saml_idp 0.2.0 → 0.2.1
Sign up to get free protection for your applications and to get access to all the features.
- data/README.md +6 -3
- data/lib/saml_idp/default.rb +22 -1
- data/lib/saml_idp/version.rb +1 -1
- data/saml_idp.gemspec +13 -0
- data/spec/lib/saml_idp/signature_builder_spec.rb +1 -1
- metadata +22 -5
data/README.md
CHANGED
|
@@ -86,7 +86,7 @@ CERT
|
|
|
86
86
|
|
|
87
87
|
# Principal is passed in when you `encode_response`
|
|
88
88
|
#
|
|
89
|
-
# config.
|
|
89
|
+
# config.name_id.formats # =>
|
|
90
90
|
# { # All 2.0
|
|
91
91
|
# email_address: -> (principal) { principal.email_address },
|
|
92
92
|
# transient: -> (principal) { principal.id },
|
|
@@ -154,8 +154,11 @@ CERT
|
|
|
154
154
|
config.service_provider.persisted_metadata_getter = ->(identifier, service_provider){
|
|
155
155
|
fname = identifier.to_s.gsub(/\/|:/,"_")
|
|
156
156
|
`mkdir -p #{Rails.root.join("cache/saml/metadata")}`
|
|
157
|
-
|
|
158
|
-
|
|
157
|
+
full_filename = Rails.root.join("cache/saml/metadata/#{fname}")
|
|
158
|
+
if File.file?(full_filename)
|
|
159
|
+
File.open full_filename, "rb" do |f|
|
|
160
|
+
Marshal.load f
|
|
161
|
+
end
|
|
159
162
|
end
|
|
160
163
|
}
|
|
161
164
|
|
data/lib/saml_idp/default.rb
CHANGED
|
@@ -2,7 +2,28 @@
|
|
|
2
2
|
module SamlIdp
|
|
3
3
|
module Default
|
|
4
4
|
NAME_ID_FORMAT = "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
|
|
5
|
-
X509_CERTIFICATE =
|
|
5
|
+
X509_CERTIFICATE = <<EOS.strip
|
|
6
|
+
MIIDqzCCAxSgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBhjELMAkGA1UEBhMCQVUx
|
|
7
|
+
DDAKBgNVBAgTA05TVzEPMA0GA1UEBxMGU3lkbmV5MQwwCgYDVQQKDANQSVQxCTAH
|
|
8
|
+
BgNVBAsMADEYMBYGA1UEAwwPbGF3cmVuY2VwaXQuY29tMSUwIwYJKoZIhvcNAQkB
|
|
9
|
+
DBZsYXdyZW5jZS5waXRAZ21haWwuY29tMB4XDTEyMDQyODAyMjIyOFoXDTMyMDQy
|
|
10
|
+
MzAyMjIyOFowgYYxCzAJBgNVBAYTAkFVMQwwCgYDVQQIEwNOU1cxDzANBgNVBAcT
|
|
11
|
+
BlN5ZG5leTEMMAoGA1UECgwDUElUMQkwBwYDVQQLDAAxGDAWBgNVBAMMD2xhd3Jl
|
|
12
|
+
bmNlcGl0LmNvbTElMCMGCSqGSIb3DQEJAQwWbGF3cmVuY2UucGl0QGdtYWlsLmNv
|
|
13
|
+
bTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAuBywPNlC1FopGLYfF96SotiK
|
|
14
|
+
8Nj6/nW084O4omRMifzy7x955RLEy673q2aiJNB3LvE6Xvkt9cGtxtNoOXw1g2Uv
|
|
15
|
+
HKpldQbr6bOEjLNeDNW7j0ob+JrRvAUOK9CRgdyw5MC6lwqVQQ5C1DnaT/2fSBFj
|
|
16
|
+
asBFTR24dEpfTy8HfKECAwEAAaOCASUwggEhMAkGA1UdEwQCMAAwCwYDVR0PBAQD
|
|
17
|
+
AgUgMB0GA1UdDgQWBBQNBGmmt3ytKpcJaBaYNbnyU2xkazATBgNVHSUEDDAKBggr
|
|
18
|
+
BgEFBQcDATAdBglghkgBhvhCAQ0EEBYOVGVzdCBYNTA5IGNlcnQwgbMGA1UdIwSB
|
|
19
|
+
qzCBqIAUDQRpprd8rSqXCWgWmDW58lNsZGuhgYykgYkwgYYxCzAJBgNVBAYTAkFV
|
|
20
|
+
MQwwCgYDVQQIEwNOU1cxDzANBgNVBAcTBlN5ZG5leTEMMAoGA1UECgwDUElUMQkw
|
|
21
|
+
BwYDVQQLDAAxGDAWBgNVBAMMD2xhd3JlbmNlcGl0LmNvbTElMCMGCSqGSIb3DQEJ
|
|
22
|
+
AQwWbGF3cmVuY2UucGl0QGdtYWlsLmNvbYIBATANBgkqhkiG9w0BAQsFAAOBgQAE
|
|
23
|
+
cVUPBX7uZmzqZJfy+tUPOT5ImNQj8VE2lerhnFjnGPHmHIqhpzgnwHQujJfs/a30
|
|
24
|
+
9Wm5qwcCaC1eO5cWjcG0x3OjdllsgYDatl5GAumtBx8J3NhWRqNUgitCIkQlxHIw
|
|
25
|
+
UfgQaCushYgDDL5YbIQa++egCgpIZ+T0Dj5oRew//A==
|
|
26
|
+
EOS
|
|
6
27
|
FINGERPRINT = "9E:65:2E:03:06:8D:80:F2:86:C7:6C:77:A1:D9:14:97:0A:4D:F4:4D"
|
|
7
28
|
SECRET_KEY = <<EOS
|
|
8
29
|
-----BEGIN RSA PRIVATE KEY-----
|
data/lib/saml_idp/version.rb
CHANGED
data/saml_idp.gemspec
CHANGED
|
