spid-es 0.0.41 → 0.0.46

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/lib/spid/ruby-saml/metadata.rb +16 -9
  3. data/lib/spid/ruby-saml/response.rb +23 -6
  4. data/spid-es.gemspec +1 -1
  5. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 32f95be48c046dba343f7acc8b7de13c4dacac7de884886ae6a01d11a65adae3
4
- data.tar.gz: 8af288d71d66cfae17a4d31733de2f3d4a7418ecd300ecd3bc5e6709ad405e1d
3
+ metadata.gz: ff0046e4d703051a6f29f47cc7d46190f2801fe99c5f72b00fadb30ae6747ed5
4
+ data.tar.gz: 2a648d0f993c42fb084c136713aec8fd10e19f567320ac7ff2775ecde965f320
5
5
  SHA512:
6
- metadata.gz: 444bba5f51f3f14cfc53f0d1aea7de7977397c31e9ab800e40f4618ca00cd735709feb7c66e3c2c3a3fb68d3504a9e78cb168faf3d3ca8e6f7c42d995c880637
7
- data.tar.gz: 83268d56cd18656a0fe9459920d306188ea45115e53389c204fec5e59c1e2f2f656f3de578fe17e63dd36da6ec5a33710e597e2d1d2e60fa8fea863de0c362f1
6
+ metadata.gz: 5e3fdfc9a76277b2e3bf125531019821d5db0d6a627c6e382a724fd0d380c34f35f942eccead8391e37aa51a51e08315379885e906e06ea1c82f197b9130798f
7
+ data.tar.gz: 761028854b3bea2c4b4ac164f0d39844b41bbd151184a1699ac9b23198efce2eafc7f450e26c1ab5d1cc5f0b90ea3036d36c427ebd92948491e338dc2ee91697
data/lib/spid/ruby-saml/metadata.rb CHANGED
@@ -21,6 +21,8 @@ module Spid
21
21
 
22
22
  attr_accessor :uuid
23
23
 
24
+ @@cache = {}
25
+
24
26
  def initialize(settings=nil)
25
27
  if settings
26
28
  @settings = settings
@@ -392,7 +394,6 @@ module Spid
392
394
  end
393
395
 
394
396
  meta_doc = get_idp_metadata
395
-
396
397
  return nil unless meta_doc
397
398
  # first try GET (REDIRECT)
398
399
  sso_element = REXML::XPath.first(meta_doc, "/EntityDescriptor/IDPSSODescriptor/#{service}[@Binding='#{HTTP_GET}']")
@@ -449,20 +450,26 @@ module Spid
449
450
  # returns a REXML document of the metadata
450
451
  def get_idp_metadata
451
452
  return false if @settings.idp_metadata.nil?
452
-
453
453
  # Look up the metdata in cache first
454
454
  id = Digest::MD5.hexdigest(@settings.idp_metadata)
455
- response = fetch(@settings.idp_metadata)
456
- #meta_text = response.body
457
- #testo_response = meta_text.sub!(' xmlns:xml="http://www.w3.org/XML/1998/namespace"', '') da errori
458
- #uso nokogiri per cercare il certificato, uso la funzione che rimuove tutti i namespace
459
- doc_noko = Nokogiri::XML(response.body.gsub(/\n/, "").gsub(/\t/, "")) #modifica per poste
460
- doc_noko.remove_namespaces!
455
+ unless @@cache[id].blank?
456
+ Logging.debug "IdP metadata cache used for #{@settings.idp_metadata}"
457
+ doc_noko = @@cache[id]
458
+ else #save in cache
459
+ response = fetch(@settings.idp_metadata)
460
+ #meta_text = response.body
461
+ #testo_response = meta_text.sub!(' xmlns:xml="http://www.w3.org/XML/1998/namespace"', '') da errori
462
+ #uso nokogiri per cercare il certificato, uso la funzione che rimuove tutti i namespace
463
+ doc_noko = Nokogiri::XML(response.body.gsub(/\n/, "").gsub(/\t/, "")) #modifica per poste
464
+ doc_noko.remove_namespaces!
465
+ #save
466
+ @@cache[id] = doc_noko
467
+ end
461
468
  extract_certificate(doc_noko)
462
469
  doc_rexml = REXML::Document.new(doc_noko.to_xml)
463
-
464
470
  return doc_rexml
465
471
 
