saml_idp 0.2.0 → 0.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/README.md +6 -3
- data/lib/saml_idp/default.rb +22 -1
- data/lib/saml_idp/version.rb +1 -1
- data/saml_idp.gemspec +13 -0
- data/spec/lib/saml_idp/signature_builder_spec.rb +1 -1
- metadata +22 -5
data/README.md
CHANGED
|
@@ -86,7 +86,7 @@ CERT
|
|
|
86
86
|
|
|
87
87
|
# Principal is passed in when you `encode_response`
|
|
88
88
|
#
|
|
89
|
-
# config.
|
|
89
|
+
# config.name_id.formats # =>
|
|
90
90
|
# { # All 2.0
|
|
91
91
|
# email_address: -> (principal) { principal.email_address },
|
|
92
92
|
# transient: -> (principal) { principal.id },
|
|
@@ -154,8 +154,11 @@ CERT
|
|
|
154
154
|
config.service_provider.persisted_metadata_getter = ->(identifier, service_provider){
|
|
155
155
|
fname = identifier.to_s.gsub(/\/|:/,"_")
|
|
156
156
|
`mkdir -p #{Rails.root.join("cache/saml/metadata")}`
|
|
157
|
-
|
|
158
|
-
|
|
157
|
+
full_filename = Rails.root.join("cache/saml/metadata/#{fname}")
|
|
158
|
+
if File.file?(full_filename)
|
|
159
|
+
File.open full_filename, "rb" do |f|
|
|
160
|
+
Marshal.load f
|
|
161
|
+
end
|
|
159
162
|
end
|
|
160
163
|
}
|
|
161
164
|
|
data/lib/saml_idp/default.rb
CHANGED
|
@@ -2,7 +2,28 @@
|
|
|
2
2
|
module SamlIdp
|
|
3
3
|
module Default
|
|
4
4
|
NAME_ID_FORMAT = "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
|
|
5
|
-
X509_CERTIFICATE =
|
|
5
|
+
X509_CERTIFICATE = <<EOS.strip
|
|
6
|
+
MIIDqzCCAxSgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBhjELMAkGA1UEBhMCQVUx
|
|
7
|
+
DDAKBgNVBAgTA05TVzEPMA0GA1UEBxMGU3lkbmV5MQwwCgYDVQQKDANQSVQxCTAH
|
|
8
|
+
BgNVBAsMADEYMBYGA1UEAwwPbGF3cmVuY2VwaXQuY29tMSUwIwYJKoZIhvcNAQkB
|
|
9
|
+
DBZsYXdyZW5jZS5waXRAZ21haWwuY29tMB4XDTEyMDQyODAyMjIyOFoXDTMyMDQy
|
|
10
|
+
MzAyMjIyOFowgYYxCzAJBgNVBAYTAkFVMQwwCgYDVQQIEwNOU1cxDzANBgNVBAcT
|
|
11
|
+
BlN5ZG5leTEMMAoGA1UECgwDUElUMQkwBwYDVQQLDAAxGDAWBgNVBAMMD2xhd3Jl
|
|
12
|
+
bmNlcGl0LmNvbTElMCMGCSqGSIb3DQEJAQwWbGF3cmVuY2UucGl0QGdtYWlsLmNv
|
|
13
|
+
bTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAuBywPNlC1FopGLYfF96SotiK
|
|
14
|
+
8Nj6/nW084O4omRMifzy7x955RLEy673q2aiJNB3LvE6Xvkt9cGtxtNoOXw1g2Uv
|
|
15
|
+
HKpldQbr6bOEjLNeDNW7j0ob+JrRvAUOK9CRgdyw5MC6lwqVQQ5C1DnaT/2fSBFj
|
|
16
|
+
asBFTR24dEpfTy8HfKECAwEAAaOCASUwggEhMAkGA1UdEwQCMAAwCwYDVR0PBAQD
|
|
17
|
+
AgUgMB0GA1UdDgQWBBQNBGmmt3ytKpcJaBaYNbnyU2xkazATBgNVHSUEDDAKBggr
|
|
18
|
+
BgEFBQcDATAdBglghkgBhvhCAQ0EEBYOVGVzdCBYNTA5IGNlcnQwgbMGA1UdIwSB
|
|
19
|
+
qzCBqIAUDQRpprd8rSqXCWgWmDW58lNsZGuhgYykgYkwgYYxCzAJBgNVBAYTAkFV
|
|
20
|
+
MQwwCgYDVQQIEwNOU1cxDzANBgNVBAcTBlN5ZG5leTEMMAoGA1UECgwDUElUMQkw
|
|
21
|
+
BwYDVQQLDAAxGDAWBgNVBAMMD2xhd3JlbmNlcGl0LmNvbTElMCMGCSqGSIb3DQEJ
|
|
22
|
+
AQwWbGF3cmVuY2UucGl0QGdtYWlsLmNvbYIBATANBgkqhkiG9w0BAQsFAAOBgQAE
|
|
23
|
+
cVUPBX7uZmzqZJfy+tUPOT5ImNQj8VE2lerhnFjnGPHmHIqhpzgnwHQujJfs/a30
|
|
24
|
+
9Wm5qwcCaC1eO5cWjcG0x3OjdllsgYDatl5GAumtBx8J3NhWRqNUgitCIkQlxHIw
|
|
25
|
+
UfgQaCushYgDDL5YbIQa++egCgpIZ+T0Dj5oRew//A==
|
|
26
|
+
EOS
|
|
6
27
|
FINGERPRINT = "9E:65:2E:03:06:8D:80:F2:86:C7:6C:77:A1:D9:14:97:0A:4D:F4:4D"
|
|
7
28
|
SECRET_KEY = <<EOS
|
|
8
29
|
-----BEGIN RSA PRIVATE KEY-----
|
data/lib/saml_idp/version.rb
CHANGED
data/saml_idp.gemspec
CHANGED
|
@@ -23,6 +23,19 @@ Gem::Specification.new do |s|
