spid 0.3.0 → 0.3.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/.travis.yml +0 -1
  3. data/CHANGELOG.md +9 -1
  4. data/lib/spid/generate_authn_request.rb +16 -2
  5. data/lib/spid/version.rb +1 -1
  6. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 202babbba4b9dae4431cf63d52deea481da1399657cda044e5782893f098b832
4
- data.tar.gz: e03e68a394474fb59b7c20a4c7e336a21eff7aab876508cab468dcabd8e24449
3
+ metadata.gz: 9f94ff48217764f22a3055a10c96d6f95a551ad8c6bd3feb70c7cd13642dc438
4
+ data.tar.gz: 2e189a0bee7b42c4518a955c856ce641dc5ba0108f9725a907a8ed8505363b40
5
5
  SHA512:
6
- metadata.gz: 9e5c12ec6d34ea8722bed6101ef27a7a2e754f80f4cd3d932bc7739a6355858603382755765fb57795273107f21cd449edd076f326e7744c59c2c29aa8d9e6bc
7
- data.tar.gz: f611115901ccdff48084602cdcba4654452544dc13899da3954906679593f88ef1dd740649c549a6046b64e734c8ff1aa558ee3713e834563302339bfb768827
6
+ metadata.gz: 893a1e5c15958af449b3d7d2d900bf472c79d44f7b19d4083b0ab80c4b15fea7a46c865b27a2cd7bf7d0bc89d283ce192f9847732418005e687addbfaae6587b
7
+ data.tar.gz: dc68d4cd16a9b2d088b5e5da333a19b805d3de613102ded4c6d8543748cad7a33692e3373c549d7449d96a68c8ee953456159b5f04bb73ce6fe2a8530c2a33de
data/.travis.yml CHANGED
@@ -1,5 +1,4 @@
1
1
  language: ruby
2
- cache: bundler
3
2
  rvm:
4
3
  - 2.3
5
4
  - 2.4
data/CHANGELOG.md CHANGED
@@ -2,11 +2,18 @@
2
2
 
3
3
  ## [Unreleased]
4
4
 
5
+ ## [0.3.1] - 2018-07-09
6
+ ### Added
7
+ - Signature in authn_request
8
+
5
9
  ## [0.3.0] - 2018-07-06
6
10
 
7
11
  ### Added
8
12
  - Fetch all identity provider from https://registry.spid.gov.it
9
13
  - Parse and store metadata from single Identity Provider
14
+ ### Changed
15
+ - Spid::AuthnRequest class inherit from OneLogin::RubySaml::Authrequest in order to override create_xml_document in chain
16
+ - Separate class for saml request generation
10
17
 
11
18
  ## [0.2.2] - 2018-07-02
12
19
  ### Fixed
@@ -32,7 +39,8 @@
32
39
  - Coveralls Integration
33
40
  - Rubygems version badge in README
34
41
 
35
- [Unreleased]: https://github.com/italia/spid-ruby/compare/v0.3.0...HEAD
42
+ [Unreleased]: https://github.com/italia/spid-ruby/compare/v0.3.1...HEAD
43
+ [0.3.1]: https://github.com/italia/spid-ruby/compare/v0.3.0...v0.3.1
36
44
  [0.3.0]: https://github.com/italia/spid-ruby/compare/v0.2.2...v0.3.0
37
45
  [0.2.2]: https://github.com/italia/spid-ruby/compare/v0.2.1...v0.2.2
38
46
  [0.2.1]: https://github.com/italia/spid-ruby/compare/v0.2.0...v0.2.1
data/lib/spid/generate_authn_request.rb CHANGED
@@ -8,12 +8,17 @@ module Spid
8
8
  attr_reader :authn_request_attributes
9
9
 
10
10
  # rubocop:disable Metrics/MethodLength
11
+ # rubocop:disable Metrics/ParameterLists
11
12
  def initialize(
12
13
  idp_sso_target_url:,
13
14
  assertion_consumer_service_url:,
15
+ private_key_filepath:,
16
+ certificate_filepath:,
14
17
  issuer:,
15
18
  authn_context: Spid::L1,
16
- authn_context_comparison: Spid::EXACT_COMPARISON
19
+ authn_context_comparison: Spid::EXACT_COMPARISON,
20
+ digest_method: Spid::SHA256,
21
+ signature_method: Spid::RSA_SHA256
17
22
  )
18
23
 
19
24
  unless AUTHN_CONTEXTS.include?(authn_context)
@@ -33,14 +38,23 @@ module Spid
33
38
  assertion_consumer_service_url: assertion_consumer_service_url,
34
39
  protocol_binding: "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST",
35
40
  issuer: issuer,
41
+ private_key: File.read(private_key_filepath),
42
+ certificate: File.read(certificate_filepath),
36
43
  name_identifier_format: name_identifier_format,
37
44
  authn_context: authn_context,
38
- authn_context_comparison: authn_context_comparison
45
+ authn_context_comparison: authn_context_comparison,
46
+ security: {
47
+ authn_requests_signed: true,
48
+ embed_sign: true,
49
+ digest_method: digest_method,
50
+ signature_method: signature_method
51
+ }
39
52
  }
40
53
 
41
54
  return if authn_context <= Spid::L1
42
55
  @authn_request_attributes[:force_authn] = true
43
56
  end
57
+ # rubocop:enable Metrics/ParameterLists
44
58
  # rubocop:enable Metrics/MethodLength
45
59
 
46
60
  def to_saml
data/lib/spid/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Spid
4
- VERSION = "0.3.0"
4
+ VERSION = "0.3.1"
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: spid
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.3.0
4
+ version: 0.3.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - David Librera
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2018-07-06 00:00:00.000000000 Z
11
+ date: 2018-07-09 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: ruby-saml