RubyGems - saml_tools - Versions diffs - 0.0.1 → 0.1.0 - Mend

saml_tools 0.0.1 → 0.1.0

Files changed (18) hide show

checksums.yaml +5 -13
data/README.rdoc +21 -2
data/lib/saml_tool/certificate.rb +8 -7
data/lib/saml_tool/decoder.rb +1 -1
data/lib/saml_tool/encoder.rb +1 -1
data/lib/saml_tool/erb_builder.rb +10 -1
data/lib/saml_tool/reader.rb +11 -3
data/lib/saml_tool/redirect.rb +11 -0
data/lib/saml_tool/response_reader.rb +37 -19
data/lib/saml_tool/rsa_key.rb +4 -3
data/lib/saml_tool/saml.rb +5 -5
data/lib/saml_tool/settings.rb +3 -2
data/lib/saml_tool/validator.rb +2 -1
data/lib/saml_tool/version.rb +3 -1
data/test/files/response_simple_attributes.xml +30 -0
data/test/test_helper.rb +11 -7
data/test/units/saml_tool/response_reader_test.rb +43 -23
metadata +29 -27

checksums.yaml CHANGED

@@ -1,15 +1,7 @@
 ---
-!binary "U0hBMQ==":
-  metadata.gz: !binary |-
-    M2Q5NTdiZmZmM2FkZTAwNDE4MTg5OTczNWEyODA5ZDNmOTE5ZmMzOQ==
-  data.tar.gz: !binary |-
-    ZjE1NGRlYzdhMmQzZDg4N2ZiMTZlY2RkZGFjZWViMDNlOWJkOWI5Ng==
+SHA1:
+  metadata.gz: cca6a06834de7176a2a91089e9fc3faf3bb67f86
+  data.tar.gz: a922aa5824ce9cf41cb5c044284559f61777aac4
 SHA512:
-  metadata.gz: !binary |-
-    ZjkwNjQyOTQxNTA4YjAwNmJjZDJjMzBiMTBhZGYxZWYzZDhmNzAzMmI0ZjZh
-    NTNlNzY4ODM0MDZmNjg0MGRkOTdhMDIxYjEwYWRhNjUyMTBmZDRlMjNkNGM4
-    NzQ2OThjZDcxN2NmNjVkZTM1MTFhNDZjMzk5OGIzN2RlOWI3ODE=
-  data.tar.gz: !binary |-
-    ZWY0OTc2Y2JiODhlYjIwYjdmY2Y2ZDhkM2Y4MjEzYThiMDAxY2YyNWNmODBl
-    ZjVlNWMxZWVlOWM3NTc1YjZkNjM1ZmQyODQxNjE5YzQ4M2UxZTMzOTUxOWIw
-    YWUwNjg2ZDk3MDNiNDg5NjFmMmRhYzA4Y2Y4NDVlNWYyNDI2MDI=
+  metadata.gz: 4d61deec4411bd06cabef1f18ba17a794888eece5581ac6dda4ab92d15c77d42f0a4c3d0917ffe6e63dab394bb20365ef966d6476394f3864d41168c53daa62c
+  data.tar.gz: 6ba8be4feae23224a20a9e4d5ad712a78f92ab326368959dba893a7980414a15c8a63052eabc466cc914ae26be1b823753744e35eefc70ae25b05e637b641929

data/README.rdoc CHANGED

@@ -1,6 +1,10 @@
 =SAML Tools
-Tools to simplify the creation, validation and sending of SAML objects
+Tools to simplify the creation, validation and sending of SAML objects.
+These tools are available as a gem:
+gem 'saml_tools'
 == SamlTool::Certificate
 Version of OpenSSL::X509::Certificate that adds methods to simplify the retrieval
@@ -62,4 +66,19 @@ Compares documents with SAML schemas to test if they have a valid structure.
 == Further reading
 I've {blogged here}[http://undervale.co.uk/blog/?p=490] about some of highs and
-lows of building these tools.
+lows of building these tools.
+There is a demo app that I have been working with as I've developed these tools:
+  https://github.com/warwickshire/saml_tools_demo
+This work has been greatly influenced by:
+*  https://github.com/onelogin/ruby-saml
+*  https://onelogin.zendesk.com/hc/en-us/articles/201175674-SAML-toolkit-for-Ruby-on-Rails
+*  http://samltool-j.appspot.com/saml_demo.jsp
+*  https://www.oasis-open.org/committees/documents.php?wg_abbrev=security
+*  http://en.wikipedia.org/wiki/SAML_2.0
+*  https://github.com/lawrencepit/ruby-saml-idp
+*  http://users.dcc.uchile.cl/~pcamacho/tutorial/web/xmlsec/xmlsec.html
+*  https://github.com/digidentity/libsaml

