spid-es 0.0.5 → 0.0.6

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. checksums.yaml +8 -8
  2. data/lib/spid/ruby-saml/metadata.rb +72 -70
  3. data/lib/xml_security_new.rb +14 -10
  4. data/spid-es.gemspec +1 -1
  5. metadata +1 -1
checksums.yaml CHANGED
@@ -1,15 +1,15 @@
1
1
  ---
2
2
  !binary "U0hBMQ==":
3
3
  metadata.gz: !binary |-
4
- MjAzZWFhMmIyYTVmNDYwNjRlNjViNGE3MjdiN2Q3ODIwZTI2M2JmNw==
4
+ ZjAzNzZkNWNkYzgyYzkxMmQ3YWU2OTE0NDg3NWRjM2RjMjkyOTY0NA==
5
5
  data.tar.gz: !binary |-
6
- ZTJkMzY0NmFkNWMzY2U5NDEyYzI1MjkxY2M3YmEwNmI4ODZlODJlNQ==
6
+ MmMyMjIzOWU2ZmRiMWExMGI4YmFiN2JjODBmYjJiNGRjZTM3MWIwYQ==
7
7
  SHA512:
8
8
  metadata.gz: !binary |-
9
- ZTkyM2M1ZDU0OWE4NzU0NmQzNWFkZTY3ZjNkODNhMjRmODkxZGFkMjNiZmNi
10
- NDUyOWIzNGZlYWQ5MTZlOWNkZWM4MTIyYWE1OGU5NzYwOThkMmE4YWQ4NGEy
11
- NDc1NjVhODk1ZDZlODI5MmI1M2ZjNmM1MTIxNTY5NDNkZTgwMDk=
9
+ MWEzNGJmNmJhZDZkZDM5ZjY4NTA0Mjk2Y2NjNjBmZTAxMTE4NjZmMjg3NDdm
10
+ Y2FkMzI4M2QzNWRjM2ZjOGZjM2UzYWE1OGM0OTRjZWM4N2Q3NGMwZGU2NWVh
11
+ YzhlYjMwOWQ0YzNjY2RhZjViYzU0OGI3MGY0YmEwYTM4NDZkMGU=
12
12
  data.tar.gz: !binary |-
13
- ODA1ZmMzMjVmZTNmZWZlMjE0ZDE3ZTE3NzBkY2JhYzA5ZTM0ZTU2YmE5M2Fl
14
- YjA0OTU5ZTY3NzlmNmY2YTg5YjlhZjJjMDA1NzMxYTYyYzIxMDI3N2I0YTk5
15
- ODM4NDg1MWYwYWI3NTRmNGEwN2ViYWE2ODU5MjRkYjRhYzEzOWI=
13
+ YTU4YzJhZmFhM2E2YzMzOTk2ZWJiYTlkZjg3N2FkZTdlOWIzZjc3MjJkZDVk
14
+ MmMzYWEyZTY1MmE1Zjc5YjNhZjY1ZmE3ZThlZTJjYzU1ZjUwZWVlNGE2ZDJl
15
+ ZjllNWU2YzVmZTEwZDlkMGUzYmU3MDMxZTk5MmYxMzE3YmVjZTE=
data/lib/spid/ruby-saml/metadata.rb CHANGED
@@ -45,85 +45,89 @@ module Spid
45
45
  sp_sso = root.add_element "md:SPSSODescriptor", {
46
46
  "protocolSupportEnumeration" => "urn:oasis:names:tc:SAML:2.0:protocol",
47
47
  "WantAssertionsSigned" => "true",
48
- "AuthnRequestsSigned" => "true"
48
+ "AuthnRequestsSigned" => "1"
49
49
 
