Zoran Majstorovic zmajstor

## pulsar.scss
.change_pending {
  box-shadow: 0 0 10px 2px #eee;
  -webkit-animation: scaleout 1.0s infinite ease-in-out;
  animation: scaleout 1.0s infinite ease-in-out;
}

@-webkit-keyframes scaleout {
  0% { -webkit-transform: scale(0.0) }
  100% { -webkit-transform: scale(1.0); opacity: 0; }
}

## README.md

      
              2 files
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                zmajstor
                / README.md
            
            
              Created
              February 17, 2015 22:54
            
              
                AAI@EduH authentication for Ruby on Rails apps
              
          
    register your app, see instructions: https://gist.github.com/darbula/5003f1d2e1528b089b30#obavezni-koraci-koji-nisu-vezani-uz-django
clone Rails sample app provided by good people from OneLogin Inc.
git clone https://github.com/onelogin/ruby-saml-example.git
edit file app/model/account.rb to reflect your consumer service endpoint

  
## ca_chain.conf
# NGinx SSL certificate authentication signed by intermediate CA (chain)
# http://stackoverflow.com/questions/8431528/nginx-ssl-certificate-authentication-signed-by-intermediate-ca-chain?rq=1

server {
    listen 443 ssl;

    ssl_certificate ...
    ssl_certificate_key ...

    ssl_client_certificate /path/to/ca.crt;

## .bash_profile
xport PATH=/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/sbin
if which rbenv > /dev/null; then eval "$(rbenv init -)"; fi

# Git branch in prompt.
parse_git_branch() {
    git branch 2> /dev/null | sed -e '/^[^*]/d' -e 's/* \(.*\)/ (\1)/'
}
export PS1="\u@\h \W\[\033[32m\]\$(parse_git_branch)\[\033[00m\] $ "
export EDITOR='mate -w'
# export LANG=hr_HR.UTF-8

## rails_encryptor.rb
require 'active_support'
require 'active_support/key_generator'
# KeyGenerator is part of Rails since v4.0.0
# https://github.com/rails/docrails/blob/master/activesupport/lib/active_support/key_generator.rb

salt = SecureRandom.random_bytes(64)
key  = ActiveSupport::KeyGenerator.new('password1234').generate_key(salt)
encryptor = ActiveSupport::MessageEncryptor.new(key)

message = "Secret message in plain text"

## devices_controller.rb
class API::V1::DevicesController < ApplicationController
  before_filter :authenticate!
  before_filter :find_device, only: [:update, :destroy, :capability, :push_mdm_commands]
  skip_before_filter :verify_authenticity_token

  respond_to :json, :xml
  rescue_from ActiveRecord::RecordNotFound, with: :record_not_found_error

  # curl -v -k -X GET -H "Content-Type: application/json" -H "Accept: application/json" -H 'Authorization: Token token=justesting'  https://localhost:8443/api/v1/devices
  # default response format is json, append .xml for XML output: https://localhost:8443/api/v1/devices.xml

## smart_card_adapter.rb
# http://www.rdoc.info/github/costan/smartcard/master/Smartcard
require 'smartcard'

class SmartCardAdapter
  # scope of the smart-card connection; valid values are :system, :user, and :terminal
  # (see the SCARD_SCOPE_ constants in the PC/SC API)
  def connect(scope = :system)
    @context = Smartcard::PCSC::Context.new(scope)
  end


## certificate_helper.rb
require 'openssl' unless defined? OpenSSL

# improved extraction and validation of the subjectAltName X509 extension for
# Universal Principal Name (UPN)
# Widely deployed Microsoft OtherName name form (OID 1.3.6.1.4.1.311.20.2.3)
# Format: user@domain
# Encoding: UTF-8
# Matching: case ignore
# e.g.
# otherName=1.3.6.1.4.1.311.20.2.3;UTF8:bobOtherAltName@example.com

## encrypt_decrypt_start.rb
require 'OpenSSL'

class KeyPair
    attr_reader :key, :cert

    def initialize serial, issuer=nil
      @key = OpenSSL::PKey::RSA.new(1024)
      @cert = OpenSSL::X509::Certificate.new
      @cert.version = 2   # RFC 5280 - v3
      @cert.serial = serial