data/lib/saml_tool/certificate.rb CHANGED

@@ -1,27 +1,28 @@
+# Version of OpenSSL::X509::Certificate that adds methods to simplify the retrieval
+# of data used in SAML responses.
 module SamlTool
   class Certificate < OpenSSL::X509::Certificate
     alias_method :serial_number, :serial
     def without_leading_and_trailing_labels
       to_s.lines.to_a[1..-2].join
     end
     alias_method :x509_certificate, :without_leading_and_trailing_labels
     def issuer_name
       @issuer_name ||= slash_list_to_comma_list(issuer)
     end
     def subject_name
       @subject_name ||= slash_list_to_comma_list(subject)
     end
     def slash_list_to_comma_list(string)
       string = string.to_s
       string = string[1..-1] if string[0] == '/'
       string.split('/').reverse.join(',')
     end
   end
 end

data/lib/saml_tool/decoder.rb CHANGED

@@ -1,4 +1,4 @@
+# Decodes base64 and unzips content.
 module SamlTool
   class Decoder
     attr_reader :saml

data/lib/saml_tool/encoder.rb CHANGED

@@ -1,4 +1,4 @@
+# Zips content and base64 encodes it.
 module SamlTool
   class Encoder
     attr_reader :saml

data/lib/saml_tool/erb_builder.rb CHANGED

@@ -1,7 +1,16 @@
 require 'erb'
+# Used to build SAML content from erb templates.
+#
+#     output = SamlTool::ErbBuilder.build(
+#       template: '<foo><%= settings %></foo>',
+#       settings: 'bar'
+#     )
+#     output == '<foo>bar</foo>'
+#
 module SamlTool
   class ErbBuilder
     attr_reader :args, :settings, :template
     def self.build(args)

data/lib/saml_tool/reader.rb CHANGED

@@ -1,4 +1,12 @@
+# Wraps SAML documents and exposes data via methods
+#
+#     output == '<foo>bar</foo>'
+#     reader = SamlTool::Reader.new(
+#                output,
+#                {foo: '//foo/text()'}
+#              )
+#     reader.foo == 'bar'
+#
 module SamlTool
   class Reader
     attr_reader :saml, :config, :namespaces
@@ -23,12 +31,12 @@ module SamlTool
         instance_variable_set("@#{key}".to_sym, content)
       end
     end
     # A string with memory of the element that was the source of its content.
     # Typically, the source will be a Nokogiri::XML::NodeSet. So:
     #     content           --> text from an element.
     #     content.source    --> the Nokogiri NodeSet the text was extracted from.
-    class Content < String
+    class Content < String
       attr_reader :source
       def initialize(source)
         @source = source

data/lib/saml_tool/redirect.rb CHANGED

@@ -1,5 +1,16 @@
 require 'uri'
 require 'cgi'
+#  Used to construct redirection uris
+#
+#        redirect = Redirect.uri(
+#          to: 'http://example.com',
+#          data: {
+#            foo: 'bar'
+#          }
+#        )
+#        redirect == "http://example.com?foo=bar"
+#
 module SamlTool
   class Redirect

