RubyGems - spid-es - Versions diffs - 0.0.21 → 0.0.26 - Mend

spid-es 0.0.21 → 0.0.26

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

checksums.yaml +5 -5
data/lib/spid/ruby-saml/metadata.rb +90 -41
data/lib/spid/ruby-saml/response.rb +23 -16
data/lib/spid/ruby-saml/settings.rb +1 -1
data/spid-es.gemspec +1 -1
metadata +3 -5
data/.travis.yml +0 -5

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 757c456ca20b577890aade7bd61730625c91afe3
-  data.tar.gz: f56e0175f161d092dac32e0ee0a202c5e90f6179
+SHA256:
+  metadata.gz: 22bca7fc7ffffb1f963e39275f6026c15d41ef5b86de646a1b88fc812afeefa0
+  data.tar.gz: 2b633c95a520a05e7dbcc64adba2137fd1bfaaf781d5236e9bcf391095aa3aac
 SHA512:
-  metadata.gz: 96713f7825b8786a881ee156682efde3eac3d2be870dbfa18715ec9617f12f95b7d7ef9d4e10fcdb2ab0214b0fceced0c71eab0b761281869eaa91f40532dc30
-  data.tar.gz: 6d2929906a4191948e165de95c5bbdc6b52db1d40ed92b70a963f10a7f571dce6d3c2148e8d789fdecf99dc3979135e469264de991afa816e6871f570bc3721c
+  metadata.gz: b0b0dd8e38e3ef358a148de182d9d38a5aa6332da952815c6a92dec1f93d54948271a8eb096ac56cbbec0f856ae3cb00e4dffcdc3094c819140e58a5714ab003
+  data.tar.gz: '006628db995c81787c38d3b4dd0d46f545287125aca2ab770a68383caffec515e32e6bdb3a6d52a7bb684cbbd10ee0355535bbc7a5e8c83449dcf69d3e15b4b0'

