saml_idp 0.11.0 → 0.12.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +9 -0
- data/lib/saml_idp.rb +1 -0
- data/lib/saml_idp/fingerprint.rb +19 -0
- data/lib/saml_idp/version.rb +1 -1
- data/spec/lib/saml_idp/fingerprint_spec.rb +14 -0
- data/spec/support/saml_request_macros.rb +1 -1
- metadata +6 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 73712903d3949f895e57a13b138c007e0ae74715d7d546b4415f278829e59054
|
|
4
|
+
data.tar.gz: fbab7e28d01ea3fc7624e52e20a234f6f997a51643905170e6809cb3f7beeec7
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 80a4683963e04b8b7f68051d15b12a5f0a098300cbfba9b72c4ed3940338ab3505c47cda0b091a9a36c1605f4396b5f1732bed7d3356438dd944f83541573a47
|
|
7
|
+
data.tar.gz: b01be29f645e31f9987afef74bb8b368ccfc86340b67e29524f582fe139e99b56cd827315d5a4e73d34b69e2c3c5b89d881c89f6d29b68c4b3cd2ff5499a39c3
|
data/README.md
CHANGED
|
@@ -245,6 +245,15 @@ The fingerprint to use, if you use the default X.509 certificate of this gem, is
|
|
|
245
245
|
9E:65:2E:03:06:8D:80:F2:86:C7:6C:77:A1:D9:14:97:0A:4D:F4:4D
|
|
246
246
|
```
|
|
247
247
|
|
|
248
|
+
# Fingerprint
|
|
249
|
+
|
|
250
|
+
The gem provides an helper to generate a fingerprint for a X.509 certificate.
|
|
251
|
+
The second parameter is optional and default to your configuration `SamlIdp.config.algorithm`
|
|
252
|
+
|
|
253
|
+
```ruby
|
|
254
|
+
Fingerprint.certificate_digest(x509_cert, :sha512)
|
|
255
|
+
```
|
|
256
|
+
|
|
248
257
|
# Service Providers
|
|
249
258
|
|
|
250
259
|
To act as a Service Provider which generates SAML Requests and can react to SAML Responses use the
|
data/lib/saml_idp.rb
CHANGED
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
module SamlIdp
|
|
2
|
+
module Fingerprint
|
|
3
|
+
def self.certificate_digest(cert, sha_size = nil)
|
|
4
|
+
sha_size ||= SamlIdp.config.algorithm
|
|
5
|
+
digest_sha_class(sha_size).hexdigest(OpenSSL::X509::Certificate.new(cert).to_der).scan(/../).join(':')
|
|
6
|
+
end
|
|
7
|
+
|
|
8
|
+
def self.digest_sha_class(sha_size)
|
|
9
|
+
case sha_size
|
|
10
|
+
when :sha256
|
|
11
|
+
Digest::SHA256
|
|
12
|
+
when :sha512
|
|
13
|
+
Digest::SHA512
|
|
14
|
+
else
|
|
15
|
+
raise ArgumentError, "Unsupported sha size parameter: #{sha_size}"
|
|
16
|
+
end
|
|
17
|
+
end
|
|
18
|
+
end
|
|
19
|
+
end
|
data/lib/saml_idp/version.rb
CHANGED
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
require 'spec_helper'
|
|
2
|
+
|
|
3
|
+
module SamlIdp
|
|
4
|
+
describe Fingerprint do
|
|
5
|
+
describe "certificate_digest" do
|
|
6
|
+
let(:cert) { sp_x509_cert }
|
|
7
|
+
let(:fingerprint) { "a2:cb:f6:6b:bc:2a:33:b9:4f:f3:c3:7e:26:a4:21:cd:41:83:ef:26:88:fa:ba:71:37:40:07:3e:d5:76:04:b7" }
|
|
8
|
+
|
|
9
|
+
it "returns the fingerprint string" do
|
|
10
|
+
expect(Fingerprint.certificate_digest(cert, :sha256)).to eq(fingerprint)
|
|
11
|
+
end
|
|
12
|
+
end
|
|
13
|
+
end
|
|
14
|
+
end
|
|
@@ -82,7 +82,7 @@ module SamlRequestMacros
|
|
|
82
82
|
response_hosts: [URI(saml_acs_url).host],
|
|
83
83
|
acs_url: saml_acs_url,
|
|
84
84
|
cert: sp_x509_cert,
|
|
85
|
-
fingerprint:
|
|
85
|
+
fingerprint: SamlIdp::Fingerprint.certificate_digest(sp_x509_cert)
|
|
86
86
|
}
|
|
87
87
|
}
|
|
88
88
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: saml_idp
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.12.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Jon Phenow
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2020-
|
|
11
|
+
date: 2020-11-20 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: activesupport
|
|
@@ -228,6 +228,7 @@ files:
|
|
|
228
228
|
- lib/saml_idp/default.rb
|
|
229
229
|
- lib/saml_idp/encryptor.rb
|
|
230
230
|
- lib/saml_idp/engine.rb
|
|
231
|
+
- lib/saml_idp/fingerprint.rb
|
|
231
232
|
- lib/saml_idp/hashable.rb
|
|
232
233
|
- lib/saml_idp/incoming_metadata.rb
|
|
233
234
|
- lib/saml_idp/logout_builder.rb
|
|
@@ -254,6 +255,7 @@ files:
|
|
|
254
255
|
- spec/lib/saml_idp/configurator_spec.rb
|
|
255
256
|
- spec/lib/saml_idp/controller_spec.rb
|
|
256
257
|
- spec/lib/saml_idp/encryptor_spec.rb
|
|
258
|
+
- spec/lib/saml_idp/fingerprint_spec.rb
|
|
257
259
|
- spec/lib/saml_idp/incoming_metadata_spec.rb
|
|
258
260
|
- spec/lib/saml_idp/logout_request_builder_spec.rb
|
|
259
261
|
- spec/lib/saml_idp/logout_response_builder_spec.rb
|
|
@@ -350,7 +352,7 @@ metadata:
|
|
|
350
352
|
homepage_uri: https://github.com/saml-idp/saml_idp
|
|
351
353
|
source_code_uri: https://github.com/saml-idp/saml_idp
|
|
352
354
|
bug_tracker_uri: https://github.com/saml-idp/saml_idp/issues
|
|
353
|
-
documentation_uri: http://rdoc.info/gems/saml_idp/0.
|
|
355
|
+
documentation_uri: http://rdoc.info/gems/saml_idp/0.12.0
|
|
354
356
|
post_install_message: |
|
|
355
357
|
If you're just recently updating saml_idp - please be aware we've changed the default
|
|
356
358
|
certificate. See the PR and a description of why we've done this here:
|
|
@@ -394,6 +396,7 @@ test_files:
|
|
|
394
396
|
- spec/lib/saml_idp/configurator_spec.rb
|
|
395
397
|
- spec/lib/saml_idp/controller_spec.rb
|
|
396
398
|
- spec/lib/saml_idp/encryptor_spec.rb
|
|
399
|
+
- spec/lib/saml_idp/fingerprint_spec.rb
|
|
397
400
|
- spec/lib/saml_idp/incoming_metadata_spec.rb
|
|
398
401
|
- spec/lib/saml_idp/logout_request_builder_spec.rb
|
|
399
402
|
- spec/lib/saml_idp/logout_response_builder_spec.rb
|