spid 0.2.2 → 0.3.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: f4e8d4ff447582b107751730b91bb3a2d20cc234516a3d0d3d54e3e8082478e8
4
- data.tar.gz: e03ddeedd4ee9bb7dec109f53cfcb04035c29f7d58eb63ee5365f0bd89829bfc
3
+ metadata.gz: 202babbba4b9dae4431cf63d52deea481da1399657cda044e5782893f098b832
4
+ data.tar.gz: e03e68a394474fb59b7c20a4c7e336a21eff7aab876508cab468dcabd8e24449
5
5
  SHA512:
6
- metadata.gz: a151e6770817d6f2ff0e6d18f3178bb6d1a5cb8335df7574bfc49169e8f16271bde3454bb8ba5b1abb1f466f07ba5b5b7d241bcc22328c7850af68e79aa6943d
7
- data.tar.gz: 308b1f110d1e5ef74b6aaffbb1b64ac5260bae7c952c6006c8731c9f368d21452d4c706109cbdde5f211aececd79d6cbf1e4ff487e7cfd2195431148fbbb8a9f
6
+ metadata.gz: 9e5c12ec6d34ea8722bed6101ef27a7a2e754f80f4cd3d932bc7739a6355858603382755765fb57795273107f21cd449edd076f326e7744c59c2c29aa8d9e6bc
7
+ data.tar.gz: f611115901ccdff48084602cdcba4654452544dc13899da3954906679593f88ef1dd740649c549a6046b64e734c8ff1aa558ee3713e834563302339bfb768827
data/.travis.yml CHANGED
@@ -1,4 +1,5 @@
1
1
  language: ruby
2
+ cache: bundler
2
3
  rvm:
3
4
  - 2.3
4
5
  - 2.4
data/CHANGELOG.md CHANGED
@@ -2,6 +2,12 @@
2
2
 
3
3
  ## [Unreleased]
4
4
 
5
+ ## [0.3.0] - 2018-07-06
6
+
7
+ ### Added
8
+ - Fetch all identity provider from https://registry.spid.gov.it
9
+ - Parse and store metadata from single Identity Provider
10
+
5
11
  ## [0.2.2] - 2018-07-02
6
12
  ### Fixed
7
13
  - Spid::L1 constant duplicated
@@ -26,7 +32,8 @@
26
32
  - Coveralls Integration
27
33
  - Rubygems version badge in README
28
34
 
29
- [Unreleased]: https://github.com/italia/spid-ruby/compare/v0.2.2...HEAD
35
+ [Unreleased]: https://github.com/italia/spid-ruby/compare/v0.3.0...HEAD
36
+ [0.3.0]: https://github.com/italia/spid-ruby/compare/v0.2.2...v0.3.0
30
37
  [0.2.2]: https://github.com/italia/spid-ruby/compare/v0.2.1...v0.2.2
31
38
  [0.2.1]: https://github.com/italia/spid-ruby/compare/v0.2.0...v0.2.1
32
39
  [0.2.0]: https://github.com/italia/spid-ruby/compare/v0.1.1...v0.2.0
data/Gemfile CHANGED
@@ -6,3 +6,7 @@ git_source(:github) { |repo_name| "https://github.com/#{repo_name}" }
6
6
 
7
7
  # Specify your gem's dependencies in spid.gemspec
8
8
  gemspec
9
+
10
+ gem "ruby-saml",
11
+ github: "onelogin/ruby-saml",
12
+ ref: "b0301c9da6c5c1674c29a8544c9e32d153bdbcca"
data/README.md CHANGED
@@ -2,15 +2,27 @@
2
2
 