data/lib/spid/ruby-saml/metadata.rb CHANGED

@@ -31,14 +31,26 @@ module Spid
       def generate(settings)
         #meta_doc = REXML::Document.new
         meta_doc = Spid::XMLSecurityNew::Document.new
-        root = meta_doc.add_element "md:EntityDescriptor", {
+        if settings.aggregato
+          root = meta_doc.add_element "md:EntityDescriptor", {
+            "xmlns:md"        => "urn:oasis:names:tc:SAML:2.0:metadata",
+            "xmlns:xml"       => "http://www.w3.org/XML/1998/namespace",
+            "xmlns:spid"        => "https://spid.gov.it/saml-extensions",
+          }
+        else
+          root = meta_doc.add_element "md:EntityDescriptor", {
             "xmlns:md"        => "urn:oasis:names:tc:SAML:2.0:metadata",
             "xmlns:xml"       => "http://www.w3.org/XML/1998/namespace"
-        }
+          }
+        end
         if settings.issuer != nil
           root.attributes["entityID"] = settings.issuer
         end
-        uuid = "_" + UUID.new.generate
+        #Tolto per non far cambiare sempre il metadata
+        #uuid = "_" + UUID.new.generate
+        #genero l'id come hash dell'entityID
+        uuid = "_" + settings.issuer.hash.to_s
         self.uuid = uuid
         root.attributes["ID"] = uuid
@@ -119,6 +131,18 @@ module Spid
           }
         end
+        #Logout dei servizi esterni
+        unless settings.hash_assertion_consumer.blank?
+          settings.hash_assertion_consumer.each_pair{ |index, hash_service|
+            unless hash_service['logout'].blank?
+              sp_sso.add_element "md:SingleLogoutService", {
+                "Binding" => hash_service['logout']['binding'] || "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST",
+                "Location" => hash_service['logout']['location']
+              }
+            end
+          }
+        end
         name_identifier_formats = settings.name_identifier_format
         if name_identifier_formats != nil
           name_id = []
@@ -165,47 +189,30 @@ module Spid
                     "xml:lang" => "it"
               }
               service_name.text = hash_service['testo']
-              hash_service['array_campi'].each_with_index{ |attribute, index|
-                attr_cons_service.add_element "md:RequestedAttribute", {
-                    "Name" => attribute
+              unless hash_service['description'].blank?
+                service_description = attr_cons_service.add_element "md:ServiceDescription", {
+                  "xml:lang" => "it"
                 }
-              }
+                service_description.text = hash_service['description']
+              end
+              if hash_service['array_campi'].is_a?(Array)
+                hash_service['array_campi'].each_with_index{ |attribute, index|
+                  attr_cons_service.add_element "md:RequestedAttribute", {
+                      "Name" => attribute
+                  }
+                }
+              else #hash
+                hash_service['array_campi'].each_pair{ |attribute, name_format|
+                  attr_cons_service.add_element "md:RequestedAttribute", {
+                      "Name" => attribute,
+                      "NameFormat" => name_format
+                  }
+                }
+              end
             }
-            #Per EIDAS
-            # #AttributeConsumingService
-            # attr_cons_service = sp_sso.add_element "md:AttributeConsumingService", {
-            #     "index" => "99",
-            # }
-            # service_name
-            # = attr_cons_service.add_element "md:ServiceName", {
-            #       "xml:lang" => "it"
-            # }
-            # service_name.text = "eIDAS Natural Person Minimum Attribute Set"
-            # settings.requested_attribute.each_with_index{ |attribute, index|
-            #   attr_cons_service.add_element "md:RequestedAttribute", {
-            #       "Name" => attribute
-            #   }
-            # }
-            # #AttributeConsumingService
-            # attr_cons_service = sp_sso.add_element "md:AttributeConsumingService", {
-            #   "index" => "100",
-            # }
-            # service_name = attr_cons_service.add_element "md:ServiceName", {
-            #       "xml:lang" => "it"
-            # }
-            # service_name.text = "eIDAS Natural Person Full Attribute Set"
-            # settings.requested_attribute.each_with_index{ |attribute, index|
-            #   attr_cons_service.add_element "md:RequestedAttribute", {
-            #       "Name" => attribute
-            #   }
-            # }
         end
         #organization
         organization = root.add_element "md:Organization"
@@ -216,12 +223,54 @@ module Spid
         org_display_name = organization.add_element "md:OrganizationDisplayName", {
             "xml:lang" => "it"
         }
-        org_display_name.text = settings.organization['org_display_name']
+        org_display_name.text = settings.organization['org_display_name']+(settings.aggregato ? " tramite #{settings.hash_aggregatore['soggetto_aggregatore']}" : '')
         org_url = organization.add_element "md:OrganizationURL", {
             "xml:lang" => "it"
         }
         org_url.text = settings.organization['org_url']
+        #ContactPerson per sp aggregato
+        if settings.aggregato
+          contact_person_aggregatore = root.add_element "md:ContactPerson", {
+            "contactType" => "other",
+            "spid:entityType" => "spid:aggregator"
+          }
+          company = contact_person_aggregatore.add_element "md:Company"
+          company.text = settings.hash_aggregatore['soggetto_aggregatore']
+          extensions_aggregatore = contact_person_aggregatore.add_element "md:Extensions"
+          vat_number_aggregatore = extensions_aggregatore.add_element "spid:VATNumber"
+          vat_number_aggregatore.text = settings.hash_aggregatore['piva_aggregatore']
+          ipa_code_aggregatore = extensions_aggregatore.add_element "spid:IPACode"
+          ipa_code_aggregatore.text = settings.hash_aggregatore['cipa_aggregatore']
+          fiscal_code_aggregatore = extensions_aggregatore.add_element "spid:FiscalCode"
+          fiscal_code_aggregatore.text = settings.hash_aggregatore['cf_aggregatore']
+          contact_person_aggregato = root.add_element "md:ContactPerson", {
+            "contactType" => "other",
+            "spid:entityType" => "spid:aggregated"
+          }
+          company = contact_person_aggregato.add_element "md:Company"
+          company.text = settings.organization['org_name']
+          extensions_aggregato = contact_person_aggregato.add_element "md:Extensions"
+          unless settings.hash_aggregatore['soggetto_aggregato']['vat_number'].blank?
+            vat_number_aggregato = extensions_aggregato.add_element "spid:VATNumber"
+            vat_number_aggregato.text = settings.hash_aggregatore['soggetto_aggregato']['vat_number']
+          end
+          unless settings.hash_aggregatore['soggetto_aggregato']['ipa_code'].blank?
+            ipa_code_aggregato = extensions_aggregato.add_element "spid:IPACode"
+            ipa_code_aggregato.text = settings.hash_aggregatore['soggetto_aggregato']['ipa_code']
+          end
+          unless settings.hash_aggregatore['soggetto_aggregato']['fiscal_code'].blank?
+            fiscal_code_aggregato = extensions_aggregato.add_element "spid:FiscalCode"
+            fiscal_code_aggregato.text = settings.hash_aggregatore['soggetto_aggregato']['fiscal_code']
+          end
+        end
         #meta_doc << REXML::XMLDecl.new(version='1.0', encoding='UTF-8')
         meta_doc << REXML::XMLDecl.new("1.0", "UTF-8")

