+ STDOUT.puts 'Email Address:'
125
126
  email = STDIN.gets.strip
126
127
 
127
-
128
128
  public_key = key.public_key
129
129
 
130
- #generate subject line of cert
131
- subject = "/C=#{country}/ST=#{state}/L=#{city}/O=#{org}/OU=#{unit}/CN=#{cn}/emailAddress=#{email}"
130
+ # generate subject line of cert
131
+ subject = "/C=#{country}/ST=#{state}/L=#{city}/O=#{org}/OU=#{unit}/CN=#{cn}/emailAddress=#{email}" # rubocop:disable Metrics/LineLength
132
132
 
133
133
  cert = OpenSSL::X509::Certificate.new
134
- cert.subject = cert.issuer = OpenSSL::X509::Name.parse(subject) #TODO this line breaks when https:// is added for CN
134
+
135
+ # TODO: this line breaks when https:// is added for CN
136
+ cert.subject = cert.issuer = OpenSSL::X509::Name.parse(subject)
135
137
  cert.not_before = Time.now
136
138
  cert.not_after = Time.now + 365 * 24 * 60 * 60
137
139
  cert.public_key = public_key
@@ -142,15 +144,13 @@ tA6SX0infqNRyPRNJK+bnQd1yOP4++tjD/lAPE+5tiD/waI3fArt43ZE/qp7pYMS
142
144
  ef.subject_certificate = cert
143
145
  ef.issuer_certificate = cert
144
146
  cert.extensions = [
145
- ef.create_extension("basicConstraints","CA:TRUE", true),
146
- ef.create_extension("subjectKeyIdentifier", "hash"),
147
+ ef.create_extension('basicConstraints', 'CA:TRUE', true),
148
+ ef.create_extension('subjectKeyIdentifier', 'hash'),
147
149
  # ef.create_extension("keyUsage", "cRLSign,keyCertSign", true),
148
150
  ]
149
- cert.add_extension ef.create_extension("authorityKeyIdentifier",
150
- "keyid:always,issuer:always")
151
+ cert.add_extension ef.create_extension('authorityKeyIdentifier',
152
+ 'keyid:always,issuer:always')
151
153
 
152
154
  cert.sign key, OpenSSL::Digest::SHA256.new
153
155
  end
154
-
155
-
156
156
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: saml_camel
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.0
4
+ version: 1.0.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - 'Danai Adkisson '
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2018-05-16 00:00:00.000000000 Z
11
+ date: 2018-05-30 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rails
@@ -39,21 +39,21 @@ dependencies:
39
39
  - !ruby/object:Gem::Version
40
40
  version: 1.7.2
41
41
  - !ruby/object:Gem::Dependency
42
- name: ruby-saml
42
+ name: byebug
43
43
  requirement: !ruby/object:Gem::Requirement
44
44
  requirements:
45
45
  - - ">="
46
46
  - !ruby/object:Gem::Version
47
- version: 1.7.2
47
+ version: '0'
48
48
  type: :development
49
49
  prerelease: false
50
50
  version_requirements: !ruby/object:Gem::Requirement
51
51
  requirements:
52
52
  - - ">="
53
53
  - !ruby/object:Gem::Version
54
- version: 1.7.2
54
+ version: '0'
55
55
  - !ruby/object:Gem::Dependency
56
- name: byebug
56
+ name: rubocop
57
57
  requirement: !ruby/object:Gem::Requirement
58
58
  requirements:
59
59
  - - ">="
@@ -66,6 +66,20 @@ dependencies:
66
66
  - - ">="
67
67
  - !ruby/object:Gem::Version
68
68
  version: '0'
69
+ - !ruby/object:Gem::Dependency
70
+ name: ruby-saml
71
+ requirement: !ruby/object:Gem::Requirement
72
+ requirements:
73
+ - - ">="
74
+ - !ruby/object:Gem::Version
75
+ version: 1.7.2
76
+ type: :development
77
+ prerelease: false
78
+ version_requirements: !ruby/object:Gem::Requirement
79
+ requirements:
80
+ - - ">="
81
+ - !ruby/object:Gem::Version
82
+ version: 1.7.2
69
83
  description: SAML tool wrapping onelogin/rubysaml
70
84
  email:
71
85
  - da129@duke.edu
@@ -86,6 +100,18 @@ files:
86
100
  - app/views/saml_camel/saml/attr_check.html.erb
87
101
  - app/views/saml_camel/saml/failure.html.erb
88
102
  - config/routes.rb
103
+ - config/saml/development/idp_certificate.crt
104
+ - config/saml/development/saml_certificate.crt
105
+ - config/saml/development/saml_key.key
106
+ - config/saml/development/settings.json
107
+ - config/saml/production/idp_certificate.crt
108
+ - config/saml/production/saml_certificate.crt
109
+ - config/saml/production/saml_key.key
110
+ - config/saml/production/settings.json
111
+ - config/saml/test/idp_certificate.crt
112
+ - config/saml/test/saml_certificate.crt
113
+ - config/saml/test/saml_key.key
114
+ - config/saml/test/settings.json
89
115
  - lib/saml_camel.rb
90
116
  - lib/saml_camel/engine.rb
91
117
  - lib/saml_camel/transaction.rb
@@ -114,7 +140,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
114
140
  version: '0'
115
141
  requirements: []
116
142
  rubyforge_project:
117
- rubygems_version: 2.5.1
143
+ rubygems_version: 2.6.11
118
144
  signing_key:
119
145
  specification_version: 4
120
146
  summary: SAML tool wrapping onelogin/rubysaml