3
3
  Ruby library for SPID authentication
4
4
 
5
+
5
6
  | Project | Spid Ruby |
6
7
  | ---------------------- | ------------ |
7
8
  | Gem name | spid |
8
9
  | License | [MIT](https://github.com/italia/spid-ruby/blob/master/LICENSE) |
9
10
  | Version | [![Gem Version](https://badge.fury.io/rb/spid.svg)](http://badge.fury.io/rb/spid) |
10
11
  | Continuous integration | [![Build Status](https://secure.travis-ci.org/italia/spid-ruby.svg?branch=master)](https://travis-ci.org/italia/spid-ruby) |
11
- | Test coverage | [![Coverage Status](https://coveralls.io/repos/italia/spid-ruby/badge.svg)](https://coveralls.io/r/italia/spid-ruby) |
12
+ | Test coverate | [![Coverage Status](https://coveralls.io/repos/github/italia/spid-ruby/badge.svg?branch=master)](https://coveralls.io/github/italia/spid-ruby?branch=master) |
12
13
  | Credits | [Contributors](https://github.com/italia/spid-ruby/graphs/contributors) |
13
14
 
15
+ ## Installation
16
+
17
+ Add into your Gemfile
18
+
19
+ ```
20
+ gem "ruby-saml",
21
+ github: "onelogin/ruby-saml",
22
+ ref: "b0301c9da6c5c1674c29a8544c9e32d153bdbcca"
23
+ gem "spid"
24
+ ```
25
+
14
26
  ## Features
15
27
 
16
28
  |<img src="https://github.com/italia/spid-graphics/blob/master/spid-logos/spid-logo-c-lb.png?raw=true" width="100" /><br />_Compliance with [SPID regulations](http://www.agid.gov.it/sites/default/files/circolari/spid-regole_tecniche_v1.pdf) (for Service Providers)_||
@@ -26,8 +38,8 @@ Ruby library for SPID authentication
26
38
  |`AssertionConsumerServiceURL` customization||
27
39
  |`AssertionConsumerServiceIndex` customization||
28
40
  |`AttributeConsumingServiceIndex` customization||
29
- |`AuthnContextClassRef` (SPID level) customization||
30
- |`RequestedAuthnContext/@Comparison` customization||
41
+ |`AuthnContextClassRef` (SPID level) customization|✓|
42
+ |`RequestedAuthnContext/@Comparison` customization|✓|
31
43
  |`RelayState` customization (1.2.2)||
32
44
  |**Response/Assertion parsing**||
33
45
  |verification of `Response/Signature` value (if any)||
data/lib/spid.rb CHANGED
@@ -1,6 +1,10 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  require "spid/authn_request"
4
+ require "spid/generate_authn_request"
5
+ require "spid/identity_providers"
6
+ require "spid/metadata"
7
+ require "spid/idp_metadata"
4
8
  require "spid/version"
5
9
 
6
10
  module Spid # :nodoc:
@@ -19,6 +23,26 @@ module Spid # :nodoc:
19
23
  MAXIMUM_COMPARISON
20
24
  ].freeze
21
25
 
26
+ SHA256 = XMLSecurity::Document::SHA256
27
+ SHA384 = XMLSecurity::Document::SHA384
28
+ SHA512 = XMLSecurity::Document::SHA512
29
+
30
+ DIGEST_METHODS = [
31
+ SHA256,
32
+ SHA384,
33
+ SHA512
34
+ ].freeze
35
+
36
+ RSA_SHA256 = XMLSecurity::Document::RSA_SHA256
37
+ RSA_SHA384 = XMLSecurity::Document::RSA_SHA384
38
+ RSA_SHA512 = XMLSecurity::Document::RSA_SHA512
39
+
40
+ SIGNATURE_METHODS = [
41
+ RSA_SHA256,
42
+ RSA_SHA384,
43
+ RSA_SHA512
44
+ ].freeze
45
+
22
46
  L1 = "https://www.spid.gov.it/SpidL1"
23
47
  L2 = "https://www.spid.gov.it/SpidL2"
24
48
  L3 = "https://www.spid.gov.it/SpidL3"
@@ -1,67 +1,21 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  require "onelogin/ruby-saml/authrequest"
4
- require "spid/onelogin_extension"
5
- require "onelogin/ruby-saml/settings"
6
4
 