data/lib/spid/ruby-saml/response.rb CHANGED

@@ -268,6 +268,8 @@ module Spid
             return false if validate_destination(soft) == false
             #validazione status
             return false if validate_status(soft) == false
+            #validazione inresponseto
+            return false if validate_presence_inresponseto(soft) == false
             #validazione issuer
             return false if validate_issuer(soft) == false
             #validazioni varie su asserzioni
@@ -312,6 +314,11 @@ module Spid
           end
         end
+        def validate_presence_inresponseto(soft=true)
+          response_to_id_value = response_to_id
+          return (soft ? false : validation_error("InResponseTo non specificato o mancante")) if response_to_id_value.blank?
+        end
         #validate status e status code
@@ -344,16 +351,16 @@ module Spid
         end
         def version_assertion(document)
-          assertion_nodes = xpath_from_signed_assertion()
-          @version_assertion = "2.0"
-          #ciclo sui nodi delle asserzioni, se uno ha una versione diversa da 2.0 ritorno nil
-          unless assertion_nodes.blank?
-            assertion_nodes.each{ |ass_node|
-              return nil if ass_node.attributes['Version'] != "2.0"
-            }
-          end
-          @version_assertion
-      end
+            assertion_nodes = xpath_from_signed_assertion()
+            @version_assertion = "2.0"
+            #ciclo sui nodi delle asserzioni, se uno ha una versione diversa da 2.0 ritorno nil
+            unless assertion_nodes.blank?
+              assertion_nodes.each{ |ass_node|
+                return nil if ass_node.attributes['Version'] != "2.0"
+              }
+            end
+            @version_assertion
+        end
         def validate_version(soft = true)
             unless version(self.document) == "2.0"
@@ -364,12 +371,12 @@ module Spid
         end
         def validate_version_assertion(soft = true)
-          unless version_assertion(self.document) == "2.0"
-            #return append_error("Unsupported SAML version")
-            return soft ? false : validation_error("Unsupported SAML Assertion version")
-          end
-          true
-      end
+            unless version_assertion(self.document) == "2.0"
+              #return append_error("Unsupported SAML version")
+              return soft ? false : validation_error("Unsupported SAML Assertion version")
+            end
+            true
+        end
         def validate_signed_elements(soft = true)
             signature_nodes = REXML::XPath.match(decrypted_document.nil? ? document : decrypted_document,"//ds:Signature",{"ds"=>DSIG})

data/lib/spid/ruby-saml/settings.rb CHANGED

@@ -10,7 +10,7 @@ module Spid
       attr_accessor :name_identifier_value, :name_identifier_format
       attr_accessor :sessionindex, :issuer, :destination_service_url, :authn_context, :requester_identificator
       attr_accessor :single_logout_service_url, :single_logout_service_binding, :single_logout_destination
-      attr_accessor :skip_validation
+      attr_accessor :skip_validation, :aggregato, :hash_aggregatore
       def initialize(config = {})
         config.each do |k,v|

data/spid-es.gemspec CHANGED

@@ -2,7 +2,7 @@ $LOAD_PATH.push File.expand_path('../lib', __FILE__)
 Gem::Specification.new do |s|
   s.name = 'spid-es'
-  s.version = '0.0.21'
+  s.version = '0.0.26'
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.authors = ["Fabiano Pavan"]

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: spid-es
 version: !ruby/object:Gem::Version
-  version: 0.0.21
+  version: 0.0.26
 platform: ruby
 authors:
 - Fabiano Pavan
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2019-10-25 00:00:00.000000000 Z
+date: 2020-07-08 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: canonix
@@ -73,7 +73,6 @@ extensions: []
 extra_rdoc_files: []
 files:
 - ".document"
-- ".travis.yml"
 - Gemfile
 - LICENSE
 - README.md
@@ -141,8 +140,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project:
-rubygems_version: 2.2.2
+rubygems_version: 3.0.8
 signing_key:
 specification_version: 4
 summary: SAML Ruby Tookit Spid

data/.travis.yml DELETED

@@ -1,5 +0,0 @@
-language: ruby
-rvm:
-  - 1.8.7
-  - 1.9.3
-  - ree