data/lib/saml_tool/response_reader.rb CHANGED

@@ -1,8 +1,11 @@
 require "openssl"
+# A version of SamlTool::Reader tailored for handling SAML responses. It includes
+# a valid? method that validates the SAML structure and checks the signature is
+# correct.
 module SamlTool
   class ResponseReader < Reader
     # On creation, the keys for this hash will be converted into methods that
     # will return the text gathered at the xpath in the matching value.
     def default_config
@@ -17,9 +20,9 @@ module SamlTool
         signature_algorithm:     '//ds:SignatureMethod/@Algorithm',
         signed_info:             '//ds:SignedInfo'
       }
-    end
-    def initialize(saml, config = {}, namespaces = {})
+    end
+    def initialize(saml, config = {}, namespaces = {})
       super(
         saml,
         config.merge(default_config),
@@ -27,6 +30,21 @@ module SamlTool
       )
     end
+    def attribute_names
+      @attribute_names ||= saml.xpath("//saml:Attribute/@Name").collect(&:value)
+    end
+    # A hash with the attribute names as keys, and the matching attribute value content as values.
+    # Note that if the same Name is assigned to more than one attribute or an attribute contains more than
+    # one value, then the value for that key will be an array.
+    def attributes
+      @attributes ||= attribute_names.inject({}) do |hash, name|
+        attribute_values = saml.xpath("//saml:Attribute[@Name='#{name}']/saml:AttributeValue/text()")
+        hash[name] = attribute_values.length > 1 ? attribute_values.collect(&:to_s) : attribute_values.to_s
+        hash
+      end
+    end
     def valid?
       structurally_valid? && signature_verified? && digests_match?
     end
@@ -46,19 +64,19 @@ module SamlTool
     def digests_match?
       digest_hash == decoded_digest_value
     end
     def signatureless
       @signatureless ||= clone_saml_and_remove_signature
     end
     def certificate
       @certificate ||= OpenSSL::X509::Certificate.new(raw_cert)
     end
     def raw_cert
       @raw_cert ||= Base64.decode64(base64_cert)
     end
     def fingerprint
       @fingerprint ||= Digest::SHA1.hexdigest(certificate.to_der)
     end
@@ -66,7 +84,7 @@ module SamlTool
     def signature
       @signature ||= Base64.decode64(signature_value)
     end
     def canonicalization_algorithm
       case canonicalization_method
         when "http://www.w3.org/TR/2001/REC-xml-c14n-20010315" then Nokogiri::XML::XML_C14N_1_0
@@ -74,14 +92,14 @@ module SamlTool
         else                                                        Nokogiri::XML::XML_C14N_EXCLUSIVE_1_0
       end
     end
     def hashed_element
       @hashed_element ||= signatureless.at_xpath("//*[@ID='#{reference_uri[1..-1]}']")
     end
     def canonicalized_hashed_element
       hashed_element.canonicalize(
-        canonicalization_algorithm,
+        canonicalization_algorithm,
         inclusive_namespaces.split(' ')
       )
     end
@@ -96,7 +114,7 @@ module SamlTool
     def signed_info_element
       signed_info.source.first
     end
     def digest_algorithm_class
       @digest_algorithm_class ||= determine_algorithm_class(digest_algorithm)
     end
@@ -104,7 +122,7 @@ module SamlTool
     def signature_algorithm_class
       @signature_algorithm_class ||= determine_algorithm_class(signature_algorithm)
     end
     def determine_algorithm_class(method_text)
       case method_text.slice(/sha(\d+)\s*$/, 1)
       when '256' then OpenSSL::Digest::SHA256
@@ -114,11 +132,11 @@ module SamlTool
         OpenSSL::Digest::SHA1
       end
     end
     def digest_hash
       @digest_hash ||= digest_algorithm_class.digest(canonicalized_hashed_element)
     end
     def decoded_digest_value
       Base64.decode64(digest_value)
     end
@@ -128,18 +146,18 @@ module SamlTool
       cloned_saml.xpath('//ds:Signature', namespaces).remove
       return SamlTool::SAML(cloned_saml.to_s)
     end
     def default_namespaces
       {
         ds: dsig,
         ec: c14m
       }
     end
     def c14m
       'http://www.w3.org/2001/10/xml-exc-c14n#'
     end
     def dsig
       'http://www.w3.org/2000/09/xmldsig#'
     end

data/lib/saml_tool/rsa_key.rb CHANGED

@@ -1,11 +1,12 @@
+# Version of OpenSSL::PKey::RSA that adds methods to simplify the retrieval
+# of data used in SAML responses.
 module SamlTool
   class RsaKey < OpenSSL::PKey::RSA
     def modulus
       Base64.encode64(n.to_s(2))
     end
     def exponent
       Base64.encode64(e.to_s(2))
     end

