saml_idp 0.0.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +15 -0
- data/Gemfile +2 -0
- data/LICENSE +22 -0
- data/README.md +197 -0
- data/app/controllers/saml_idp/idp_controller.rb +42 -0
- data/app/views/saml_idp/idp/new.html.erb +21 -0
- data/app/views/saml_idp/idp/saml_post.html.erb +13 -0
- data/lib/saml_idp.rb +92 -0
- data/lib/saml_idp/algorithmable.rb +19 -0
- data/lib/saml_idp/assertion_builder.rb +144 -0
- data/lib/saml_idp/attribute_decorator.rb +27 -0
- data/lib/saml_idp/attributeable.rb +24 -0
- data/lib/saml_idp/configurator.rb +45 -0
- data/lib/saml_idp/controller.rb +71 -0
- data/lib/saml_idp/default.rb +28 -0
- data/lib/saml_idp/engine.rb +5 -0
- data/lib/saml_idp/hashable.rb +26 -0
- data/lib/saml_idp/incoming_metadata.rb +144 -0
- data/lib/saml_idp/metadata_builder.rb +158 -0
- data/lib/saml_idp/name_id_formatter.rb +68 -0
- data/lib/saml_idp/persisted_metadata.rb +10 -0
- data/lib/saml_idp/request.rb +79 -0
- data/lib/saml_idp/response_builder.rb +60 -0
- data/lib/saml_idp/saml_response.rb +63 -0
- data/lib/saml_idp/service_provider.rb +68 -0
- data/lib/saml_idp/signable.rb +131 -0
- data/lib/saml_idp/signature_builder.rb +42 -0
- data/lib/saml_idp/signed_info_builder.rb +51 -0
- data/lib/saml_idp/version.rb +4 -0
- data/lib/saml_idp/xml_security.rb +168 -0
- data/saml_idp.gemspec +38 -0
- data/spec/acceptance/acceptance_helper.rb +9 -0
- data/spec/acceptance/idp_controller_spec.rb +16 -0
- data/spec/lib/saml_idp/algorithmable_spec.rb +48 -0
- data/spec/lib/saml_idp/assertion_builder_spec.rb +27 -0
- data/spec/lib/saml_idp/attribute_decorator_spec.rb +31 -0
- data/spec/lib/saml_idp/configurator_spec.rb +30 -0
- data/spec/lib/saml_idp/controller_spec.rb +51 -0
- data/spec/lib/saml_idp/metadata_builder_spec.rb +9 -0
- data/spec/lib/saml_idp/name_id_formatter_spec.rb +39 -0
- data/spec/lib/saml_idp/request_spec.rb +14 -0
- data/spec/lib/saml_idp/response_builder_spec.rb +32 -0
- data/spec/lib/saml_idp/saml_response_spec.rb +27 -0
- data/spec/lib/saml_idp/service_provider_spec.rb +21 -0
- data/spec/lib/saml_idp/signable_spec.rb +74 -0
- data/spec/lib/saml_idp/signature_builder_spec.rb +19 -0
- data/spec/lib/saml_idp/signed_info_builder_spec.rb +25 -0
- data/spec/rails_app/.gitignore +15 -0
- data/spec/rails_app/README.rdoc +261 -0
- data/spec/rails_app/Rakefile +7 -0
- data/spec/rails_app/app/assets/images/rails.png +0 -0
- data/spec/rails_app/app/assets/javascripts/application.js +15 -0
- data/spec/rails_app/app/assets/stylesheets/application.css +13 -0
- data/spec/rails_app/app/controllers/application_controller.rb +3 -0
- data/spec/rails_app/app/controllers/saml_controller.rb +8 -0
- data/spec/rails_app/app/controllers/saml_idp_controller.rb +11 -0
- data/spec/rails_app/app/helpers/application_helper.rb +2 -0
- data/spec/rails_app/app/mailers/.gitkeep +0 -0
- data/spec/rails_app/app/models/.gitkeep +0 -0
- data/spec/rails_app/app/views/layouts/application.html.erb +14 -0
- data/spec/rails_app/config.ru +4 -0
- data/spec/rails_app/config/application.rb +60 -0
- data/spec/rails_app/config/boot.rb +6 -0
- data/spec/rails_app/config/database.yml +25 -0
- data/spec/rails_app/config/environment.rb +5 -0
- data/spec/rails_app/config/environments/development.rb +37 -0
- data/spec/rails_app/config/environments/production.rb +67 -0
- data/spec/rails_app/config/environments/test.rb +37 -0
- data/spec/rails_app/config/initializers/backtrace_silencers.rb +7 -0
- data/spec/rails_app/config/initializers/inflections.rb +15 -0
- data/spec/rails_app/config/initializers/mime_types.rb +5 -0
- data/spec/rails_app/config/initializers/secret_token.rb +7 -0
- data/spec/rails_app/config/initializers/session_store.rb +8 -0
- data/spec/rails_app/config/initializers/wrap_parameters.rb +14 -0
- data/spec/rails_app/config/locales/en.yml +5 -0
- data/spec/rails_app/config/routes.rb +6 -0
- data/spec/rails_app/db/seeds.rb +7 -0
- data/spec/rails_app/doc/README_FOR_APP +2 -0
- data/spec/rails_app/lib/assets/.gitkeep +0 -0
- data/spec/rails_app/lib/tasks/.gitkeep +0 -0
- data/spec/rails_app/log/.gitkeep +0 -0
- data/spec/rails_app/public/404.html +26 -0
- data/spec/rails_app/public/422.html +26 -0
- data/spec/rails_app/public/500.html +25 -0
- data/spec/rails_app/public/favicon.ico +0 -0
- data/spec/rails_app/public/index.html +241 -0
- data/spec/rails_app/public/robots.txt +5 -0
- data/spec/rails_app/script/rails +6 -0
- data/spec/rails_app/test/fixtures/.gitkeep +0 -0