|
|
|
23
23
|
s.executables = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
|
|
24
24
|
s.require_paths = ["lib"]
|
|
25
25
|
s.rdoc_options = ["--charset=UTF-8"]
|
|
26
|
+
|
|
27
|
+
s.post_install_message = <<-INST
|
|
28
|
+
If you're just recently updating saml_idp - please be aware we've changed the default
|
|
29
|
+
certificate. See the PR and a description of why we've done this here:
|
|
30
|
+
https://github.com/sportngin/saml_idp/pull/29
|
|
31
|
+
|
|
32
|
+
If you just need to see the certificate `bundle open saml_idp` and go to
|
|
33
|
+
`lib/saml_idp/default.rb`
|
|
34
|
+
|
|
35
|
+
Similarly, please see the README about certificates - you should avoid using the
|
|
36
|
+
defaults in a Production environment. Post any issues you to github.
|
|
37
|
+
INST
|
|
38
|
+
|
|
26
39
|
s.add_dependency('activesupport')
|
|
27
40
|
s.add_dependency('uuid')
|
|
28
41
|
s.add_dependency('builder')
|
|
@@ -13,7 +13,7 @@ module SamlIdp
|
|
|
13
13
|
end
|
|
14
14
|
|
|
15
15
|
it "builds a legit raw XML file" do
|
|
16
|
-
subject.raw.should == "<ds:Signature xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\"><ds:SignedInfo xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\"><ds:CanonicalizationMethod Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\"/><ds:SignatureMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#rsa-sha256\"/><ds:Reference URI=\"#_abc\"><ds:Transforms><ds:Transform Algorithm=\"http://www.w3.org/2000/09/xmldsig#enveloped-signature\"/><ds:Transform Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\"/></ds:Transforms><ds:DigestMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#sha256\"/><ds:DigestValue>em8csGAWynywpe8S4nN64o56/4DosXi2XWMY6RJ6YfA=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>jvEbD/rsiPKmoXy7Lhm+FGn88NPGlap4EcPZ2fvjBnk03YESs87FXAIiZZEzN5xq4sBZksUmZe2bV3rrr9sxQNgQawmrrvr66ot7cJiv0ETFArr6kQIZaR5g/V0M4ydxvrfefp6cQVI0hXvmxi830pq0tISiO4J7tyBNX/kvhZk=</ds:SignatureValue><KeyInfo xmlns=\"http://www.w3.org/2000/09/xmldsig#\"><ds:X509Data><ds:X509Certificate>
|
|
16
|
+
subject.raw.should == "<ds:Signature xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\"><ds:SignedInfo xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\"><ds:CanonicalizationMethod Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\"/><ds:SignatureMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#rsa-sha256\"/><ds:Reference URI=\"#_abc\"><ds:Transforms><ds:Transform Algorithm=\"http://www.w3.org/2000/09/xmldsig#enveloped-signature\"/><ds:Transform Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\"/></ds:Transforms><ds:DigestMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#sha256\"/><ds:DigestValue>em8csGAWynywpe8S4nN64o56/4DosXi2XWMY6RJ6YfA=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>jvEbD/rsiPKmoXy7Lhm+FGn88NPGlap4EcPZ2fvjBnk03YESs87FXAIiZZEzN5xq4sBZksUmZe2bV3rrr9sxQNgQawmrrvr66ot7cJiv0ETFArr6kQIZaR5g/V0M4ydxvrfefp6cQVI0hXvmxi830pq0tISiO4J7tyBNX/kvhZk=</ds:SignatureValue><KeyInfo