7
5
  module Spid
8
- class AuthnRequest # :nodoc:
9
- using OneLoginExtension
10
-
11
- attr_reader :authn_request_attributes
12
-
13
- # rubocop:disable Metrics/MethodLength
14
- def initialize(
15
- idp_sso_target_url:,
16
- assertion_consumer_service_url:,
17
- issuer:,
18
- authn_context: Spid::L1,
19
- authn_context_comparison: Spid::EXACT_COMPARISON
20
- )
21
-
22
- unless AUTHN_CONTEXTS.include?(authn_context)
23
- raise Spid::UnknownAuthnContextError,
24
- "Provided authn_context is not valid:" \
25
- " use one of #{AUTHN_CONTEXTS.join(', ')}"
26
- end
27
-
28
- unless COMPARISON_METHODS.include?(authn_context_comparison)
29
- raise Spid::UnknownAuthnComparisonMethodError,
30
- "Provided authn_context_comparison_method is not valid:" \
31
- " use one of #{COMPARISON_METHODS.join(', ')}"
32
- end
33
-
34
- @authn_request_attributes = {
35
- idp_sso_target_url: idp_sso_target_url,
36
- assertion_consumer_service_url: assertion_consumer_service_url,
37
- protocol_binding: "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST",
38
- issuer: issuer,
39
- name_identifier_format: name_identifier_format,
40
- authn_context: authn_context,
41
- authn_context_comparison: authn_context_comparison
42
- }
43
-
44
- return if authn_context <= Spid::L1
45
- @authn_request_attributes[:force_authn] = true
46
- end
47
- # rubocop:enable Metrics/MethodLength
48
-
49
- def to_xml
50
- authn_request.create_xml_document(saml_settings)
6
+ class AuthnRequest < ::OneLogin::RubySaml::Authrequest # :nodoc:
7
+ def create_xml_document(settings)
8
+ original_document = super(settings)
9
+ issuer_element = original_document.elements["//saml:Issuer"]
10
+ issuer_element.attributes["Format"] = format_entity
11
+ issuer_element.attributes["NameQualifier"] = settings.issuer
12
+ original_document
51
13
  end
52
14
 