data/lib/saml_tool/saml.rb CHANGED

@@ -7,24 +7,24 @@ module SamlTool
       SAML::Document.parse(thing, url, encoding, options, &block)
     end
   end
   # A wrapper for Nokogiri::XML, that applies defaults that are appropriate for SAML
   module SAML
     class ParseOptions < Nokogiri::XML::ParseOptions
       DEFAULT_SAML = STRICT
     end
     class Document < Nokogiri::XML::Document
       def self.parse string_or_io, url = nil, encoding = nil, options = ParseOptions::DEFAULT_SAML, &block
         super
       end
     end
     # Parse XML.  Convenience method for Nokogiri::XML::Document.parse
     def self.parse thing, url = nil, encoding = nil, options = ParseOptions::DEFAULT_SAML, &block
       Document.parse(thing, url, encoding, options, &block)
     end
   end
 end

data/lib/saml_tool/settings.rb CHANGED

@@ -1,5 +1,6 @@
 require 'securerandom'
 require 'time'
+# Packages up settings so that they can be more easily passed to other objects.
 module SamlTool
   class Settings < Hashie::Mash
@@ -10,12 +11,12 @@ module SamlTool
     def issue_instance
       fetch :issue_instance, auto_issue_instance
     end
     private
     def auto_uuid
       @auto_uuid ||= ('_' + SecureRandom.uuid)
     end
     def auto_issue_instance
       @auto_issue_instance ||= Time.now.utc.iso8601
     end

data/lib/saml_tool/validator.rb CHANGED

@@ -1,10 +1,11 @@
+# Compares documents with SAML schemas to test if they have a valid structure.
 module SamlTool
   class Validator
     attr_reader :saml
     def initialize(saml)
       @saml = saml
     end
     def valid?
       validate
       errors.empty?

data/lib/saml_tool/version.rb CHANGED

@@ -1,8 +1,10 @@
 module SamlTool
-  VERSION = '0.0.1'
+  VERSION = '0.1.0'
 end
 # History
 # =======
 #
+# 0.1.0 - Adds facility to retrieve SAML attributes as a hash via ResponseReader
+#
 # 0.0.1 - First build

data/test/files/response_simple_attributes.xml ADDED

@@ -0,0 +1,30 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<samlp:Response xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
+                xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
+                ID="GOSAMLR12901174571794"
+                Version="2.0"
+                IssueInstant="issue_instance"
+                Destination="{recipient}">
+  <saml:Assertion xmlns:xs="http://www.w3.org/2001/XMLSchema"
+                  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+                  Version="2.0"
+                  ID="GOSAMLR12901174571794">
+    <saml:AttributeStatement>
+      <saml:Attribute Name="One">
+        <saml:AttributeValue  xmlns:xs="http://www.w3.org/2001/XMLSchema"
+                              xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+                              xsi:type="xs:string">1</saml:AttributeValue>
+      </saml:Attribute>
+      <saml:Attribute Name="Two">
+        <saml:AttributeValue  xmlns:xs="http://www.w3.org/2001/XMLSchema"
+                              xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+                              xsi:type="xs:string">2</saml:AttributeValue>
+      </saml:Attribute>
+      <saml:Attribute Name="Three">
+        <saml:AttributeValue  xmlns:xs="http://www.w3.org/2001/XMLSchema"
+                              xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+                              xsi:type="xs:string">3</saml:AttributeValue>
+      </saml:Attribute>
+    </saml:AttributeStatement>
+  </saml:Assertion>
+</samlp:Response>

data/test/test_helper.rb CHANGED

@@ -5,7 +5,7 @@ require 'minitest/autorun'
 require 'saml_tool'
 class Minitest::Test
   def valid_xml
     '<foo>bar</foo>'
   end
@@ -21,25 +21,29 @@ class Minitest::Test
   def request_saml_erb
     contents_of 'files/request.saml.erb'
   end
   def response_xml
     contents_of 'files/response.xml'
   end
   def open_saml_request
     contents_of 'files/open_saml_response.xml'
   end
+  def response_simple_attributes
+    contents_of 'files/response_simple_attributes.xml'
+  end
   def x509_certificate
     @x509_certificate ||= OpenSSL::PKCS12.new(
-      contents_of('files/usercert.p12'),
+      contents_of('files/usercert.p12'),
       'hello'
     ).certificate
   end
   def open_ssl_rsa_key
     @open_ssl_rsa_key ||= OpenSSL::PKey::RSA.new(
-      contents_of('files/userkey.pem'),
+      contents_of('files/userkey.pem'),
       'hello'
     )
   end

