Imported Upstream version 1.6.0

parent 904a38c9
Gemfile.lock
coverage/
spec/support/example_private_key.pem
/gemfiles/*.lock
......
......@@ -3,10 +3,9 @@ env:
- JRUBY_OPTS="$JRUBY_OPTS --debug"
language: ruby
script: bundle exec rspec
before_install: gem update bundler
matrix:
include:
- rvm: 1.8.7
gemfile: gemfiles/ruby-1.8.7.gemfile
- rvm: 1.9.3
gemfile: Gemfile
- rvm: 2.0.0
......@@ -17,8 +16,6 @@ matrix:
gemfile: Gemfile
- rvm: 2.3.0
gemfile: Gemfile
- rvm: jruby-18mode
gemfile: gemfiles/ruby-1.8.7.gemfile
- rvm: jruby-19mode
gemfile: Gemfile
- rvm: jruby-head
......@@ -28,10 +25,7 @@ matrix:
- rvm: ruby-head
gemfile: Gemfile
allow_failures:
- rvm: 1.8.7
- rvm: jruby-18mode
- rvm: jruby-head
- rvm: rbx-2
- rvm: ruby-head
fast_finish: true
sudo: false
......@@ -4,6 +4,10 @@ A generic SAML strategy for OmniAuth.
https://github.com/omniauth/omniauth-saml
## 1.6.0 (2016-06-27)
* Ensure that subclasses of `OmniAuth::Stategies::SAML` are registered with OmniAuth as strategies (https://github.com/omniauth/omniauth-saml/pull/95)
* Update ruby-saml to 1.3 to address [CVE-2016-5697](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5697) (Signature wrapping attacks)
## 1.5.0 (2016-02-25)
* Initialize OneLogin::RubySaml::Response instance with settings
......
source 'https://rubygems.org'
group :test do
gem 'coveralls', require: false
gem 'coveralls', '~> 0.8', '>= 0.8.13', require: false
gem 'mime-types', '< 3'
end
......
PATH
remote: .
specs:
omniauth-saml (1.5.0)
omniauth (~> 1.3)
ruby-saml (~> 1.1, >= 1.1.1)
GEM
remote: https://rubygems.org/
specs:
coveralls (0.7.2)
multi_json (~> 1.3)
rest-client (= 1.6.7)
simplecov (>= 0.7)
term-ansicolor (= 1.2.2)
thor (= 0.18.1)
diff-lcs (1.2.4)
hashie (3.4.3)
macaddr (1.7.1)
systemu (~> 2.6.2)
mime-types (2.99)
mini_portile2 (2.0.0)
multi_json (1.3.7)
nokogiri (1.6.7.2)
mini_portile2 (~> 2.0.0.rc2)
omniauth (1.3.1)
hashie (>= 1.2, < 4)
rack (>= 1.0, < 3)
rack (1.5.2)
rack-test (0.6.2)
rack (>= 1.0)
rest-client (1.6.7)
mime-types (>= 1.16)
rspec (2.14.1)
rspec-core (~> 2.14.0)
rspec-expectations (~> 2.14.0)
rspec-mocks (~> 2.14.0)
rspec-core (2.14.7)
rspec-expectations (2.14.4)
diff-lcs (>= 1.1.3, < 2.0)
rspec-mocks (2.14.4)
ruby-saml (1.1.2)
nokogiri (>= 1.5.10)
uuid (~> 2.3)
simplecov (0.7.1)
multi_json (~> 1.0)
simplecov-html (~> 0.7.1)
simplecov-html (0.7.1)
systemu (2.6.5)
term-ansicolor (1.2.2)
tins (~> 0.8)
thor (0.18.1)
tins (0.13.2)
uuid (2.3.8)
macaddr (~> 1.0)
PLATFORMS
ruby
DEPENDENCIES
coveralls
mime-types (< 3)
omniauth-saml!
rack-test (~> 0.6)
rspec (~> 2.8)
simplecov (~> 0.6)
BUNDLED WITH
1.11.2
......@@ -21,6 +21,10 @@ https://github.com/omniauth/omniauth-saml
* [OmniAuth](http://www.omniauth.org/) 1.3+
* Ruby 1.9.x or Ruby 2.1.x+
## Versioning
We tag and release gems according to the [Semantic Versioning](http://semver.org/) principle.
## Usage
Use the SAML strategy as a middleware in your application:
......
source 'https://rubygems.org'
gem 'nokogiri', '~> 1.5.10'
gem 'hashie', '~> 2.0.5'
gemspec :path => '../'
module OmniAuth
module SAML
VERSION = '1.5.0'
VERSION = '1.6.0'
end
end
......@@ -6,6 +6,10 @@ module OmniAuth
class SAML
include OmniAuth::Strategy
def self.inherited(subclass)
OmniAuth::Strategy.included(subclass)
end
OTHER_REQUEST_OPTIONS = [:skip_conditions, :allowed_clock_drift, :matches_request_id, :skip_subject_confirmation].freeze
option :name_identifier_format, nil
......@@ -96,8 +100,12 @@ module OmniAuth
Digest::SHA1.hexdigest(cert.to_der).upcase.scan(/../).join(':')
end
def on_metadata_path?
on_path?("#{request_path}/metadata")
end
def other_phase
if on_path?("#{request_path}/metadata")
if on_metadata_path?
# omniauth does not set the strategy on the other_phase
@env['omniauth.strategy'] ||= self
setup_phase
......
......@@ -12,11 +12,11 @@ Gem::Specification.new do |gem|
gem.homepage = 'https://github.com/omniauth/omniauth-saml'
gem.add_runtime_dependency 'omniauth', '~> 1.3'
gem.add_runtime_dependency 'ruby-saml', '~> 1.1', '>= 1.1.1'
gem.add_runtime_dependency 'ruby-saml', '~> 1.3'
gem.add_development_dependency 'rspec', '~> 2.8'
gem.add_development_dependency 'simplecov', '~> 0.6'
gem.add_development_dependency 'rack-test', '~> 0.6'
gem.add_development_dependency 'rspec', '~>3.4'
gem.add_development_dependency 'simplecov', '~> 0.11'
gem.add_development_dependency 'rack-test', '~> 0.6', '>= 0.6.3'
gem.files = ['README.md', 'CHANGELOG.md', 'LICENSE.md'] + Dir['lib/**/*.rb']
gem.test_files = Dir['spec/**/*.rb']
......
......@@ -218,4 +218,15 @@ describe OmniAuth::Strategies::SAML, :type => :strategy do
last_response.body.should match /Required attributes/
end
end
it 'implements #on_metadata_path?' do
expect(described_class.new(nil)).to respond_to(:on_metadata_path?)
end
describe 'subclass behavior' do
it 'registers subclasses in OmniAuth.strategies' do
subclass = Class.new(described_class)
expect(OmniAuth.strategies).to include(described_class, subclass)
end
end
end
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment