saml_idp 0.3.0 → 0.3.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (8) hide show
  1. data/README.md +1 -1
  2. data/lib/saml_idp/assertion_builder.rb +11 -9
  3. data/lib/saml_idp/request.rb +1 -1
  4. data/lib/saml_idp/version.rb +1 -1
  5. data/saml_idp.gemspec +1 -1
  6. data/spec/lib/saml_idp/assertion_builder_spec.rb +18 -0
  7. data/spec/lib/saml_idp/request_spec.rb +17 -1
  8. metadata +5 -5
data/README.md CHANGED
@@ -204,7 +204,7 @@ excellent [ruby-saml](https://github.com/onelogin/ruby-saml) gem.
204
204
 
205
205
 
206
206
  # Author
207
- Jon Phenow, jon.phenow@sportngin.com
207
+ Jon Phenow, me@jphenow.com
208
208
 
209
209
  Lawrence Pit, lawrence.pit@gmail.com, lawrencepit.com, @lawrencepit
210
210
 
data/lib/saml_idp/assertion_builder.rb CHANGED
@@ -52,15 +52,17 @@ module SamlIdp
52
52
  restriction.Audience audience_uri
53
53
  end
54
54
  end
55
- assertion.AttributeStatement do |attr_statement|
56
- config.attributes.each do |friendly_name, attrs|
57
- attrs = (attrs || {}).with_indifferent_access
58
- attr_statement.Attribute Name: attrs[:name] || friendly_name,
59
- NameFormat: attrs[:name_format] || Saml::XML::Namespaces::Formats::Attr::URI,
60
- FriendlyName: friendly_name.to_s do |attr|
61
- values = get_values_for friendly_name, attrs[:getter]
62
- values.each do |val|
63
- attr.AttributeValue val.to_s
55
+ if !config.attributes.nil? && !config.attributes.empty?
56
+ assertion.AttributeStatement do |attr_statement|
57
+ config.attributes.each do |friendly_name, attrs|
58
+ attrs = (attrs || {}).with_indifferent_access
59
+ attr_statement.Attribute Name: attrs[:name] || friendly_name,
60
+ NameFormat: attrs[:name_format] || Saml::XML::Namespaces::Formats::Attr::URI,
61
+ FriendlyName: friendly_name.to_s do |attr|
62
+ values = get_values_for friendly_name, attrs[:getter]
63
+ values.each do |val|
64
+ attr.AttributeValue val.to_s
65
+ end
64
66
  end
65
67
  end
66
68
  end
data/lib/saml_idp/request.rb CHANGED
@@ -11,7 +11,7 @@ module SamlIdp
11
11
  zstream.finish
12
12
  zstream.close
13
13
  end
14
- rescue Zlib::DataError # not compressed
14
+ rescue Zlib::BufError, Zlib::DataError # not compressed
15
15
  inflated = decoded
16
16
  end
17
17
  else
data/lib/saml_idp/version.rb CHANGED
@@ -1,4 +1,4 @@
1
1
  # encoding: utf-8
2
2
  module SamlIdp
3
- VERSION = '0.3.0'
3
+ VERSION = '0.3.1'
4
4
  end
data/saml_idp.gemspec CHANGED
@@ -45,7 +45,7 @@ section of the README.
45
45
  s.add_dependency('uuid')
46
46
  s.add_dependency('builder')
47
47
  s.add_dependency('httparty')
48
- s.add_dependency('nokogiri')
48
+ s.add_dependency('nokogiri', '>= 1.6.2')
49
49
 
50
50
  s.add_development_dependency "rake"
51
51
  s.add_development_dependency "simplecov"
data/spec/lib/saml_idp/assertion_builder_spec.rb CHANGED
@@ -37,6 +37,24 @@ module SamlIdp
37
37
  end
38
38
  end
39
39
 
