spid-es 0.0.41 → 0.0.46

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/lib/spid/ruby-saml/metadata.rb +16 -9
  3. data/lib/spid/ruby-saml/response.rb +23 -6
  4. data/spid-es.gemspec +1 -1
  5. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 32f95be48c046dba343f7acc8b7de13c4dacac7de884886ae6a01d11a65adae3
4
- data.tar.gz: 8af288d71d66cfae17a4d31733de2f3d4a7418ecd300ecd3bc5e6709ad405e1d
3
+ metadata.gz: ff0046e4d703051a6f29f47cc7d46190f2801fe99c5f72b00fadb30ae6747ed5
4
+ data.tar.gz: 2a648d0f993c42fb084c136713aec8fd10e19f567320ac7ff2775ecde965f320
5
5
  SHA512:
6
- metadata.gz: 444bba5f51f3f14cfc53f0d1aea7de7977397c31e9ab800e40f4618ca00cd735709feb7c66e3c2c3a3fb68d3504a9e78cb168faf3d3ca8e6f7c42d995c880637
7
- data.tar.gz: 83268d56cd18656a0fe9459920d306188ea45115e53389c204fec5e59c1e2f2f656f3de578fe17e63dd36da6ec5a33710e597e2d1d2e60fa8fea863de0c362f1
6
+ metadata.gz: 5e3fdfc9a76277b2e3bf125531019821d5db0d6a627c6e382a724fd0d380c34f35f942eccead8391e37aa51a51e08315379885e906e06ea1c82f197b9130798f
7
+ data.tar.gz: 761028854b3bea2c4b4ac164f0d39844b41bbd151184a1699ac9b23198efce2eafc7f450e26c1ab5d1cc5f0b90ea3036d36c427ebd92948491e338dc2ee91697
data/lib/spid/ruby-saml/metadata.rb CHANGED
@@ -21,6 +21,8 @@ module Spid
21
21
 
22
22
  attr_accessor :uuid
23
23
 
24
+ @@cache = {}
25
+
24
26
  def initialize(settings=nil)
25
27
  if settings
26
28
  @settings = settings
@@ -392,7 +394,6 @@ module Spid
392
394
  end
393
395
 
394
396
  meta_doc = get_idp_metadata
395
-
396
397
  return nil unless meta_doc
397
398
  # first try GET (REDIRECT)
398
399
  sso_element = REXML::XPath.first(meta_doc, "/EntityDescriptor/IDPSSODescriptor/#{service}[@Binding='#{HTTP_GET}']")
@@ -449,20 +450,26 @@ module Spid
449
450
  # returns a REXML document of the metadata
450
451
  def get_idp_metadata
451
452
  return false if @settings.idp_metadata.nil?
452
-
453
453
  # Look up the metdata in cache first
454
454
  id = Digest::MD5.hexdigest(@settings.idp_metadata)
455
- response = fetch(@settings.idp_metadata)
456
- #meta_text = response.body
457
- #testo_response = meta_text.sub!(' xmlns:xml="http://www.w3.org/XML/1998/namespace"', '') da errori
458
- #uso nokogiri per cercare il certificato, uso la funzione che rimuove tutti i namespace
459
- doc_noko = Nokogiri::XML(response.body.gsub(/\n/, "").gsub(/\t/, "")) #modifica per poste
460
- doc_noko.remove_namespaces!
455
+ unless @@cache[id].blank?
456
+ Logging.debug "IdP metadata cache used for #{@settings.idp_metadata}"
457
+ doc_noko = @@cache[id]
458
+ else #save in cache
459
+ response = fetch(@settings.idp_metadata)
460
+ #meta_text = response.body
461
+ #testo_response = meta_text.sub!(' xmlns:xml="http://www.w3.org/XML/1998/namespace"', '') da errori
462
+ #uso nokogiri per cercare il certificato, uso la funzione che rimuove tutti i namespace
463
+ doc_noko = Nokogiri::XML(response.body.gsub(/\n/, "").gsub(/\t/, "")) #modifica per poste
464
+ doc_noko.remove_namespaces!
465
+ #save
466
+ @@cache[id] = doc_noko
467
+ end
461
468
  extract_certificate(doc_noko)
462
469
  doc_rexml = REXML::Document.new(doc_noko.to_xml)
463
-
464
470
  return doc_rexml
465
471
 
