spid-es 0.0.22 → 0.0.27

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 244667e7dd811bf49843a3db7a7921b9ce0b7353878c5d76927a1ed10bdcb241
-  data.tar.gz: 72f4366b04da1269c97c38ea0d2926529647b2d4662016bc523cb632369b5f20
+  metadata.gz: ac5fe88ff8fc1b1e1ce805390dac2966a3ce7c3f81b115b27e09919302861946
+  data.tar.gz: 27348c4b761fdd9d27782aca48f526626393a4b5c9355de6bcb286d2d03a27d3
 SHA512:
-  metadata.gz: '0954a0cde4c39b3bba87502731981d075d036344899d2ecc7fd0dfec2588d1839201d46101db098df950cb3fa3729605831e42d28b16233054d1b33784f397cf'
-  data.tar.gz: 8b56bd6fe0010da58eff3d0094dfe7efdc3b645a14128ba8d9ff67c0246d2fa7e7a9a2b62e492539aa58441f579b6685dfd065945b28a9b9b9d02e3a54709811
+  metadata.gz: c3078fe9caacc3f5e00269c27cff19af793e9a150eff0b9d9760bb9d80eabac6de0e86d7e47c48e653bdb1495ef344f71b618395857134b4ddcb6d26a618d390
+  data.tar.gz: 954ca35eb3d5bed16a2e044b708b7bccec3162cf55ff7dbb5af8e5dacdcd5e1fb377e8cc01c909f84ea6f99081956ef1a7ebb49a78412836856aabebb3860d7b

data/lib/spid/ruby-saml/metadata.rb

@@ -31,14 +31,26 @@ module Spid
       def generate(settings)
         #meta_doc = REXML::Document.new
         meta_doc = Spid::XMLSecurityNew::Document.new
-        root = meta_doc.add_element "md:EntityDescriptor", { 
+        if settings.aggregato
+          root = meta_doc.add_element "md:EntityDescriptor", { 
+            "xmlns:md"        => "urn:oasis:names:tc:SAML:2.0:metadata",
+            "xmlns:xml"       => "http://www.w3.org/XML/1998/namespace",
+            "xmlns:spid"        => "https://spid.gov.it/saml-extensions",
+          }
+        else
+          root = meta_doc.add_element "md:EntityDescriptor", { 
             "xmlns:md"        => "urn:oasis:names:tc:SAML:2.0:metadata",
             "xmlns:xml"       => "http://www.w3.org/XML/1998/namespace"
-        }
+          }
+        end
+        
         if settings.issuer != nil
           root.attributes["entityID"] = settings.issuer
         end
-        uuid = "_" + UUID.new.generate
+        #Tolto per non far cambiare sempre il metadata
+        #uuid = "_" + UUID.new.generate
+        #genero l'id come hash dell'entityID
+        uuid = "_" + settings.issuer.hash.abs.to_s
         self.uuid = uuid
         root.attributes["ID"] = uuid
 
@@ -201,39 +213,6 @@ module Spid
             }
 
 
-
-
-            #Per EIDAS
-            # #AttributeConsumingService
-            # attr_cons_service = sp_sso.add_element "md:AttributeConsumingService", {
-            #     "index" => "99",
-            # }
-            # service_name 
-            # = attr_cons_service.add_element "md:ServiceName", {
-            #       "xml:lang" => "it"
-            # }
-            # service_name.text = "eIDAS Natural Person Minimum Attribute Set"
-            # settings.requested_attribute.each_with_index{ |attribute, index|
-            #   attr_cons_service.add_element "md:RequestedAttribute", {
-            #       "Name" => attribute
-            #   }
-            # }
-
-            # #AttributeConsumingService
-            # attr_cons_service = sp_sso.add_element "md:AttributeConsumingService", {
-            #   "index" => "100",
-            # }
-            # service_name = attr_cons_service.add_element "md:ServiceName", {
-            #       "xml:lang" => "it"
-            # }
-            # service_name.text = "eIDAS Natural Person Full Attribute Set"
-            # settings.requested_attribute.each_with_index{ |attribute, index|
-            #   attr_cons_service.add_element "md:RequestedAttribute", {
-            #       "Name" => attribute
-            #   }
-            # }
-
-
         end
         #organization
         organization = root.add_element "md:Organization"
@@ -244,12 +223,54 @@ module Spid
         org_display_name = organization.add_element "md:OrganizationDisplayName", {
             "xml:lang" => "it"
         }
-        org_display_name.text = settings.organization['org_display_name']
+    
+        org_display_name.text = settings.organization['org_display_name']+(settings.aggregato ? " tramite #{settings.hash_aggregatore['soggetto_aggregatore']}" : '')
         org_url = organization.add_element "md:OrganizationURL", {
             "xml:lang" => "it"
         }
         org_url.text = settings.organization['org_url']
 
