saml_idp 0.3.0 → 0.3.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/README.md +1 -1
- data/lib/saml_idp/assertion_builder.rb +11 -9
- data/lib/saml_idp/request.rb +1 -1
- data/lib/saml_idp/version.rb +1 -1
- data/saml_idp.gemspec +1 -1
- data/spec/lib/saml_idp/assertion_builder_spec.rb +18 -0
- data/spec/lib/saml_idp/request_spec.rb +17 -1
- metadata +5 -5
data/README.md
CHANGED
|
@@ -52,15 +52,17 @@ module SamlIdp
|
|
|
52
52
|
restriction.Audience audience_uri
|
|
53
53
|
end
|
|
54
54
|
end
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
|
|
55
|
+
if !config.attributes.nil? && !config.attributes.empty?
|
|
56
|
+
assertion.AttributeStatement do |attr_statement|
|
|
57
|
+
config.attributes.each do |friendly_name, attrs|
|
|
58
|
+
attrs = (attrs || {}).with_indifferent_access
|
|
59
|
+
attr_statement.Attribute Name: attrs[:name] || friendly_name,
|
|
60
|
+
NameFormat: attrs[:name_format] || Saml::XML::Namespaces::Formats::Attr::URI,
|
|
61
|
+
FriendlyName: friendly_name.to_s do |attr|
|
|
62
|
+
values = get_values_for friendly_name, attrs[:getter]
|
|
63
|
+
values.each do |val|
|
|
64
|
+
attr.AttributeValue val.to_s
|
|
65
|
+
end
|
|
64
66
|
end
|
|
65
67
|
end
|
|
66
68
|
end
|
data/lib/saml_idp/request.rb
CHANGED
data/lib/saml_idp/version.rb
CHANGED
data/saml_idp.gemspec
CHANGED
|
@@ -45,7 +45,7 @@ section of the README.
|
|
|
45
45
|
s.add_dependency('uuid')
|
|
46
46
|
s.add_dependency('builder')
|
|
47
47
|
s.add_dependency('httparty')
|
|
48
|
-
s.add_dependency('nokogiri')
|
|
48
|
+
s.add_dependency('nokogiri', '>= 1.6.2')
|
|
49
49
|
|
|
50
50
|
s.add_development_dependency "rake"
|
|
51
51
|
s.add_development_dependency "simplecov"
|
|
@@ -37,6 +37,24 @@ module SamlIdp
|
|
|
37
37
|
end
|
|
38
38
|
end
|
|
39
39
|
|
|
40
|
+
describe "without attributes" do
|
|
41
|
+
let(:config) { SamlIdp::Configurator.new }
|
|
42
|
+
before do
|
|
43
|
+
config.name_id.formats = {
|
|
44
|
+
"1.1" => {
|
|
45
|
+
email_address: ->(p) { "foo@example.com" }
|
|
46
|
+
}
|
|
47
|
+
}
|
|
48
|
+
SamlIdp.stub(config: config)
|
|
49
|
+
end
|
|
50
|
+
|
|
51
|
+
it "doesn't include attribute statement" do
|
|
52
|
+
Timecop.travel(Time.zone.local(2010, 6, 1, 13, 0, 0)) do
|
|
53
|
+
subject.raw.should == "<Assertion xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\" ID=\"_abc\" IssueInstant=\"2010-06-01T13:00:00Z\" Version=\"2.0\"><Issuer>http://sportngin.com</Issuer><Subject><NameID Format=\"urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress\">foo@example.com</NameID><SubjectConfirmation Method=\"urn:oasis:names:tc:SAML:2.0:cm:bearer\"><SubjectConfirmationData InResponseTo=\"123\" NotOnOrAfter=\"2010-06-01T13:03:00Z\" Recipient=\"http://saml.acs.url\"></SubjectConfirmationData></SubjectConfirmation></Subject><Conditions NotBefore=\"2010-06-01T12:59:55Z\" NotOnOrAfter=\"2010-06-01T16:00:00Z\"><AudienceRestriction><Audience>http://example.com</Audience></AudienceRestriction></Conditions><AuthnStatement AuthnInstant=\"2010-06-01T13:00:00Z\" SessionIndex=\"_abc\"><AuthnContext><AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</AuthnContextClassRef></AuthnContext></AuthnStatement></Assertion>"
|
|
54
|
+
end
|
|
55
|
+
end
|
|
56
|
+
end
|
|
57
|
+
|
|
40
58
|
it "builds encrypted XML" do
|
|
41
59
|
builder = described_class.new(
|
|
42
60
|
reference_id,
|
|
@@ -1,8 +1,24 @@
|
|
|
1
1
|
require 'spec_helper'
|
|
2
2
|
module SamlIdp
|
|
3
3
|
describe Request do
|
|
4
|
+
