spid-es 0.0.49 → 0.0.51

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/lib/spid/ruby-saml/authrequest.rb +11 -3
  3. data/lib/spid/ruby-saml/metadata.rb +1 -1
  4. data/lib/spid/ruby-saml/response.rb +4 -2
  5. data/lib/spid/ruby-saml/settings.rb +1 -1
  6. data/lib/spid/xml_security_new.rb +1 -0
  7. data/spid-es.gemspec +1 -1
  8. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 96b349fe25c4614fc0d793c64c10716be3c9594b08e8d73ff5c421c637ef3816
4
- data.tar.gz: a959dbd5b0e47021ebfa2cd07c3d4642ff68b7477f4b2cf7d248c3487d7f4364
3
+ metadata.gz: a6f3772185b3430b84c5c85ea18dbd1a701795ff5a96c910a064ab6870926fde
4
+ data.tar.gz: 1a483c53ae1b70a24e32ce4eb9191b6cc05de1decc5bbd668befa30fff992566
5
5
  SHA512:
6
- metadata.gz: 2a3bdf6a060e53b2e07e6376b59eb843be93366369f29ffd04cf28e89781b4be827003f9569286884e38b7183dbde805510ebd857d7528374cde8748aaac66a3
7
- data.tar.gz: 1ffa3ab7753b1559bd6492165e6a3319e16d7b26b12afb644ee7a4bcd11dc4e83e91ebc22d3429b4d23347e2a60c5f611e4eac3a89933ce4a392319a81368683
6
+ metadata.gz: d4907d3a3ea8c5fd00962f1b53810f3a2034a53e65c8a93c782d1dffaf7866f19746cbb3ef7ad31f2014153406d51164f19fc1adf047a3150def07b245c96453
7
+ data.tar.gz: d461f228b2abcbe619bf7947d55c7c4b9d59bd345ed53b53904caf9679ac6eb356f66b59713a2e92effb17fabf8a106b28ea7e2610ec74a19c4fe27335bcbc41
data/lib/spid/ruby-saml/authrequest.rb CHANGED
@@ -29,9 +29,8 @@ module Spid::Saml
29
29
  # Create AuthnRequest root element using REXML
30
30
  request_doc = Spid::XMLSecurityNew::Document.new
31
31
  request_doc.context[:attribute_quote] = :quote
32
- root = request_doc.add_element "saml2p:AuthnRequest", { "xmlns:saml2p" => "urn:oasis:names:tc:SAML:2.0:protocol",
33
- "xmlns:saml2" => "urn:oasis:names:tc:SAML:2.0:assertion"
34
- }
32
+ root = request_doc.add_element "saml2p:AuthnRequest", { "xmlns:saml2p" => "urn:oasis:names:tc:SAML:2.0:protocol",
33
+ "xmlns:saml2" => "urn:oasis:names:tc:SAML:2.0:assertion" }
35
34
  root.attributes['ID'] = uuid
36
35
  root.attributes['IssueInstant'] = time
37
36
  root.attributes['Version'] = "2.0"
@@ -60,6 +59,15 @@ module Spid::Saml
60
59
  issuer.text = @settings.issuer #questo valore deve essere uguale al #entityID dei metadata che usa @settings.issuer
61
60
  end
62
61
 
62
+ #aggiunta tag purpose (DOPO ISSUER!) per persona giuridica o uso professionale
63
+ if @settings.tipo_accesso != nil
64
+ extension_context = root.add_element "saml2p:Extensions", {
65
+ "xmlns:spid" => "https://spid.gov.it/saml-extensions"
66
+ }
67
+ spid_purpose_element = extension_context.add_element "spid:Purpose"
68
+ spid_purpose_element.text = @settings.tipo_accesso
69
+ end
70
+
63
71
  # #opzionale
64
72
  # unless @settings.sp_name_qualifier.blank?
65
73
  # subject = root.add_element "saml:Subject"
data/lib/spid/ruby-saml/metadata.rb CHANGED
@@ -458,7 +458,7 @@ module Spid
458
458
  #meta_text = response.body
459
459
  #testo_response = meta_text.sub!(' xmlns:xml="http://www.w3.org/XML/1998/namespace"', '') da errori
460
460
  #uso nokogiri per cercare il certificato, uso la funzione che rimuove tutti i namespace
461
- doc_noko = Nokogiri::XML(response.body.gsub(/\n/, "").gsub(/\t/, "")) #modifica per poste
461
+ doc_noko = Nokogiri::XML(response.body.gsub(/\n/, "").gsub(/\t/, "").gsub('>','>')) #modifica per poste e per myid
462
462
  doc_noko.remove_namespaces!
463
463
  #save
464
464
  @@cache[id] = doc_noko
data/lib/spid/ruby-saml/response.rb CHANGED
@@ -160,6 +160,7 @@ module Spid
160
160
  return (soft ? false : validation_error("Issuer of the Assertion not found or multiple."))
161
161
  end
162
162
 