@@ -23,6 +23,19 @@ Gem::Specification.new do |s|
|
|
|
23
23
|
s.executables = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
|
|
24
24
|
s.require_paths = ["lib"]
|
|
25
25
|
s.rdoc_options = ["--charset=UTF-8"]
|
|
26
|
+
|
|
27
|
+
s.post_install_message = <<-INST
|
|
28
|
+
If you're just recently updating saml_idp - please be aware we've changed the default
|
|
29
|
+
certificate. See the PR and a description of why we've done this here:
|
|
30
|
+
https://github.com/sportngin/saml_idp/pull/29
|
|
31
|
+
|
|
32
|
+
If you just need to see the certificate `bundle open saml_idp` and go to
|
|
33
|
+
`lib/saml_idp/default.rb`
|
|
34
|
+
|
|
35
|
+
Similarly, please see the README about certificates - you should avoid using the
|
|
36
|
+
defaults in a Production environment. Post any issues you to github.
|
|
37
|
+
INST
|
|
38
|
+
|
|
26
39
|
s.add_dependency('activesupport')
|
|
27
40
|
s.add_dependency('uuid')
|
|
28
41
|
s.add_dependency('builder')
|
|
@@ -13,7 +13,7 @@ module SamlIdp
|
|
|
13
13
|
end
|
|
14
14
|
|
|
15
15
|
it "builds a legit raw XML file" do
|
|
16
|
-
subject.raw.should == "<ds:Signature xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\"><ds:SignedInfo xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\"><ds:CanonicalizationMethod Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\"/><ds:SignatureMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#rsa-sha256\"/><ds:Reference URI=\"#_abc\"><ds:Transforms><ds:Transform Algorithm=\"http://www.w3.org/2000/09/xmldsig#enveloped-signature\"/><ds:Transform Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\"/></ds:Transforms><ds:DigestMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#sha256\"/><ds:DigestValue>em8csGAWynywpe8S4nN64o56/4DosXi2XWMY6RJ6YfA=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>jvEbD/rsiPKmoXy7Lhm+FGn88NPGlap4EcPZ2fvjBnk03YESs87FXAIiZZEzN5xq4sBZksUmZe2bV3rrr9sxQNgQawmrrvr66ot7cJiv0ETFArr6kQIZaR5g/V0M4ydxvrfefp6cQVI0hXvmxi830pq0tISiO4J7tyBNX/kvhZk=</ds:SignatureValue><KeyInfo xmlns=\"http://www.w3.org/2000/09/xmldsig#\"><ds:X509Data><ds:X509Certificate>
|
|
16
|
+
subject.raw.should == "<ds:Signature xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\"><ds:SignedInfo xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\"><ds:CanonicalizationMethod Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\"/><ds:SignatureMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#rsa-sha256\"/><ds:Reference URI=\"#_abc\"><ds:Transforms><ds:Transform Algorithm=\"http://www.w3.org/2000/09/xmldsig#enveloped-signature\"/><ds:Transform Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\"/></ds:Transforms><ds:DigestMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#sha256\"/><ds:DigestValue>em8csGAWynywpe8S4nN64o56/4DosXi2XWMY6RJ6YfA=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>jvEbD/rsiPKmoXy7Lhm+FGn88NPGlap4EcPZ2fvjBnk03YESs87FXAIiZZEzN5xq4sBZksUmZe2bV3rrr9sxQNgQawmrrvr66ot7cJiv0ETFArr6kQIZaR5g/V0M4ydxvrfefp6cQVI0hXvmxi830pq0tISiO4J7tyBNX/kvhZk=</ds:SignatureValue><KeyInfo