- data/spec/rails_app/test/functional/.gitkeep +0 -0
- data/spec/rails_app/test/integration/.gitkeep +0 -0
- data/spec/rails_app/test/performance/browsing_test.rb +12 -0
- data/spec/rails_app/test/test_helper.rb +13 -0
- data/spec/rails_app/test/unit/.gitkeep +0 -0
- data/spec/rails_app/vendor/assets/javascripts/.gitkeep +0 -0
- data/spec/rails_app/vendor/assets/stylesheets/.gitkeep +0 -0
- data/spec/rails_app/vendor/plugins/.gitkeep +0 -0
- data/spec/spec_helper.rb +49 -0
- data/spec/support/certificates/certificate1 +12 -0
- data/spec/support/certificates/r1_certificate2_base64 +1 -0
- data/spec/support/responses/adfs_response_sha1.xml +46 -0
- data/spec/support/responses/adfs_response_sha256.xml +46 -0
- data/spec/support/responses/adfs_response_sha384.xml +46 -0
- data/spec/support/responses/adfs_response_sha512.xml +46 -0
- data/spec/support/responses/logoutresponse_fixtures.rb +67 -0
- data/spec/support/responses/no_signature_ns.xml +48 -0
- data/spec/support/responses/open_saml_response.xml +56 -0
- data/spec/support/responses/r1_response6.xml.base64 +1 -0
- data/spec/support/responses/response1.xml.base64 +1 -0
- data/spec/support/responses/response2.xml.base64 +79 -0
- data/spec/support/responses/response3.xml.base64 +66 -0
- data/spec/support/responses/response4.xml.base64 +93 -0
- data/spec/support/responses/response5.xml.base64 +102 -0
- data/spec/support/responses/response_with_ampersands.xml +139 -0
- data/spec/support/responses/response_with_ampersands.xml.base64 +93 -0
- data/spec/support/responses/simple_saml_php.xml +71 -0
- data/spec/support/responses/starfield_response.xml.base64 +1 -0
- data/spec/support/responses/wrapped_response_2.xml.base64 +150 -0
- data/spec/support/saml_request_macros.rb +19 -0
- data/spec/support/security_helpers.rb +61 -0
- data/spec/xml_security_spec.rb +136 -0
- metadata +407 -0
@@ -0,0 +1,30 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
module SamlIdp
|
3
|
+
describe Configurator do
|
4
|
+
it { should respond_to :x509_certificate }
|
5
|
+
it { should respond_to :secret_key }
|
6
|
+
it { should respond_to :algorithm }
|
7
|
+
it { should respond_to :organization_name }
|
8
|
+
it { should respond_to :organization_url }
|
9
|
+
it { should respond_to :base_saml_location }
|
10
|
+
it { should respond_to :reference_id_generator }
|
11
|
+
it { should respond_to :attribute_service_location }
|
12
|
+
it { should respond_to :single_service_post_location }
|
13
|
+
it { should respond_to :name_id }
|
14
|
+
it { should respond_to :attributes }
|
15
|
+
it { should respond_to :service_provider }
|
16
|
+
|
17
|
+
its(:x509_certificate) { should == Default::X509_CERTIFICATE }
|
18
|
+
its(:secret_key) { should == Default::SECRET_KEY }
|
19
|
+
its(:algorithm) { should == :sha1 }
|
20
|
+
its(:reference_id_generator) { should respond_to :call }
|
21
|
+
|
22
|
+
it "can call service provider finder" do
|
23
|
+
subject.service_provider.finder.should respond_to :call
|
24
|
+
end
|
25
|
+
|
26
|
+
it "can call service provider metadata persister" do
|
27
|
+
subject.service_provider.metadata_persister.should respond_to :call
|
28
|
+
end
|
29
|
+
end
|
30
|
+
end
|
@@ -0,0 +1,51 @@
|
|
1
|
+
# encoding: utf-8
|
2
|
+
require 'spec_helper'
|
3
|
+
|
4
|
+
describe SamlIdp::Controller do
|
5
|
+
include SamlIdp::Controller
|
6
|
+
|
7
|
+
def render(*)
|
8
|
+
end
|
9
|
+
|
10
|
+
def params
|
11
|
+
@params ||= {}
|
12
|
+
end
|
13
|
+
|
14
|
+
it "should find the SAML ACS URL" do
|
15
|
+
requested_saml_acs_url = "https://example.com/saml/consume"
|
16
|
+
params[:SAMLRequest] = make_saml_request(requested_saml_acs_url)
|
17
|
+
validate_saml_request
|
18
|
+
saml_acs_url.should == requested_saml_acs_url
|
19
|
+
end
|
20
|
+
|
21
|
+
context "SAML Responses" do
|
22
|
+
before(:each) do
|
23
|
+
params[:SAMLRequest] = make_saml_request
|
24
|
+
validate_saml_request
|
25
|
+
end
|
26
|
+
|
27
|
+
let(:principal) { double email_address: "foo@example.com" }
|
28
|
+
|
29
|
+
it "should create a SAML Response" do
|
30
|
+
saml_response = encode_response(principal)
|
31
|
+
response = Onelogin::Saml::Response.new(saml_response)
|
32
|
+
response.name_id.should == "foo@example.com"
|
33
|
+
response.issuer.should == "http://example.com"
|
34
|
+
response.settings = saml_settings
|
35
|
+
response.is_valid?.should be_true
|
36
|
+
end
|
37
|
+
|
38
|
+
[:sha1, :sha256, :sha384, :sha512].each do |algorithm_name|
|
39
|
+
it "should create a SAML Response using the #{algorithm_name} algorithm" do