+        #ContactPerson per sp aggregato
+        if settings.aggregato
+          contact_person_aggregatore = root.add_element "md:ContactPerson", {
+            "contactType" => "other",
+            "spid:entityType" => "spid:aggregator"
+          }
+          company = contact_person_aggregatore.add_element "md:Company"
+          company.text = settings.hash_aggregatore['soggetto_aggregatore']
+
+          extensions_aggregatore = contact_person_aggregatore.add_element "md:Extensions"
+          vat_number_aggregatore = extensions_aggregatore.add_element "spid:VATNumber"
+          vat_number_aggregatore.text = settings.hash_aggregatore['piva_aggregatore']
+          
+          ipa_code_aggregatore = extensions_aggregatore.add_element "spid:IPACode"
+          ipa_code_aggregatore.text = settings.hash_aggregatore['cipa_aggregatore']
+
+          fiscal_code_aggregatore = extensions_aggregatore.add_element "spid:FiscalCode"
+          fiscal_code_aggregatore.text = settings.hash_aggregatore['cf_aggregatore']
+
+          contact_person_aggregato = root.add_element "md:ContactPerson", {
+            "contactType" => "other",
+            "spid:entityType" => "spid:aggregated"
+          }
+          company = contact_person_aggregato.add_element "md:Company"
+          company.text = settings.organization['org_name']
+
+          extensions_aggregato = contact_person_aggregato.add_element "md:Extensions"
+          unless settings.hash_aggregatore['soggetto_aggregato']['vat_number'].blank?
+            vat_number_aggregato = extensions_aggregato.add_element "spid:VATNumber"
+            vat_number_aggregato.text = settings.hash_aggregatore['soggetto_aggregato']['vat_number']
+          end
+          unless settings.hash_aggregatore['soggetto_aggregato']['ipa_code'].blank?
+            ipa_code_aggregato = extensions_aggregato.add_element "spid:IPACode" 
+            ipa_code_aggregato.text = settings.hash_aggregatore['soggetto_aggregato']['ipa_code']
+          end
+          unless settings.hash_aggregatore['soggetto_aggregato']['fiscal_code'].blank?
+            fiscal_code_aggregato = extensions_aggregato.add_element "spid:FiscalCode" 
+            fiscal_code_aggregato.text = settings.hash_aggregatore['soggetto_aggregato']['fiscal_code']
+          end
+        end
+
         #meta_doc << REXML::XMLDecl.new(version='1.0', encoding='UTF-8')
         meta_doc << REXML::XMLDecl.new("1.0", "UTF-8")
 

data/lib/spid/ruby-saml/response.rb

@@ -268,6 +268,8 @@ module Spid
             return false if validate_destination(soft) == false
             #validazione status
             return false if validate_status(soft) == false
+            #validazione inresponseto
+            return false if validate_presence_inresponseto(soft) == false
             #validazione issuer
             return false if validate_issuer(soft) == false
             #validazioni varie su asserzioni
@@ -312,6 +314,11 @@ module Spid
           end
         end
 
+        def validate_presence_inresponseto(soft=true)
+          response_to_id_value = response_to_id
+          return (soft ? false : validation_error("InResponseTo non specificato o mancante")) if response_to_id_value.blank?
+        end
+
 
 
         #validate status e status code
@@ -344,16 +351,16 @@ module Spid
         end
 
         def version_assertion(document)
-          assertion_nodes = xpath_from_signed_assertion()
-          @version_assertion = "2.0"
-          #ciclo sui nodi delle asserzioni, se uno ha una versione diversa da 2.0 ritorno nil
-          unless assertion_nodes.blank?
-            assertion_nodes.each{ |ass_node|
-              return nil if ass_node.attributes['Version'] != "2.0"
-            }
-          end
-          @version_assertion 
-      end
+            assertion_nodes = xpath_from_signed_assertion()
+            @version_assertion = "2.0"
+            #ciclo sui nodi delle asserzioni, se uno ha una versione diversa da 2.0 ritorno nil
+            unless assertion_nodes.blank?
+              assertion_nodes.each{ |ass_node|
+                return nil if ass_node.attributes['Version'] != "2.0"
+              }
+            end
+            @version_assertion 
+        end
 
         def validate_version(soft = true)
             unless version(self.document) == "2.0"
@@ -364,12 +371,12 @@ module Spid
         end
 
         def validate_version_assertion(soft = true)
-          unless version_assertion(self.document) == "2.0"
-            #return append_error("Unsupported SAML version")
-            return soft ? false : validation_error("Unsupported SAML Assertion version")
-          end
-          true
-      end
+            unless version_assertion(self.document) == "2.0"
+              #return append_error("Unsupported SAML version")
+              return soft ? false : validation_error("Unsupported SAML Assertion version")
+            end
+            true
+        end
 
         def validate_signed_elements(soft = true)
             signature_nodes = REXML::XPath.match(decrypted_document.nil? ? document : decrypted_document,"//ds:Signature",{"ds"=>DSIG})

data/lib/spid/ruby-saml/settings.rb

@@ -10,7 +10,7 @@ module Spid
       attr_accessor :name_identifier_value, :name_identifier_format
       attr_accessor :sessionindex, :issuer, :destination_service_url, :authn_context, :requester_identificator
       attr_accessor :single_logout_service_url, :single_logout_service_binding, :single_logout_destination
-      attr_accessor :skip_validation
+      attr_accessor :skip_validation, :aggregato, :hash_aggregatore
     
       def initialize(config = {})
         config.each do |k,v|

data/spid-es.gemspec

@@ -2,7 +2,7 @@ $LOAD_PATH.push File.expand_path('../lib', __FILE__)
 
 Gem::Specification.new do |s|
   s.name = 'spid-es'
-  s.version = '0.0.22'
+  s.version = '0.0.27'
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.authors = ["Fabiano Pavan"]

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: spid-es
 version: !ruby/object:Gem::Version
-  version: 0.0.22
+  version: 0.0.27
 platform: ruby
 authors:
 - Fabiano Pavan
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-04-08 00:00:00.000000000 Z
+date: 2020-07-08 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: canonix