53
15
  private
54
16
 
55
- def name_identifier_format
56
- "urn:oasis:names:tc:SAML:2.0:nameid-format:transient"
57
- end
58
-
59
- def authn_request
60
- ::OneLogin::RubySaml::Authrequest.new
61
- end
62
-
63
- def saml_settings
64
- ::OneLogin::RubySaml::Settings.new authn_request_attributes
17
+ def format_entity
18
+ "urn:oasis:names:tc:SAML:2.0:nameid-format:entity"
65
19
  end
66
20
  end
67
21
  end
@@ -0,0 +1,64 @@
1
+ # frozen_string_literal: true
2
+
3
+ require "spid/authn_request"
4
+ require "onelogin/ruby-saml/settings"
5
+
6
+ module Spid
7
+ class GenerateAuthnRequest # :nodoc:
8
+ attr_reader :authn_request_attributes
9
+
10
+ # rubocop:disable Metrics/MethodLength
11
+ def initialize(
12
+ idp_sso_target_url:,
13
+ assertion_consumer_service_url:,
14
+ issuer:,
15
+ authn_context: Spid::L1,
16
+ authn_context_comparison: Spid::EXACT_COMPARISON
17
+ )
18
+
19
+ unless AUTHN_CONTEXTS.include?(authn_context)
20
+ raise Spid::UnknownAuthnContextError,
21
+ "Provided authn_context is not valid:" \
22
+ " use one of #{AUTHN_CONTEXTS.join(', ')}"
23
+ end
24
+
25
+ unless COMPARISON_METHODS.include?(authn_context_comparison)
26
+ raise Spid::UnknownAuthnComparisonMethodError,
27
+ "Provided authn_context_comparison_method is not valid:" \
28
+ " use one of #{COMPARISON_METHODS.join(', ')}"
29
+ end
30
+
31
+ @authn_request_attributes = {
32
+ idp_sso_target_url: idp_sso_target_url,
33
+ assertion_consumer_service_url: assertion_consumer_service_url,
34
+ protocol_binding: "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST",
35
+ issuer: issuer,
36
+ name_identifier_format: name_identifier_format,
37
+ authn_context: authn_context,
38
+ authn_context_comparison: authn_context_comparison
39
+ }
40
+
41
+ return if authn_context <= Spid::L1
42
+ @authn_request_attributes[:force_authn] = true
43
+ end
44
+ # rubocop:enable Metrics/MethodLength
45
+
46
+ def to_saml
47
+ authn_request.create(saml_settings)
48
+ end
49
+
50
+ private
51
+
52
+ def name_identifier_format
53
+ "urn:oasis:names:tc:SAML:2.0:nameid-format:transient"
54
+ end
55
+
56
+ def authn_request
57
+ AuthnRequest.new
58
+ end
59
+
60
+ def saml_settings
61
+ ::OneLogin::RubySaml::Settings.new authn_request_attributes
62
+ end
63
+ end
64
+ end
@@ -0,0 +1,44 @@
1
+ # frozen_string_literal: true
2
+
3
+ require "faraday"
4
+ require "faraday_middleware"
5
+
6
+ module Spid
7
+ class IdentityProviders # :nodoc:
8
+ def self.fetch_all
9
+ new.fetch_all
10
+ end
11
+
12
+ def fetch_all
13
+ spid_idp_entities.map do |idp|
14
+ {
15
+ name: idp["entity_name"].gsub(/ ID$/, "").downcase,
16
+ metadata_url: idp["metadata_url"],
17
+ entity_id: idp["entity_id"]
18
+ }
19
+ end
20
+ end
21
+
22
+ private
23
+
24
+ def spid_idp_entities
25
+ return [] if response.body["spidFederationRegistry"].blank?
26
+ response.body["spidFederationRegistry"]["entities"]
27
+ end
28
+
29
+ def response
30
+ connection.get do |req|
31
+ req.url "/api/identity-providers"
32
+ req.headers["Accept"] = "application/json"
33
+ end
34
+ end
35
+
36
+ def connection
37
+ Faraday.new("https://registry.spid.gov.it") do |conn|
38
+ conn.response :json, content_type: /\bjson$/
39
+
40