|
40
|
+
self.algorithm = algorithm_name
|
41
|
+
saml_response = encode_response(principal)
|
42
|
+
response = Onelogin::Saml::Response.new(saml_response)
|
43
|
+
response.name_id.should == "foo@example.com"
|
44
|
+
response.issuer.should == "http://example.com"
|
45
|
+
response.settings = saml_settings
|
46
|
+
response.is_valid?.should be_true
|
47
|
+
end
|
48
|
+
end
|
49
|
+
end
|
50
|
+
|
51
|
+
end
|
@@ -0,0 +1,39 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
module SamlIdp
|
3
|
+
describe NameIdFormatter do
|
4
|
+
subject { described_class.new list }
|
5
|
+
|
6
|
+
describe "with one item" do
|
7
|
+
let(:list) { { email_address: ->() { "foo@example.com" } } }
|
8
|
+
|
9
|
+
its(:all) { should == ["urn:oasis:names:tc:SAML:2.0:nameid-format:emailAddress"] }
|
10
|
+
end
|
11
|
+
|
12
|
+
describe "with hash describing versions" do
|
13
|
+
let(:list) {
|
14
|
+
{
|
15
|
+
"1.1" => { email_address: -> {} },
|
16
|
+
"2.0" => { undefined: -> {} },
|
17
|
+
}
|
18
|
+
}
|
19
|
+
|
20
|
+
its(:all) {
|
21
|
+
should == [
|
22
|
+
"urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress",
|
23
|
+
"urn:oasis:names:tc:SAML:2.0:nameid-format:undefined",
|
24
|
+
]
|
25
|
+
}
|
26
|
+
end
|
27
|
+
|
28
|
+
describe "with actual list" do
|
29
|
+
let(:list) { [:email_address, :undefined] }
|
30
|
+
|
31
|
+
its(:all) {
|
32
|
+
should == [
|
33
|
+
"urn:oasis:names:tc:SAML:2.0:nameid-format:emailAddress",
|
34
|
+
"urn:oasis:names:tc:SAML:2.0:nameid-format:undefined",
|
35
|
+
]
|
36
|
+
}
|
37
|
+
end
|
38
|
+
end
|
39
|
+
end
|
@@ -0,0 +1,14 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
module SamlIdp
|
3
|
+
describe Request do
|
4
|
+
let(:raw_request) { "<samlp:AuthnRequest AssertionConsumerServiceURL='http://localhost:3000/saml/consume' Destination='http://localhost:1337/saml/auth' ID='_af43d1a0-e111-0130-661a-3c0754403fdb' IssueInstant='2013-08-06T22:01:35Z' Version='2.0' xmlns:samlp='urn:oasis:names:tc:SAML:2.0:protocol'><saml:Issuer xmlns:saml='urn:oasis:names:tc:SAML:2.0:assertion'>localhost:3000</saml:Issuer><samlp:NameIDPolicy AllowCreate='true' Format='urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress' xmlns:samlp='urn:oasis:names:tc:SAML:2.0:protocol'/></samlp:AuthnRequest>" }
|
5
|
+
subject { described_class.new raw_request }
|
6
|
+
|
7
|
+
its(:request_id) { should == "_af43d1a0-e111-0130-661a-3c0754403fdb" }
|
8
|
+
its(:acs_url) { should == "http://localhost:3000/saml/consume" }
|
9
|
+
its(:service_provider) { should be_a ServiceProvider }
|
10
|
+
its(:service_provider?) { should be_true }
|
11
|
+
its(:issuer) { should == "localhost:3000" }
|
12
|
+
its(:valid_signature?) { should be_true }
|
13
|
+
end
|
14
|
+
end
|
@@ -0,0 +1,32 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
module SamlIdp
|
3
|
+
describe ResponseBuilder do
|
4
|
+
let(:response_id) { "abc" }
|
5
|
+
let(:issuer_uri) { "http://example.com" }
|
6
|
+
let(:saml_acs_url) { "http://sportngin.com" }
|
7
|
+
let(:saml_request_id) { "134" }
|
8
|
+
let(:assertion_and_signature) { "<Assertion xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\" ID=\"_abc\" IssueInstant=\"2013-07-31T05:00:00Z\" Version=\"2.0\"><Issuer>http://sportngin.com</Issuer><signature>stuff</signature><Subject><NameID Format=\"urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress\">jon.phenow@sportngin.com</NameID><SubjectConfirmation Method=\"urn:oasis:names:tc:SAML:2.0:cm:bearer\"><SubjectConfirmationData InResponseTo=\"123\" NotOnOrAfter=\"2013-07-31T05:03:00Z\" Recipient=\"http://saml.acs.url\"/></SubjectConfirmation></Subject><Conditions NotBefore=\"2013-07-31T04:59:55Z\" NotOnOrAfter=\"2013-07-31T06:00:00Z\"><AudienceRestriction><Audience>http://example.com</Audience></AudienceRestriction></Conditions><AttributeStatement><Attribute Name=\"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress\"><AttributeValue>jon.phenow@sportngin.com</AttributeValue></Attribute></AttributeStatement><AuthnStatment AuthnInstant=\"2013-07-31T05:00:00Z\" SessionIndex=\"_abc\"><AuthnContext><AuthnContextClassRef>urn:federation:authentication:windows</AuthnContextClassRef></AuthnContext></AuthnStatment></Assertion>" }
|
9
|
+
subject { described_class.new(
|
10
|
+
response_id,
|
11
|
+
issuer_uri,
|
12
|
+
saml_acs_url,
|
13
|
+
saml_request_id,
|
14
|
+
assertion_and_signature
|
15
|
+
) }
|
16
|
+
|
17
|
+
before do
|
18
|
+
Timecop.freeze(Time.local(1990))