data/test/units/saml_tool/response_reader_test.rb CHANGED

@@ -2,85 +2,85 @@ require_relative '../../test_helper'
 module SamlTool
   class ResponseReaderTest < Minitest::Test
     def test_saml
       assert_kind_of SAML::Document, response_document.saml
     end
     def test_signatureless
       assert_kind_of SAML::Document, response_document.signatureless
       expected = response_document.saml.clone
       expected.xpath('//ds:Signature', { 'ds' => dsig }).remove
       assert_equal expected.to_s, response_document.signatureless.to_s
     end
     def test_signatureless_does_not_impact_saml
       response_document.signatureless
       assert response_document.saml.to_s != response_document.signatureless.to_s, 'Changes made in forming signatureless should not also happen to saml'
     end
     def test_base64_cert
       base64_cert = response_document_saml.xpath('//ds:X509Certificate/text()', { 'ds' => dsig })
       assert_equal base64_cert.to_s, response_document.base64_cert
     end
     def test_certificate
       assert_kind_of OpenSSL::X509::Certificate, response_document.certificate
     end
     def test_fingerprint
       expected = Digest::SHA1.hexdigest(response_document.certificate.to_der)
       assert_equal expected, response_document.fingerprint
     end
     def test_canonicalization_method
       expected = response_document_saml.xpath('//ds:CanonicalizationMethod/@Algorithm', { 'ds' => dsig })
       assert_equal expected.to_s, response_document.canonicalization_method
     end
     def test_canonicalization_algorithm
       expected = Nokogiri::XML::XML_C14N_1_0
       assert_equal expected, response_document.canonicalization_algorithm
     end
     def test_reference_uri
       expected = response_document_saml.xpath('//ds:Reference/@URI', { 'ds' => dsig })
       assert_equal expected.to_s, response_document.reference_uri
     end
     def test_inclusive_namespaces
       assert_equal "", response_document.inclusive_namespaces
     end
     def test_inclusive_namespaces_when_they_exist_in_saml
       document = ResponseReader.new(open_saml_request)
       assert_equal 'xs', document.inclusive_namespaces
     end
     def test_hashed_element
       remove_signature_from_assertion
       assert_equal assertion.to_s, response_document.hashed_element.to_s
     end
     def test_canonicalized_hashed_element
       remove_signature_from_assertion
       expected = assertion.canonicalize(Nokogiri::XML::XML_C14N_1_0, [])
       assert_equal expected, response_document.canonicalized_hashed_element
     end
     def test_digest_algorithm
       assert_equal 'http://www.w3.org/2000/09/xmldsig#sha1', response_document.digest_algorithm
     end
     def test_digest_algorithm_class
       assert_equal OpenSSL::Digest::SHA1, response_document.digest_algorithm_class
     end
     def test_digest_hash
       expected = OpenSSL::Digest::SHA1.digest(response_document.canonicalized_hashed_element)
       assert_equal expected, response_document.digest_hash
     end
     def test_digest_hash_matches_digest_value
       assert_equal response_document.digest_hash, response_document.decoded_digest_value
     end
@@ -112,6 +112,22 @@ module SamlTool
       assert_equal true, response_document.structurally_valid?
     end
+    def test_attribute_names
+      with_simple_attributes
+      assert_equal %w{One Two Three}, response_document.attribute_names
+    end
+    def test_attributes
+      with_simple_attributes
+      expected = {'One' => '1', 'Two' => '2', 'Three' => '3'}
+      assert_equal expected, response_document.attributes
+    end
+    def test_attributes_with_complicated_structure
+      expected = {"uid"=>"demo", "another_value"=>["value1", "value2"], "role"=>["role1", "role2"]}
+      assert_equal expected, response_document.attributes
+    end
     def test_valid
       assert_equal true, response_document.valid?
     end
@@ -119,26 +135,30 @@ module SamlTool
     def response_document
       @response_document ||= ResponseReader.new(response_xml)
     end
+    def with_simple_attributes
+      @response_document = ResponseReader.new(response_simple_attributes)
+    end
     def assertion
       @assertion ||= response_document_saml.at_xpath('//saml:Assertion')
     end
     def remove_signature_from_assertion
       assertion.xpath('//ds:Signature', { 'ds' => dsig }).remove
     end
     def response_document_saml
       @response_document_saml ||= SamlTool::SAML(response_xml)
     end
     def c14m
       'http://www.w3.org/2001/10/xml-exc-c14n#'
     end
     def dsig
       'http://www.w3.org/2000/09/xmldsig#'
     end
   end
 end

