samlr 2.2.0 → 2.3.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of samlr might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/lib/samlr.rb +2 -1
- data/lib/samlr/certificate.rb +2 -2
- data/lib/samlr/fingerprint.rb +17 -4
- data/lib/samlr/fingerprint_sha1.rb +10 -0
- data/lib/samlr/fingerprint_sha256.rb +10 -0
- data/lib/samlr/signature.rb +2 -2
- data/lib/samlr/version.rb +1 -1
- metadata +4 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: f7378eb46f0f0b532f4f2cfc95dc40ac6459080c
|
4
|
+
data.tar.gz: f465d9ec773cb4b65157d0fd01b99a1692759a92
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: eed88391d3b9fdddefc7b88203d237c458a252a3c2bdda8eb9b46471d933d4ca64578682d481d84a980e50034e726629f9c026817ad8c73a495577ae1e0afffb
|
7
|
+
data.tar.gz: 1c53f2ee25f0111a45b8eaba9acfb845b56dcc4f21be67fba23d860642ddda0af65453c117ce27cffb4e83bfa066d78244ed3e97f420328690422e5fd2ddf3bf
|
data/lib/samlr.rb
CHANGED
@@ -45,7 +45,8 @@ require "samlr/errors"
|
|
45
45
|
require "samlr/tools"
|
46
46
|
require "samlr/condition"
|
47
47
|
require "samlr/assertion"
|
48
|
-
require "samlr/
|
48
|
+
require "samlr/fingerprint_sha1"
|
49
|
+
require "samlr/fingerprint_sha256"
|
49
50
|
require "samlr/signature"
|
50
51
|
require "samlr/response"
|
51
52
|
require "samlr/request"
|
data/lib/samlr/certificate.rb
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
module Samlr
|
2
2
|
class Certificate
|
3
3
|
attr_reader :x509
|
4
|
-
|
4
|
+
|
5
5
|
def initialize(value)
|
6
6
|
@x509 = if value.is_a?(OpenSSL::X509::Certificate)
|
7
7
|
value
|
@@ -13,7 +13,7 @@ module Samlr
|
|
13
13
|
end
|
14
14
|
|
15
15
|
def fingerprint
|
16
|
-
@fingerprint ||=
|
16
|
+
@fingerprint ||= FingerprintSHA256.new(@x509)
|
17
17
|
end
|
18
18
|
|
19
19
|
def ==(other)
|
data/lib/samlr/fingerprint.rb
CHANGED
@@ -4,9 +4,18 @@ module Samlr
|
|
4
4
|
|
5
5
|
def initialize(value)
|
6
6
|
if value.is_a?(OpenSSL::X509::Certificate)
|
7
|
-
@value =
|
7
|
+
@value = self.class.x509(value)
|
8
8
|
else
|
9
|
-
@value =
|
9
|
+
@value = self.class.normalize(value)
|
10
|
+
end
|
11
|
+
end
|
12
|
+
|
13
|
+
def self.from_string(string)
|
14
|
+
normalized = normalize(string)
|
15
|
+
if string.gsub(':', '').length == 64
|
16
|
+
FingerprintSHA256.new(normalized)
|
17
|
+
else
|
18
|
+
FingerprintSHA1.new(normalized)
|
10
19
|
end
|
11
20
|
end
|
12
21
|
|
@@ -23,6 +32,10 @@ module Samlr
|
|
23
32
|
end
|
24
33
|
end
|
25
34
|
|
35
|
+
def verify!(certificate)
|
36
|
+
compare!(self.class.new(self.class.x509(certificate.x509)))
|
37
|
+
end
|
38
|
+
|
26
39
|
def valid?
|
27
40
|
value =~ /([A-F0-9]:?)+/
|
28
41
|
end
|
@@ -33,7 +46,7 @@ module Samlr
|
|
33
46
|
|
34
47
|
# Extracts a fingerprint for an x509 certificate
|
35
48
|
def self.x509(certificate)
|
36
|
-
|
49
|
+
raise NotImplementedError, 'subclass must implement x509'
|
37
50
|
end
|
38
51
|
|
39
52
|
# Converts a string to fingerprint normal form
|
@@ -41,4 +54,4 @@ module Samlr
|
|
41
54
|
value.to_s.upcase.gsub(/[^A-F0-9]/, "").scan(/../).join(":")
|
42
55
|
end
|
43
56
|
end
|
44
|
-
end
|
57
|
+
end
|
data/lib/samlr/signature.rb
CHANGED
@@ -21,7 +21,7 @@ module Samlr
|
|
21
21
|
end
|
22
22
|
|
23
23
|
@fingerprint = if options[:fingerprint]
|
24
|
-
Fingerprint.
|
24
|
+
Fingerprint.from_string(options[:fingerprint])
|
25
25
|
elsif options[:certificate]
|
26
26
|
Certificate.new(options[:certificate]).fingerprint
|
27
27
|
end
|
@@ -61,7 +61,7 @@ module Samlr
|
|
61
61
|
|
62
62
|
# Establishes trust that the remote party is who you think
|
63
63
|
def verify_fingerprint!
|
64
|
-
fingerprint.
|
64
|
+
fingerprint.verify!(certificate!)
|
65
65
|
end
|
66
66
|
|
67
67
|
# Tests that the document content has not been edited
|
data/lib/samlr/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: samlr
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.
|
4
|
+
version: 2.3.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Morten Primdahl
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2015-
|
11
|
+
date: 2015-12-29 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: nokogiri
|
@@ -118,6 +118,8 @@ files:
|
|
118
118
|
- lib/samlr/condition.rb
|
119
119
|
- lib/samlr/errors.rb
|
120
120
|
- lib/samlr/fingerprint.rb
|
121
|
+
- lib/samlr/fingerprint_sha1.rb
|
122
|
+
- lib/samlr/fingerprint_sha256.rb
|
121
123
|
- lib/samlr/logout_request.rb
|
122
124
|
- lib/samlr/reference.rb
|
123
125
|
- lib/samlr/request.rb
|