xmlns=\"http://www.w3.org/2000/09/xmldsig#\"><ds:X509Data><ds:X509Certificate>MIIDqzCCAxSgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBhjELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA05TVzEPMA0GA1UEBxMGU3lkbmV5MQwwCgYDVQQKDANQSVQxCTAHBgNVBAsMADEYMBYGA1UEAwwPbGF3cmVuY2VwaXQuY29tMSUwIwYJKoZIhvcNAQkBDBZsYXdyZW5jZS5waXRAZ21haWwuY29tMB4XDTEyMDQyODAyMjIyOFoXDTMyMDQyMzAyMjIyOFowgYYxCzAJBgNVBAYTAkFVMQwwCgYDVQQIEwNOU1cxDzANBgNVBAcTBlN5ZG5leTEMMAoGA1UECgwDUElUMQkwBwYDVQQLDAAxGDAWBgNVBAMMD2xhd3JlbmNlcGl0LmNvbTElMCMGCSqGSIb3DQEJAQwWbGF3cmVuY2UucGl0QGdtYWlsLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAuBywPNlC1FopGLYfF96SotiK8Nj6/nW084O4omRMifzy7x955RLEy673q2aiJNB3LvE6Xvkt9cGtxtNoOXw1g2UvHKpldQbr6bOEjLNeDNW7j0ob+JrRvAUOK9CRgdyw5MC6lwqVQQ5C1DnaT/2fSBFjasBFTR24dEpfTy8HfKECAwEAAaOCASUwggEhMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgUgMB0GA1UdDgQWBBQNBGmmt3ytKpcJaBaYNbnyU2xkazATBgNVHSUEDDAKBggrBgEFBQcDATAdBglghkgBhvhCAQ0EEBYOVGVzdCBYNTA5IGNlcnQwgbMGA1UdIwSBqzCBqIAUDQRpprd8rSqXCWgWmDW58lNsZGuhgYykgYkwgYYxCzAJBgNVBAYTAkFVMQwwCgYDVQQIEwNOU1cxDzANBgNVBAcTBlN5ZG5leTEMMAoGA1UECgwDUElUMQkwBwYDVQQLDAAxGDAWBgNVBAMMD2xhd3JlbmNlcGl0LmNvbTElMCMGCSqGSIb3DQEJAQwWbGF3cmVuY2UucGl0QGdtYWlsLmNvbYIBATANBgkqhkiG9w0BAQsFAAOBgQAEcVUPBX7uZmzqZJfy+tUPOT5ImNQj8VE2lerhnFjnGPHmHIqhpzgnwHQujJfs/a309Wm5qwcCaC1eO5cWjcG0x3OjdllsgYDatl5GAumtBx8J3NhWRqNUgitCIkQlxHIwUfgQaCushYgDDL5YbIQa++egCgpIZ+T0Dj5oRew//A==</ds:X509Certificate></ds:X509Data></KeyInfo></ds:Signature>"
|
|
17
17
|
end
|
|
18
18
|
end
|
|
19
19
|
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: saml_idp
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.2.
|
|
4
|
+
version: 0.2.1
|
|
5
5
|
prerelease:
|
|
6
6
|
platform: ruby
|
|
7
7
|
authors:
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2015-03
|
|
12
|
+
date: 2015-09-03 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: activesupport
|
|
@@ -332,7 +332,24 @@ files:
|
|
|
332
332
|
homepage: http://github.com/sportngin/saml_idp
|
|
333
333
|
licenses:
|
|
334
334
|
- LICENSE
|
|
335
|
-
post_install_message:
|
|
335
|
+
post_install_message: ! 'If you''re just recently updating saml_idp - please be aware
|
|
336
|
+
we''ve changed the default
|
|
337
|
+
|
|
338
|
+
certificate. See the PR and a description of why we''ve done this here:
|
|
339
|
+
|
|
340
|
+
https://github.com/sportngin/saml_idp/pull/29
|
|
341
|
+
|
|
342
|
+
|
|
343
|
+
If you just need to see the certificate `bundle open saml_idp` and go to
|
|
344
|
+
|
|
345
|
+
`lib/saml_idp/default.rb`
|
|
346
|
+
|
|
347
|
+
|
|
348
|
+
Similarly, please see the README about certificates - you should avoid using the
|
|
349
|
+
|
|
350
|
+
defaults in a Production environment. Post any issues you to github.
|
|
351
|
+
|
|
352
|
+
'
|
|
336
353
|
rdoc_options:
|
|
337
354
|
- --charset=UTF-8
|
|
338
355
|
require_paths:
|
|
@@ -345,7 +362,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
345
362
|
version: '0'
|
|
346
363
|
segments:
|
|
347
364
|
- 0
|
|
348
|
-
hash:
|
|
365
|
+
hash: -213733986109454485
|
|
349
366
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
350
367
|
none: false
|
|
351
368
|
requirements:
|
|
@@ -354,7 +371,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
354
371
|
version: '0'
|
|
355
372
|
segments:
|
|
356
373
|
- 0
|
|
357
|
-
hash:
|
|
374
|
+
hash: -213733986109454485
|
|
358
375
|
requirements: []
|
|
359
376
|
rubyforge_project:
|
|
360
377
|
rubygems_version: 1.8.23
|