xmlns=\"http://www.w3.org/2000/09/xmldsig#\"><ds:X509Data><ds:X509Certificate>MIIDqzCCAxSgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBhjELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA05TVzEPMA0GA1UEBxMGU3lkbmV5MQwwCgYDVQQKDANQSVQxCTAHBgNVBAsMADEYMBYGA1UEAwwPbGF3cmVuY2VwaXQuY29tMSUwIwYJKoZIhvcNAQkBDBZsYXdyZW5jZS5waXRAZ21haWwuY29tMB4XDTEyMDQyODAyMjIyOFoXDTMyMDQyMzAyMjIyOFowgYYxCzAJBgNVBAYTAkFVMQwwCgYDVQQIEwNOU1cxDzANBgNVBAcTBlN5ZG5leTEMMAoGA1UECgwDUElUMQkwBwYDVQQLDAAxGDAWBgNVBAMMD2xhd3JlbmNlcGl0LmNvbTElMCMGCSqGSIb3DQEJAQwWbGF3cmVuY2UucGl0QGdtYWlsLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAuBywPNlC1FopGLYfF96SotiK8Nj6/nW084O4omRMifzy7x955RLEy673q2aiJNB3LvE6Xvkt9cGtxtNoOXw1g2UvHKpldQbr6bOEjLNeDNW7j0ob+JrRvAUOK9CRgdyw5MC6lwqVQQ5C1DnaT/2fSBFjasBFTR24dEpfTy8HfKECAwEAAaOCASUwggEhMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgUgMB0GA1UdDgQWBBQNBGmmt3ytKpcJaBaYNbnyU2xkazATBgNVHSUEDDAKBggrBgEFBQcDATAdBglghkgBhvhCAQ0EEBYOVGVzdCBYNTA5IGNlcnQwgbMGA1UdIwSBqzCBqIAUDQRpprd8rSqXCWgWmDW58lNsZGuhgYykgYkwgYYxCzAJBgNVBAYTAkFVMQwwCgYDVQQIEwNOU1cxDzANBgNVBAcTBlN5ZG5leTEMMAoGA1UECgwDUElUMQkwBwYDVQQLDAAxGDAWBgNVBAMMD2xhd3JlbmNlcGl0LmNvbTElMCMGCSqGSIb3DQEJAQwWbGF3cmVuY2UucGl0QGdtYWlsLmNvbYIBATANBgkqhkiG9w0BAQsFAAOBgQAEcVUPBX7uZmzqZJfy+tUPOT5ImNQj8VE2lerhnFjnGPHmHIqhpzgnwHQujJfs/a309Wm5qwcCaC1eO5cWjcG0x3OjdllsgYDatl5GAumtBx8J3NhWRqNUgitCIkQlxHIwUfgQaCushYgDDL5YbIQa++egCgpIZ+T0Dj5oRew//A==</ds:X509Certificate></ds:X509Data></KeyInfo></ds:Signature>"
|
|
17
17
|
end
|
|
18
18
|
end
|
|
19
19
|
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: saml_idp
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.2.
|
|
4
|
+
version: 0.2.1
|
|
5
5
|
prerelease:
|
|
6
6
|
platform: ruby
|
|
7
7
|
authors:
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2015-03
|
|
12
|
+
date: 2015-09-03 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: activesupport
|
|
@@ -332,7 +332,24 @@ files:
|
|
|
332
332
|
homepage: http://github.com/sportngin/saml_idp
|
|
333
333
|
licenses:
|
|
334
334
|
- LICENSE
|
|
335
|
-
post_install_message:
|
|
335
|
+
post_install_message: ! 'If you''re just recently updating saml_idp - please be aware
|
|
336
|
+
we''ve changed the default
|
|
337
|
+
|
|
338
|
+
certificate. See the PR and a description of why we''ve done this here:
|
|
339
|
+
|
|
340
|
+
https://github.com/sportngin/saml_idp/pull/29
|
|
341
|
+
|
|
342
|
+
|
|
343
|
+
If you just need to see the certificate `bundle open saml_idp` and go to
|
|
344
|
+
|
|
345
|
+
`lib/saml_idp/default.rb`
|
|
346
|
+
|
|
347
|
+
|
|
348
|
+
Similarly, please see the README about certificates - you should avoid using the
|
|
349
|
+
|
|
350
|
+
defaults in a Production environment. Post any issues you to github.
|
|
351
|
+
|
|
352
|
+
'
|
|
336
353
|
rdoc_options:
|
|
337
354
|
- --charset=UTF-8
|
|
338
355
|
require_paths:
|
|
@@ -345,7 +362,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
345
362
|
version: '0'
|
|
346
363
|
segments:
|
|
347
364
|
- 0
|
|
348
|
-
hash:
|
|
365
|
+
hash: -213733986109454485
|
|
349
366
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
350
367
|
none: false
|
|
351
368
|
requirements:
|
|
@@ -354,7 +371,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
354
371
|
version: '0'
|
|
355
372
|
segments:
|
|
356
373
|
- 0
|
|
357
|
-
hash:
|
|
374
|
+
hash: -213733986109454485
|
|
358
375
|
requirements: []
|
|
359
376
|
rubyforge_project:
|
|
360
377
|
rubygems_version: 1.8.23
|