saml_idp 0.0.9 → 0.0.10

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. data/app/views/saml_idp/idp/new.html.erb +1 -0
  2. data/app/views/saml_idp/idp/saml_post.html.erb +1 -0
  3. data/lib/saml_idp/controller.rb +7 -6
  4. data/lib/saml_idp/request.rb +22 -10
  5. data/lib/saml_idp/service_provider.rb +1 -0
  6. data/lib/saml_idp/version.rb +1 -1
  7. metadata +4 -4
data/app/views/saml_idp/idp/new.html.erb CHANGED
@@ -4,6 +4,7 @@
4
4
 
5
5
  <%= form_tag do %>
6
6
  <%= hidden_field_tag("SAMLRequest", params[:SAMLRequest]) %>
7
+ <%= hidden_field_tag("RelayState", params[:RelayState]) %>
7
8
 
8
9
  <p>
9
10
  <%= label_tag :email %>
data/app/views/saml_idp/idp/saml_post.html.erb CHANGED
@@ -7,6 +7,7 @@
7
7
  <body onload="document.forms[0].submit();" style="visibility:hidden;">
8
8
  <%= form_tag(saml_acs_url) do %>
9
9
  <%= hidden_field_tag("SAMLResponse", @saml_response) %>
10
+ <%= hidden_field_tag("RelayState", params[:RelayState]) %>
10
11
  <%= submit_tag "Submit" %>
11
12
  <% end %>
12
13
  </body>
data/lib/saml_idp/controller.rb CHANGED
@@ -19,7 +19,7 @@ module SamlIdp
19
19
 
20
20
  def validate_saml_request(raw_saml_request = params[:SAMLRequest])
21
21
  decode_request(raw_saml_request)
22
- render nothing: true, status: :forbidden unless valid_service_provider?
22
+ render nothing: true, status: :forbidden unless valid_saml_request?
23
23
  end
24
24
 
25
25
  def decode_request(raw_saml_request)
@@ -28,7 +28,7 @@ module SamlIdp
28
28
 
29
29
  def encode_response(principal, opts = {})
30
30
  response_id, reference_id = get_saml_response_id, get_saml_reference_id
31
- audience_uri = opts[:audience_uri] || saml_acs_url[/^(.*?\/\/.*?\/)/, 1]
31
+ audience_uri = opts[:audience_uri] || saml_request.issuer || saml_acs_url[/^(.*?\/\/.*?\/)/, 1]
32
32
  opt_issuer_uri = opts[:issuer_uri] || issuer_uri
33
33
 
34
34
  SamlResponse.new(
@@ -44,12 +44,13 @@ module SamlIdp
44
44
  end
45
45
 
46
46
  def issuer_uri
47
- (defined?(request) && request.url.to_s.split("?").first) || "http://example.com"
47
+ (SamlIdp.config.base_saml_location.present? && SamlIdp.config.base_saml_location) ||
48
+ (defined?(request) && request.url.to_s.split("?").first) ||
49
+ "http://example.com"
48
50
  end
49
51
 
50
- def valid_service_provider?
51
- saml_request.service_provider? &&
52
- saml_request.valid_signature?
52
+ def valid_saml_request?
53
+ saml_request.valid?
53
54
  end
54
55
 
55
56
  def saml_request_id
data/lib/saml_idp/request.rb CHANGED
@@ -3,15 +3,19 @@ require 'saml_idp/service_provider'
3
3
  module SamlIdp
4
4
  class Request
5
5
  def self.from_deflated_request(raw)
6
- zstream = Zlib::Inflate.new(-Zlib::MAX_WBITS)
7
- decoded = Base64.decode64(raw)
8
- begin
9
- inflated = zstream.inflate(decoded).tap do
10
- zstream.finish
11
- zstream.close
6
+ if raw
7
+ decoded = Base64.decode64(raw)
8
+ zstream = Zlib::Inflate.new(-Zlib::MAX_WBITS)
9
+ begin
10
+ inflated = zstream.inflate(decoded).tap do
11
+ zstream.finish
12
+ zstream.close
13
+ end
14
+ rescue Zlib::DataError # not compressed
15
+ inflated = decoded
12
16
  end
13
- rescue Zlib::DataError # not compressed
14
- inflated = decoded
17
+ else
18
+ inflated = ""
15
19
  end
16
20
  new(inflated)
17
21
  end
@@ -32,7 +36,14 @@ module SamlIdp
32
36
  end
33
37
 
34
38
  def acs_url
35
- authn_request["AssertionConsumerServiceURL"].to_s
39
+ service_provider.acs_url ||
40
+ authn_request["AssertionConsumerServiceURL"].to_s
41
+ end
42
+
43
+ def valid?
44
+ service_provider? &&
45
+ valid_signature? &&
46
+ acs_url.present?
36
47
  end
37
48
 
38
49
  def valid_signature?
@@ -48,7 +59,8 @@ module SamlIdp
48
59
  end
49
60
 
50
61
  def issuer
51
- xpath("//saml:Issuer", saml: assertion).first.try :content
62
+ @content ||= xpath("//saml:Issuer", saml: assertion).first.try(:content)
63
+ @content if @content.present?
52
64
  end
53
65
 
54
66
  def document
data/lib/saml_idp/service_provider.rb CHANGED
@@ -9,6 +9,7 @@ module SamlIdp
9
9
  attribute :fingerprint
10
10
  attribute :metadata_url
11
11
  attribute :validate_signature
12
+ attribute :acs_url
12
13
 
13
14
  delegate :config, to: :SamlIdp
14
15
 
data/lib/saml_idp/version.rb CHANGED
@@ -1,4 +1,4 @@
1
1
  # encoding: utf-8
2
2
  module SamlIdp
3
- VERSION = '0.0.9'
3
+ VERSION = '0.0.10'
4
4
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: saml_idp
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.9
4
+ version: 0.0.10
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2013-08-27 00:00:00.000000000 Z
12
+ date: 2013-08-29 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: activesupport
@@ -344,7 +344,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
344
344
  version: '0'
345
345
  segments:
346
346
  - 0
347
- hash: 3176963340643392971
347
+ hash: 1099083129637231384
348
348
  required_rubygems_version: !ruby/object:Gem::Requirement
349
349
  none: false
350
350
  requirements:
@@ -353,7 +353,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
353
353
  version: '0'
354
354
  segments:
355
355
  - 0
356
- hash: 3176963340643392971
356
+ hash: 1099083129637231384
357
357
  requirements: []
358
358
  rubyforge_project:
359
359
  rubygems_version: 1.8.25