Commit 44b3346
Changed files (15)
lib
spec
saml
lib/saml/kit/builders/authentication_request.rb
@@ -12,7 +12,7 @@ module Saml
def initialize(configuration: Saml::Kit.configuration)
@configuration = configuration
@id = ::Xml::Kit::Id.generate
- @issuer = configuration.issuer
+ @issuer = configuration.entity_id
@name_id_format = Namespaces::PERSISTENT
@now = Time.now.utc
@version = "2.0"
lib/saml/kit/builders/identity_provider_metadata.rb
@@ -16,7 +16,7 @@ module Saml
def initialize(configuration: Saml::Kit.configuration)
@attributes = []
@configuration = configuration
- @entity_id = configuration.issuer
+ @entity_id = configuration.entity_id
@id = ::Xml::Kit::Id.generate
@logout_urls = []
@name_id_formats = [Namespaces::PERSISTENT]
lib/saml/kit/builders/logout_request.rb
@@ -13,7 +13,7 @@ module Saml
@configuration = configuration
@user = user
@id = ::Xml::Kit::Id.generate
- @issuer = configuration.issuer
+ @issuer = configuration.entity_id
@name_id_format = Saml::Kit::Namespaces::PERSISTENT
@now = Time.now.utc
@version = "2.0"
lib/saml/kit/builders/logout_response.rb
@@ -12,7 +12,7 @@ module Saml
def initialize(request, configuration: Saml::Kit.configuration)
@configuration = configuration
@id = ::Xml::Kit::Id.generate
- @issuer = configuration.issuer
+ @issuer = configuration.entity_id
@now = Time.now.utc
@request = request
@status_code = Namespaces::SUCCESS
lib/saml/kit/builders/metadata.rb
@@ -15,7 +15,7 @@ module Saml
def initialize(configuration: Saml::Kit.configuration)
@id = ::Xml::Kit::Id.generate
- @entity_id = configuration.issuer
+ @entity_id = configuration.entity_id
@configuration = configuration
end
lib/saml/kit/builders/response.rb
@@ -19,7 +19,7 @@ module Saml
@now = Time.now.utc
@version = "2.0"
@status_code = Namespaces::SUCCESS
- @issuer = configuration.issuer
+ @issuer = configuration.entity_id
@encrypt = encryption_certificate.present?
@configuration = configuration
end
lib/saml/kit/assertion.rb
@@ -100,7 +100,7 @@ module Saml
end
def must_match_issuer
- unless audiences.include?(configuration.issuer)
+ unless audiences.include?(configuration.entity_id)
errors[:audience] << error_message(:must_match_issuer)
end
end
lib/saml/kit/configuration.rb
@@ -3,7 +3,7 @@ module Saml
# This class represents the main configuration that is use for generating SAML documents.
#
# Saml::Kit::Configuration.new do |config|
- # config.issuer = "com:saml:kit"
+ # config.entity_id = "com:saml:kit"
