RubyGems - devise_saml_authenticatable - Versions diffs - 1.6.2 → 1.9.1 - Mend

devise_saml_authenticatable 1.6.2 → 1.9.1

Files changed (34) hide show

checksums.yaml +4 -4
data/.github/dependabot.yml +6 -0
data/.github/workflows/ci.yml +62 -0
data/.gitignore +1 -0
data/.ruby-version +1 -0
data/Gemfile +12 -2
data/README.md +62 -26
data/app/controllers/devise/saml_sessions_controller.rb +33 -27
data/devise_saml_authenticatable.gemspec +2 -1
data/lib/devise_saml_authenticatable/logger.rb +2 -2
data/lib/devise_saml_authenticatable/model.rb +17 -3
data/lib/devise_saml_authenticatable/saml_config.rb +28 -6
data/lib/devise_saml_authenticatable/strategy.rb +23 -5
data/lib/devise_saml_authenticatable/version.rb +1 -1
data/lib/devise_saml_authenticatable.rb +16 -2
data/spec/controllers/devise/saml_sessions_controller_spec.rb +205 -147
data/spec/devise_saml_authenticatable/model_spec.rb +137 -19
data/spec/devise_saml_authenticatable/saml_config_spec.rb +69 -22
data/spec/devise_saml_authenticatable/strategy_spec.rb +58 -9
data/spec/features/saml_authentication_spec.rb +19 -6
data/spec/support/Gemfile.rails5.2 +2 -13
data/spec/support/Gemfile.rails6 +18 -0
data/spec/support/Gemfile.rails6.1 +24 -0
data/spec/support/idp_settings_adapter.rb.erb +19 -9
data/spec/support/idp_template.rb +5 -13
data/spec/support/rails_app.rb +6 -7
data/spec/support/ruby_saml_support.rb +10 -0
data/spec/support/saml_idp_controller.rb.erb +1 -6
data/spec/support/sp_template.rb +22 -19
metadata +14 -12
data/.travis.yml +0 -52
data/spec/support/Gemfile.rails4 +0 -41
data/spec/support/Gemfile.rails5 +0 -25
data/spec/support/Gemfile.rails5.1 +0 -25

data/spec/support/Gemfile.rails6 ADDED Viewed

@@ -0,0 +1,18 @@
+source 'https://rubygems.org'
+# Specify your gem's dependencies in devise_saml_authenticatable.gemspec
+gemspec path: '../..'
+group :test do
+  gem 'rake'
+  gem 'rspec', '~> 3.0'
+  gem 'rails', '~> 6.0.0'
+  gem 'rspec-rails', '~> 5.0'
+  gem 'sqlite3', '~> 1.4.0'
+  gem 'capybara'
+  gem 'selenium-webdriver'
+  if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new("3.0")
+    gem 'webrick'
+  end
+end

data/spec/support/Gemfile.rails6.1 ADDED Viewed

@@ -0,0 +1,24 @@
+source 'https://rubygems.org'
+# Specify your gem's dependencies in devise_saml_authenticatable.gemspec
+gemspec path: '../..'
+group :test do
+  gem 'rake'
+  gem 'rspec', '~> 3.0'
+  gem 'rails', '~> 6.1.0'
+  gem 'rspec-rails', '~> 5.0'
+  gem 'sqlite3', '~> 1.4.0'
+  gem 'capybara'
+  gem 'selenium-webdriver'
+  if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new("3.0")
+    gem 'webrick'
+  end
+  if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new("3.1")
+    gem 'net-smtp', require: false
+    gem 'net-imap', require: false
+    gem 'net-pop', require: false
+  end
+end

data/spec/support/idp_settings_adapter.rb.erb CHANGED Viewed

@@ -1,17 +1,27 @@
 class IdpSettingsAdapter
   def self.settings(idp_entity_id)
     if idp_entity_id == "http://localhost:8020/saml/metadata"
-      {
-          assertion_consumer_service_url: "http://localhost:8020/users/saml/auth",
-          assertion_consumer_service_binding: "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST",
-          name_identifier_format: "urn:oasis:names:tc:SAML:2.0:nameid-format:transient",
-          issuer: "sp_issuer",
-          idp_entity_id: "http://localhost:8020/saml/metadata",
-          authn_context: "",
+      base = {
+        assertion_consumer_service_url: "http://localhost:8020/users/saml/auth",
+        assertion_consumer_service_binding: "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST",
+        name_identifier_format: "urn:oasis:names:tc:SAML:2.0:nameid-format:transient",
+        sp_entity_id: "sp_issuer",
+        idp_entity_id: "http://localhost:8020/saml/metadata",
+        authn_context: "",
+        idp_cert_fingerprint: "9E:65:2E:03:06:8D:80:F2:86:C7:6C:77:A1:D9:14:97:0A:4D:F4:4D"
+      }
+      if Gem::Version.new(OneLogin::RubySaml::VERSION) >= Gem::Version.new("1.12.0")
+        base.merge!(
+          idp_slo_service_url: "http://localhost:8010/saml/logout",
+          idp_sso_service_url: "http://localhost:8010/saml/auth",
+        )
+      else
+        base.merge!(
           idp_slo_target_url: "http://localhost:8010/saml/logout",
           idp_sso_target_url: "http://localhost:8010/saml/auth",
-          idp_cert_fingerprint: "9E:65:2E:03:06:8D:80:F2:86:C7:6C:77:A1:D9:14:97:0A:4D:F4:4D"
-      }
+        )
+      end
+      base
     else
       {}
     end

