saml_idp 0.11.0 → 0.12.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: f04deecaf7c0bd7c5655134d314a4b95b9438b24b67e83d7b160d9fa2232f2fc
4
- data.tar.gz: b999a0a1f97e85e34704bfe35d3dddb89eebcfbfe1723be5e9dfcfb17e511ef5
3
+ metadata.gz: 73712903d3949f895e57a13b138c007e0ae74715d7d546b4415f278829e59054
4
+ data.tar.gz: fbab7e28d01ea3fc7624e52e20a234f6f997a51643905170e6809cb3f7beeec7
5
5
  SHA512:
6
- metadata.gz: 94921b45008f31783c0428992b9cad6b4b1098ad312fd721987d0d27f89921f286f7bd8960237b5f371f8ccb23cac1a6c8b6c7aa110fcf4318a0b63b52497e9e
7
- data.tar.gz: e142a4c38d3604dc033d0cfef0a298fbb094d5d36939518558aa219d6bd16ca753960fcc553c076e9969e031946e56d10ef3ba0c1505fcf9df3f7ee62ecdab11
6
+ metadata.gz: 80a4683963e04b8b7f68051d15b12a5f0a098300cbfba9b72c4ed3940338ab3505c47cda0b091a9a36c1605f4396b5f1732bed7d3356438dd944f83541573a47
7
+ data.tar.gz: b01be29f645e31f9987afef74bb8b368ccfc86340b67e29524f582fe139e99b56cd827315d5a4e73d34b69e2c3c5b89d881c89f6d29b68c4b3cd2ff5499a39c3
data/README.md CHANGED
@@ -245,6 +245,15 @@ The fingerprint to use, if you use the default X.509 certificate of this gem, is
245
245
  9E:65:2E:03:06:8D:80:F2:86:C7:6C:77:A1:D9:14:97:0A:4D:F4:4D
246
246
  ```
247
247
 
248
+ # Fingerprint
249
+
250
+ The gem provides an helper to generate a fingerprint for a X.509 certificate.
251
+ The second parameter is optional and default to your configuration `SamlIdp.config.algorithm`
252
+
253
+ ```ruby
254
+ Fingerprint.certificate_digest(x509_cert, :sha512)
255
+ ```
256
+
248
257
  # Service Providers
249
258
 
250
259
  To act as a Service Provider which generates SAML Requests and can react to SAML Responses use the
@@ -8,6 +8,7 @@ module SamlIdp
8
8
  require 'saml_idp/default'
9
9
  require 'saml_idp/metadata_builder'
10
10
  require 'saml_idp/version'
11
+ require 'saml_idp/fingerprint'
11
12
  require 'saml_idp/engine' if defined?(::Rails) && Rails::VERSION::MAJOR > 2
12
13
 
13
14
  def self.config
@@ -0,0 +1,19 @@
1
+ module SamlIdp
2
+ module Fingerprint
3
+ def self.certificate_digest(cert, sha_size = nil)
4
+ sha_size ||= SamlIdp.config.algorithm
5
+ digest_sha_class(sha_size).hexdigest(OpenSSL::X509::Certificate.new(cert).to_der).scan(/../).join(':')
6
+ end
7
+
8
+ def self.digest_sha_class(sha_size)
9
+ case sha_size
10
+ when :sha256
11
+ Digest::SHA256
12
+ when :sha512
13
+ Digest::SHA512
14
+ else
15
+ raise ArgumentError, "Unsupported sha size parameter: #{sha_size}"
16
+ end
17
+ end
18
+ end
19
+ end
@@ -1,4 +1,4 @@
1
1
  # encoding: utf-8
2
2
  module SamlIdp
3
- VERSION = '0.11.0'
3
+ VERSION = '0.12.0'
4
4
  end
@@ -0,0 +1,14 @@
1
+ require 'spec_helper'
2
+
3
+ module SamlIdp
4
+ describe Fingerprint do
5
+ describe "certificate_digest" do
6
+ let(:cert) { sp_x509_cert }
7
+ let(:fingerprint) { "a2:cb:f6:6b:bc:2a:33:b9:4f:f3:c3:7e:26:a4:21:cd:41:83:ef:26:88:fa:ba:71:37:40:07:3e:d5:76:04:b7" }
8
+
9
+ it "returns the fingerprint string" do
10
+ expect(Fingerprint.certificate_digest(cert, :sha256)).to eq(fingerprint)
11
+ end
12
+ end
13
+ end
14
+ end
@@ -82,7 +82,7 @@ module SamlRequestMacros
82
82
  response_hosts: [URI(saml_acs_url).host],
83
83
  acs_url: saml_acs_url,
84
84
  cert: sp_x509_cert,
85
- fingerprint: Digest::SHA256.hexdigest(OpenSSL::X509::Certificate.new(sp_x509_cert).to_der).scan(/../).join(':')
85
+ fingerprint: SamlIdp::Fingerprint.certificate_digest(sp_x509_cert)
86
86
  }
87
87
  }
88
88
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: saml_idp
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.11.0
4
+ version: 0.12.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Jon Phenow
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-10-15 00:00:00.000000000 Z
11
+ date: 2020-11-20 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activesupport
@@ -228,6 +228,7 @@ files:
228
228
  - lib/saml_idp/default.rb
229
229
  - lib/saml_idp/encryptor.rb
230
230
  - lib/saml_idp/engine.rb
231
+ - lib/saml_idp/fingerprint.rb
231
232
  - lib/saml_idp/hashable.rb
232
233
  - lib/saml_idp/incoming_metadata.rb
233
234
  - lib/saml_idp/logout_builder.rb
@@ -254,6 +255,7 @@ files:
254
255
  - spec/lib/saml_idp/configurator_spec.rb
255
256
  - spec/lib/saml_idp/controller_spec.rb
256
257
  - spec/lib/saml_idp/encryptor_spec.rb
258
+ - spec/lib/saml_idp/fingerprint_spec.rb
257
259
  - spec/lib/saml_idp/incoming_metadata_spec.rb
258
260
  - spec/lib/saml_idp/logout_request_builder_spec.rb
259
261
  - spec/lib/saml_idp/logout_response_builder_spec.rb
@@ -350,7 +352,7 @@ metadata:
350
352
  homepage_uri: https://github.com/saml-idp/saml_idp
351
353
  source_code_uri: https://github.com/saml-idp/saml_idp
352
354
  bug_tracker_uri: https://github.com/saml-idp/saml_idp/issues
353
- documentation_uri: http://rdoc.info/gems/saml_idp/0.11.0
355
+ documentation_uri: http://rdoc.info/gems/saml_idp/0.12.0
354
356
  post_install_message: |
355
357
  If you're just recently updating saml_idp - please be aware we've changed the default
356
358
  certificate. See the PR and a description of why we've done this here:
@@ -394,6 +396,7 @@ test_files:
394
396
  - spec/lib/saml_idp/configurator_spec.rb
395
397
  - spec/lib/saml_idp/controller_spec.rb
396
398
  - spec/lib/saml_idp/encryptor_spec.rb
399
+ - spec/lib/saml_idp/fingerprint_spec.rb
397
400
  - spec/lib/saml_idp/incoming_metadata_spec.rb
398
401
  - spec/lib/saml_idp/logout_request_builder_spec.rb
399
402
  - spec/lib/saml_idp/logout_response_builder_spec.rb