Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Alternative to support multiple x509 Certificates via procs #211

Merged
merged 7 commits into from
Nov 1, 2024
Merged

Alternative to support multiple x509 Certificates via procs #211

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
852a664
Adds support for multiple multiple x509 certificates, secret keys, an…
pelted Jul 31, 2024
1e03a44
Call the proc in the tests
pelted Jul 31, 2024
5fa7c38
Add documentation in the form of a comment in the README.md
pelted Jul 31, 2024
2ef7a38
fix extra space
pelted Jul 31, 2024
f27ce73
remove additional change
pelted Jul 31, 2024
16f3365
Fix metadata x509 certificate
pelted Oct 17, 2024
67f9081
Merge branch 'master' into multiple-certs-with-procs
pelted Oct 17, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 5 additions & 0 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -74,6 +74,11 @@ KEY DATA
-----END RSA PRIVATE KEY-----
CERT

# x509_certificate, secret_key, and password may also be set from within a proc, for example:
# config.x509_certificate = -> { File.read("cert.pem") }
# config.secret_key = -> { SecretKeyFinder.key_for(id: 1) }
# config.password = -> { "password" }

# config.password = "secret_key_password"
# config.algorithm = :sha256 # Default: sha1 only for development.
# config.organization_name = "Your Organization"
Expand Down
4 changes: 2 additions & 2 deletions lib/saml_idp/configurator.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,8 +25,8 @@ class Configurator
attr_accessor :logger

def initialize
self.x509_certificate = Default::X509_CERTIFICATE
self.secret_key = Default::SECRET_KEY
self.x509_certificate = -> { Default::X509_CERTIFICATE }
self.secret_key = -> { Default::SECRET_KEY }
self.algorithm = :sha1
self.reference_id_generator = ->() { SecureRandom.uuid }
self.service_provider = OpenStruct.new
Expand Down
3 changes: 2 additions & 1 deletion lib/saml_idp/metadata_builder.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -152,7 +152,8 @@ def raw_algorithm
private :raw_algorithm

def x509_certificate
SamlIdp.config.x509_certificate
certificate = SamlIdp.config.x509_certificate.is_a?(Proc) ? SamlIdp.config.x509_certificate.call : SamlIdp.config.x509_certificate
certificate
.to_s
.gsub(/-----BEGIN CERTIFICATE-----/,"")
.gsub(/-----END CERTIFICATE-----/,"")
Expand Down
3 changes: 2 additions & 1 deletion lib/saml_idp/signature_builder.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,8 @@ def raw
end

def x509_certificate
SamlIdp.config.x509_certificate
certificate = SamlIdp.config.x509_certificate.is_a?(Proc) ? SamlIdp.config.x509_certificate.call : SamlIdp.config.x509_certificate
certificate
.to_s
.gsub(/-----BEGIN CERTIFICATE-----/,"")
.gsub(/-----END CERTIFICATE-----/,"")
Expand Down
4 changes: 2 additions & 2 deletions lib/saml_idp/signed_info_builder.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -65,12 +65,12 @@ def clean_algorithm_name
private :clean_algorithm_name

def secret_key
SamlIdp.config.secret_key
SamlIdp.config.secret_key.is_a?(Proc) ? SamlIdp.config.secret_key.call : SamlIdp.config.secret_key
end
private :secret_key

def password
SamlIdp.config.password
SamlIdp.config.password.is_a?(Proc) ? SamlIdp.config.password.call : SamlIdp.config.password
end
private :password

Expand Down
4 changes: 2 additions & 2 deletions spec/lib/saml_idp/configurator_spec.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,11 +20,11 @@ module SamlIdp
it { should respond_to :logger }

it "has a valid x509_certificate" do
expect(subject.x509_certificate).to eq(Default::X509_CERTIFICATE)
expect(subject.x509_certificate.call).to eq(Default::X509_CERTIFICATE)
end

it "has a valid secret_key" do
expect(subject.secret_key).to eq(Default::SECRET_KEY)
expect(subject.secret_key.call).to eq(Default::SECRET_KEY)
end

it "has a valid algorithm" do
Expand Down
Loading