472
+
466
473
  # USE OF CACHE WITH CERTIFICATE
467
474
  # lookup = @cache.read(id)
468
475
  # if lookup != nil
data/lib/spid/ruby-saml/response.rb CHANGED
@@ -235,6 +235,12 @@ module Spid
235
235
  return node_cond_not_on_or_after.attributes["NotOnOrAfter"] unless node_cond_not_on_or_after.blank?
236
236
  end
237
237
 
238
+ #ricavo l'issue instant della request
239
+ def assertion_authninstant
240
+ node_authn_statement = xpath_first_from_signed_assertion('/a:AuthnStatement')
241
+ return node_authn_statement.attributes["AuthnInstant"] unless node_authn_statement.blank?
242
+ end
243
+
238
244
  private
239
245
 
240
246
  def validation_error(message)
@@ -248,7 +254,9 @@ module Spid
248
254
  if settings
249
255
  idp_metadata = Spid::Saml::Metadata.new(settings).get_idp_metadata
250
256
  end
251
-
257
+ #verifico se sono stati scaricati i metadati dell'idp
258
+ return false if validate_metadata_idp(idp_metadata) == false
259
+
252
260
  #carico nei setting l'idp_entity_id
253
261
  entity_descriptor_element = REXML::XPath.first(idp_metadata,"/EntityDescriptor")
254
262
  if !entity_descriptor_element.nil?
@@ -334,6 +342,14 @@ module Spid
334
342
  end
335
343
 
336
344
 
345
+ #validate presenza dei metadata per idp
346
+ def validate_metadata_idp(metadata_idp)
347
+ if metadata_idp.blank?
348
+ validation_error("Metadata idp non raggiungibile per #{settings.idp_entity_id}")
349
+ else
350
+ return true
351
+ end
352
+ end
337
353
 
338
354
  # Validates the SAML version (2.0)
339
355
  # If fails, the error is added to the errors array.
@@ -498,11 +514,12 @@ module Spid
498
514
 
499
515
  return true if settings.assertion_consumer_service_url.nil? || settings.assertion_consumer_service_url.empty?
500
516
 
501
- unless Spid::Saml::Utils.uri_match?(destination, settings.assertion_consumer_service_url)
502
- # error_msg = "The response was received at #{destination} instead of #{settings.assertion_consumer_service_url}"
503
- # return append_error(error_msg)
504
- return soft ? false : validation_error("The response was received at #{destination} instead of #{settings.assertion_consumer_service_url}")
505
- end
517
+ #DA-RIPRISTINARE!
518
+ # unless Spid::Saml::Utils.uri_match?(destination, settings.assertion_consumer_service_url)
519
+ # # error_msg = "The response was received at #{destination} instead of #{settings.assertion_consumer_service_url}"
520
+ # # return append_error(error_msg)
521
+ # return soft ? false : validation_error("The response was received at #{destination} instead of #{settings.assertion_consumer_service_url}")
522
+ # end
506
523
 
507
524
  true
508
525
  end
data/spid-es.gemspec CHANGED
@@ -2,7 +2,7 @@ $LOAD_PATH.push File.expand_path('../lib', __FILE__)
2
2
 
3
3
  Gem::Specification.new do |s|
4
4
  s.name = 'spid-es'
5
- s.version = '0.0.41'
5
+ s.version = '0.0.46'
6
6
 
7
7
  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
8
8
  s.authors = ["Fabiano Pavan"]
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: spid-es
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.41
4
+ version: 0.0.46
5
5
  platform: ruby
6
6
  authors:
7
7
  - Fabiano Pavan
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-10-22 00:00:00.000000000 Z
11
+ date: 2021-01-26 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: canonix