spid-es 0.0.23 → 0.0.24

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/lib/spid/ruby-saml/metadata.rb +4 -3
  3. data/lib/spid/ruby-saml/response.rb +23 -16
  4. data/spid-es.gemspec +1 -1
  5. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 94627fabd1026d5ef9e46d3753d3c350fd84dc84d9e976b52582c9188c959580
4
- data.tar.gz: de6042d8cc7089415ab31f12c6ebe7f4d4e45a509f71c01aeca53cb0df30c889
3
+ metadata.gz: 26b9ca5bca45877a5b6bebc563ac36e2477449c823cf223c648abe49ab16def0
4
+ data.tar.gz: 60976ddb66cee847aa3f7bf95438590957fb137f22964b6223461d16f450138a
5
5
  SHA512:
6
- metadata.gz: 22186ddb76b20451e0ac1171fab10ddfba0dfc2c033c42e540876e8a75f0975e109e2d3a894e41ca3353794fecd6714708c825b807c93762659e44914bfedd3a
7
- data.tar.gz: 7c731740767fb10fd71833522ac9603ea3dbb983a2854c5ea711f80b835328f997ad76fa9771f2b91043db784ce56d375ebb48bb72a17f267fa0c88012b7bb99
6
+ metadata.gz: 20e31accd525285e23c2c6ca25f6a6259605bf44ae28c0273c222d000b8abca51419471174af8800ec58169a8feea10ece60eabeca6506043147e8bce0050488
7
+ data.tar.gz: 8d7aa546d80c0cb87070b0e7cdfb1cb8fe4aea939749fccb40293cb1b28480314c1be832d8b4fb5bcb21d4912dd052a03723cbb07b0c91d3c35b472c3453b816
data/lib/spid/ruby-saml/metadata.rb CHANGED
@@ -47,9 +47,10 @@ module Spid
47
47
  if settings.issuer != nil
48
48
  root.attributes["entityID"] = settings.issuer
49
49
  end
50
- uuid = "_" + UUID.new.generate
51
- self.uuid = uuid
52
- root.attributes["ID"] = uuid
50
+ #Tolto per non far cambiare sempre il metadata
51
+ # uuid = "_" + UUID.new.generate
52
+ # self.uuid = uuid
53
+ # root.attributes["ID"] = uuid
53
54
 
54
55
  sp_sso = root.add_element "md:SPSSODescriptor", {
55
56
  "protocolSupportEnumeration" => "urn:oasis:names:tc:SAML:2.0:protocol",
data/lib/spid/ruby-saml/response.rb CHANGED
@@ -268,6 +268,8 @@ module Spid
268
268
  return false if validate_destination(soft) == false
269
269
  #validazione status
270
270
  return false if validate_status(soft) == false
271
+ #validazione inresponseto
272
+ return false if validate_presence_inresponseto(soft) == false
271
273
  #validazione issuer
272
274
  return false if validate_issuer(soft) == false
273
275
  #validazioni varie su asserzioni
@@ -312,6 +314,11 @@ module Spid
312
314
  end
313
315
  end
314
316
 
317
+ def validate_presence_inresponseto(soft=true)
318
+ response_to_id_value = response_to_id
319
+ return (soft ? false : validation_error("InResponseTo non specificato o mancante")) if response_to_id_value.blank?
320
+ end
321
+
315
322
 
316
323
 
317
324
  #validate status e status code
@@ -344,16 +351,16 @@ module Spid
344
351
  end
345
352
 
346
353
  def version_assertion(document)
347
- assertion_nodes = xpath_from_signed_assertion()
348
- @version_assertion = "2.0"
349
- #ciclo sui nodi delle asserzioni, se uno ha una versione diversa da 2.0 ritorno nil
350
- unless assertion_nodes.blank?
351
- assertion_nodes.each{ |ass_node|
352
- return nil if ass_node.attributes['Version'] != "2.0"
353
- }
354
- end
355
- @version_assertion
356
- end
354
+ assertion_nodes = xpath_from_signed_assertion()
355
+ @version_assertion = "2.0"
356
+ #ciclo sui nodi delle asserzioni, se uno ha una versione diversa da 2.0 ritorno nil
357
+ unless assertion_nodes.blank?
358
+ assertion_nodes.each{ |ass_node|
359
+ return nil if ass_node.attributes['Version'] != "2.0"
360
+ }
361
+ end
362
+ @version_assertion
363
+ end
357
364
 
358
365
  def validate_version(soft = true)
359
366
  unless version(self.document) == "2.0"
@@ -364,12 +371,12 @@ module Spid
364
371
  end
365
372
 
366
373
  def validate_version_assertion(soft = true)
367
- unless version_assertion(self.document) == "2.0"
368
- #return append_error("Unsupported SAML version")
369
- return soft ? false : validation_error("Unsupported SAML Assertion version")
370
- end
371
- true
372
- end
374
+ unless version_assertion(self.document) == "2.0"
375
+ #return append_error("Unsupported SAML version")
376
+ return soft ? false : validation_error("Unsupported SAML Assertion version")
377
+ end
378
+ true
379
+ end
373
380
 
374
381
  def validate_signed_elements(soft = true)
375
382
  signature_nodes = REXML::XPath.match(decrypted_document.nil? ? document : decrypted_document,"//ds:Signature",{"ds"=>DSIG})
data/spid-es.gemspec CHANGED
@@ -2,7 +2,7 @@ $LOAD_PATH.push File.expand_path('../lib', __FILE__)
2
2
 
3
3
  Gem::Specification.new do |s|
4
4
  s.name = 'spid-es'
5
- s.version = '0.0.23'
5
+ s.version = '0.0.24'
6
6
 
7
7
  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
8
8
  s.authors = ["Fabiano Pavan"]
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: spid-es
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.23
4
+ version: 0.0.24
5
5
  platform: ruby
6
6
  authors:
7
7
  - Fabiano Pavan
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-05-08 00:00:00.000000000 Z
11
+ date: 2020-06-12 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: canonix
@@ -140,7 +140,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
140
140
  - !ruby/object:Gem::Version
141
141
  version: '0'
142
142
  requirements: []
143
- rubygems_version: 3.0.8
143
+ rubygems_version: 3.0.6
144
144
  signing_key:
145
145
  specification_version: 4
146
146
  summary: SAML Ruby Tookit Spid