|
19
|
+
end
|
20
|
+
|
21
|
+
after do
|
22
|
+
Timecop.return
|
23
|
+
end
|
24
|
+
|
25
|
+
|
26
|
+
it "builds a legit raw XML file" do
|
27
|
+
Timecop.travel(Time.zone.local(2010, 6, 1, 13, 0, 0)) do
|
28
|
+
subject.raw.should == "<samlp:Response ID=\"_abc\" Version=\"2.0\" IssueInstant=\"2010-06-01T13:00:00Z\" Destination=\"http://sportngin.com\" Consent=\"urn:oasis:names:tc:SAML:2.0:consent:unspecified\" InResponseTo=\"134\" xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\"><Issuer xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\">http://example.com</Issuer><samlp:Status><samlp:StatusCode Value=\"urn:oasis:names:tc:SAML:2.0:status:Success\"/></samlp:Status><Assertion xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\" ID=\"_abc\" IssueInstant=\"2013-07-31T05:00:00Z\" Version=\"2.0\"><Issuer>http://sportngin.com</Issuer><signature>stuff</signature><Subject><NameID Format=\"urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress\">jon.phenow@sportngin.com</NameID><SubjectConfirmation Method=\"urn:oasis:names:tc:SAML:2.0:cm:bearer\"><SubjectConfirmationData InResponseTo=\"123\" NotOnOrAfter=\"2013-07-31T05:03:00Z\" Recipient=\"http://saml.acs.url\"/></SubjectConfirmation></Subject><Conditions NotBefore=\"2013-07-31T04:59:55Z\" NotOnOrAfter=\"2013-07-31T06:00:00Z\"><AudienceRestriction><Audience>http://example.com</Audience></AudienceRestriction></Conditions><AttributeStatement><Attribute Name=\"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress\"><AttributeValue>jon.phenow@sportngin.com</AttributeValue></Attribute></AttributeStatement><AuthnStatment AuthnInstant=\"2013-07-31T05:00:00Z\" SessionIndex=\"_abc\"><AuthnContext><AuthnContextClassRef>urn:federation:authentication:windows</AuthnContextClassRef></AuthnContext></AuthnStatment></Assertion></samlp:Response>"
|
29
|
+
end
|
30
|
+
end
|
31
|
+
end
|
32
|
+
end
|
@@ -0,0 +1,27 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
module SamlIdp
|
3
|
+
describe SamlResponse do
|
4
|
+
let(:reference_id) { "123" }
|
5
|
+
let(:response_id) { "abc" }
|
6
|
+
let(:issuer_uri) { "localhost" }
|
7
|
+
let(:name_id) { "name" }
|
8
|
+
let(:audience_uri) { "localhost/audience" }
|
9
|
+
let(:saml_request_id) { "abc123" }
|
10
|
+
let(:saml_acs_url) { "localhost/acs" }
|
11
|
+
let(:algorithm) { :sha1 }
|
12
|
+
let(:secret_key) { Default::SECRET_KEY }
|
13
|
+
let(:x509_certificate) { Default::X509_CERTIFICATE }
|
14
|
+
subject { described_class.new(reference_id,
|
15
|
+
response_id,
|
16
|
+
issuer_uri,
|
17
|
+
name_id,
|
18
|
+
audience_uri,
|
19
|
+
saml_request_id,
|
20
|
+
saml_acs_url,
|
21
|
+
algorithm
|
22
|
+
)
|
23
|
+
}
|
24
|
+
|
25
|
+
its(:build) { should be_present }
|
26
|
+
end
|
27
|
+
end
|
@@ -0,0 +1,21 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
module SamlIdp
|
3
|
+
describe ServiceProvider do
|
4
|
+
subject { described_class.new attributes }
|
5
|
+
let(:attributes) { {} }
|
6
|
+
|
7
|
+
it { should respond_to :fingerprint }
|
8
|
+
it { should respond_to :metadata_url }
|
9
|
+
it { should_not be_valid }
|
10
|
+
|
11
|
+
describe "with attributes" do
|
12
|
+
let(:attributes) { { fingerprint: fingerprint, metadata_url: metadata_url } }
|
13
|
+
let(:fingerprint) { Default::FINGERPRINT }
|
14
|
+
let(:metadata_url) { "http://localhost:3000/metadata" }
|
15
|
+
|
16
|
+
its(:fingerprint) { should == fingerprint }
|
17
|
+
its(:metadata_url) { should == metadata_url }
|
18
|
+
it { should be_valid }
|
19
|
+
end
|
20
|
+
end
|
21
|
+
end
|
@@ -0,0 +1,74 @@
|
|
1
|
+
# encoding: utf-8
|
2
|
+
require 'spec_helper'
|
3
|
+
class MockSignable
|
4
|
+
include SamlIdp::Signable
|
5
|
+
|
6
|
+
def raw
|
7
|
+
builder = Builder::XmlMarkup.new
|
8
|
+
builder.body do |body|
|
9
|
+
sign body
|
10
|
+
end
|
11
|
+
end
|
12
|
+
|
13
|
+
def reference_id
|
14
|
+
"abc"
|
15
|
+
end
|
16
|
+
|
17
|
+
def digest
|
18
|
+
algorithm.digest raw
|
19
|
+
end
|
20
|
+
|
21
|
+
def algorithm
|
22
|
+
OpenSSL::Digest::SHA1
|
23
|
+
end
|
24
|
+
end
|
25
|
+
|
26
|
+
module SamlIdp
|
27
|
+
describe MockSignable do
|
28
|
+
let(:signature_regex) { %r{<ds:Signature xmlns:ds=\"http:\/\/www.w3.org\/2000\/09\/xmldsig#\">} }
|
29
|
+
let(:info_regex) { %r{<ds:SignedInfo xmlns:ds=\"http:\/\/www.w3.org\/2000\/09\/xmldsig#\">} }
|
30
|
+
let(:canon) do
|
31
|
+
%r{<ds:CanonicalizationMethod Algorithm=\"http:\/\/www.w3.org\/2001\/10\/xml-exc-c14n#\"><\/ds:CanonicalizationMethod>}
|
32
|
+
end
|
33
|
+
let(:sig_method) do
|
34
|
+
%r{<ds:SignatureMethod Algorithm=\"http:\/\/www.w3.org\/2000\/09\/xmldsig#rsa-sha1\"><\/ds:SignatureMethod>}
|
35
|
+
end
|
36
|
+
let(:reference) { %r{<ds:Reference URI=\"#_abc\">} }
|
37
|
+
let(:transforms) { %r{<ds:Transforms>} }
|
38
|
+
let(:enveloped) { %r{<ds:Transform Algorithm=\"http:\/\/www.w3.org\/2000\/09\/xmldsig#enveloped-signature\"><\/ds:Transform>} }
|
39
|
+
let(:c14n) { %r{<ds:Transform Algorithm=\"http:\/\/www.w3.org\/2001\/10\/xml-exc-c14n#\"><\/ds:Transform>} }
|
40
|
+
let(:end_transforms) { %r{<\/ds:Transforms>} }
|
41
|
+
let(:digest_method) { %r{<ds:DigestMethod Algorithm=\"http:\/\/www.w3.org\/2000\/09\/xmldsig#sha1\"><\/ds:DigestMethod>} }
|
42
|
+
let(:digest_value) { %r{<ds:DigestValue>\S+<\/ds:DigestValue>} }
|
43
|
+
let(:end_reference) { %r{<\/ds:Reference>} }
|
44
|
+
let(:end_info) { %r{<\/ds:SignedInfo>} }
|
45
|
+
let(:sig_val) { %r{<ds:SignatureValue>\S+<\/ds:SignatureValue>} }
|
46
|
+
let(:key_info) { %r{<KeyInfo xmlns=\"http:\/\/www.w3.org\/2000\/09\/xmldsig#\">} }
|
47
|
+
let(:x509) { %r{<ds:X509Data><ds:X509Certificate>\S+<\/ds:X509Certificate><\/ds:X509Data>} }
|
48
|
+
let(:end_rest) { %r{<\/KeyInfo><\/ds:Signature>} }
|
49
|
+
|
50
|
+
let(:all_regex) do
|
51
|
+
Regexp.new [
|
52
|
+
signature_regex,
|
53
|
+
info_regex,
|
54
|
+
canon,
|
55
|
+
sig_method,
|
56
|
+
reference,
|
57
|
+
transforms,
|
58
|
+
enveloped,
|
59
|
+
c14n,
|
60
|
+
end_transforms,
|
61
|
+
digest_method,
|
62
|
+
digest_value,
|
63
|
+
end_reference,
|
64
|
+
end_info,
|
65
|
+
sig_val,
|
66
|
+
key_info,
|
67
|
+
x509,
|
68
|
+
end_rest,
|
69
|
+
].map(&:to_s).join(".*")
|
70
|
+
end
|
71
|
+
|
72
|
+
its(:signed) { should match all_regex }
|
73
|
+
end
|
74
|
+
end
|
@@ -0,0 +1,19 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
module SamlIdp
|
3
|
+
describe SignatureBuilder do
|
4
|
+
let(:signed) { "jvEbD/rsiPKmoXy7Lhm+FGn88NPGlap4EcPZ2fvjBnk03YESs87FXAIiZZEzN5xq4sBZksUmZe2bV3rrr9sxQNgQawmrrvr66ot7cJiv0ETFArr6kQIZaR5g/V0M4ydxvrfefp6cQVI0hXvmxi830pq0tISiO4J7tyBNX/kvhZk=" }
|
5
|
+
let(:raw_info) { "<ds:SignedInfo xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\"><ds:CanonicalizationMethod Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\"/><ds:SignatureMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#rsa-sha256\"/><ds:Reference URI=\"#_abc\"><ds:Transforms><ds:Transform Algorithm=\"http://www.w3.org/2000/09/xmldsig#enveloped-signature\"/><ds:Transform Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\"/></ds:Transforms><ds:DigestMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#sha256\"/><ds:DigestValue>em8csGAWynywpe8S4nN64o56/4DosXi2XWMY6RJ6YfA=</ds:DigestValue></ds:Reference></ds:SignedInfo>" }
|
6
|
+
let(:signed_info) { double raw: raw_info, signed: signed }
|
7
|
+
subject { described_class.new(
|
8
|
+
signed_info
|
9
|
+
) }
|
10
|
+
|
11
|
+
before do
|
12
|
+
Time.stub now: Time.parse("Jul 31 2013")
|
13
|
+
end
|
14
|
+
|
15
|
+
it "builds a legit raw XML file" do
|
16
|
+
subject.raw.should == "<ds:Signature xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\"><ds:SignedInfo xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\"><ds:CanonicalizationMethod Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\"/><ds:SignatureMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#rsa-sha256\"/><ds:Reference URI=\"#_abc\"><ds:Transforms><ds:Transform Algorithm=\"http://www.w3.org/2000/09/xmldsig#enveloped-signature\"/><ds:Transform Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\"/></ds:Transforms><ds:DigestMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#sha256\"/><ds:DigestValue>em8csGAWynywpe8S4nN64o56/4DosXi2XWMY6RJ6YfA=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>jvEbD/rsiPKmoXy7Lhm+FGn88NPGlap4EcPZ2fvjBnk03YESs87FXAIiZZEzN5xq4sBZksUmZe2bV3rrr9sxQNgQawmrrvr66ot7cJiv0ETFArr6kQIZaR5g/V0M4ydxvrfefp6cQVI0hXvmxi830pq0tISiO4J7tyBNX/kvhZk=</ds:SignatureValue><KeyInfo