From 4d75339c7dff0e54191072ae0ad7d94f3f3275c9 Mon Sep 17 00:00:00 2001 From: zoodor Date: Thu, 2 Aug 2012 16:57:59 +0100 Subject: [PATCH 1/3] Extracted creation of the SAML authentication request into its own method, which can be called separately for use with a binding other than the HTTP Redirect one. --- lib/onelogin/ruby-saml/authrequest.rb | 39 +++++++++++++++------------ 1 file changed, 22 insertions(+), 17 deletions(-) diff --git a/lib/onelogin/ruby-saml/authrequest.rb b/lib/onelogin/ruby-saml/authrequest.rb index 2be0b113a..66211fc64 100644 --- a/lib/onelogin/ruby-saml/authrequest.rb +++ b/lib/onelogin/ruby-saml/authrequest.rb @@ -10,6 +10,27 @@ module Saml include REXML class Authrequest def create(settings, params = {}) + request_doc = create_authentication_xml_doc(settings) + + request = "" + request_doc.write(request) + + Logging.debug "Created AuthnRequest: #{request}" + + deflated_request = Zlib::Deflate.deflate(request, 9)[2..-5] + base64_request = Base64.encode64(deflated_request) + encoded_request = CGI.escape(base64_request) + params_prefix = (settings.idp_sso_target_url =~ /\?/) ? '&' : '?' + request_params = "#{params_prefix}SAMLRequest=#{encoded_request}" + + params.each_pair do |key, value| + request_params << "&#{key}=#{CGI.escape(value.to_s)}" + end + + settings.idp_sso_target_url + request_params + end + + def create_authentication_xml_doc(settings) uuid = "_" + UUID.new.generate time = Time.now.utc.strftime("%Y-%m-%dT%H:%M:%SZ") # Create AuthnRequest root element using REXML @@ -50,23 +71,7 @@ def create(settings, params = {}) } class_ref.text = settings.authn_context end - - request = "" - request_doc.write(request) - - Logging.debug "Created AuthnRequest: #{request}" - - deflated_request = Zlib::Deflate.deflate(request, 9)[2..-5] - base64_request = Base64.encode64(deflated_request) - encoded_request = CGI.escape(base64_request) - params_prefix = (settings.idp_sso_target_url =~ /\?/) ? '&' : '?' - request_params = "#{params_prefix}SAMLRequest=#{encoded_request}" - - params.each_pair do |key, value| - request_params << "&#{key}=#{CGI.escape(value.to_s)}" - end - - settings.idp_sso_target_url + request_params + request_doc end end From d3b2405b2f5a8d535010ac897d67c94e204205df Mon Sep 17 00:00:00 2001 From: zoodor Date: Tue, 7 Aug 2012 17:08:58 +0100 Subject: [PATCH 2/3] Updated .gitignore to ignore some intellij files. --- .gitignore | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.gitignore b/.gitignore index f7e5f1832..6a4451365 100644 --- a/.gitignore +++ b/.gitignore @@ -4,3 +4,6 @@ coverage rdoc pkg Gemfile.lock +.idea/* +lib/Lib.iml +test/Test.iml \ No newline at end of file From e61cff2b0716b3e2381541ca13f1a2ed8d5e1d86 Mon Sep 17 00:00:00 2001 From: zoodor Date: Tue, 7 Aug 2012 17:11:16 +0100 Subject: [PATCH 3/3] Updated to remove time-zone component from the IssueInstant time (this is to conform with SAMLCore-2.0, section 1.3.3). --- lib/onelogin/ruby-saml/authrequest.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/onelogin/ruby-saml/authrequest.rb b/lib/onelogin/ruby-saml/authrequest.rb index 66211fc64..e6ff88d3c 100644 --- a/lib/onelogin/ruby-saml/authrequest.rb +++ b/lib/onelogin/ruby-saml/authrequest.rb @@ -32,7 +32,7 @@ def create(settings, params = {}) def create_authentication_xml_doc(settings) uuid = "_" + UUID.new.generate - time = Time.now.utc.strftime("%Y-%m-%dT%H:%M:%SZ") + time = Time.now.utc.strftime("%Y-%m-%dT%H:%M:%S") # Create AuthnRequest root element using REXML request_doc = REXML::Document.new