let(:raw_authn_request) { "<samlp:AuthnRequest AssertionConsumerServiceURL='http://localhost:3000/saml/consume' Destination='http://localhost:1337/saml/auth' ID='_af43d1a0-e111-0130-661a-3c0754403fdb' IssueInstant='2013-08-06T22:01:35Z' Version='2.0' xmlns:samlp='urn:oasis:names:tc:SAML:2.0:protocol'><saml:Issuer xmlns:saml='urn:oasis:names:tc:SAML:2.0:assertion'>localhost:3000</saml:Issuer><samlp:NameIDPolicy AllowCreate='true' Format='urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress' xmlns:samlp='urn:oasis:names:tc:SAML:2.0:protocol'/><samlp:RequestedAuthnContext Comparison='exact'><saml:AuthnContextClassRef xmlns:saml='urn:oasis:names:tc:SAML:2.0:assertion'>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef></samlp:RequestedAuthnContext></samlp:AuthnRequest>" }
|
|
5
|
+
|
|
6
|
+
describe "deflated request" do
|
|
7
|
+
let(:deflated_request) { Base64.encode64(Zlib::Deflate.deflate(raw_authn_request, 9)[2..-5]) }
|
|
8
|
+
|
|
9
|
+
subject { described_class.from_deflated_request deflated_request }
|
|
10
|
+
|
|
11
|
+
it "inflates" do
|
|
12
|
+
subject.request_id.should == "_af43d1a0-e111-0130-661a-3c0754403fdb"
|
|
13
|
+
end
|
|
14
|
+
|
|
15
|
+
it "handles invalid SAML" do
|
|
16
|
+
req = described_class.from_deflated_request "bang!"
|
|
17
|
+
req.valid?.should == false
|
|
18
|
+
end
|
|
19
|
+
end
|
|
20
|
+
|
|
4
21
|
describe "authn request" do
|
|
5
|
-
let(:raw_authn_request) { "<samlp:AuthnRequest AssertionConsumerServiceURL='http://localhost:3000/saml/consume' Destination='http://localhost:1337/saml/auth' ID='_af43d1a0-e111-0130-661a-3c0754403fdb' IssueInstant='2013-08-06T22:01:35Z' Version='2.0' xmlns:samlp='urn:oasis:names:tc:SAML:2.0:protocol'><saml:Issuer xmlns:saml='urn:oasis:names:tc:SAML:2.0:assertion'>localhost:3000</saml:Issuer><samlp:NameIDPolicy AllowCreate='true' Format='urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress' xmlns:samlp='urn:oasis:names:tc:SAML:2.0:protocol'/><samlp:RequestedAuthnContext Comparison='exact'><saml:AuthnContextClassRef xmlns:saml='urn:oasis:names:tc:SAML:2.0:assertion'>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef></samlp:RequestedAuthnContext></samlp:AuthnRequest>" }
|
|
6
22
|
subject { described_class.new raw_authn_request }
|
|
7
23
|
|
|
8
24
|
it "has a valid request_id" do
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: saml_idp
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.3.
|
|
4
|
+
version: 0.3.1
|
|
5
5
|
prerelease:
|
|
6
6
|
platform: ruby
|
|
7
7
|
authors:
|
|
@@ -82,7 +82,7 @@ dependencies:
|
|
|
82
82
|
requirements:
|
|
83
83
|
- - ! '>='
|
|
84
84
|
- !ruby/object:Gem::Version
|
|
85
|
-
version:
|
|
85
|
+
version: 1.6.2
|
|
86
86
|
type: :runtime
|
|
87
87
|
prerelease: false
|
|
88
88
|
version_requirements: !ruby/object:Gem::Requirement
|
|
@@ -90,7 +90,7 @@ dependencies:
|
|
|
90
90
|
requirements:
|
|
91
91
|
- - ! '>='
|
|
92
92
|
- !ruby/object:Gem::Version
|
|
93
|
-
version:
|
|
93
|
+
version: 1.6.2
|
|
94
94
|
- !ruby/object:Gem::Dependency
|
|
95
95
|
name: rake
|
|
96
96
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -393,7 +393,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
393
393
|
version: '0'
|
|
394
394
|
segments:
|
|
395
395
|
- 0
|
|
396
|
-
hash:
|
|
396
|
+
hash: 3897224932473421583
|
|
397
397
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
398
398
|
none: false
|
|
399
399
|
requirements:
|
|
@@ -402,7 +402,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
402
402
|
version: '0'
|
|
403
403
|
segments:
|
|
404
404
|
- 0
|
|
405
|
-
hash:
|
|
405
|
+
hash: 3897224932473421583
|
|
406
406
|
requirements: []
|
|
407
407
|
rubyforge_project:
|
|
408
408
|
rubygems_version: 1.8.23
|