xmlns=\"http://www.w3.org/2000/09/xmldsig#\"><ds:X509Data><ds:X509Certificate>LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURxekNDQXhTZ0F3SUJBZ0lCQVRBTkJna3Foa2lHOXcwQkFRc0ZBRENCaGpFTE1Ba0dBMVVFQmhNQ1FWVXgKRERBS0JnTlZCQWdUQTA1VFZ6RVBNQTBHQTFVRUJ4TUdVM2xrYm1WNU1Rd3dDZ1lEVlFRS0RBTlFTVlF4Q1RBSApCZ05WQkFzTUFERVlNQllHQTFVRUF3d1BiR0YzY21WdVkyVndhWFF1WTI5dE1TVXdJd1lKS29aSWh2Y05BUWtCCkRCWnNZWGR5Wlc1alpTNXdhWFJBWjIxaGFXd3VZMjl0TUI0WERURXlNRFF5T0RBeU1qSXlPRm9YRFRNeU1EUXkKTXpBeU1qSXlPRm93Z1lZeEN6QUpCZ05WQkFZVEFrRlZNUXd3Q2dZRFZRUUlFd05PVTFjeER6QU5CZ05WQkFjVApCbE41Wkc1bGVURU1NQW9HQTFVRUNnd0RVRWxVTVFrd0J3WURWUVFMREFBeEdEQVdCZ05WQkFNTUQyeGhkM0psCmJtTmxjR2wwTG1OdmJURWxNQ01HQ1NxR1NJYjNEUUVKQVF3V2JHRjNjbVZ1WTJVdWNHbDBRR2R0WVdsc0xtTnYKYlRDQm56QU5CZ2txaGtpRzl3MEJBUUVGQUFPQmpRQXdnWWtDZ1lFQXVCeXdQTmxDMUZvcEdMWWZGOTZTb3RpSwo4Tmo2L25XMDg0TzRvbVJNaWZ6eTd4OTU1UkxFeTY3M3EyYWlKTkIzTHZFNlh2a3Q5Y0d0eHROb09YdzFnMlV2CkhLcGxkUWJyNmJPRWpMTmVETlc3ajBvYitKclJ2QVVPSzlDUmdkeXc1TUM2bHdxVlFRNUMxRG5hVC8yZlNCRmoKYXNCRlRSMjRkRXBmVHk4SGZLRUNBd0VBQWFPQ0FTVXdnZ0VoTUFrR0ExVWRFd1FDTUFBd0N3WURWUjBQQkFRRApBZ1VnTUIwR0ExVWREZ1FXQkJRTkJHbW10M3l0S3BjSmFCYVlOYm55VTJ4a2F6QVRCZ05WSFNVRUREQUtCZ2dyCkJnRUZCUWNEQVRBZEJnbGdoa2dCaHZoQ0FRMEVFQllPVkdWemRDQllOVEE1SUdObGNuUXdnYk1HQTFVZEl3U0IKcXpDQnFJQVVEUVJwcHJkOHJTcVhDV2dXbURXNThsTnNaR3VoZ1l5a2dZa3dnWVl4Q3pBSkJnTlZCQVlUQWtGVgpNUXd3Q2dZRFZRUUlFd05PVTFjeER6QU5CZ05WQkFjVEJsTjVaRzVsZVRFTU1Bb0dBMVVFQ2d3RFVFbFVNUWt3CkJ3WURWUVFMREFBeEdEQVdCZ05WQkFNTUQyeGhkM0psYm1ObGNHbDBMbU52YlRFbE1DTUdDU3FHU0liM0RRRUoKQVF3V2JHRjNjbVZ1WTJVdWNHbDBRR2R0WVdsc0xtTnZiWUlCQVRBTkJna3Foa2lHOXcwQkFRc0ZBQU9CZ1FBRQpjVlVQQlg3dVptenFaSmZ5K3RVUE9UNUltTlFqOFZFMmxlcmhuRmpuR1BIbUhJcWhwemdud0hRdWpKZnMvYTMwCjlXbTVxd2NDYUMxZU81Y1dqY0cweDNPamRsbHNnWURhdGw1R0F1bXRCeDhKM05oV1JxTlVnaXRDSWtRbHhISXcKVWZnUWFDdXNoWWdEREw1WWJJUWErK2VnQ2dwSVorVDBEajVvUmV3Ly9BPT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=</ds:X509Certificate></ds:X509Data></KeyInfo></ds:Signature>"
|
17
|
+
end
|
18
|
+
end
|
19
|
+
end
|
@@ -0,0 +1,25 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
module SamlIdp
|
3
|
+
describe SignedInfoBuilder do
|
4
|
+
let(:reference_id) { "abc" }
|
5
|
+
let(:digest) { "em8csGAWynywpe8S4nN64o56/4DosXi2XWMY6RJ6YfA=" }
|
6
|
+
let(:algorithm) { :sha256 }
|
7
|
+
subject { described_class.new(
|
8
|
+
reference_id,
|
9
|
+
digest,
|
10
|
+
algorithm
|
11
|
+
) }
|
12
|
+
|
13
|
+
before do
|
14
|
+
Time.stub now: Time.parse("Jul 31 2013")
|
15
|
+
end
|
16
|
+
|
17
|
+
it "builds a legit raw XML file" do
|
18
|
+
subject.raw.should == "<ds:SignedInfo xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\"><ds:CanonicalizationMethod Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\"></ds:CanonicalizationMethod><ds:SignatureMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#rsa-sha256\"></ds:SignatureMethod><ds:Reference URI=\"#_abc\"><ds:Transforms><ds:Transform Algorithm=\"http://www.w3.org/2000/09/xmldsig#enveloped-signature\"></ds:Transform><ds:Transform Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\"></ds:Transform></ds:Transforms><ds:DigestMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#sha256\"></ds:DigestMethod><ds:DigestValue>em8csGAWynywpe8S4nN64o56/4DosXi2XWMY6RJ6YfA=</ds:DigestValue></ds:Reference></ds:SignedInfo>"
|
19
|
+
end
|
20
|
+
|
21
|
+
it "builds a legit digest of the XML file" do
|
22
|
+
subject.signed.should == "MZd0Trzk+iQiHeMf5lKI0eXkTj5RQUBQH5j81jNNR/Ndf7Q1tIxsygcAM+CeWdt/Es8/Hvxe/nHmaXkkAB0BR5p8Pfrpv90wL1D+w6zeOLDNw9/+kn9E6Syu/2NMxrFetiVM7WwZcAJRA4WHRqxk6IIHIIf/Y3pf1tqKNWe6UgY="
|
23
|
+
end
|
24
|
+
end
|
25
|
+
end
|
@@ -0,0 +1,15 @@
|
|
1
|
+
# See http://help.github.com/ignore-files/ for more about ignoring files.
|
2
|
+
#
|
3
|
+
# If you find yourself ignoring temporary files generated by your text editor
|
4
|
+
# or operating system, you probably want to add a global ignore instead:
|
5
|
+
# git config --global core.excludesfile ~/.gitignore_global
|
6
|
+
|
7
|
+
# Ignore bundler config
|
8
|
+
/.bundle
|
9
|
+
|
10
|
+
# Ignore the default SQLite database.
|
11
|
+
/db/*.sqlite3
|
12
|
+
|
13
|
+
# Ignore all logfiles and tempfiles.
|
14
|
+
/log/*.log
|
15
|
+
/tmp
|
@@ -0,0 +1,261 @@
|
|
1
|
+
== Welcome to Rails
|
2
|
+
|
3
|
+
Rails is a web-application framework that includes everything needed to create
|
4
|
+
database-backed web applications according to the Model-View-Control pattern.
|
5
|
+
|
6
|
+
This pattern splits the view (also called the presentation) into "dumb"
|
7
|
+
templates that are primarily responsible for inserting pre-built data in between
|
8
|
+
HTML tags. The model contains the "smart" domain objects (such as Account,
|
9
|
+
Product, Person, Post) that holds all the business logic and knows how to
|
10
|
+
persist themselves to a database. The controller handles the incoming requests
|
11
|
+
(such as Save New Account, Update Product, Show Post) by manipulating the model
|
12
|
+
and directing data to the view.