data/spec/support/idp_template.rb CHANGED Viewed

@@ -5,22 +5,14 @@
 @include_subject_in_attributes = ENV.fetch('INCLUDE_SUBJECT_IN_ATTRIBUTES')
 @valid_destination = ENV.fetch('VALID_DESTINATION', "true")
-if Rails::VERSION::MAJOR < 5 || (Rails::VERSION::MAJOR == 5 && Rails::VERSION::MINOR < 2)
-  gsub_file 'config/secrets.yml', /secret_key_base:.*$/, 'secret_key_base: "34814fd41f91c493b89aa01ac73c44d241a31245b5bc5542fa4b7317525e1dcfa60ba947b3d085e4e229456fdee0d8af6aac6a63cf750d807ea6fe5d853dff4a"'
-end
-gem 'ruby-saml-idp', '~> 0.3.3'
+gem 'stub_saml_idp'
 gem 'thin'
-insert_into_file('Gemfile', after: /\z/) {
-  <<-GEMFILE
-# Lock down versions of gems for older versions of Ruby
-if Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new("2.1")
-  gem 'devise', '~> 3.5'
-  gem 'nokogiri', '~> 1.6.8'
+if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new("3.1")
+  gem 'net-smtp', require: false
+  gem 'net-imap', require: false
+  gem 'net-pop', require: false
 end
-  GEMFILE
-}
 route "get '/saml/auth' => 'saml_idp#new'"
 route "post '/saml/auth' => 'saml_idp#create'"

data/spec/support/rails_app.rb CHANGED Viewed

@@ -19,14 +19,13 @@ end
 def create_app(name, env = {})
   puts "[#{name}] Creating Rails app"
-  rails_new_options = %w[-T -J -S --skip-spring --skip-listen --skip-bootsnap]
+  rails_new_options = %w[-A -G -C -T -J -S --skip-spring --skip-listen --skip-bootsnap --skip-action-mailbox --skip-jbuilder --skip-active-storage]
   rails_new_options << "-O" if name == "idp"
-  with_clean_env do
-    Dir.chdir(working_directory) do
-      FileUtils.rm_rf(name)
-      puts("rails _#{Rails.version}_ new #{name} #{rails_new_options.join(" ")} -m #{File.expand_path("../#{name}_template.rb", __FILE__)}")
-      system(env, "rails", "_#{Rails.version}_", "new", name, *rails_new_options, "-m", File.expand_path("../#{name}_template.rb", __FILE__))
-    end
+  env.merge!("RUBY_SAML_VERSION" => OneLogin::RubySaml::VERSION)
+  Dir.chdir(working_directory) do
+    FileUtils.rm_rf(name)
+    puts("[#{working_directory}] rails _#{Rails.version}_ new #{name} #{rails_new_options.join(" ")} -m #{File.expand_path("../#{name}_template.rb", __FILE__)}")
+    system(env, "rails", "_#{Rails.version}_", "new", name, *rails_new_options, "-m", File.expand_path("../#{name}_template.rb", __FILE__))
   end
 end

data/spec/support/ruby_saml_support.rb ADDED Viewed

@@ -0,0 +1,10 @@
+module RubySamlSupport
+  VERSION_1_12 = Gem::Version.new("1.12.0")
+  def with_ruby_saml_1_12_or_greater(body, args = {else_do: nil})
+    if Gem::Version.new(OneLogin::RubySaml::VERSION) >= VERSION_1_12
+      body.call
+    else
+      args[:else_do].call
+    end
+  end
+end

data/spec/support/saml_idp_controller.rb.erb CHANGED Viewed

@@ -1,4 +1,4 @@
-class SamlIdpController < SamlIdp::IdpController
+class SamlIdpController < StubSamlIdp::IdpController
   def new
     if session[:user_id]
       @saml_response = idp_make_saml_response(session[:user_id])
@@ -79,13 +79,8 @@ class SamlIdpController < SamlIdp::IdpController
   end
   # == SLO functionality, see https://github.com/lawrencepit/ruby-saml-idp/pull/10
-  <% if Rails::VERSION::MAJOR < 5 %>
-  skip_before_filter :validate_saml_request, :only => [:logout, :sp_sign_out]
-  before_filter :validate_saml_slo_request, :only => [:logout]
-  <% else %>
   skip_before_action :validate_saml_request, :only => [:logout, :sp_sign_out]
   before_action :validate_saml_slo_request, :only => [:logout]
-  <% end %>
   public

