saml_idp 0.0.9 → 0.0.10

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. data/app/views/saml_idp/idp/new.html.erb +1 -0
  2. data/app/views/saml_idp/idp/saml_post.html.erb +1 -0
  3. data/lib/saml_idp/controller.rb +7 -6
  4. data/lib/saml_idp/request.rb +22 -10
  5. data/lib/saml_idp/service_provider.rb +1 -0
  6. data/lib/saml_idp/version.rb +1 -1
  7. metadata +4 -4
data/app/views/saml_idp/idp/new.html.erb CHANGED
@@ -4,6 +4,7 @@
4
4
 
5
5
  <%= form_tag do %>
6
6
  <%= hidden_field_tag("SAMLRequest", params[:SAMLRequest]) %>
7
+ <%= hidden_field_tag("RelayState", params[:RelayState]) %>
7
8
 
8
9
  <p>
9
10
  <%= label_tag :email %>
data/app/views/saml_idp/idp/saml_post.html.erb CHANGED
@@ -7,6 +7,7 @@
7
7
  <body onload="document.forms[0].submit();" style="visibility:hidden;">
8
8
  <%= form_tag(saml_acs_url) do %>
9
9
  <%= hidden_field_tag("SAMLResponse", @saml_response) %>
10
+ <%= hidden_field_tag("RelayState", params[:RelayState]) %>
10
11
  <%= submit_tag "Submit" %>
11
12
  <% end %>
12
13
  </body>
data/lib/saml_idp/controller.rb CHANGED
@@ -19,7 +19,7 @@ module SamlIdp
19
19
 
20
20
  def validate_saml_request(raw_saml_request = params[:SAMLRequest])
21
21
  decode_request(raw_saml_request)
22
- render nothing: true, status: :forbidden unless valid_service_provider?
22
+ render nothing: true, status: :forbidden unless valid_saml_request?
23
23
  end
24
24
 
25
25
  def decode_request(raw_saml_request)
@@ -28,7 +28,7 @@ module SamlIdp
28
28
 
29
29
  def encode_response(principal, opts = {})
30
30
  response_id, reference_id = get_saml_response_id, get_saml_reference_id
31
- audience_uri = opts[:audience_uri] || saml_acs_url[/^(.*?\/\/.*?\/)/, 1]
31
+ audience_uri = opts[:audience_uri] || saml_request.issuer || saml_acs_url[/^(.*?\/\/.*?\/)/, 1]
32
32
  opt_issuer_uri = opts[:issuer_uri] || issuer_uri
33
33
 
34
34
  SamlResponse.new(
@@ -44,12 +44,13 @@ module SamlIdp
44
44
  end
45
45
 
46
46
  def issuer_uri
47
- (defined?(request) && request.url.to_s.split("?").first) || "http://example.com"
47
+ (SamlIdp.config.base_saml_location.present? && SamlIdp.config.base_saml_location) ||
48
+ (defined?(request) && request.url.to_s.split("?").first) ||
49
+ "http://example.com"
48
50
  end
49
51
 
50
- def valid_service_provider?
51
- saml_request.service_provider? &&
52
- saml_request.valid_signature?
52
+ def valid_saml_request?
53
+ saml_request.valid?
53
54
  end
54
55
 
55
56
  def saml_request_id
data/lib/saml_idp/request.rb CHANGED
@@ -3,15 +3,19 @@ require 'saml_idp/service_provider'
3
3
  module SamlIdp
4
4
  class Request
5
5
  def self.from_deflated_request(raw)
6
- zstream = Zlib::Inflate.new(-Zlib::MAX_WBITS)
7
- decoded = Base64.decode64(raw)
8
- begin
9
- inflated = zstream.inflate(decoded).tap do
10
- zstream.finish
11
- zstream.close
6
+ if raw
7
+ decoded = Base64.decode64(raw)
8
+ zstream = Zlib::Inflate.new(-Zlib::MAX_WBITS)
9
+ begin
10
+ inflated = zstream.inflate(decoded).tap do
11
+ zstream.finish
12
+ zstream.close
13
+ end
14
+ rescue Zlib::DataError # not compressed
15
+ inflated = decoded
12
16
  end
13
- rescue Zlib::DataError # not compressed
14
- inflated = decoded
17
+ else
18
+ inflated = ""
15
19
  end
16
20
  new(inflated)
17
21
  end
@@ -32,7 +36,14 @@ module SamlIdp
32
36
  end
33
37
 
34
38
  def acs_url
35
- authn_request["AssertionConsumerServiceURL"].to_s
39
+ service_provider.acs_url ||
40
+ authn_request["AssertionConsumerServiceURL"].to_s
41
+ end
42
+
43
+ def valid?
44
+ service_provider? &&
45
+ valid_signature? &&
46
+ acs_url.present?
36
47
  end
37
48
 
38
49
  def valid_signature?
@@ -48,7 +59,8 @@ module SamlIdp
48
59
  end
49
60
 
50
61
  def issuer
51
- xpath("//saml:Issuer", saml: assertion).first.try :content
62
+ @content ||= xpath("//saml:Issuer", saml: assertion).first.try(:content)
63
+ @content if @content.present?
52
64
  end
53
65
 
54
66
  def document
data/lib/saml_idp/service_provider.rb CHANGED
@@ -9,6 +9,7 @@ module SamlIdp
9
9
  attribute :fingerprint
10
10
  attribute :metadata_url
11
11
  attribute :validate_signature
12
+ attribute :acs_url
12
13
 
13
14
  delegate :config, to: :SamlIdp
14
15
 
data/lib/saml_idp/version.rb CHANGED
@@ -1,4 +1,4 @@
1
1
  # encoding: utf-8
2
2
  module SamlIdp
3
- VERSION = '0.0.9'
3
+ VERSION = '0.0.10'
4
4
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: saml_idp
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.9
4
+ version: 0.0.10
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2013-08-27 00:00:00.000000000 Z
12
+ date: 2013-08-29 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: activesupport
@@ -344,7 +344,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
344
344
  version: '0'
345
345
  segments:
346
346
  - 0
347
- hash: 3176963340643392971
347
+ hash: 1099083129637231384
348
348
  required_rubygems_version: !ruby/object:Gem::Requirement
349
349
  none: false
350
350
  requirements:
@@ -353,7 +353,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
353
353
  version: '0'
354
354
  segments:
355
355
  - 0
356
- hash: 3176963340643392971
356
+ hash: 1099083129637231384
357
357
  requirements: []
358
358
  rubyforge_project:
359
359
  rubygems_version: 1.8.25