spid-es 0.0.3 → 0.0.4

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,15 +1,15 @@
1
1
  ---
2
2
  !binary "U0hBMQ==":
3
3
  metadata.gz: !binary |-
4
- YzY1ZTliNmI1YzlmMWRmZjFjMzM4MjE3MjA0ODAzYmVmZmZjMTAwZA==
4
+ MGU5OTQwOWU0MmMxYzc5ZGU3ZjJkNGI1N2U4MDU4ZWUwYzUzNDI3Mw==
5
5
  data.tar.gz: !binary |-
6
- MzEyOGNmYTU5NTdhNGMyZTA4NTY1MDJjMjdmZmZjMWYyNmNlMzQ3ZQ==
6
+ M2Y2Y2NjYTE1NTc3YzZiMjk1ZDhiODAxYjc5OTE5ZWEyMTZmZGZiZQ==
7
7
  SHA512:
8
8
  metadata.gz: !binary |-
9
- NGU1OWJkNjFiOWFmN2UyM2Y0NjkzOGFlOWQyYzA2ZjU4OGNiYWQzNDRhZjhi
10
- ODExYzlmOTFmZDBkOTkzMDg5YjQ5MGVkYjRmN2VjOTViZTE0OWM1MTNlM2Yz
11
- Nzg3NjUzZjAxNjBhZjQ1MDliZDY4MGRmZjU4YjU0OTc3ZjVlYzI=
9
+ MWYxMGM2ODE5YzdiM2NjNzk5YzhjOTQ1NzE0MTkxOGIwYzQ2OTkxYjM3MDU3
10
+ YWY5Y2FjZDI4MDk3ZDIyZmYzZTA0YTQ2MTFlYzQyN2UxMDc0NGM3N2QzMTcw
11
+ MmVjZDZmYTU3YjU0YmZjMWFkNDA4YTVmNzMzMGQ4NjYwZWI0NzY=
12
12
  data.tar.gz: !binary |-
13
- NTE1Y2YyZWY1NjYyZWZhMjMyODA4MDg2ZWUzMDBhMmQ4YzViZGI1ZWQ4MDFh
14
- MWE4OGZhZmFiYzlkYWY0MzgzNTU1MWIzNmIzNmVhMmUyMTIwYjUwMTAwZTMy
15
- YWU5ZGJlMzRhMGUxNWNhNTk0MjZiN2E1YmNjMWQ5NmNiN2E2NTA=
13
+ YTNjZDBmMDk5YjJiNGQxMzk0OGRjZmEzOTFlYjI4NjkzZjYyYmNlNDgxY2I4
14
+ YzU4MjhmNmY5NDA2ZmE0MDQ2OTEyZTY5MTlmZjYyMzU1YzNiYjA5ODMwYWQz
15
+ OTQ3YjFiMWU3YmFhMGI4ZWFjYzdmMzA1MjFjYjg0NWY3MTM3YzQ=
data/README.md CHANGED
@@ -17,9 +17,9 @@ This is the first request you will get from the identity provider. It will hit y
17
17
  # Based on the IdP metadata, select the appropriate binding
18
18
  # and return the action to perform to the controller
19
19
  meta = Spid::Saml::Metadata.new(get_saml_settings)
20
- signature = get_signature(auth_request.uuid,auth_request.request,"http://www.w3.org/2000/09/xmldsig#rsa-sha1")
20
+ signature = get_signature(auth_request.uuid,auth_request.request,"http://www.w3.org/2001/04/xmldsig-more#rsa-sha256")
21
21
  redirect meta.create_sso_request( auth_request.request, { :RelayState => request.uuid,
22
- :SigAlg => "http://www.w3.org/2000/09/xmldsig#rsa-sha1",
22
+ :SigAlg => "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256",
23
23
  :Signature => signature
24
24
  } )
25
25
  end
@@ -5,7 +5,7 @@ require "uri"
5
5
  require "digest/md5"
6
6
  require "nokogiri"
7
7
  require "xml_security_new" #fa il require della nokogiri
8
-
8
+ require "uuid"
9
9
 
10
10
  # Class to return SP metadata based on the settings requested.
11
11
  # Return this XML in a controller, then give that URL to the the
@@ -20,6 +20,8 @@ module Spid
20
20
  HTTP_POST = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
21
21
  HTTP_GET = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
22
22
 