163
+
163
164
  issuer_response_nodes.each{ |iss|
164
165
  #controllo: L'attributo Format di Issuer deve essere presente con il valore urn:oasis:names:tc:SAML:2.0:nameid-format:entity
165
166
  return (soft ? false : validation_error("Elemento Issuer non ha formato corretto ")) if !iss.attributes['Format'].nil? && iss.attributes['Format'] != 'urn:oasis:names:tc:SAML:2.0:nameid-format:entity'
@@ -593,8 +594,9 @@ module Spid
593
594
 
594
595
  node_auth_stat_context_class_ref = xpath_first_from_signed_assertion('/a:AuthnStatement/a:AuthnContext/a:AuthnContextClassRef')
595
596
  #Spider.logger.error "\n\n node_auth_stat_context_class_ref #{node_auth_stat_context_class_ref.text}"
596
- return soft ? false : validation_error("Errore su Asserzione: AuthnContextClassRef di AuthnContext su AuthnStatement vuoto o non L2") if node_auth_stat_context_class_ref.blank? || ( (node_auth_stat_context_class_ref.text != 'https://www.spid.gov.it/SpidL2') && (node_auth_stat_context_class_ref.text != 'https://www.spid.gov.it/SpidL3'))
597
-
597
+ unless settings.no_valid_agid
598
+ return soft ? false : validation_error("Errore su Asserzione: AuthnContextClassRef di AuthnContext su AuthnStatement vuoto o non L2") if node_auth_stat_context_class_ref.blank? || ( (node_auth_stat_context_class_ref.text != 'https://www.spid.gov.it/SpidL2') && (node_auth_stat_context_class_ref.text != 'https://www.spid.gov.it/SpidL3'))
599
+ end
598
600
  node_attr_stmt_attribute_value = xpath_first_from_signed_assertion("/a:AttributeStatement/a:Attribute/a:AttributeValue")
599
601
  #Elemento AttributeStatement presente, ma sottoelemento Attribute non specificato, caso 99
600
602
  return soft ? false : validation_error("Errore su Asserzione: AttributeValue di Attribute su AttributeStatement vuoto") if node_attr_stmt_attribute_value.blank?
data/lib/spid/ruby-saml/settings.rb CHANGED
@@ -10,7 +10,7 @@ module Spid
10
10
  attr_accessor :name_identifier_value, :name_identifier_format
11
11
  attr_accessor :sessionindex, :issuer, :destination_service_url, :authn_context, :requester_identificator
12
12
  attr_accessor :single_logout_service_url, :single_logout_service_binding, :single_logout_destination
13
- attr_accessor :skip_validation, :aggregato, :hash_aggregatore
13
+ attr_accessor :skip_validation, :aggregato, :hash_aggregatore, :tipo_accesso, :no_valid_agid
14
14
 
15
15
  def initialize(config = {})
16
16
  config.each do |k,v|
data/lib/spid/xml_security_new.rb CHANGED
@@ -70,6 +70,7 @@ module Spid
70
70
  algorithm = algorithm && algorithm =~ /(rsa-)?sha(.*?)$/i && $2.to_i
71
71
 
72
72
  case algorithm
73
+ when 256 then OpenSSL::Digest::SHA1
73
74
  when 256 then OpenSSL::Digest::SHA256
74
75
  when 384 then OpenSSL::Digest::SHA384
75
76
  when 512 then OpenSSL::Digest::SHA512
data/spid-es.gemspec CHANGED
@@ -2,7 +2,7 @@ $LOAD_PATH.push File.expand_path('../lib', __FILE__)
2
2
 
3
3
  Gem::Specification.new do |s|
4
4
  s.name = 'spid-es'
5
- s.version = '0.0.49'
5
+ s.version = '0.0.51'
6
6
 
7
7
  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
8
8
  s.authors = ["Fabiano Pavan"]
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: spid-es
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.49
4
+ version: 0.0.51
5
5
  platform: ruby
6
6
  authors:
7
7
  - Fabiano Pavan
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-04-21 00:00:00.000000000 Z
11
+ date: 2024-11-18 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: canonix