|
13
|
+
|
14
|
+
In Rails, the model is handled by what's called an object-relational mapping
|
15
|
+
layer entitled Active Record. This layer allows you to present the data from
|
16
|
+
database rows as objects and embellish these data objects with business logic
|
17
|
+
methods. You can read more about Active Record in
|
18
|
+
link:files/vendor/rails/activerecord/README.html.
|
19
|
+
|
20
|
+
The controller and view are handled by the Action Pack, which handles both
|
21
|
+
layers by its two parts: Action View and Action Controller. These two layers
|
22
|
+
are bundled in a single package due to their heavy interdependence. This is
|
23
|
+
unlike the relationship between the Active Record and Action Pack that is much
|
24
|
+
more separate. Each of these packages can be used independently outside of
|
25
|
+
Rails. You can read more about Action Pack in
|
26
|
+
link:files/vendor/rails/actionpack/README.html.
|
27
|
+
|
28
|
+
|
29
|
+
== Getting Started
|
30
|
+
|
31
|
+
1. At the command prompt, create a new Rails application:
|
32
|
+
<tt>rails new myapp</tt> (where <tt>myapp</tt> is the application name)
|
33
|
+
|
34
|
+
2. Change directory to <tt>myapp</tt> and start the web server:
|
35
|
+
<tt>cd myapp; rails server</tt> (run with --help for options)
|
36
|
+
|
37
|
+
3. Go to http://localhost:3000/ and you'll see:
|
38
|
+
"Welcome aboard: You're riding Ruby on Rails!"
|
39
|
+
|
40
|
+
4. Follow the guidelines to start developing your application. You can find
|
41
|
+
the following resources handy:
|
42
|
+
|
43
|
+
* The Getting Started Guide: http://guides.rubyonrails.org/getting_started.html
|
44
|
+
* Ruby on Rails Tutorial Book: http://www.railstutorial.org/
|
45
|
+
|
46
|
+
|
47
|
+
== Debugging Rails
|
48
|
+
|
49
|
+
Sometimes your application goes wrong. Fortunately there are a lot of tools that
|
50
|
+
will help you debug it and get it back on the rails.
|
51
|
+
|
52
|
+
First area to check is the application log files. Have "tail -f" commands
|
53
|
+
running on the server.log and development.log. Rails will automatically display
|
54
|
+
debugging and runtime information to these files. Debugging info will also be
|
55
|
+
shown in the browser on requests from 127.0.0.1.
|
56
|
+
|
57
|
+
You can also log your own messages directly into the log file from your code
|
58
|
+
using the Ruby logger class from inside your controllers. Example:
|
59
|
+
|
60
|
+
class WeblogController < ActionController::Base
|
61
|
+
def destroy
|
62
|
+
@weblog = Weblog.find(params[:id])
|
63
|
+
@weblog.destroy
|
64
|
+
logger.info("#{Time.now} Destroyed Weblog ID ##{@weblog.id}!")
|
65
|
+
end
|
66
|
+
end
|
67
|
+
|
68
|
+
The result will be a message in your log file along the lines of:
|
69
|
+
|
70
|
+
Mon Oct 08 14:22:29 +1000 2007 Destroyed Weblog ID #1!
|
71
|
+
|
72
|
+
More information on how to use the logger is at http://www.ruby-doc.org/core/
|
73
|
+
|
74
|
+
Also, Ruby documentation can be found at http://www.ruby-lang.org/. There are
|
75
|
+
several books available online as well:
|
76
|
+
|
77
|
+
* Programming Ruby: http://www.ruby-doc.org/docs/ProgrammingRuby/ (Pickaxe)
|
78
|
+
* Learn to Program: http://pine.fm/LearnToProgram/ (a beginners guide)
|
79
|
+
|
80
|
+
These two books will bring you up to speed on the Ruby language and also on
|
81
|
+
programming in general.
|
82
|
+
|
83
|
+
|
84
|
+
== Debugger
|
85
|
+
|
86
|
+
Debugger support is available through the debugger command when you start your
|
87
|
+
Mongrel or WEBrick server with --debugger. This means that you can break out of
|
88
|
+
execution at any point in the code, investigate and change the model, and then,
|
89
|
+
resume execution! You need to install ruby-debug to run the server in debugging
|
90
|
+
mode. With gems, use <tt>sudo gem install ruby-debug</tt>. Example:
|
91
|
+
|
92
|
+
class WeblogController < ActionController::Base
|
93
|
+
def index
|
94
|
+
@posts = Post.all
|
95
|
+
debugger
|
96
|
+
end
|
97
|
+
end
|
98
|
+
|
99
|
+
So the controller will accept the action, run the first line, then present you
|
100
|
+
with a IRB prompt in the server window. Here you can do things like:
|
101
|
+
|
102
|
+
>> @posts.inspect
|
103
|
+
=> "[#<Post:0x14a6be8
|
104
|
+
@attributes={"title"=>nil, "body"=>nil, "id"=>"1"}>,
|
105
|
+
#<Post:0x14a6620
|
106
|
+
@attributes={"title"=>"Rails", "body"=>"Only ten..", "id"=>"2"}>]"
|
107
|
+
>> @posts.first.title = "hello from a debugger"
|
108
|
+
=> "hello from a debugger"
|
109
|
+
|
110
|
+
...and even better, you can examine how your runtime objects actually work:
|
111
|
+
|
112
|
+
>> f = @posts.first
|
113
|
+
=> #<Post:0x13630c4 @attributes={"title"=>nil, "body"=>nil, "id"=>"1"}>
|
114
|
+
>> f.
|
115
|
+
Display all 152 possibilities? (y or n)
|
116
|
+
|
117
|
+
Finally, when you're ready to resume execution, you can enter "cont".
|
118
|
+
|
119
|
+
|
120
|
+
== Console
|
121
|
+
|
122
|
+
The console is a Ruby shell, which allows you to interact with your
|
123
|
+
application's domain model. Here you'll have all parts of the application
|
124
|
+
configured, just like it is when the application is running. You can inspect
|
125
|
+
domain models, change values, and save to the database. Starting the script
|
126
|
+
without arguments will launch it in the development environment.
