search

zendesk / samlr

Clean room implementation of SAML for Ruby
Apache License 2.0
30 stars 12 forks source link

remove trollop and unintuitive / random option shorthands #17

Closed grosser closed 9 years ago

grosser commented 9 years ago

@steved @morten @kintner

also adding --version

before:

./bin/samlr --help
SAML response command line tool.

Usage examples:
  samlr --verify --fingerprint ab:23:cd --skip-conditions <response.xml|directory of responses>
  samlr --verify --certificate <x509_certificate.crt> --skip-conditions <response.xml|directory of responses>
  samlr --verify --skip-fingerprint --skip-conditions <response.xml|directory of responses>
  samlr --schema-validate response.xml
  samlr --print response.xml[.base64]

Try it with the gem examples:
  ruby -Ilib bin/samlr -v -s -f 44:D2:9D:98:49:66:27:30:3A:67:A2:5D:97:62:31:65:57:9F:57:D1
test/fixtures/sample_response.xml
  ruby -Ilib bin/samlr -v -s -c test/fixtures/default_samlr_certificate.pem
test/fixtures/no_cert_response.xml

Full list of options:
  -v, --verify                        Verify a SAML response document
  -f, --fingerprint=<s>               The fingerprint to verify the certificate against
  -c, --certificate=<filename/uri>    A certificate (PEM or DER) to validate the signature against (assuming no
                                      certificate embedded in the response)
  -s, --skip-conditions               Skip conditions check
  -k, --skip-validation               Skip schema validation rejection
  -i, --skip-fingerprint              Skip certificate fingerprint check
  -e, --verbose                       Log to STDOUT
  -h, --schema-validate               Perform a schema validation against the input
  -p, --print                         Pretty prints the XML
  -l, --help                          Show this message

after:

./bin/samlr --help
SAML response command line tool.

Usage examples:
  samlr --verify --fingerprint ab:23:cd --skip-conditions <response.xml|directory of responses>
  samlr --verify --certificate <x509_certificate.crt> --skip-conditions <response.xml|directory of responses>
  samlr --verify --skip-fingerprint --skip-conditions <response.xml|directory of responses>
  samlr --schema-validate response.xml
  samlr --print response.xml[.base64]

Try it with the gem examples:
  ruby -Ilib bin/samlr -v -s -f 44:D2:9D:98:49:66:27:30:3A:67:A2:5D:97:62:31:65:57:9F:57:D1 test/fixtures/sample_response.xml
  ruby -Ilib bin/samlr -v -s -c test/fixtures/default_samlr_certificate.pem                 test/fixtures/no_cert_response.xml

Full list of options:
    -v, --verify                     Verify a SAML response document
    -f, --fingerprint FINGERPRINT    The fingerprint to verify the certificate against
    -c, --certificate FILE           A certificate (PEM or DER) to validate the signature against (assuming no certificate embedded in the response)
        --skip-conditions            Skip conditions check
        --skip-validation            Skip schema validation rejection
        --skip-fingerprint           Skip certificate fingerprint check
        --verbose                    Log to STDOUT
        --schema-validate            Perform a schema validation against the input
        --print                      Pretty prints the XML
    -h, --help                       Show this.
        --version                    Show Version

Risks

grosser commented 9 years ago

also means that bin interface is not tested :/

kintner commented 9 years ago

:+1:

grosser commented 9 years ago

added a few basic cli tests