## bootstrap_helper.rb
module BootstrapHelper

  # Bootstrap 3 helpers for Rails 4 Flash messages
  # in Gemfile add line: gem 'bootstrap-sass', '~> 3.2.0'
  # and <%= flash_messages %> in views/layouts/application.html.erb
  # use in controllers: flash[:error] = 'Invalid email/password combination'

  def bootstrap_class_for flash_type
    { success: "alert-success", error: "alert-danger", alert: "alert-warning", notice: "alert-info" }[flash_type] || flash_type.to_s
  end
	.change_pending {
	box-shadow: 0 0 10px 2px #eee;
	-webkit-animation: scaleout 1.0s infinite ease-in-out;
	animation: scaleout 1.0s infinite ease-in-out;
	}

	@-webkit-keyframes scaleout {
	0% { -webkit-transform: scale(0.0) }
	100% { -webkit-transform: scale(1.0); opacity: 0; }
	}
	# NGinx SSL certificate authentication signed by intermediate CA (chain)
	# http://stackoverflow.com/questions/8431528/nginx-ssl-certificate-authentication-signed-by-intermediate-ca-chain?rq=1

	server {
	listen 443 ssl;

	ssl_certificate ...
	ssl_certificate_key ...

	ssl_client_certificate /path/to/ca.crt;
	xport PATH=/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/sbin
	if which rbenv > /dev/null; then eval "$(rbenv init -)"; fi

	# Git branch in prompt.
	parse_git_branch() {
	git branch 2> /dev/null \| sed -e '/^[^]/d' -e 's/ \(.*\)/ (\1)/'
	}
	export PS1="\u@\h \W\[\033[32m\]\$(parse_git_branch)\[\033[00m\] $ "
	export EDITOR='mate -w'
	# export LANG=hr_HR.UTF-8
	require 'active_support'
	require 'active_support/key_generator'
	# KeyGenerator is part of Rails since v4.0.0
	# https://github.com/rails/docrails/blob/master/activesupport/lib/active_support/key_generator.rb

	salt = SecureRandom.random_bytes(64)
	key = ActiveSupport::KeyGenerator.new('password1234').generate_key(salt)
	encryptor = ActiveSupport::MessageEncryptor.new(key)

	message = "Secret message in plain text"
	class API::V1::DevicesController < ApplicationController
	before_filter :authenticate!
	before_filter :find_device, only: [:update, :destroy, :capability, :push_mdm_commands]
	skip_before_filter :verify_authenticity_token

	respond_to :json, :xml
	rescue_from ActiveRecord::RecordNotFound, with: :record_not_found_error

	# curl -v -k -X GET -H "Content-Type: application/json" -H "Accept: application/json" -H 'Authorization: Token token=justesting' https://localhost:8443/api/v1/devices
	# default response format is json, append .xml for XML output: https://localhost:8443/api/v1/devices.xml
	# http://www.rdoc.info/github/costan/smartcard/master/Smartcard
	require 'smartcard'

	class SmartCardAdapter
	# scope of the smart-card connection; valid values are :system, :user, and :terminal
	# (see the SCARD_SCOPE_ constants in the PC/SC API)
	def connect(scope = :system)
	@context = Smartcard::PCSC::Context.new(scope)
	end
	require 'openssl' unless defined? OpenSSL

	# improved extraction and validation of the subjectAltName X509 extension for
	# Universal Principal Name (UPN)
	# Widely deployed Microsoft OtherName name form (OID 1.3.6.1.4.1.311.20.2.3)
	# Format: user@domain
	# Encoding: UTF-8
	# Matching: case ignore
	# e.g.
	# otherName=1.3.6.1.4.1.311.20.2.3;UTF8:bobOtherAltName@example.com
	require 'OpenSSL'

	class KeyPair
	attr_reader :key, :cert

	def initialize serial, issuer=nil
	@key = OpenSSL::PKey::RSA.new(1024)
	@cert = OpenSSL::X509::Certificate.new
	@cert.version = 2 # RFC 5280 - v3
	@cert.serial = serial
	module BootstrapHelper

	# Bootstrap 3 helpers for Rails 4 Flash messages
	# in Gemfile add line: gem 'bootstrap-sass', '~> 3.2.0'
	# and <%= flash_messages %> in views/layouts/application.html.erb
	# use in controllers: flash[:error] = 'Invalid email/password combination'

	def bootstrap_class_for flash_type
	{ success: "alert-success", error: "alert-danger", alert: "alert-warning", notice: "alert-info" }[flash_type] \|\| flash_type.to_s
	end