spid-es 0.0.18 → 0.0.19
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/lib/spid/ruby-saml/metadata.rb +22 -3
- data/lib/spid/ruby-saml/settings.rb +16 -6
- data/spid-es.gemspec +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
|
-
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: 451ae4ac0178b95e682424be4d797a503a7f54e9d7fb4594568f532117396551
|
4
|
+
data.tar.gz: e68163f57cba1896b588ddd33e069719071c34a0fdaed1ebfa2d7e9f6026e179
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: d4a45064042c4523f8a528a7e959b9d9caf7baaaae88a492e2b3466f64a744a5e10ae93d070f1a6070e7b70975401329702463d511b2b0405dfec2b372ac4d98
|
7
|
+
data.tar.gz: 63b464fc4a5a512a0aa37d2e95b0ebb29754a82bd96051ab12cb256dd6b3ebbca523edd0911f868137caaa850125eb264337372696c6b01c7aa35c0e613ef3a7
|
@@ -67,7 +67,8 @@ module Spid
|
|
67
67
|
# end
|
68
68
|
|
69
69
|
# Add KeyDescriptor if messages will be signed / encrypted
|
70
|
-
cert = settings.get_sp_cert
|
70
|
+
#cert = settings.get_sp_cert
|
71
|
+
cert = settings.get_cert(settings.sp_cert)
|
71
72
|
if cert
|
72
73
|
|
73
74
|
if cert.is_a?(String)
|
@@ -88,7 +89,24 @@ module Spid
|
|
88
89
|
# xc2.text = cert_text
|
89
90
|
end
|
90
91
|
|
91
|
-
|
92
|
+
if !settings.sp_external_consumer_cert.nil? && settings.sp_external_consumer_cert.length > 0
|
93
|
+
settings.sp_external_consumer_cert.each{ |cert_cons_external|
|
94
|
+
cert_ex = settings.get_cert(cert_cons_external)
|
95
|
+
if cert_ex
|
96
|
+
|
97
|
+
if cert_ex.is_a?(String)
|
98
|
+
cert_ex = OpenSSL::X509::Certificate.new(cert_ex)
|
99
|
+
end
|
100
|
+
|
101
|
+
cert_text = Base64.encode64(cert_ex.to_der).to_s.gsub(/\n/, "").gsub(/\t/, "")
|
102
|
+
kd = sp_sso.add_element "md:KeyDescriptor", { "use" => "signing" }
|
103
|
+
ki = kd.add_element "ds:KeyInfo", {"xmlns:ds" => "http://www.w3.org/2000/09/xmldsig#"}
|
104
|
+
xd = ki.add_element "ds:X509Data"
|
105
|
+
xc = xd.add_element "ds:X509Certificate"
|
106
|
+
xc.text = cert_text
|
107
|
+
end
|
108
|
+
}
|
109
|
+
end
|
92
110
|
|
93
111
|
if settings.single_logout_service_url != nil
|
94
112
|
sp_sso.add_element "md:SingleLogoutService", {
|
@@ -226,7 +244,8 @@ module Spid
|
|
226
244
|
# xc2.text = cert_text
|
227
245
|
# end
|
228
246
|
|
229
|
-
cert = settings.get_sp_cert
|
247
|
+
#cert = settings.get_sp_cert
|
248
|
+
cert = settings.get_cert(settings.sp_cert) #inserisco il certificato principale
|
230
249
|
# embed signature
|
231
250
|
if settings.metadata_signed && settings.sp_private_key && settings.sp_cert
|
232
251
|
private_key = settings.get_sp_key
|
@@ -4,7 +4,7 @@ module Spid
|
|
4
4
|
module Saml
|
5
5
|
class Settings
|
6
6
|
|
7
|
-
attr_accessor :sp_name_qualifier, :sp_name_identifier, :sp_cert, :sp_private_key, :metadata_signed, :requested_attribute,:requested_attribute_eidas_min, :requested_attribute_eidas_full, :organization
|
7
|
+
attr_accessor :sp_name_qualifier, :sp_name_identifier, :sp_cert, :sp_external_consumer_cert, :sp_private_key, :metadata_signed, :requested_attribute,:requested_attribute_eidas_min, :requested_attribute_eidas_full, :organization
|
8
8
|
attr_accessor :idp_sso_target_url, :idp_cert_fingerprint, :idp_cert, :idp_slo_target_url, :idp_metadata, :idp_metadata_ttl, :idp_name_qualifier
|
9
9
|
attr_accessor :assertion_consumer_service_binding, :assertion_consumer_service_url, :assertion_consumer_service_index, :attribute_consuming_service_index, :hash_assertion_consumer
|
10
10
|
attr_accessor :name_identifier_value, :name_identifier_format
|
@@ -54,13 +54,23 @@ module Spid
|
|
54
54
|
|
55
55
|
# @return [OpenSSL::X509::Certificate|nil] Build the SP certificate from the settings (previously format it)
|
56
56
|
#
|
57
|
-
|
58
|
-
|
59
|
-
|
60
|
-
|
61
|
-
|
57
|
+
#Questo metodo e' stato generalizzato sotto
|
58
|
+
# def get_sp_cert
|
59
|
+
# return nil if sp_cert.nil? || sp_cert.empty?
|
60
|
+
# #decoded_content = Base64.decode64(File.read(sp_cert))
|
61
|
+
# formatted_cert = Spid::Saml::Utils.format_cert(sp_cert)
|
62
|
+
# OpenSSL::X509::Certificate.new(File.read(sp_cert))
|
63
|
+
# end
|
64
|
+
|
65
|
+
def get_cert(cert)
|
66
|
+
return nil if cert.nil? || cert.empty?
|
67
|
+
#decoded_content = Base64.decode64(File.read(cert))
|
68
|
+
formatted_cert = Spid::Saml::Utils.format_cert(cert)
|
69
|
+
OpenSSL::X509::Certificate.new(File.read(cert))
|
62
70
|
end
|
63
71
|
|
72
|
+
|
73
|
+
|
64
74
|
# @return [OpenSSL::PKey::RSA] Build the SP private from the settings (previously format it)
|
65
75
|
#
|
66
76
|
def get_sp_key
|
data/spid-es.gemspec
CHANGED
@@ -2,7 +2,7 @@ $LOAD_PATH.push File.expand_path('../lib', __FILE__)
|
|
2
2
|
|
3
3
|
Gem::Specification.new do |s|
|
4
4
|
s.name = 'spid-es'
|
5
|
-
s.version = '0.0.
|
5
|
+
s.version = '0.0.19'
|
6
6
|
|
7
7
|
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
8
8
|
s.authors = ["Fabiano Pavan"]
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: spid-es
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.19
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Fabiano Pavan
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2019-08-
|
11
|
+
date: 2019-08-07 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: canonix
|
@@ -142,7 +142,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
142
142
|
version: '0'
|
143
143
|
requirements: []
|
144
144
|
rubyforge_project:
|
145
|
-
rubygems_version: 2.
|
145
|
+
rubygems_version: 2.7.8
|
146
146
|
signing_key:
|
147
147
|
specification_version: 4
|
148
148
|
summary: SAML Ruby Tookit Spid
|