23
+ attr_accessor :uuid
24
+
23
25
  def initialize(settings=nil)
24
26
  if settings
25
27
  @settings = settings
@@ -31,15 +33,18 @@ module Spid
31
33
  meta_doc = ::XMLSecurityNew::Document.new
32
34
  root = meta_doc.add_element "md:EntityDescriptor", {
33
35
  "xmlns:md" => "urn:oasis:names:tc:SAML:2.0:metadata",
34
- "xmlns:xml" => "http://www.w3.org/XML/1998/namespace",
35
- "cacheDuration" => "P1M"
36
+ "xmlns:xml" => "http://www.w3.org/XML/1998/namespace"
36
37
  }
37
38
  if settings.issuer != nil
38
39
  root.attributes["entityID"] = settings.issuer
39
40
  end
41
+ uuid = "_" + UUID.new.generate
42
+ self.uuid = uuid
43
+ root.attributes["ID"] = uuid
44
+
40
45
  sp_sso = root.add_element "md:SPSSODescriptor", {
41
46
  "protocolSupportEnumeration" => "urn:oasis:names:tc:SAML:2.0:protocol",
42
- #"WantAssertionsSigned" => "true",
47
+ "WantAssertionsSigned" => "true",
43
48
  "AuthnRequestSigned" => "true"
44
49
 
45
50
  }
@@ -89,8 +94,11 @@ module Spid
89
94
  #AttributeConsumingService
90
95
  attr_cons_service = sp_sso.add_element "md:AttributeConsumingService", {
91
96
  "index" => "0",
92
- "ServiceName" => "user_data"
93
97
  }
98
+ service_name = attr_cons_service.add_element "md:ServiceName", {
99
+ "xml:lang" => "it"
100
+ }
101
+ service_name.text = "User Data"
94
102
  settings.requested_attribute.each_with_index{ |attribute, index|
95
103
  attr_cons_service.add_element "md:RequestedAttribute", {
96
104
  "Name" => attribute
@@ -145,7 +153,7 @@ module Spid
145
153
 
146
154
  ret = ""
147
155
  # pretty print the XML so IdP administrators can easily see what the SP supports
148
- meta_doc.write(ret, 1)
156
+ meta_doc.write(ret)
149
157
 
150
158
  #Logging.debug "Generated metadata:\n#{ret}"
151
159
 
@@ -113,7 +113,7 @@ module XMLSecurityNew
113
113
  #<KeyInfo />
114
114
  #<Object />
115
115
  #</Signature>
116
- def sign_document(private_key, certificate, signature_method = RSA_SHA1, digest_method = SHA256)
116
+ def sign_document(private_key, certificate, signature_method = RSA_SHA256, digest_method = SHA256)
117
117
  noko = Nokogiri::XML(self.to_s) do |config|
118
118
  config.options = XMLSecurityNew::BaseDocument::NOKOGIRI_OPTIONS
119
119
  end
data/spid-es.gemspec CHANGED
@@ -2,7 +2,7 @@ $LOAD_PATH.push File.expand_path('../lib', __FILE__)
2
2
 
3
3
  Gem::Specification.new do |s|
4
4
  s.name = 'spid-es'
5
- s.version = '0.0.3'
5
+ s.version = '0.0.4'
6
6
 
7
7
  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
8
8
  s.authors = ["Fabiano Pavan"]
@@ -18,6 +18,6 @@ Gem::Specification.new do |s|
18
18
 
19
19
  s.add_runtime_dependency("canonix", ["0.1.1"])
20
20
  s.add_runtime_dependency("uuid", ["~> 2.3"])
21
- s.add_runtime_dependency("nokogiri", '~> 1.6', '>= 1.6.7.2')
21
+ s.add_runtime_dependency("nokogiri", '>= 1.6.7.2')
22
22
  s.add_runtime_dependency("addressable", '~> 2.4', '>= 2.4.0')
23
23
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: spid-es
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.3
4
+ version: 0.0.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - Fabiano Pavan
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2016-09-28 00:00:00.000000000 Z
11
+ date: 2016-10-06 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: canonix
@@ -42,9 +42,6 @@ dependencies:
42
42
  name: nokogiri
43
43
  requirement: !ruby/object:Gem::Requirement
44
44
  requirements:
45
- - - ~>
46
- - !ruby/object:Gem::Version
47
- version: '1.6'
48
45
  - - ! '>='
49
46
  - !ruby/object:Gem::Version
50
47
  version: 1.6.7.2
@@ -52,9 +49,6 @@ dependencies:
52
49
  prerelease: false
53
50
  version_requirements: !ruby/object:Gem::Requirement
54
51
  requirements:
55
- - - ~>
56
- - !ruby/object:Gem::Version
57
- version: '1.6'
58
52
  - - ! '>='
59
53
  - !ruby/object:Gem::Version
60
54
  version: 1.6.7.2