spid-es 0.0.39 → 0.0.44

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/lib/spid/ruby-saml/authrequest.rb +4 -4
  3. data/lib/spid/ruby-saml/response.rb +17 -1
  4. data/spid-es.gemspec +1 -1
  5. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: a41cf6a90ed7da1e2bee69c9fd5b04ea5a7115da5e5b81064c25ea6c47eb45b6
4
- data.tar.gz: e9dd7a96c37a66c5c7bda3f2b06d621a47485452c58643f207615f4738bf4c41
3
+ metadata.gz: b464cb7b2a9e98c8965aa9fcb263f5f6a4e289a098aba93907a704762e02455d
4
+ data.tar.gz: 4ae67e70ad85399fdea17797a8d1035f215aeec23fb655bbd9db0ea618dcb39a
5
5
  SHA512:
6
- metadata.gz: 32f122352d3317bdb2c651c36687211dde1923f08d21ab740dfe6c0f343ae136831cacc87edc8ef879d89e2896f0238262d8956014f8975458b5257dd3837481
7
- data.tar.gz: 911f7d0953ed2728660c3a53637e6eb3f3b71a17a2f102e22cf4839298bf6b912b26eefaf09076070079ed95b43183b830b890d65108d4ba26ef34cc429c2523
6
+ metadata.gz: 2a852d4af040700c4a64a2d5c17dc40318609f30857e47b5d346dfb8fa6db305ff6fd1a41d0b7f737c687c5924d6b9fcdac5179b5679f0549577a3572f518453
7
+ data.tar.gz: b39a301e8f145bcb593b8f46fa4e20e0c168b6ec3e96444c4c66ae4ac18f6082fbcfbd205d724ebd0c053ed933472fcd3c2428df2e99179f3be39b892963063b
data/lib/spid/ruby-saml/authrequest.rb CHANGED
@@ -30,7 +30,7 @@ module Spid::Saml
30
30
  request_doc = Spid::XMLSecurityNew::Document.new
31
31
  request_doc.context[:attribute_quote] = :quote
32
32
  root = request_doc.add_element "saml2p:AuthnRequest", { "xmlns:saml2p" => "urn:oasis:names:tc:SAML:2.0:protocol",
33
- "xmlns:saml" => "urn:oasis:names:tc:SAML:2.0:assertion"
33
+ "xmlns:saml2" => "urn:oasis:names:tc:SAML:2.0:assertion"
34
34
  }
35
35
  root.attributes['ID'] = uuid
36
36
  root.attributes['IssueInstant'] = time
@@ -53,7 +53,7 @@ module Spid::Saml
53
53
  end
54
54
 
55
55
  unless @settings.issuer.blank?
56
- issuer = root.add_element "saml:Issuer", { "xmlns:saml" => "urn:oasis:names:tc:SAML:2.0:assertion" }
56
+ issuer = root.add_element "saml2:Issuer", { "xmlns:saml2" => "urn:oasis:names:tc:SAML:2.0:assertion" }
57
57
  #l'attributo NameQualifier deve essere presente, non rispetta saml...
58
58
  issuer.attributes['NameQualifier'] = ( @settings.aggregato ? @settings.sp_name_qualifier : @settings.issuer )
59
59
  issuer.attributes['Format'] = "urn:oasis:names:tc:SAML:2.0:nameid-format:entity"
@@ -84,11 +84,11 @@ module Spid::Saml
84
84
  # the IdP will choose default rules for authentication. (Shibboleth IdP)
85
85
  if @settings.authn_context != nil
86
86
  requested_context = root.add_element "saml2p:RequestedAuthnContext", {
87
- "Comparison" => "exact"
87
+ "Comparison" => "minimum"
88
88
  }
89
89
  context_class = []
90
90
  @settings.authn_context.each_with_index{ |context, index|
91
- context_class[index] = requested_context.add_element "saml:AuthnContextClassRef"
91
+ context_class[index] = requested_context.add_element "saml2:AuthnContextClassRef"
92
92
  context_class[index].text = context
93
93
  }
94
94
 
data/lib/spid/ruby-saml/response.rb CHANGED
@@ -235,6 +235,12 @@ module Spid
235
235
  return node_cond_not_on_or_after.attributes["NotOnOrAfter"] unless node_cond_not_on_or_after.blank?
236
236
  end
237
237
 
238
+ #ricavo l'issue instant della request
239
+ def assertion_authninstant
240
+ node_authn_statement = xpath_first_from_signed_assertion('/a:AuthnStatement')
241
+ return node_authn_statement.attributes["AuthnInstant"] unless node_authn_statement.blank?
242
+ end
243
+
238
244
  private
239
245
 
240
246
  def validation_error(message)
@@ -248,7 +254,9 @@ module Spid
248
254
  if settings
249
255
  idp_metadata = Spid::Saml::Metadata.new(settings).get_idp_metadata
250
256
  end
251
-
257
+ #verifico se sono stati scaricati i metadati dell'idp
258
+ return false if validate_metadata_idp(idp_metadata) == false
259
+
252
260
  #carico nei setting l'idp_entity_id
253
261
  entity_descriptor_element = REXML::XPath.first(idp_metadata,"/EntityDescriptor")
254
262
  if !entity_descriptor_element.nil?
@@ -334,6 +342,14 @@ module Spid
334
342
  end
335
343
 
336
344
 
345
+ #validate presenza dei metadata per idp
346
+ def validate_metadata_idp(metadata_idp)
347
+ if metadata_idp.blank?
348
+ validation_error("Metadata idp non raggiungibile per #{settings.idp_entity_id}")
349
+ else
350
+ return true
351
+ end
352
+ end
337
353
 
338
354
  # Validates the SAML version (2.0)
339
355
  # If fails, the error is added to the errors array.
data/spid-es.gemspec CHANGED
@@ -2,7 +2,7 @@ $LOAD_PATH.push File.expand_path('../lib', __FILE__)
2
2
 
3
3
  Gem::Specification.new do |s|
4
4
  s.name = 'spid-es'
5
- s.version = '0.0.39'
5
+ s.version = '0.0.44'
6
6
 
7
7
  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
8
8
  s.authors = ["Fabiano Pavan"]
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: spid-es
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.39
4
+ version: 0.0.44
5
5
  platform: ruby
6
6
  authors:
7
7
  - Fabiano Pavan
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-10-21 00:00:00.000000000 Z
11
+ date: 2021-01-11 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: canonix