spid-es 0.0.18 → 0.0.19

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: ee9627c12894721544bae0dffcff43935db926f7
-  data.tar.gz: 267c682708236ffaa265d6af7590577b4e7b836b
+SHA256:
+  metadata.gz: 451ae4ac0178b95e682424be4d797a503a7f54e9d7fb4594568f532117396551
+  data.tar.gz: e68163f57cba1896b588ddd33e069719071c34a0fdaed1ebfa2d7e9f6026e179
 SHA512:
-  metadata.gz: 7d482bb3a99613202e2ef101676f1dfd6f2a86dadf98593b9b506785281c4b9012b0ecec796853ca46caa615ea53378af942249300ad3095c87e7bb7d091ba30
-  data.tar.gz: 9244a6eab9ba4b4a5c79ba2487bbdecb29c9019f46fd85970101a8617ccea5987d853ceb50abc01f5d9df883d4c311d857af2eec1a6d5572e0f1a1f20ecf98cf
+  metadata.gz: d4a45064042c4523f8a528a7e959b9d9caf7baaaae88a492e2b3466f64a744a5e10ae93d070f1a6070e7b70975401329702463d511b2b0405dfec2b372ac4d98
+  data.tar.gz: 63b464fc4a5a512a0aa37d2e95b0ebb29754a82bd96051ab12cb256dd6b3ebbca523edd0911f868137caaa850125eb264337372696c6b01c7aa35c0e613ef3a7

data/lib/spid/ruby-saml/metadata.rb

@@ -67,7 +67,8 @@ module Spid
         # end
 
         # Add KeyDescriptor if messages will be signed / encrypted
-        cert = settings.get_sp_cert
+        #cert = settings.get_sp_cert
+        cert = settings.get_cert(settings.sp_cert)
         if cert
           
           if cert.is_a?(String)
@@ -88,7 +89,24 @@ module Spid
           # xc2.text = cert_text
         end
 
-
+        if !settings.sp_external_consumer_cert.nil? && settings.sp_external_consumer_cert.length > 0
+          settings.sp_external_consumer_cert.each{ |cert_cons_external|
+            cert_ex = settings.get_cert(cert_cons_external)
+            if cert_ex
+              
+              if cert_ex.is_a?(String)
+                cert_ex = OpenSSL::X509::Certificate.new(cert_ex)
+              end
+              
+              cert_text = Base64.encode64(cert_ex.to_der).to_s.gsub(/\n/, "").gsub(/\t/, "")
+              kd = sp_sso.add_element "md:KeyDescriptor", { "use" => "signing" }
+              ki = kd.add_element "ds:KeyInfo", {"xmlns:ds" => "http://www.w3.org/2000/09/xmldsig#"}
+              xd = ki.add_element "ds:X509Data"
+              xc = xd.add_element "ds:X509Certificate"
+              xc.text = cert_text
+            end
+          }
+        end
 
         if settings.single_logout_service_url != nil
           sp_sso.add_element "md:SingleLogoutService", {
@@ -226,7 +244,8 @@ module Spid
         #   xc2.text = cert_text
         # end
 
-        cert = settings.get_sp_cert
+        #cert = settings.get_sp_cert
+        cert = settings.get_cert(settings.sp_cert) #inserisco il certificato principale
         # embed signature
         if settings.metadata_signed && settings.sp_private_key && settings.sp_cert
           private_key = settings.get_sp_key

data/lib/spid/ruby-saml/settings.rb

@@ -4,7 +4,7 @@ module Spid
   module Saml
     class Settings
      
-      attr_accessor :sp_name_qualifier, :sp_name_identifier, :sp_cert, :sp_private_key, :metadata_signed, :requested_attribute,:requested_attribute_eidas_min, :requested_attribute_eidas_full, :organization
+      attr_accessor :sp_name_qualifier, :sp_name_identifier, :sp_cert, :sp_external_consumer_cert, :sp_private_key, :metadata_signed, :requested_attribute,:requested_attribute_eidas_min, :requested_attribute_eidas_full, :organization
       attr_accessor :idp_sso_target_url, :idp_cert_fingerprint, :idp_cert, :idp_slo_target_url, :idp_metadata, :idp_metadata_ttl, :idp_name_qualifier
       attr_accessor :assertion_consumer_service_binding, :assertion_consumer_service_url, :assertion_consumer_service_index, :attribute_consuming_service_index, :hash_assertion_consumer
       attr_accessor :name_identifier_value, :name_identifier_format
@@ -54,13 +54,23 @@ module Spid
 
       # @return [OpenSSL::X509::Certificate|nil] Build the SP certificate from the settings (previously format it)
       #
-      def get_sp_cert
-        return nil if sp_cert.nil? || sp_cert.empty?
-        #decoded_content = Base64.decode64(File.read(sp_cert))
-        formatted_cert = Spid::Saml::Utils.format_cert(sp_cert)
-        OpenSSL::X509::Certificate.new(File.read(sp_cert))
+      #Questo metodo e' stato generalizzato sotto
+      # def get_sp_cert
+      #   return nil if sp_cert.nil? || sp_cert.empty?
+      #   #decoded_content = Base64.decode64(File.read(sp_cert))
+      #   formatted_cert = Spid::Saml::Utils.format_cert(sp_cert)
+      #   OpenSSL::X509::Certificate.new(File.read(sp_cert))
+      # end
+
+      def get_cert(cert)
+        return nil if cert.nil? || cert.empty?
+        #decoded_content = Base64.decode64(File.read(cert))
+        formatted_cert = Spid::Saml::Utils.format_cert(cert)
+        OpenSSL::X509::Certificate.new(File.read(cert))
       end
 
+
+
       # @return [OpenSSL::PKey::RSA] Build the SP private from the settings (previously format it)
       #
       def get_sp_key

data/spid-es.gemspec

@@ -2,7 +2,7 @@ $LOAD_PATH.push File.expand_path('../lib', __FILE__)
 
 Gem::Specification.new do |s|
   s.name = 'spid-es'
-  s.version = '0.0.18'
+  s.version = '0.0.19'
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.authors = ["Fabiano Pavan"]

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: spid-es
 version: !ruby/object:Gem::Version
-  version: 0.0.18
+  version: 0.0.19
 platform: ruby
 authors:
 - Fabiano Pavan
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-08-05 00:00:00.000000000 Z
+date: 2019-08-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: canonix
@@ -142,7 +142,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.2.2
+rubygems_version: 2.7.8
 signing_key: 
 specification_version: 4
 summary: SAML Ruby Tookit Spid