+ conn.adapter Faraday.default_adapter
41
+ end
42
+ end
43
+ end
44
+ end
@@ -0,0 +1,38 @@
1
+ # frozen_string_literal: true
2
+
3
+ require "singleton"
4
+ require "onelogin/ruby-saml/idp_metadata_parser"
5
+
6
+ module Spid
7
+ class IdpMetadata # :nodoc:
8
+ include Singleton
9
+
10
+ def initialize
11
+ @identity_providers = Spid::IdentityProviders.fetch_all
12
+ @metadata = {}
13
+ end
14
+
15
+ def [](idp_name)
16
+ return @metadata[idp_name] if @metadata[idp_name].present?
17
+ idp_hash = identity_provider_hash(idp_name)
18
+
19
+ @metadata[idp_name] = parser.parse_remote_to_hash(
20
+ idp_hash[:metadata_url],
21
+ idp_hash[:metadata_url].start_with?("https://")
22
+ )
23
+ @metadata[idp_name]
24
+ end
25
+
26
+ def identity_provider_hash(idp_name)
27
+ @identity_providers.find do |idp|
28
+ idp[:name] == idp_name.to_s
29
+ end
30
+ end
31
+
32
+ private
33
+
34
+ def parser
35
+ @parser ||= ::OneLogin::RubySaml::IdpMetadataParser.new
36
+ end
37
+ end
38
+ end
@@ -0,0 +1,73 @@
1
+ # frozen_string_literal: true
2
+
3
+ require "onelogin/ruby-saml/metadata"
4
+ require "onelogin/ruby-saml/settings"
5
+
6
+ module Spid
7
+ class Metadata # :nodoc:
8
+ attr_reader :metadata_attributes,
9
+ :attribute_service_name
10
+
11
+ # rubocop:disable Metrics/MethodLength
12
+ # rubocop:disable Metrics/ParameterLists
13
+ def initialize(
14
+ issuer:,
15
+ private_key_filepath:,
16
+ certificate_filepath:,
17
+ assertion_consumer_service_url:,
18
+ single_logout_service_url:,
19
+ attribute_service_name:,
20
+ digest_method: Spid::SHA256,
21
+ signature_method: Spid::RSA_SHA256
22
+ )
23
+ @attribute_service_name = attribute_service_name
24
+ @metadata_attributes = {
25
+ issuer: issuer,
26
+ private_key: File.read(private_key_filepath),
27
+ certificate: File.read(certificate_filepath),
28
+ assertion_consumer_service_url: assertion_consumer_service_url,
29
+ single_logout_service_url: single_logout_service_url,
30
+ security: {
31
+ authn_requests_signed: true,
32
+ logout_requests_signed: false,
33
+ logout_responses_signed: false,
34
+ want_assertions_signed: false,
35
+ want_assertions_encrypted: false,
36
+ want_name_id: false,
37
+ metadata_signed: true,
38
+ embed_sign: false,
39
+ digest_method: digest_method,
40
+ signature_method: signature_method
41
+ }
42
+ }
43
+ end
44
+ # rubocop:enable Metrics/ParameterLists
45
+ # rubocop:enable Metrics/MethodLength
46
+
47
+ def to_xml
48
+ metadata.generate(saml_settings)
49
+ end
50
+
51
+ private
52
+
53
+ def metadata
54
+ ::OneLogin::RubySaml::Metadata.new
55
+ end
56
+
57
+ def saml_settings
58
+ @saml_settings = ::OneLogin::RubySaml::Settings.new metadata_attributes
59
+
60
+ outer_self = self
61
+
62
+ @saml_settings.attribute_consuming_service.configure do
63
+ service_index 0
64
+ service_name outer_self.attribute_service_name
65
+ add_attribute name: "Name",
66
+ name_format: "Name Format",
67
+ friendly_name: "Friendly Name"
68
+ end
69
+
70
+ @saml_settings
71
+ end
72
+ end
73
+ end
data/lib/spid/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Spid
4
- VERSION = "0.2.2"
4
+ VERSION = "0.3.0"
5
5
  end
data/spid.gemspec CHANGED
@@ -26,13 +26,18 @@ Gem::Specification.new do |spec|
26
26
 
