samlr 2.0.3 → 2.0.4
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of samlr might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/lib/samlr/assertion.rb +9 -1
- data/lib/samlr/response.rb +1 -1
- data/lib/samlr/tools/response_builder.rb +17 -11
- data/samlr.gemspec +1 -1
- data/test/unit/test_assertion.rb +9 -0
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 80b04360348dfd9ce7a8962cf47500b5c25654e6
|
4
|
+
data.tar.gz: 4a02064f3e0d57fd26877778a3f9f954dd0be6fd
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: c73af6bf4ff4a50b7fb8a5906e50752d3288666c39ab6eea174a739b50b85d7b40387c355bd9b1d240d6597e259145cd03170cd1a60606f5d850ee04e0760c31
|
7
|
+
data.tar.gz: c201e8a43db90a944b533d65d2b84dc500e97878044105bb5e334c6bde5b8189c83b8663c66c2e7af1aa1db720877749bb583d24a9f670683ebc52cece05c8ba
|
data/lib/samlr/assertion.rb
CHANGED
@@ -48,7 +48,11 @@ module Samlr
|
|
48
48
|
end
|
49
49
|
|
50
50
|
def name_id
|
51
|
-
@name_id ||=
|
51
|
+
@name_id ||= name_id_node.text
|
52
|
+
end
|
53
|
+
|
54
|
+
def name_id_options
|
55
|
+
@name_id_options ||= Hash[name_id_node.attributes.map{|k,v| [k, v.value]}]
|
52
56
|
end
|
53
57
|
|
54
58
|
def conditions
|
@@ -57,6 +61,10 @@ module Samlr
|
|
57
61
|
|
58
62
|
private
|
59
63
|
|
64
|
+
def name_id_node
|
65
|
+
@name_id_node ||= assertion.at("./saml:Subject/saml:NameID", NS_MAP)
|
66
|
+
end
|
67
|
+
|
60
68
|
def assertion
|
61
69
|
@assertion ||= document.at(location, NS_MAP)
|
62
70
|
end
|
data/lib/samlr/response.rb
CHANGED
@@ -9,16 +9,18 @@ module Samlr
|
|
9
9
|
module ResponseBuilder
|
10
10
|
|
11
11
|
def self.build(options = {})
|
12
|
-
issue_instant
|
13
|
-
response_id
|
14
|
-
assertion_id
|
15
|
-
status_code
|
16
|
-
name_id_format
|
17
|
-
subject_conf_m
|
18
|
-
version
|
19
|
-
auth_context
|
20
|
-
issuer
|
21
|
-
attributes
|
12
|
+
issue_instant = options[:issue_instant] || Samlr::Tools::Timestamp.stamp
|
13
|
+
response_id = options[:response_id] || Samlr::Tools.uuid
|
14
|
+
assertion_id = options[:assertion_id] || Samlr::Tools.uuid
|
15
|
+
status_code = options[:status_code] || "urn:oasis:names:tc:SAML:2.0:status:Success"
|
16
|
+
name_id_format = options[:name_id_format] || EMAIL_FORMAT
|
17
|
+
subject_conf_m = options[:subject_conf_m] || "urn:oasis:names:tc:SAML:2.0:cm:bearer"
|
18
|
+
version = options[:version] || "2.0"
|
19
|
+
auth_context = options[:auth_context] || "urn:oasis:names:tc:SAML:2.0:ac:classes:Password"
|
20
|
+
issuer = options[:issuer] || "ResponseBuilder IdP"
|
21
|
+
attributes = options[:attributes] || {}
|
22
|
+
name_qualifier = options[:name_qualifier]
|
23
|
+
sp_name_qualifier = options[:sp_name_qualifier]
|
22
24
|
|
23
25
|
# Mandatory for responses
|
24
26
|
destination = options.fetch(:destination)
|
@@ -49,7 +51,11 @@ module Samlr
|
|
49
51
|
xml["saml"].Issuer(issuer)
|
50
52
|
|
51
53
|
xml["saml"].Subject do
|
52
|
-
|
54
|
+
name_id_options = { "Format" => name_id_format}
|
55
|
+
name_id_options.merge!("NameQualifier" => name_qualifier) unless name_qualifier.nil?
|
56
|
+
name_id_options.merge!("SPNameQualifier" => sp_name_qualifier) unless sp_name_qualifier.nil?
|
57
|
+
|
58
|
+
xml["saml"].NameID(name_id, name_id_options)
|
53
59
|
|
54
60
|
xml["saml"].SubjectConfirmation("Method" => subject_conf_m) do
|
55
61
|
xml["saml"].SubjectConfirmationData("InResponseTo" => in_response_to, "NotOnOrAfter" => not_on_or_after, "Recipient" => destination)
|
data/samlr.gemspec
CHANGED
data/test/unit/test_assertion.rb
CHANGED
@@ -28,6 +28,15 @@ describe Samlr::Assertion do
|
|
28
28
|
end
|
29
29
|
end
|
30
30
|
|
31
|
+
describe "#name_id_options" do
|
32
|
+
subject { fixed_saml_response(:name_qualifier => 'portal-happyservice-idp', :sp_name_qualifier => 'happyservice.zendesk.com').assertion }
|
33
|
+
|
34
|
+
it "returns the options for the NameID element" do
|
35
|
+
expected = {"Format"=>"urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress", "NameQualifier"=>"portal-happyservice-idp", "SPNameQualifier"=>"happyservice.zendesk.com"}
|
36
|
+
assert_equal expected, subject.name_id_options
|
37
|
+
end
|
38
|
+
end
|
39
|
+
|
31
40
|
describe "#verify!" do
|
32
41
|
let(:condition) do
|
33
42
|
Class.new do
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: samlr
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.0.
|
4
|
+
version: 2.0.4
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Morten Primdahl
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2014-
|
11
|
+
date: 2014-09-02 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: nokogiri
|