spid 0.4.0 → 0.5.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 11409a6db93f8bc29e6a8b0d6678e9c893441ad99fc67302667ad2493a0b0dc8
-  data.tar.gz: 9e6e5c2c079bf2bc232e92fc7585b7f461614dc521de1eff92427a782d60e8ea
+  metadata.gz: ad2f25b0c8941611175ed84f131a2e25e0dd1d1b05169bbc8fd32b83314429e5
+  data.tar.gz: f4d37ffd19ac1076dfcb1adefee4cd62578a77f17653fd9c416b014726f9cdd7
 SHA512:
-  metadata.gz: 015c7a6b37a8640123c3bb15df3aadfdc9ea21a76acc9ee5886191cdec2b3c95a013b1e8b5039efd0250351180c2f97c6e928161539f435353e985a555895ec3
-  data.tar.gz: 52445d55b3bf64d28ee9caf601b7a1e3146df9721f87beafed2ecc63a6f46f41c45d7ae09deeef9d2bb0c00f857a972d4890f35fd0af889080d7055a957b5742
+  metadata.gz: a468176f451c2fdd3fda26b6e23e074d244bbab2976e6ee0dd414d40dfe63925b682a8f9bb059be0a43c53dea3d9d2dc03b4cb61e4bb3dede1b7c4d9991af331
+  data.tar.gz: 2e2bf9a6acf5b7a0dfd4d326b2abd79a72410e5dc520d06bf2e8540882f396c282cdcfd9bbc7980eeea9f3f9b38178f091212ed2f54fe6216f9a72dc86cf00a4

data/CHANGELOG.md

@@ -2,6 +2,10 @@
 
 ## [Unreleased]
 
+## [0.5.0] - 2018-07-13
+### Added
+- Sso Settings with all saml settings required attributes
+
 ## [0.4.0] - 2018-07-13
 ### Added
 - ServiceProviderConfiguration class handles configuration for a specific host
@@ -44,7 +48,8 @@
 - Coveralls Integration
 - Rubygems version badge in README
 
-[Unreleased]: https://github.com/italia/spid-ruby/compare/v0.4.0...HEAD
+[Unreleased]: https://github.com/italia/spid-ruby/compare/v0.5.0...HEAD
+[0.5.0]: https://github.com/italia/spid-ruby/compare/v0.4.0...v0.5.0
 [0.4.0]: https://github.com/italia/spid-ruby/compare/v0.3.1...v0.4.0
 [0.3.1]: https://github.com/italia/spid-ruby/compare/v0.3.0...v0.3.1
 [0.3.0]: https://github.com/italia/spid-ruby/compare/v0.2.2...v0.3.0

data/lib/spid.rb

@@ -9,6 +9,7 @@ require "spid/idp_metadata"
 require "spid/version"
 require "spid/identity_provider_configuration"
 require "spid/service_provider_configuration"
+require "spid/sso_settings"
 
 module Spid # :nodoc:
   class UnknownAuthnComparisonMethodError < StandardError; end

data/lib/spid/sso_request.rb

@@ -5,86 +5,20 @@ require "onelogin/ruby-saml/settings"
 
 module Spid
   class SsoRequest # :nodoc:
-    attr_reader :service_provider_configuration,
-                :identity_provider_configuration,
-                :authn_context,
-                :authn_context_comparison
+    attr_reader :sso_settings
 
-    # rubocop:disable Metrics/MethodLength
-    def initialize(
-          identity_provider_configuration:,
-          service_provider_configuration:,
-          authn_context: Spid::L1,
-          authn_context_comparison: Spid::EXACT_COMPARISON
-        )
-
-      unless AUTHN_CONTEXTS.include?(authn_context)
-        raise Spid::UnknownAuthnContextError,
-              "Provided authn_context is not valid:" \
-              " use one of #{AUTHN_CONTEXTS.join(', ')}"
-      end
-
-      unless COMPARISON_METHODS.include?(authn_context_comparison)
-        raise Spid::UnknownAuthnComparisonMethodError,
-              "Provided authn_context_comparison_method is not valid:" \
-              " use one of #{COMPARISON_METHODS.join(', ')}"
-      end
-
-      @service_provider_configuration = service_provider_configuration
-      @identity_provider_configuration = identity_provider_configuration
-      @authn_context = authn_context
-      @authn_context_comparison = authn_context_comparison
+    def initialize(sso_settings:)
+      @sso_settings = sso_settings
     end
-    # rubocop:enable Metrics/MethodLength
 
     def to_saml
-      authn_request.create(saml_settings)
+      authn_request.create(sso_settings)
     end
 