# config.signature_method = :SHA256
# config.digest_method = :SHA256
# config.registry = Saml::Kit::DefaultRegistry.new
@@ -15,7 +15,7 @@ module Saml
# that runs at the start of the program.
#
# Saml::Kit.configure do |configuration|
- # configuration.issuer = "https://www.example.com/saml/metadata"
+ # configuration.entity_id = "https://www.example.com/saml/metadata"
# configuration.generate_key_pair_for(use: :signing)
# configuration.add_key_pair(ENV["X509_CERTIFICATE"], ENV["PRIVATE_KEY"], passphrase: ENV['PRIVATE_KEY_PASSPHRASE'], use: :encryption)
# end
lib/saml/kit/default_registry.rb
@@ -22,7 +22,7 @@ module Saml
# end
#
# Saml::Kit.configure do |configuration|
- # configuration.issuer = ENV['ISSUER']
+ # configuration.entity_id = ENV['ENTITY_ID']
# configuration.registry = OnDemandRegistry.new(configuration.registry)
# configuration.logger = Rails.logger
# end
spec/saml/bindings/http_redirect_spec.rb
@@ -21,12 +21,12 @@ RSpec.describe Saml::Kit::Bindings::HttpRedirect do
end
describe "#deserialize" do
- let(:issuer) { FFaker::Internet.http_url }
+ let(:entity_id) { FFaker::Internet.http_url }
let(:provider) { Saml::Kit::IdentityProviderMetadata.build }
before :each do
- allow(Saml::Kit.configuration.registry).to receive(:metadata_for).with(issuer).and_return(provider)
- allow(Saml::Kit.configuration).to receive(:issuer).and_return(issuer)
+ allow(Saml::Kit.configuration.registry).to receive(:metadata_for).with(entity_id).and_return(provider)
+ allow(Saml::Kit.configuration).to receive(:entity_id).and_return(entity_id)
end
it 'deserializes the SAMLRequest to an AuthnRequest' do
@@ -37,12 +37,12 @@ RSpec.describe Saml::Kit::Bindings::HttpRedirect do
it 'deserializes the SAMLRequest to an AuthnRequest with symbols for keys' do
configuration = Saml::Kit::Configuration.new do |config|
- config.issuer = issuer
+ config.entity_id = entity_id
config.generate_key_pair_for(use: :signing)
end
provider = Saml::Kit::IdentityProviderMetadata.build(configuration: configuration)
url, _ = subject.serialize(Saml::Kit::AuthenticationRequest.builder(configuration: configuration))
- allow(configuration.registry).to receive(:metadata_for).with(issuer).and_return(provider)
+ allow(configuration.registry).to receive(:metadata_for).with(entity_id).and_return(provider)
result = subject.deserialize(query_params_from(url).symbolize_keys, configuration: configuration)
expect(result).to be_instance_of(Saml::Kit::AuthenticationRequest)
@@ -86,7 +86,7 @@ RSpec.describe Saml::Kit::Bindings::HttpRedirect do
it 'deserializes the SAMLResponse to a Response' do
user = double(:user, name_id_for: SecureRandom.uuid, assertion_attributes_for: [])
- request = double(:request, id: SecureRandom.uuid, provider: nil, assertion_consumer_service_url: FFaker::Internet.http_url, name_id_format: Saml::Kit::Namespaces::PERSISTENT, issuer: issuer, signed?: true, trusted?: true)
+ request = double(:request, id: SecureRandom.uuid, provider: nil, assertion_consumer_service_url: FFaker::Internet.http_url, name_id_format: Saml::Kit::Namespaces::PERSISTENT, issuer: entity_id, signed?: true, trusted?: true)
url, _ = subject.serialize(Saml::Kit::Response.builder(user, request))
result = subject.deserialize(query_params_from(url))
expect(result).to be_instance_of(Saml::Kit::Response)
@@ -113,7 +113,7 @@ RSpec.describe Saml::Kit::Bindings::HttpRedirect do
it 'raises an error when the signature does not match' do
configuration = Saml::Kit::Configuration.new do |config|
- config.issuer = issuer
+ config.entity_id = entity_id
config.generate_key_pair_for(use: :signing)
end
url, _ = subject.serialize(
@@ -132,7 +132,7 @@ RSpec.describe Saml::Kit::Bindings::HttpRedirect do
provider = Saml::Kit::ServiceProviderMetadata.build do |builder|
builder.add_assertion_consumer_service(FFaker::Internet.http_url, binding: :http_post)
end
- allow(Saml::Kit.configuration.registry).to receive(:metadata_for).with(issuer).and_return(provider)
+ allow(Saml::Kit.configuration.registry).to receive(:metadata_for).with(entity_id).and_return(provider)
url, _ = subject.serialize(Saml::Kit::AuthenticationRequest.builder)
result = subject.deserialize(query_params_from(url))
spec/saml/builders/authentication_request_spec.rb
@@ -2,7 +2,7 @@ RSpec.describe Saml::Kit::Builders::AuthenticationRequest do
subject { described_class.new(configuration: configuration) }
let(:configuration) do
config = Saml::Kit::Configuration.new
- config.issuer = issuer
+ config.entity_id = issuer
config
end
spec/saml/builders/response_spec.rb
@@ -2,7 +2,7 @@ RSpec.describe Saml::Kit::Builders::Response do
subject { described_class.new(user, request, configuration: configuration) }
let(:configuration) do
Saml::Kit::Configuration.new do |config|
- config.issuer = issuer
+ config.entity_id = issuer
config.generate_key_pair_for(use: :signing)
config.generate_key_pair_for(use: :encryption)
end
@@ -40,7 +40,7 @@ RSpec.describe Saml::Kit::Builders::Response do
describe "#to_xml" do
it 'returns a proper response for the user' do
travel_to 1.second.from_now
- allow(Saml::Kit.configuration).to receive(:issuer).and_return(issuer)
+ allow(Saml::Kit.configuration).to receive(:entity_id).and_return(issuer)
subject.destination = assertion_consumer_service_url
subject.encrypt = false
hash = Hash.from_xml(subject.to_xml)
@@ -154,7 +154,7 @@ RSpec.describe Saml::Kit::Builders::Response do
describe ".build" do
let(:configuration) do
Saml::Kit::Configuration.new do |config|
- config.issuer = issuer
+ config.entity_id = issuer
config.generate_key_pair_for(use: :signing)
config.generate_key_pair_for(use: :signing)
config.generate_key_pair_for(use: :signing)
spec/saml/logout_request_spec.rb
@@ -2,11 +2,11 @@ RSpec.describe Saml::Kit::LogoutRequest do
subject { described_class.build(user, configuration: configuration) }
let(:user) { double(:user, name_id_for: name_id) }
let(:name_id) { SecureRandom.uuid }
- let(:issuer) { FFaker::Internet.uri("https") }
+ let(:entity_id) { FFaker::Internet.uri("https") }
let(:registry) { instance_double(Saml::Kit::DefaultRegistry) }
let(:configuration) do
Saml::Kit::Configuration.new do |config|
- config.issuer = issuer
+ config.entity_id = entity_id
config.registry = registry
config.generate_key_pair_for(use: :signing)
end
@@ -14,9 +14,9 @@ RSpec.describe Saml::Kit::LogoutRequest do
it 'parses the issuer' do
subject = described_class.build(user, configuration: configuration) do |builder|
- builder.issuer = issuer
+ builder.issuer = entity_id
end
- expect(subject.issuer).to eql(issuer)
+ expect(subject.issuer).to eql(entity_id)
end
it 'parses the issue instant' do
@@ -43,7 +43,7 @@ RSpec.describe Saml::Kit::LogoutRequest do
describe "#valid?" do
let(:metadata) do
Saml::Kit::ServiceProviderMetadata.build(configuration: configuration) do |builder|
- builder.entity_id = issuer
+ builder.entity_id = entity_id
builder.add_single_logout_service(FFaker::Internet.uri("https"), binding: :http_post)
end
end
spec/saml/response_spec.rb
@@ -7,7 +7,7 @@ RSpec.describe Saml::Kit::Response do
subject { described_class.build(user, request, configuration: configuration) }
let(:configuration) do
Saml::Kit::Configuration.new do |config|
- config.issuer = request.issuer
+ config.entity_id = request.issuer
config.registry = registry
config.generate_key_pair_for(use: :signing)
end
README.md
@@ -33,7 +33,7 @@ To specify a global configuration: (useful for a rails application)
```ruby
Saml::Kit.configure do |configuration|
- configuration.issuer = ENV['ISSUER']
+ configuration.entity_id = ENV['ISSUER']
configuration.generate_key_pair_for(use: :signing)
configuration.add_key_pair(ENV["CERTIFICATE"], ENV["PRIVATE_KEY"], passphrase: ENV['PASSPHRASE'], use: :signing)
configuration.generate_key_pair_for(use: :encryption)