RubyGems - spid-es - Versions diffs - 0.0.22 → 0.0.27 - Mend

spid-es 0.0.22 → 0.0.27

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

checksums.yaml +4 -4
data/lib/spid/ruby-saml/metadata.rb +58 -37
data/lib/spid/ruby-saml/response.rb +23 -16
data/lib/spid/ruby-saml/settings.rb +1 -1
data/spid-es.gemspec +1 -1
metadata +2 -2

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 244667e7dd811bf49843a3db7a7921b9ce0b7353878c5d76927a1ed10bdcb241
-  data.tar.gz: 72f4366b04da1269c97c38ea0d2926529647b2d4662016bc523cb632369b5f20
+  metadata.gz: ac5fe88ff8fc1b1e1ce805390dac2966a3ce7c3f81b115b27e09919302861946
+  data.tar.gz: 27348c4b761fdd9d27782aca48f526626393a4b5c9355de6bcb286d2d03a27d3
 SHA512:
-  metadata.gz: '0954a0cde4c39b3bba87502731981d075d036344899d2ecc7fd0dfec2588d1839201d46101db098df950cb3fa3729605831e42d28b16233054d1b33784f397cf'
-  data.tar.gz: 8b56bd6fe0010da58eff3d0094dfe7efdc3b645a14128ba8d9ff67c0246d2fa7e7a9a2b62e492539aa58441f579b6685dfd065945b28a9b9b9d02e3a54709811
+  metadata.gz: c3078fe9caacc3f5e00269c27cff19af793e9a150eff0b9d9760bb9d80eabac6de0e86d7e47c48e653bdb1495ef344f71b618395857134b4ddcb6d26a618d390
+  data.tar.gz: 954ca35eb3d5bed16a2e044b708b7bccec3162cf55ff7dbb5af8e5dacdcd5e1fb377e8cc01c909f84ea6f99081956ef1a7ebb49a78412836856aabebb3860d7b

data/lib/spid/ruby-saml/metadata.rb CHANGED

@@ -31,14 +31,26 @@ module Spid
       def generate(settings)
         #meta_doc = REXML::Document.new
         meta_doc = Spid::XMLSecurityNew::Document.new
-        root = meta_doc.add_element "md:EntityDescriptor", {
+        if settings.aggregato
+          root = meta_doc.add_element "md:EntityDescriptor", {
+            "xmlns:md"        => "urn:oasis:names:tc:SAML:2.0:metadata",
+            "xmlns:xml"       => "http://www.w3.org/XML/1998/namespace",
+            "xmlns:spid"        => "https://spid.gov.it/saml-extensions",
+          }
+        else
+          root = meta_doc.add_element "md:EntityDescriptor", {
             "xmlns:md"        => "urn:oasis:names:tc:SAML:2.0:metadata",
             "xmlns:xml"       => "http://www.w3.org/XML/1998/namespace"
-        }
+          }
+        end
         if settings.issuer != nil
           root.attributes["entityID"] = settings.issuer
         end
-        uuid = "_" + UUID.new.generate
+        #Tolto per non far cambiare sempre il metadata
+        #uuid = "_" + UUID.new.generate
+        #genero l'id come hash dell'entityID
+        uuid = "_" + settings.issuer.hash.abs.to_s
         self.uuid = uuid
         root.attributes["ID"] = uuid
@@ -201,39 +213,6 @@ module Spid
             }
-            #Per EIDAS
-            # #AttributeConsumingService
-            # attr_cons_service = sp_sso.add_element "md:AttributeConsumingService", {
-            #     "index" => "99",
-            # }
-            # service_name
-            # = attr_cons_service.add_element "md:ServiceName", {
-            #       "xml:lang" => "it"
-            # }
-            # service_name.text = "eIDAS Natural Person Minimum Attribute Set"
-            # settings.requested_attribute.each_with_index{ |attribute, index|
-            #   attr_cons_service.add_element "md:RequestedAttribute", {
-            #       "Name" => attribute
-            #   }
-            # }
-            # #AttributeConsumingService
-            # attr_cons_service = sp_sso.add_element "md:AttributeConsumingService", {
-            #   "index" => "100",
-            # }
-            # service_name = attr_cons_service.add_element "md:ServiceName", {
-            #       "xml:lang" => "it"
-            # }
-            # service_name.text = "eIDAS Natural Person Full Attribute Set"
-            # settings.requested_attribute.each_with_index{ |attribute, index|
-            #   attr_cons_service.add_element "md:RequestedAttribute", {
-            #       "Name" => attribute
-            #   }
-            # }
         end
         #organization
         organization = root.add_element "md:Organization"
@@ -244,12 +223,54 @@ module Spid
         org_display_name = organization.add_element "md:OrganizationDisplayName", {
             "xml:lang" => "it"
         }
-        org_display_name.text = settings.organization['org_display_name']
+        org_display_name.text = settings.organization['org_display_name']+(settings.aggregato ? " tramite #{settings.hash_aggregatore['soggetto_aggregatore']}" : '')
         org_url = organization.add_element "md:OrganizationURL", {
             "xml:lang" => "it"
         }
         org_url.text = settings.organization['org_url']
+        #ContactPerson per sp aggregato
+        if settings.aggregato
+          contact_person_aggregatore = root.add_element "md:ContactPerson", {
+            "contactType" => "other",
+            "spid:entityType" => "spid:aggregator"
+          }
+          company = contact_person_aggregatore.add_element "md:Company"
+          company.text = settings.hash_aggregatore['soggetto_aggregatore']
+          extensions_aggregatore = contact_person_aggregatore.add_element "md:Extensions"
+          vat_number_aggregatore = extensions_aggregatore.add_element "spid:VATNumber"
+          vat_number_aggregatore.text = settings.hash_aggregatore['piva_aggregatore']
+          ipa_code_aggregatore = extensions_aggregatore.add_element "spid:IPACode"
+          ipa_code_aggregatore.text = settings.hash_aggregatore['cipa_aggregatore']
+          fiscal_code_aggregatore = extensions_aggregatore.add_element "spid:FiscalCode"
+          fiscal_code_aggregatore.text = settings.hash_aggregatore['cf_aggregatore']
+          contact_person_aggregato = root.add_element "md:ContactPerson", {
+            "contactType" => "other",
+            "spid:entityType" => "spid:aggregated"
+          }
+          company = contact_person_aggregato.add_element "md:Company"
+          company.text = settings.organization['org_name']
+          extensions_aggregato = contact_person_aggregato.add_element "md:Extensions"
+          unless settings.hash_aggregatore['soggetto_aggregato']['vat_number'].blank?
+            vat_number_aggregato = extensions_aggregato.add_element "spid:VATNumber"
+            vat_number_aggregato.text = settings.hash_aggregatore['soggetto_aggregato']['vat_number']
+          end
+          unless settings.hash_aggregatore['soggetto_aggregato']['ipa_code'].blank?
+            ipa_code_aggregato = extensions_aggregato.add_element "spid:IPACode"
+            ipa_code_aggregato.text = settings.hash_aggregatore['soggetto_aggregato']['ipa_code']
+          end
+          unless settings.hash_aggregatore['soggetto_aggregato']['fiscal_code'].blank?
+            fiscal_code_aggregato = extensions_aggregato.add_element "spid:FiscalCode"
+            fiscal_code_aggregato.text = settings.hash_aggregatore['soggetto_aggregato']['fiscal_code']
+          end
+        end
         #meta_doc << REXML::XMLDecl.new(version='1.0', encoding='UTF-8')
         meta_doc << REXML::XMLDecl.new("1.0", "UTF-8")