|
127
|
+
|
128
|
+
To start the console, run <tt>rails console</tt> from the application
|
129
|
+
directory.
|
130
|
+
|
131
|
+
Options:
|
132
|
+
|
133
|
+
* Passing the <tt>-s, --sandbox</tt> argument will rollback any modifications
|
134
|
+
made to the database.
|
135
|
+
* Passing an environment name as an argument will load the corresponding
|
136
|
+
environment. Example: <tt>rails console production</tt>.
|
137
|
+
|
138
|
+
To reload your controllers and models after launching the console run
|
139
|
+
<tt>reload!</tt>
|
140
|
+
|
141
|
+
More information about irb can be found at:
|
142
|
+
link:http://www.rubycentral.org/pickaxe/irb.html
|
143
|
+
|
144
|
+
|
145
|
+
== dbconsole
|
146
|
+
|
147
|
+
You can go to the command line of your database directly through <tt>rails
|
148
|
+
dbconsole</tt>. You would be connected to the database with the credentials
|
149
|
+
defined in database.yml. Starting the script without arguments will connect you
|
150
|
+
to the development database. Passing an argument will connect you to a different
|
151
|
+
database, like <tt>rails dbconsole production</tt>. Currently works for MySQL,
|
152
|
+
PostgreSQL and SQLite 3.
|
153
|
+
|
154
|
+
== Description of Contents
|
155
|
+
|
156
|
+
The default directory structure of a generated Ruby on Rails application:
|
157
|
+
|
158
|
+
|-- app
|
159
|
+
| |-- assets
|
160
|
+
| |-- images
|
161
|
+
| |-- javascripts
|
162
|
+
| `-- stylesheets
|
163
|
+
| |-- controllers
|
164
|
+
| |-- helpers
|
165
|
+
| |-- mailers
|
166
|
+
| |-- models
|
167
|
+
| `-- views
|
168
|
+
| `-- layouts
|
169
|
+
|-- config
|
170
|
+
| |-- environments
|
171
|
+
| |-- initializers
|
172
|
+
| `-- locales
|
173
|
+
|-- db
|
174
|
+
|-- doc
|
175
|
+
|-- lib
|
176
|
+
| `-- tasks
|
177
|
+
|-- log
|
178
|
+
|-- public
|
179
|
+
|-- script
|
180
|
+
|-- test
|
181
|
+
| |-- fixtures
|
182
|
+
| |-- functional
|
183
|
+
| |-- integration
|
184
|
+
| |-- performance
|
185
|
+
| `-- unit
|
186
|
+
|-- tmp
|
187
|
+
| |-- cache
|
188
|
+
| |-- pids
|
189
|
+
| |-- sessions
|
190
|
+
| `-- sockets
|
191
|
+
`-- vendor
|
192
|
+
|-- assets
|
193
|
+
`-- stylesheets
|
194
|
+
`-- plugins
|
195
|
+
|
196
|
+
app
|
197
|
+
Holds all the code that's specific to this particular application.
|
198
|
+
|
199
|
+
app/assets
|
200
|
+
Contains subdirectories for images, stylesheets, and JavaScript files.
|
201
|
+
|
202
|
+
app/controllers
|
203
|
+
Holds controllers that should be named like weblogs_controller.rb for
|
204
|
+
automated URL mapping. All controllers should descend from
|
205
|
+
ApplicationController which itself descends from ActionController::Base.
|
206
|
+
|
207
|
+
app/models
|
208
|
+
Holds models that should be named like post.rb. Models descend from
|
209
|
+
ActiveRecord::Base by default.
|
210
|
+
|
211
|
+
app/views
|
212
|
+
Holds the template files for the view that should be named like
|
213
|
+
weblogs/index.html.erb for the WeblogsController#index action. All views use
|
214
|
+
eRuby syntax by default.
|
215
|
+
|
216
|
+
app/views/layouts
|
217
|
+
Holds the template files for layouts to be used with views. This models the
|
218
|
+
common header/footer method of wrapping views. In your views, define a layout
|
219
|
+
using the <tt>layout :default</tt> and create a file named default.html.erb.
|
220
|
+
Inside default.html.erb, call <% yield %> to render the view using this
|
221
|
+
layout.
|
222
|
+
|
223
|
+
app/helpers
|
224
|
+
Holds view helpers that should be named like weblogs_helper.rb. These are
|
225
|
+
generated for you automatically when using generators for controllers.
|
226
|
+
Helpers can be used to wrap functionality for your views into methods.
|
227
|
+
|
228
|
+
config
|
229
|
+
Configuration files for the Rails environment, the routing map, the database,
|
230
|
+
and other dependencies.
|
231
|
+
|
232
|
+
db
|
233
|
+
Contains the database schema in schema.rb. db/migrate contains all the
|
234
|
+
sequence of Migrations for your schema.
|
235
|
+
|
236
|
+
doc
|
237
|
+
This directory is where your application documentation will be stored when
|
238
|
+
generated using <tt>rake doc:app</tt>
|
239
|
+
|
240
|
+
lib
|
241
|
+
Application specific libraries. Basically, any kind of custom code that
|
242
|
+
doesn't belong under controllers, models, or helpers. This directory is in
|
243
|
+
the load path.
|
244
|
+
|
245
|
+
public
|
246
|
+
The directory available for the web server. Also contains the dispatchers and the
|
247
|
+
default HTML files. This should be set as the DOCUMENT_ROOT of your web
|
248
|
+
server.
|
249
|
+
|
250
|
+
script
|
251
|
+
Helper scripts for automation and generation.
|
252
|
+
|
253
|
+
test
|
254
|
+
Unit and functional tests along with fixtures. When using the rails generate
|
255
|
+
command, template test files will be generated for you and placed in this
|
256
|
+
directory.
|
257
|
+
|
258
|
+
vendor
|
259
|
+
External libraries that the application depends on. Also includes the plugins
|
260
|
+
subdirectory. If the app has frozen rails, those gems also go here, under
|
261
|
+
vendor/rails/. This directory is in the load path.
|