27
27
  spec.add_runtime_dependency "ruby-saml", "~> 1.8", ">= 1.8.0"
28
28
 
29
+ spec.add_development_dependency "activesupport", ">= 3.0.0"
29
30
  spec.add_development_dependency "bundler", "~> 1.16"
30
31
  spec.add_development_dependency "bundler-audit", "~> 0"
31
32
  spec.add_development_dependency "coveralls", "~> 0"
33
+ spec.add_development_dependency "faraday", "~> 0"
34
+ spec.add_development_dependency "faraday_middleware", "~> 0"
32
35
  spec.add_development_dependency "nokogiri", "~> 1.8", ">= 1.8.3"
33
36
  spec.add_development_dependency "pry", "~> 0"
34
37
  spec.add_development_dependency "rake", "~> 10.0"
35
38
  spec.add_development_dependency "rspec", "~> 3.0"
36
39
  spec.add_development_dependency "rubocop", "0.57.2"
37
40
  spec.add_development_dependency "rubocop-rspec", "1.27.0"
41
+ spec.add_development_dependency "vcr", "~> 4.0", ">= 4.0.0"
42
+ spec.add_development_dependency "webmock", "~> 3.4", ">= 3.4.2"
38
43
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: spid
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.2
4
+ version: 0.3.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - David Librera
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2018-07-02 00:00:00.000000000 Z
11
+ date: 2018-07-06 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: ruby-saml
@@ -30,6 +30,20 @@ dependencies:
30
30
  - - ">="
31
31
  - !ruby/object:Gem::Version
32
32
  version: 1.8.0
33
+ - !ruby/object:Gem::Dependency
34
+ name: activesupport
35
+ requirement: !ruby/object:Gem::Requirement
36
+ requirements:
37
+ - - ">="
38
+ - !ruby/object:Gem::Version
39
+ version: 3.0.0
40
+ type: :development
41
+ prerelease: false
42
+ version_requirements: !ruby/object:Gem::Requirement
43
+ requirements:
44
+ - - ">="
45
+ - !ruby/object:Gem::Version
46
+ version: 3.0.0
33
47
  - !ruby/object:Gem::Dependency
34
48
  name: bundler
35
49
  requirement: !ruby/object:Gem::Requirement
@@ -72,6 +86,34 @@ dependencies:
72
86
  - - "~>"
73
87
  - !ruby/object:Gem::Version
74
88
  version: '0'
89
+ - !ruby/object:Gem::Dependency
90
+ name: faraday
91
+ requirement: !ruby/object:Gem::Requirement
92
+ requirements:
93
+ - - "~>"
94
+ - !ruby/object:Gem::Version
95
+ version: '0'
96
+ type: :development
97
+ prerelease: false
98
+ version_requirements: !ruby/object:Gem::Requirement
99
+ requirements:
100
+ - - "~>"
101
+ - !ruby/object:Gem::Version
102
+ version: '0'
103
+ - !ruby/object:Gem::Dependency
104
+ name: faraday_middleware
105
+ requirement: !ruby/object:Gem::Requirement
106
+ requirements:
107
+ - - "~>"
108
+ - !ruby/object:Gem::Version
109
+ version: '0'
110
+ type: :development
111
+ prerelease: false
112
+ version_requirements: !ruby/object:Gem::Requirement
113
+ requirements:
114
+ - - "~>"
115
+ - !ruby/object:Gem::Version
116
+ version: '0'
75
117
  - !ruby/object:Gem::Dependency
76
118
  name: nokogiri
77
119
  requirement: !ruby/object:Gem::Requirement
@@ -162,6 +204,46 @@ dependencies:
162
204
  - - '='
163
205
  - !ruby/object:Gem::Version
164
206
  version: 1.27.0
207
+ - !ruby/object:Gem::Dependency
208
+ name: vcr
209
+ requirement: !ruby/object:Gem::Requirement
210
+ requirements:
211
+ - - "~>"
212
+ - !ruby/object:Gem::Version
213
+ version: '4.0'
214
+ - - ">="
215
+ - !ruby/object:Gem::Version
216
+ version: 4.0.0
217
+ type: :development
218
+ prerelease: false
219
+ version_requirements: !ruby/object:Gem::Requirement
220
+ requirements:
221
+ - - "~>"
222
+ - !ruby/object:Gem::Version
223
+ version: '4.0'
224
+ - - ">="
225
+ - !ruby/object:Gem::Version
226
+ version: 4.0.0
227
+ - !ruby/object:Gem::Dependency
228
+ name: webmock
229
+ requirement: !ruby/object:Gem::Requirement
230
+ requirements:
231
+ - - "~>"
232
+ - !ruby/object:Gem::Version
233
+ version: '3.4'
234
+ - - ">="
235
+ - !ruby/object:Gem::Version
236
+ version: 3.4.2
237
+ type: :development
238
+ prerelease: false
239
+ version_requirements: !ruby/object:Gem::Requirement
240
+ requirements:
241
+ - - "~>"
242
+ - !ruby/object:Gem::Version
243
+ version: '3.4'
244
+ - - ">="
245
+ - !ruby/object:Gem::Version
246
+ version: 3.4.2
165
247
  description:
166
248
  email:
167
249
  - davidlibrera@gmail.com
@@ -181,7 +263,10 @@ files:
181
263
  - Rakefile
182
264
  - lib/spid.rb
183
265
  - lib/spid/authn_request.rb
184
- - lib/spid/onelogin_extension.rb
266
+ - lib/spid/generate_authn_request.rb
267
+ - lib/spid/identity_providers.rb
268
+ - lib/spid/idp_metadata.rb
269
+ - lib/spid/metadata.rb
185
270
  - lib/spid/version.rb
186
271
  - spid.gemspec
187
272
  homepage: https://github.com/italia/spid-ruby
@@ -1,23 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require "onelogin/ruby-saml/authrequest"
4
-
5
- module Spid
6
- module OneLoginExtension # :nodoc:
7
- refine ::OneLogin::RubySaml::Authrequest do
8
- def create_xml_document(settings)
9
- original_document = super(settings)
10
- issuer_element = original_document.elements["//saml:Issuer"]
11
- issuer_element.attributes["Format"] = format_entity
12
- issuer_element.attributes["NameQualifier"] = settings.issuer
13
- original_document
14
- end
15
-
16
- private
17
-
18
- def format_entity
19
- "urn:oasis:names:tc:SAML:2.0:nameid-format:entity"
20
- end
21
- end
22
- end
23
- end