data/lib/spid/ruby-saml/response.rb CHANGED

@@ -268,6 +268,8 @@ module Spid
             return false if validate_destination(soft) == false
             #validazione status
             return false if validate_status(soft) == false
+            #validazione inresponseto
+            return false if validate_presence_inresponseto(soft) == false
             #validazione issuer
             return false if validate_issuer(soft) == false
             #validazioni varie su asserzioni
@@ -312,6 +314,11 @@ module Spid
           end
         end
+        def validate_presence_inresponseto(soft=true)
+          response_to_id_value = response_to_id
+          return (soft ? false : validation_error("InResponseTo non specificato o mancante")) if response_to_id_value.blank?
+        end
         #validate status e status code
@@ -344,16 +351,16 @@ module Spid
         end
         def version_assertion(document)
-          assertion_nodes = xpath_from_signed_assertion()
-          @version_assertion = "2.0"
-          #ciclo sui nodi delle asserzioni, se uno ha una versione diversa da 2.0 ritorno nil
-          unless assertion_nodes.blank?
-            assertion_nodes.each{ |ass_node|
-              return nil if ass_node.attributes['Version'] != "2.0"
-            }
-          end
-          @version_assertion
-      end
+            assertion_nodes = xpath_from_signed_assertion()
+            @version_assertion = "2.0"
+            #ciclo sui nodi delle asserzioni, se uno ha una versione diversa da 2.0 ritorno nil
+            unless assertion_nodes.blank?
+              assertion_nodes.each{ |ass_node|
+                return nil if ass_node.attributes['Version'] != "2.0"
+              }
+            end
+            @version_assertion
+        end
         def validate_version(soft = true)
             unless version(self.document) == "2.0"
@@ -364,12 +371,12 @@ module Spid
         end
         def validate_version_assertion(soft = true)
-          unless version_assertion(self.document) == "2.0"
-            #return append_error("Unsupported SAML version")
-            return soft ? false : validation_error("Unsupported SAML Assertion version")
-          end
-          true
-      end
+            unless version_assertion(self.document) == "2.0"
+              #return append_error("Unsupported SAML version")
+              return soft ? false : validation_error("Unsupported SAML Assertion version")
+            end
+            true
+        end
         def validate_signed_elements(soft = true)
             signature_nodes = REXML::XPath.match(decrypted_document.nil? ? document : decrypted_document,"//ds:Signature",{"ds"=>DSIG})

data/lib/spid/ruby-saml/settings.rb CHANGED

@@ -10,7 +10,7 @@ module Spid
       attr_accessor :name_identifier_value, :name_identifier_format
       attr_accessor :sessionindex, :issuer, :destination_service_url, :authn_context, :requester_identificator
       attr_accessor :single_logout_service_url, :single_logout_service_binding, :single_logout_destination
-      attr_accessor :skip_validation
+      attr_accessor :skip_validation, :aggregato, :hash_aggregatore
       def initialize(config = {})
         config.each do |k,v|

data/spid-es.gemspec CHANGED

@@ -2,7 +2,7 @@ $LOAD_PATH.push File.expand_path('../lib', __FILE__)
 Gem::Specification.new do |s|
   s.name = 'spid-es'
-  s.version = '0.0.22'
+  s.version = '0.0.27'
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.authors = ["Fabiano Pavan"]

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: spid-es
 version: !ruby/object:Gem::Version
-  version: 0.0.22
+  version: 0.0.27
 platform: ruby
 authors:
 - Fabiano Pavan
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-04-08 00:00:00.000000000 Z
+date: 2020-07-08 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: canonix