-    # rubocop:disable Metrics/MethodLength
-    # rubocop:disable Metrics/AbcSize
-    def authn_request_attributes
-      return @authn_request_attributes if @authn_request_attributes.present?
-      @authn_request_attributes = {
-        idp_sso_target_url: identity_provider_configuration.sso_target_url,
-        assertion_consumer_service_url: service_provider_configuration.sso_url,
-        protocol_binding: protocol_binding,
-        issuer: service_provider_configuration.host,
-        private_key: service_provider_configuration.private_key,
-        certificate: service_provider_configuration.certificate,
-        name_identifier_format: name_identifier_format,
-        authn_context: authn_context,
-        authn_context_comparison: authn_context_comparison,
-        idp_cert_fingerprint: identity_provider_configuration.cert_fingerprint,
-        security: {
-          authn_requests_signed: true,
-          embed_sign: true,
-          digest_method: service_provider_configuration.digest_method,
-          signature_method: service_provider_configuration.signature_method
-        }
-      }
-      @authn_request_attributes[:force_authn] = true if authn_context > Spid::L1
-      @authn_request_attributes
-    end
-    # rubocop:enable Metrics/AbcSize
-    # rubocop:enable Metrics/MethodLength
+    private
 
     def authn_request
       AuthnRequest.new
     end
-
-    def saml_settings
-      ::OneLogin::RubySaml::Settings.new authn_request_attributes
-    end
-
-    private
-
-    def protocol_binding
-      "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
-    end
-
-    def name_identifier_format
-      "urn:oasis:names:tc:SAML:2.0:nameid-format:transient"
-    end
   end
 end

data/lib/spid/sso_settings.rb

@@ -0,0 +1,77 @@
+# frozen_string_literal: true
+
+module Spid
+  class SsoSettings < ::OneLogin::RubySaml::Settings # :nodoc:
+    attr_reader :service_provider_configuration,
+                :identity_provider_configuration,
+                :authn_context,
+                :authn_context_comparison
+
+    # rubocop:disable Metrics/MethodLength
+    def initialize(
+          service_provider_configuration:,
+          identity_provider_configuration:,
+          authn_context: Spid::L1,
+          authn_context_comparison: Spid::EXACT_COMPARISON
+        )
+
+      unless AUTHN_CONTEXTS.include?(authn_context)
+        raise Spid::UnknownAuthnContextError,
+              "Provided authn_context is not valid:" \
+              " use one of #{AUTHN_CONTEXTS.join(', ')}"
+      end
+
+      unless COMPARISON_METHODS.include?(authn_context_comparison)
+        raise Spid::UnknownAuthnComparisonMethodError,
+              "Provided authn_context_comparison_method is not valid:" \
+              " use one of #{COMPARISON_METHODS.join(', ')}"
+      end
+
+      @service_provider_configuration = service_provider_configuration
+      @identity_provider_configuration = identity_provider_configuration
+      @authn_context = authn_context
+      @authn_context_comparison = authn_context_comparison
+
+      super(sso_attributes)
+    end
+    # rubocop:enable Metrics/MethodLength
+
+    # rubocop:disable Metrics/MethodLength
+    # rubocop:disable Metrics/AbcSize
+    def sso_attributes
+      return @sso_attributes if @sso_attributes.present?
+      @sso_attributes = {
+        idp_sso_target_url: identity_provider_configuration.sso_target_url,
+        assertion_consumer_service_url: service_provider_configuration.sso_url,
+        protocol_binding: protocol_binding_value,
+        issuer: service_provider_configuration.host,
+        private_key: service_provider_configuration.private_key,
+        certificate: service_provider_configuration.certificate,
+        name_identifier_format: name_identifier_format_value,
+        authn_context: authn_context,
+        authn_context_comparison: authn_context_comparison,
+        idp_cert_fingerprint: identity_provider_configuration.cert_fingerprint,
+        security: {
+          authn_requests_signed: true,
+          embed_sign: true,
+          digest_method: service_provider_configuration.digest_method,
+          signature_method: service_provider_configuration.signature_method
+        }
+      }
+      @sso_attributes[:force_authn] = true if authn_context > Spid::L1
+      @sso_attributes
+    end
+    # rubocop:enable Metrics/AbcSize
+    # rubocop:enable Metrics/MethodLength
+
+    private
+
+    def protocol_binding_value
+      "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+    end
+
+    def name_identifier_format_value
+      "urn:oasis:names:tc:SAML:2.0:nameid-format:transient"
+    end
+  end
+end

data/lib/spid/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Spid
-  VERSION = "0.4.0"
+  VERSION = "0.5.0"
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: spid
 version: !ruby/object:Gem::Version
-  version: 0.4.0
+  version: 0.5.0
 platform: ruby
 authors:
 - David Librera
@@ -285,6 +285,7 @@ files:
 - lib/spid/service_provider_configuration.rb
 - lib/spid/sso_request.rb
 - lib/spid/sso_response.rb
+- lib/spid/sso_settings.rb
 - lib/spid/version.rb
 - spid.gemspec
 homepage: https://github.com/italia/spid-ruby