50
50
  }
51
- name_identifier_formats = settings.name_identifier_format
52
- if name_identifier_formats != nil
53
- name_id = []
54
- name_identifier_formats.each_with_index{ |format, index|
55
- name_id[index] = sp_sso.add_element "md:NameIDFormat"
56
- name_id[index].text = format
57
- }
58
-
59
- end
60
- if settings.sp_cert != nil
61
- keyDescriptor = sp_sso.add_element "md:KeyDescriptor", {
62
- "use" => "signing"
63
- }
64
- keyInfo = keyDescriptor.add_element "ds:KeyInfo", {
65
- "xmlns:ds" => "http://www.w3.org/2000/09/xmldsig#"
66
- }
67
- x509Data = keyInfo.add_element "ds:X509Data"
68
- x509Certificate = x509Data.add_element "ds:X509Certificate"
69
- file = ""
70
- File.foreach(settings.sp_cert){ |line|
71
- file += line unless (line.include?("RSA PUBLIC KEY") || line.include?("CERTIFICATE"))
72
- }
73
- x509Certificate.text = file
74
- end
75
- if settings.assertion_consumer_service_url != nil
76
- sp_sso.add_element "md:AssertionConsumerService", {
77
- # Add this as a setting to create different bindings?
78
- "Binding" => "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST",
79
- "Location" => settings.assertion_consumer_service_url,
80
- "index" => "0",
81
- "isDefault" => "true"
82
- }
83
- end
84
- if settings.single_logout_service_url != nil
85
- sp_sso.add_element "md:SingleLogoutService", {
86
- "Binding" => "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect",
87
- "Location" => settings.single_logout_service_url
88
- }
89
- sp_sso.add_element "md:SingleLogoutService", {
90
- "Binding" => "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST",
91
- "Location" => settings.single_logout_service_url
92
- }
93
- end
94
- #AttributeConsumingService
95
- attr_cons_service = sp_sso.add_element "md:AttributeConsumingService", {
96
- "index" => "0",
51
+ if settings.sp_cert != nil
52
+ keyDescriptor = sp_sso.add_element "md:KeyDescriptor", {
53
+ "use" => "signing"
97
54
  }
98
- service_name = attr_cons_service.add_element "md:ServiceName", {
99
- "xml:lang" => "it"
100
- }
101
- service_name.text = "User Data"
102
- settings.requested_attribute.each_with_index{ |attribute, index|
103
- attr_cons_service.add_element "md:RequestedAttribute", {
104
- "Name" => attribute
105
- }
55
+ keyInfo = keyDescriptor.add_element "ds:KeyInfo", {
56
+ "xmlns:ds" => "http://www.w3.org/2000/09/xmldsig#"
57
+ }
58
+ x509Data = keyInfo.add_element "ds:X509Data"
59
+ x509Certificate = x509Data.add_element "ds:X509Certificate"
60
+ file = ""
61
+ File.foreach(settings.sp_cert){ |line|
62
+ file += line unless (line.include?("RSA PUBLIC KEY") || line.include?("CERTIFICATE"))
63
+ }
64
+ x509Certificate.text = file
65
+ end
66
+ if settings.single_logout_service_url != nil
67
+ sp_sso.add_element "md:SingleLogoutService", {
68
+ "Binding" => "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect",
69
+ "Location" => settings.single_logout_service_url
70
+ }
71
+ sp_sso.add_element "md:SingleLogoutService", {
72
+ "Binding" => "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST",
73
+ "Location" => settings.single_logout_service_url
74
+ }
75
+ end
76
+
77
+ name_identifier_formats = settings.name_identifier_format
78
+ if name_identifier_formats != nil
79
+ name_id = []
80
+ name_identifier_formats.each_with_index{ |format, index|
81
+ name_id[index] = sp_sso.add_element "md:NameIDFormat"
82
+ name_id[index].text = format
106
83
  }
107
84
 