metadata CHANGED

@@ -1,77 +1,77 @@
 --- !ruby/object:Gem::Specification
 name: saml_tools
 version: !ruby/object:Gem::Version
-  version: 0.0.1
+  version: 0.1.0
 platform: ruby
 authors:
 - Rob Nichols
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2014-08-19 00:00:00.000000000 Z
+date: 2016-09-21 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: nokogiri
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ! '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ! '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
   name: hashie
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ! '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ! '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
   name: xmldsig
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ! '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ! '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
   name: minitest
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '5.1'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '5.1'
-description: ! ' SAML 2.0 is an XML-based protocol that uses security tokens containing
+description: " SAML 2.0 is an XML-based protocol that uses security tokens containing
   assertions to pass information about a principal (usually an end user) between a
   SAML authority, that is, an identity provider, and a SAML consumer, that is, a service
   provider. SAML 2.0 enables web-based authentication and authorization scenarios
   including cross-domain single sign-on (SSO), which helps reduce the administrative
-  overhead of distributing multiple authentication tokens to the user.'
+  overhead of distributing multiple authentication tokens to the user."
 email:
 - rob@undervale.co.uk
 executables: []
@@ -104,6 +104,7 @@ files:
 - test/files/open_saml_response.xml
 - test/files/request.saml.erb
 - test/files/response.xml
+- test/files/response_simple_attributes.xml
 - test/files/response_template.xml
 - test/files/usercert.p12
 - test/files/userkey.pem
@@ -130,39 +131,40 @@ require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ! '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ! '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
 rubyforge_project:
-rubygems_version: 2.2.2
+rubygems_version: 2.5.1
 signing_key:
 specification_version: 4
 summary: Tools to simplify the creation, validation and sending of SAML objects
 test_files:
 - test/files/TEST_FILES.rdoc
-- test/files/response.xml
-- test/files/valid_saml_request.xml
 - test/files/open_saml_response.xml
-- test/files/response_template.xml
+- test/files/response_simple_attributes.xml
 - test/files/usercert.p12
-- test/files/request.saml.erb
-- test/files/cacert.pem
 - test/files/userkey.pem
-- test/units/saml_tool/validator_test.rb
-- test/units/saml_tool/reader_test.rb
+- test/files/cacert.pem
+- test/files/valid_saml_request.xml
+- test/files/response_template.xml
+- test/files/request.saml.erb
+- test/files/response.xml
 - test/units/saml_tool/response_reader_test.rb
-- test/units/saml_tool/saml_test.rb
 - test/units/saml_tool/erb_builder_test.rb
-- test/units/saml_tool/redirect_test.rb
-- test/units/saml_tool/rsa_key_test.rb
-- test/units/saml_tool/certificate_test.rb
+- test/units/saml_tool/saml_test.rb
 - test/units/saml_tool/encoder_test.rb
-- test/units/saml_tool/decoder_test.rb
+- test/units/saml_tool/reader_test.rb
+- test/units/saml_tool/certificate_test.rb
+- test/units/saml_tool/validator_test.rb
+- test/units/saml_tool/redirect_test.rb
 - test/units/saml_tool/settings_test.rb
+- test/units/saml_tool/decoder_test.rb
+- test/units/saml_tool/rsa_key_test.rb
 - test/test_helper.rb