samlsso 0.1.5 → 0.1.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/samlsso/version.rb +1 -1
- data/lib/xml_security.rb +36 -15
- data/samlsso-0.1.5.gem +0 -0
- metadata +3 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: f77cfd3855990131639ddbb2c93737cfe8e5884d
|
|
4
|
+
data.tar.gz: a88195b337a64de1b2e237d92de9a8c82c3d4557
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: ea9a273fc674702a632a66b761deb62793f046addc303c7d767fe829781502164380917c29d44df39bf7ac9f0035e6333cb121e67e7554d77fc1d47af5c3b8fa
|
|
7
|
+
data.tar.gz: d83e3a13e682e1c241805af627d6fe341cc02eaf8a3f4392d78d4346ff54ae3425887fe8ab07e82ee68b70589e2650c33ad24b27353ce51c54d9b4ff969f8b86
|
data/lib/samlsso/version.rb
CHANGED
data/lib/xml_security.rb
CHANGED
|
@@ -217,26 +217,47 @@ module XMLSecurity
|
|
|
217
217
|
noko_sig_element.remove
|
|
218
218
|
|
|
219
219
|
# check digests
|
|
220
|
-
|
|
221
|
-
|
|
222
|
-
|
|
223
|
-
uri = ref.attributes.get_attribute("URI").value
|
|
220
|
+
if REXML::XPath.first(@sig_element, "//ds:Reference", {"ds"=>DSIG})
|
|
221
|
+
REXML::XPath.each(@sig_element, "//ds:Reference", {"ds"=>DSIG}) do |ref|
|
|
222
|
+
uri = ref.attributes.get_attribute("URI").value
|
|
224
223
|
|
|
225
|
-
|
|
226
|
-
|
|
227
|
-
|
|
224
|
+
hashed_element = document.at_xpath("//*[@ID='#{uri[1..-1]}']")
|
|
225
|
+
canon_algorithm = canon_algorithm REXML::XPath.first(ref, '//ds:CanonicalizationMethod', 'ds' => DSIG)
|
|
226
|
+
canon_hashed_element = hashed_element.canonicalize(canon_algorithm, inclusive_namespaces)
|
|
228
227
|
|
|
229
|
-
|
|
228
|
+
digest_algorithm = algorithm(REXML::XPath.first(ref, "//ds:DigestMethod", 'ds' => DSIG))
|
|
230
229
|
|
|
231
|
-
|
|
230
|
+
hash = digest_algorithm.digest(canon_hashed_element)
|
|
232
231
|
|
|
233
|
-
|
|
234
|
-
|
|
235
|
-
|
|
232
|
+
base64_digest = REXML::XPath.first(ref, "//ds:DigestValue", {"ds"=>DSIG})
|
|
233
|
+
base64_digest = REXML::XPath.first(ref, "//ds:DigestValue") unless base64_digest
|
|
234
|
+
digest_value = Base64.decode64(base64_digest.text)
|
|
236
235
|
|
|
237
|
-
|
|
238
|
-
|
|
239
|
-
|
|
236
|
+
unless digests_match?(hash, digest_value)
|
|
237
|
+
@errors << "Digest mismatch"
|
|
238
|
+
return soft ? false : (raise Samlsso::ValidationError.new("Digest mismatch"))
|
|
239
|
+
end
|
|
240
|
+
end
|
|
241
|
+
else
|
|
242
|
+
REXML::XPath.each(@sig_element, "//ds:Reference") do |ref|
|
|
243
|
+
uri = ref.attributes.get_attribute("URI").value
|
|
244
|
+
|
|
245
|
+
hashed_element = document.at_xpath("//*[@ID='#{uri[1..-1]}']")
|
|
246
|
+
canon_algorithm = canon_algorithm REXML::XPath.first(ref, '//ds:CanonicalizationMethod', 'ds' => DSIG)
|
|
247
|
+
canon_hashed_element = hashed_element.canonicalize(canon_algorithm, inclusive_namespaces)
|
|
248
|
+
|
|
249
|
+
digest_algorithm = algorithm(REXML::XPath.first(ref, "//ds:DigestMethod", 'ds' => DSIG))
|
|
250
|
+
|
|
251
|
+
hash = digest_algorithm.digest(canon_hashed_element)
|
|
252
|
+
|
|
253
|
+
base64_digest = REXML::XPath.first(ref, "//ds:DigestValue", {"ds"=>DSIG})
|
|
254
|
+
base64_digest = REXML::XPath.first(ref, "//ds:DigestValue") unless base64_digest
|
|
255
|
+
digest_value = Base64.decode64(base64_digest.text)
|
|
256
|
+
|
|
257
|
+
unless digests_match?(hash, digest_value)
|
|
258
|
+
@errors << "Digest mismatch"
|
|
259
|
+
return soft ? false : (raise Samlsso::ValidationError.new("Digest mismatch"))
|
|
260
|
+
end
|
|
240
261
|
end
|
|
241
262
|
end
|
|
242
263
|
|
data/samlsso-0.1.5.gem
ADDED
|
Binary file
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: samlsso
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.6
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Siddhartha Mukherjee
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2017-07-
|
|
11
|
+
date: 2017-07-31 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: uuid
|
|
@@ -140,6 +140,7 @@ files:
|
|
|
140
140
|
- lib/schemas/xmldsig-core-schema.xsd
|
|
141
141
|
- lib/xml_security.rb
|
|
142
142
|
- samlsso-0.1.4.gem
|
|
143
|
+
- samlsso-0.1.5.gem
|
|
143
144
|
- samlsso.gemspec
|
|
144
145
|
homepage: https://github.com/siddhartham/samlsso
|
|
145
146
|
licenses:
|