spid-es 0.0.42 → 0.0.47

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/lib/spid/ruby-saml/metadata.rb +16 -9
  3. data/lib/spid/ruby-saml/response.rb +20 -10
  4. data/spid-es.gemspec +1 -1
  5. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 98963a0fb7909e5e96d105a61d7b3a0c10378b39617dbaadb0c5dfdf6ac8e044
4
- data.tar.gz: 293a46c2471be93d09a6265d28b053f2fce3271d0380ab3981d435f9268023f2
3
+ metadata.gz: ed5837ad5504c2b427af66f7724ce59bab4932d0f7c3d055e80fbe96cb96126c
4
+ data.tar.gz: 26202f27978363a917bd6deda6a2c6a6485791e5b9e89f2b34246d71bba1cf64
5
5
  SHA512:
6
- metadata.gz: 55da9133c1d43fa72384e17d612c86c81ee0cb88f536991a272285c11d2f4cca582ce346d7288055a73ab97ceaac37104e6aedababba781a60a2d4902d76d6d3
7
- data.tar.gz: 08569eb6ffca8f6fa3e34e31a0c2972fdd049e721ffc7774081c8d98b3283a0034f43ca9baa9da15fcbb38305eadbe68a6a1196f19003aedc4ab0de24c0835e5
6
+ metadata.gz: 4a1fc512a4372c0ae73a69ea60534da0403811b70f2de372e060f8fd2bcd0bc801f88165fcc68127fd726862bdcc359827475ba62b714b9d7ca2347265b57a63
7
+ data.tar.gz: 7e52ca39ea8f39b10744f090cfb9173dec91254c2775b70781b632dd8480be91153d3c539d3ab21391111d69605de30e21fb5be22d498b4a393e6e48342bfb7d
data/lib/spid/ruby-saml/metadata.rb CHANGED
@@ -21,6 +21,8 @@ module Spid
21
21
 
22
22
  attr_accessor :uuid
23
23
 
24
+ @@cache = {}
25
+
24
26
  def initialize(settings=nil)
25
27
  if settings
26
28
  @settings = settings
@@ -392,7 +394,6 @@ module Spid
392
394
  end
393
395
 
394
396
  meta_doc = get_idp_metadata
395
-
396
397
  return nil unless meta_doc
397
398
  # first try GET (REDIRECT)
398
399
  sso_element = REXML::XPath.first(meta_doc, "/EntityDescriptor/IDPSSODescriptor/#{service}[@Binding='#{HTTP_GET}']")
@@ -449,20 +450,26 @@ module Spid
449
450
  # returns a REXML document of the metadata
450
451
  def get_idp_metadata
451
452
  return false if @settings.idp_metadata.nil?
452
-
453
453
  # Look up the metdata in cache first
454
454
  id = Digest::MD5.hexdigest(@settings.idp_metadata)
455
- response = fetch(@settings.idp_metadata)
456
- #meta_text = response.body
457
- #testo_response = meta_text.sub!(' xmlns:xml="http://www.w3.org/XML/1998/namespace"', '') da errori
458
- #uso nokogiri per cercare il certificato, uso la funzione che rimuove tutti i namespace
459
- doc_noko = Nokogiri::XML(response.body.gsub(/\n/, "").gsub(/\t/, "")) #modifica per poste
460
- doc_noko.remove_namespaces!
455
+ unless @@cache[id].blank?
456
+ Logging.debug "IdP metadata cache used for #{@settings.idp_metadata}"
457
+ doc_noko = @@cache[id]
458
+ else #save in cache
459
+ response = fetch(@settings.idp_metadata)
460
+ #meta_text = response.body
461
+ #testo_response = meta_text.sub!(' xmlns:xml="http://www.w3.org/XML/1998/namespace"', '') da errori
462
+ #uso nokogiri per cercare il certificato, uso la funzione che rimuove tutti i namespace
463
+ doc_noko = Nokogiri::XML(response.body.gsub(/\n/, "").gsub(/\t/, "")) #modifica per poste
464
+ doc_noko.remove_namespaces!
465
+ #save
466
+ @@cache[id] = doc_noko
467
+ end
461
468
  extract_certificate(doc_noko)
462
469
  doc_rexml = REXML::Document.new(doc_noko.to_xml)
463
-
464
470
  return doc_rexml
465
471
 