108
- #organization
109
- organization = root.add_element "md:Organization"
110
- org_name = organization.add_element "md:OrganizationName", {
111
- "xml:lang" => "it"
85
+ end
86
+
87
+ if settings.assertion_consumer_service_url
88
+ sp_sso.add_element "md:AssertionConsumerService", {
89
+ "Binding" => settings.assertion_consumer_service_binding,
90
+ "Location" => settings.assertion_consumer_service_url,
91
+ "isDefault" => true,
92
+ "index" => 0
112
93
  }
113
- org_name.text = settings.organization['org_name']
114
- org_display_name = organization.add_element "md:OrganizationDisplayName", {
94
+ end
95
+
96
+
97
+
98
+ #AttributeConsumingService
99
+ attr_cons_service = sp_sso.add_element "md:AttributeConsumingService", {
100
+ "index" => "0",
101
+ }
102
+ service_name = attr_cons_service.add_element "md:ServiceName", {
115
103
  "xml:lang" => "it"
116
104
  }
117
- org_display_name.text = settings.organization['org_display_name']
118
- org_url = organization.add_element "md:OrganizationURL", {
119
- "xml:lang" => "it"
105
+ service_name.text = "User Data"
106
+ settings.requested_attribute.each_with_index{ |attribute, index|
107
+ attr_cons_service.add_element "md:RequestedAttribute", {
108
+ "Name" => attribute
120
109
  }
121
- org_url.text = settings.organization['org_url']
110
+ }
111
+
112
+ #organization
113
+ organization = root.add_element "md:Organization"
114
+ org_name = organization.add_element "md:OrganizationName", {
115
+ "xml:lang" => "it"
116
+ }
117
+ org_name.text = settings.organization['org_name']
118
+ org_display_name = organization.add_element "md:OrganizationDisplayName", {
119
+ "xml:lang" => "it"
120
+ }
121
+ org_display_name.text = settings.organization['org_display_name']
122
+ org_url = organization.add_element "md:OrganizationURL", {
123
+ "xml:lang" => "it"
124
+ }
125
+ org_url.text = settings.organization['org_url']
122
126
 
123
127
  #meta_doc << REXML::XMLDecl.new(version='1.0', encoding='UTF-8')
124
128
  meta_doc << REXML::XMLDecl.new("1.0", "UTF-8")
125
129
 
126
- cert = settings.get_sp_cert
130
+
127
131
  #SE SERVE ANCHE ENCRYPTION
128
132
  # # Add KeyDescriptor if messages will be signed / encrypted
129
133
  #
@@ -142,18 +146,16 @@ module Spid
142
146
  # xc2.text = cert_text
143
147
  # end
144
148
 
149
+ cert = settings.get_sp_cert
145
150
  # embed signature
146
151
  if settings.metadata_signed && settings.sp_private_key && settings.sp_cert
147
152
  private_key = settings.get_sp_key
148
-
149
153
  meta_doc.sign_document(private_key, cert)
150
154
  end
151
155
 
152
-
153
-
154
156
  ret = ""
155
157
  # pretty print the XML so IdP administrators can easily see what the SP supports
156
- meta_doc.write(ret)
158
+ meta_doc.write(ret, 1)
157
159
 
158
160
  #Logging.debug "Generated metadata:\n#{ret}"
159
161
 
data/lib/xml_security_new.rb CHANGED
@@ -158,16 +158,20 @@ module XMLSecurityNew
158
158
  x509_cert_element.text = Base64.encode64(certificate.to_der).gsub(/\n/, "")
159
159
 
160
160
  # add the signature
161
- issuer_element = self.elements["//saml:Issuer"]
162
- if issuer_element
163
- self.root.insert_after issuer_element, signature_element
164
- else
165
- if sp_sso_descriptor = self.elements["/md:EntityDescriptor"]
166
- self.root.insert_before sp_sso_descriptor, signature_element
167
- else
168
- self.root.add_element(signature_element)
169
- end
170
- end
161
+ # issuer_element = self.elements["//saml:Issuer"]
162
+ # if issuer_element
163
+ # self.root.insert_after issuer_element, signature_element
164
+ # else
165
+ # if sp_sso_descriptor = self.elements["/md:EntityDescriptor"]
166
+ # self.root.insert_before sp_sso_descriptor, signature_element
167
+ # else
168
+ # self.root.add_element(signature_element)
169
+ # end
170
+ # end
171
+ #imposto fissa la posizione in testa
172
+ sp_sso_descriptor = self.root.elements["md:SPSSODescriptor"]
173
+ self.root.insert_before sp_sso_descriptor, signature_element
174
+
171
175
  end
172
176
 
173
177
  protected
data/spid-es.gemspec CHANGED
@@ -2,7 +2,7 @@ $LOAD_PATH.push File.expand_path('../lib', __FILE__)
2
2
 
3
3
  Gem::Specification.new do |s|
4
4
  s.name = 'spid-es'
5
- s.version = '0.0.5'
5
+ s.version = '0.0.6'
6
6
 
7
7
  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
8
8
  s.authors = ["Fabiano Pavan"]
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: spid-es
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.5
4
+ version: 0.0.6
5
5
  platform: ruby
6
6
  authors:
7
7
  - Fabiano Pavan