472
+
466
473
  # USE OF CACHE WITH CERTIFICATE
467
474
  # lookup = @cache.read(id)
468
475
  # if lookup != nil
data/lib/spid/ruby-saml/response.rb CHANGED
@@ -235,6 +235,12 @@ module Spid
235
235
  return node_cond_not_on_or_after.attributes["NotOnOrAfter"] unless node_cond_not_on_or_after.blank?
236
236
  end
237
237
 
238
+ #ricavo l'issue instant della request
239
+ def assertion_authninstant
240
+ node_authn_statement = xpath_first_from_signed_assertion('/a:AuthnStatement')
241
+ return node_authn_statement.attributes["AuthnInstant"] unless node_authn_statement.blank?
242
+ end
243
+
238
244
  private
239
245
 
240
246
  def validation_error(message)
@@ -248,7 +254,9 @@ module Spid
248
254
  if settings
249
255
  idp_metadata = Spid::Saml::Metadata.new(settings).get_idp_metadata
250
256
  end
251
-
257
+ #verifico se sono stati scaricati i metadati dell'idp
258
+ return false if validate_metadata_idp(idp_metadata) == false
259
+
252
260
  #carico nei setting l'idp_entity_id
253
261
  entity_descriptor_element = REXML::XPath.first(idp_metadata,"/EntityDescriptor")
254
262
  if !entity_descriptor_element.nil?
@@ -334,6 +342,14 @@ module Spid
334
342
  end
335
343
 
336
344
 
345
+ #validate presenza dei metadata per idp
346
+ def validate_metadata_idp(metadata_idp)
347
+ if metadata_idp.blank?
348
+ validation_error("Metadata idp non raggiungibile per #{settings.idp_entity_id}")
349
+ else
350
+ return true
351
+ end
352
+ end
337
353
 
338
354
  # Validates the SAML version (2.0)
339
355
  # If fails, the error is added to the errors array.
@@ -498,11 +514,12 @@ module Spid
498
514
 
499
515
  return true if settings.assertion_consumer_service_url.nil? || settings.assertion_consumer_service_url.empty?
500
516
 
501
- unless Spid::Saml::Utils.uri_match?(destination, settings.assertion_consumer_service_url)
502
- # error_msg = "The response was received at #{destination} instead of #{settings.assertion_consumer_service_url}"
503
- # return append_error(error_msg)
504
- return soft ? false : validation_error("The response was received at #{destination} instead of #{settings.assertion_consumer_service_url}")
505
- end
517
+ #DA-RIPRISTINARE!
518
+ # unless Spid::Saml::Utils.uri_match?(destination, settings.assertion_consumer_service_url)
519
+ # # error_msg = "The response was received at #{destination} instead of #{settings.assertion_consumer_service_url}"
520
+ # # return append_error(error_msg)
521
+ # return soft ? false : validation_error("The response was received at #{destination} instead of #{settings.assertion_consumer_service_url}")
522
+ # end
506
523
 
507
524
  true
508
525
  end
data/spid-es.gemspec CHANGED
@@ -2,7 +2,7 @@ $LOAD_PATH.push File.expand_path('../lib', __FILE__)
2
2
 
3
3
  Gem::Specification.new do |s|
4
4
  s.name = 'spid-es'
5
- s.version = '0.0.41'
5
+ s.version = '0.0.46'
6
6
 
7
7
  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
8
8
  s.authors = ["Fabiano Pavan"]
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: spid-es
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.41
4
+ version: 0.0.46
5
5
  platform: ruby
6
6
  authors:
7
7
  - Fabiano Pavan
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-10-22 00:00:00.000000000 Z
11
+ date: 2021-01-26 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: canonix