40
+ describe "without attributes" do
41
+ let(:config) { SamlIdp::Configurator.new }
42
+ before do
43
+ config.name_id.formats = {
44
+ "1.1" => {
45
+ email_address: ->(p) { "foo@example.com" }
46
+ }
47
+ }
48
+ SamlIdp.stub(config: config)
49
+ end
50
+
51
+ it "doesn't include attribute statement" do
52
+ Timecop.travel(Time.zone.local(2010, 6, 1, 13, 0, 0)) do
53
+ subject.raw.should == "<Assertion xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\" ID=\"_abc\" IssueInstant=\"2010-06-01T13:00:00Z\" Version=\"2.0\"><Issuer>http://sportngin.com</Issuer><Subject><NameID Format=\"urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress\">foo@example.com</NameID><SubjectConfirmation Method=\"urn:oasis:names:tc:SAML:2.0:cm:bearer\"><SubjectConfirmationData InResponseTo=\"123\" NotOnOrAfter=\"2010-06-01T13:03:00Z\" Recipient=\"http://saml.acs.url\"></SubjectConfirmationData></SubjectConfirmation></Subject><Conditions NotBefore=\"2010-06-01T12:59:55Z\" NotOnOrAfter=\"2010-06-01T16:00:00Z\"><AudienceRestriction><Audience>http://example.com</Audience></AudienceRestriction></Conditions><AuthnStatement AuthnInstant=\"2010-06-01T13:00:00Z\" SessionIndex=\"_abc\"><AuthnContext><AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</AuthnContextClassRef></AuthnContext></AuthnStatement></Assertion>"
54
+ end
55
+ end
56
+ end
57
+
40
58
  it "builds encrypted XML" do
41
59
  builder = described_class.new(
42
60
  reference_id,
data/spec/lib/saml_idp/request_spec.rb CHANGED
@@ -1,8 +1,24 @@
1
1
  require 'spec_helper'
2
2
  module SamlIdp
3
3
  describe Request do
4
+ let(:raw_authn_request) { "<samlp:AuthnRequest AssertionConsumerServiceURL='http://localhost:3000/saml/consume' Destination='http://localhost:1337/saml/auth' ID='_af43d1a0-e111-0130-661a-3c0754403fdb' IssueInstant='2013-08-06T22:01:35Z' Version='2.0' xmlns:samlp='urn:oasis:names:tc:SAML:2.0:protocol'><saml:Issuer xmlns:saml='urn:oasis:names:tc:SAML:2.0:assertion'>localhost:3000</saml:Issuer><samlp:NameIDPolicy AllowCreate='true' Format='urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress' xmlns:samlp='urn:oasis:names:tc:SAML:2.0:protocol'/><samlp:RequestedAuthnContext Comparison='exact'><saml:AuthnContextClassRef xmlns:saml='urn:oasis:names:tc:SAML:2.0:assertion'>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef></samlp:RequestedAuthnContext></samlp:AuthnRequest>" }
5
+
6
+ describe "deflated request" do
7
+ let(:deflated_request) { Base64.encode64(Zlib::Deflate.deflate(raw_authn_request, 9)[2..-5]) }
8
+
9
+ subject { described_class.from_deflated_request deflated_request }
10
+
11
+ it "inflates" do
12
+ subject.request_id.should == "_af43d1a0-e111-0130-661a-3c0754403fdb"
13
+ end
14
+
15
+ it "handles invalid SAML" do
16
+ req = described_class.from_deflated_request "bang!"
17
+ req.valid?.should == false
18
+ end
19
+ end
20
+
4
21
  describe "authn request" do
5
- let(:raw_authn_request) { "<samlp:AuthnRequest AssertionConsumerServiceURL='http://localhost:3000/saml/consume' Destination='http://localhost:1337/saml/auth' ID='_af43d1a0-e111-0130-661a-3c0754403fdb' IssueInstant='2013-08-06T22:01:35Z' Version='2.0' xmlns:samlp='urn:oasis:names:tc:SAML:2.0:protocol'><saml:Issuer xmlns:saml='urn:oasis:names:tc:SAML:2.0:assertion'>localhost:3000</saml:Issuer><samlp:NameIDPolicy AllowCreate='true' Format='urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress' xmlns:samlp='urn:oasis:names:tc:SAML:2.0:protocol'/><samlp:RequestedAuthnContext Comparison='exact'><saml:AuthnContextClassRef xmlns:saml='urn:oasis:names:tc:SAML:2.0:assertion'>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef></samlp:RequestedAuthnContext></samlp:AuthnRequest>" }
6
22
  subject { described_class.new raw_authn_request }
7
23
 
8
24
  it "has a valid request_id" do
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: saml_idp
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.3.0
4
+ version: 0.3.1
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -82,7 +82,7 @@ dependencies:
82
82
  requirements:
83
83
  - - ! '>='
84
84
  - !ruby/object:Gem::Version
85
- version: '0'
85
+ version: 1.6.2
86
86
  type: :runtime
87
87
  prerelease: false
88
88
  version_requirements: !ruby/object:Gem::Requirement
@@ -90,7 +90,7 @@ dependencies:
90
90
  requirements:
91
91
  - - ! '>='
92
92
  - !ruby/object:Gem::Version
93
- version: '0'
93
+ version: 1.6.2
94
94
  - !ruby/object:Gem::Dependency
95
95
  name: rake
96
96
  requirement: !ruby/object:Gem::Requirement
@@ -393,7 +393,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
393
393
  version: '0'
394
394
  segments:
395
395
  - 0
396
- hash: 1850283737976678938
396
+ hash: 3897224932473421583
397
397
  required_rubygems_version: !ruby/object:Gem::Requirement
398
398
  none: false
399
399
  requirements:
@@ -402,7 +402,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
402
402
  version: '0'
403
403
  segments:
404
404
  - 0
405
- hash: 1850283737976678938
405
+ hash: 3897224932473421583
406
406
  requirements: []
407
407
  rubyforge_project:
408
408
  rubygems_version: 1.8.23