472
+
466
473
  # USE OF CACHE WITH CERTIFICATE
467
474
  # lookup = @cache.read(id)
468
475
  # if lookup != nil
data/lib/spid/ruby-saml/response.rb CHANGED
@@ -235,6 +235,12 @@ module Spid
235
235
  return node_cond_not_on_or_after.attributes["NotOnOrAfter"] unless node_cond_not_on_or_after.blank?
236
236
  end
237
237
 
238
+ #ricavo l'issue instant della request
239
+ def assertion_authninstant
240
+ node_authn_statement = xpath_first_from_signed_assertion('/a:AuthnStatement')
241
+ return node_authn_statement.attributes["AuthnInstant"] unless node_authn_statement.blank?
242
+ end
243
+
238
244
  private
239
245
 
240
246
  def validation_error(message)
@@ -249,7 +255,7 @@ module Spid
249
255
  idp_metadata = Spid::Saml::Metadata.new(settings).get_idp_metadata
250
256
  end
251
257
  #verifico se sono stati scaricati i metadati dell'idp
252
- return false if validate_metadata_idp(soft) == false
258
+ return false if validate_metadata_idp(idp_metadata) == false
253
259
 
254
260
  #carico nei setting l'idp_entity_id
255
261
  entity_descriptor_element = REXML::XPath.first(idp_metadata,"/EntityDescriptor")
@@ -285,7 +291,7 @@ module Spid
285
291
  return true if settings.skip_validation == true
286
292
 
287
293
  # document.validte populates the idp_cert
288
- return false if document.validate_document(get_fingerprint, soft) == false
294
+ #return false if document.validate_document(get_fingerprint, soft) == false #DA TOGLIERE, FIX PER DOPPIO CERTIFICATO POSTE
289
295
 
290
296
  # validate response code
291
297
  return false if success? == false
@@ -337,9 +343,12 @@ module Spid
337
343
 
338
344
 
339
345
  #validate presenza dei metadata per idp
340
- def validate_metadata_idp(soft=true)
341
- return (soft ? false : validation_error("Metadata idp non raggiungibile per #{settings.idp_entity_id}")) if document.blank?
342
- true
346
+ def validate_metadata_idp(metadata_idp)
347
+ if metadata_idp.blank?
348
+ validation_error("Metadata idp non raggiungibile per #{settings.idp_entity_id}")
349
+ else
350
+ return true
351
+ end
343
352
  end
344
353
 
345
354
  # Validates the SAML version (2.0)
@@ -505,11 +514,12 @@ module Spid
505
514
 
506
515
  return true if settings.assertion_consumer_service_url.nil? || settings.assertion_consumer_service_url.empty?
507
516
 
508
- unless Spid::Saml::Utils.uri_match?(destination, settings.assertion_consumer_service_url)
509
- # error_msg = "The response was received at #{destination} instead of #{settings.assertion_consumer_service_url}"
510
- # return append_error(error_msg)
511
- return soft ? false : validation_error("The response was received at #{destination} instead of #{settings.assertion_consumer_service_url}")
512
- end
517
+ #DA-RIPRISTINARE!
518
+ # unless Spid::Saml::Utils.uri_match?(destination, settings.assertion_consumer_service_url)
519
+ # # error_msg = "The response was received at #{destination} instead of #{settings.assertion_consumer_service_url}"
520
+ # # return append_error(error_msg)
521
+ # return soft ? false : validation_error("The response was received at #{destination} instead of #{settings.assertion_consumer_service_url}")
522
+ # end
513
523
 
514
524
  true
515
525
  end
data/spid-es.gemspec CHANGED
@@ -2,7 +2,7 @@ $LOAD_PATH.push File.expand_path('../lib', __FILE__)
2
2
 
3
3
  Gem::Specification.new do |s|
4
4
  s.name = 'spid-es'
5
- s.version = '0.0.42'
5
+ s.version = '0.0.47'
6
6
 
7
7
  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
8
8
  s.authors = ["Fabiano Pavan"]
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: spid-es
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.42
4
+ version: 0.0.47
5
5
  platform: ruby
6
6
  authors:
7
7
  - Fabiano Pavan
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-12-28 00:00:00.000000000 Z
11
+ date: 2021-02-25 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: canonix