data/spec/support/sp_template.rb CHANGED Viewed

@@ -6,28 +6,20 @@ attribute_map_resolver = ENV.fetch("ATTRIBUTE_MAP_RESOLVER", "nil")
 saml_session_index_key = ENV.fetch('SAML_SESSION_INDEX_KEY', ":session_index")
 use_subject_to_authenticate = ENV.fetch('USE_SUBJECT_TO_AUTHENTICATE')
 idp_settings_adapter = ENV.fetch('IDP_SETTINGS_ADAPTER', "nil")
-idp_entity_id_reader = ENV.fetch('IDP_ENTITY_ID_READER', "DeviseSamlAuthenticatable::DefaultIdpEntityIdReader")
+idp_entity_id_reader = ENV.fetch('IDP_ENTITY_ID_READER', '"DeviseSamlAuthenticatable::DefaultIdpEntityIdReader"')
 saml_failed_callback = ENV.fetch('SAML_FAILED_CALLBACK', "nil")
-if Rails::VERSION::MAJOR < 5 || (Rails::VERSION::MAJOR == 5 && Rails::VERSION::MINOR < 2)
-  gsub_file 'config/secrets.yml', /secret_key_base:.*$/, 'secret_key_base: "8b5889df1fcf03f76c7d66da02d8776bcc85b06bed7d9c592f076d9c8a5455ee6d4beae45986c3c030b40208db5e612f2a6ef8283036a352e3fae83c5eda36be"'
-end
+ruby_saml_version = ENV.fetch("RUBY_SAML_VERSION")
 gem 'devise_saml_authenticatable', path: File.expand_path("../../..", __FILE__)
-gem 'ruby-saml', OneLogin::RubySaml::VERSION
+gem 'ruby-saml', ruby_saml_version
 gem 'thin'
-insert_into_file('Gemfile', after: /\z/) {
-  <<-GEMFILE
-# Lock down versions of gems for older versions of Ruby
-if Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new("2.1")
-  gem 'devise', '~> 3.5'
-  gem 'nokogiri', '~> 1.6.8'
-elsif Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new("2.4")
-  gem 'responders', '~> 2.4'
+if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new("3.1")
+  gem 'net-smtp', require: false
+  gem 'net-imap', require: false
+  gem 'net-pop', require: false
 end
-  GEMFILE
-}
 if Rails::VERSION::MAJOR < 6
   # sqlite3 is hard-coded in Rails < 6 to v1.3.x
   gsub_file 'Gemfile', /^gem 'sqlite3'.*$/, "gem 'sqlite3', '~> 1.3.6'"
@@ -91,14 +83,25 @@ after_bundle do
   config.saml_configure do |settings|
     settings.assertion_consumer_service_url = "http://localhost:8020/users/saml/auth"
-    settings.issuer = "http://localhost:8020/saml/metadata"
-    settings.idp_slo_target_url = "http://localhost:8009/saml/logout"
-    settings.idp_sso_target_url = "http://localhost:8009/saml/auth"
+    settings.sp_entity_id = "http://localhost:8020/saml/metadata"
     settings.idp_cert_fingerprint = "9E:65:2E:03:06:8D:80:F2:86:C7:6C:77:A1:D9:14:97:0A:4D:F4:4D"
     settings.name_identifier_format = "urn:oasis:names:tc:SAML:2.0:nameid-format:transient"
   end
 end
   CONFIG
+  if Gem::Version.new(ruby_saml_version) >= Gem::Version.new("1.12.0")
+    gsub_file 'config/initializers/devise.rb', /^  config\.saml_configure do \|settings\|$/, <<CONFIG
+  config.saml_configure do |settings|
+    settings.idp_slo_service_url = "http://localhost:8009/saml/logout"
+    settings.idp_sso_service_url = "http://localhost:8009/saml/auth"
+CONFIG
+  else
+    gsub_file 'config/initializers/devise.rb', /^  config\.saml_configure do \|settings\|$/, <<CONFIG
+  config.saml_configure do |settings|
+    settings.idp_slo_target_url = "http://localhost:8009/saml/logout"
+    settings.idp_sso_target_url = "http://localhost:8009/saml/auth"
+CONFIG
+  end
   generate :controller, 'home', 'index'
   insert_into_file('app/controllers/home_controller.rb', after: "class HomeController < ApplicationController\n") {

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: devise_saml_authenticatable
 version: !ruby/object:Gem::Version
-  version: 1.6.2
+  version: 1.9.1
 platform: ruby
 authors:
 - Josef Sauter
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-09-28 00:00:00.000000000 Z
+date: 2023-01-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: devise
@@ -45,9 +45,11 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- ".github/dependabot.yml"
+- ".github/workflows/ci.yml"
 - ".gitignore"
 - ".rspec"
-- ".travis.yml"
+- ".ruby-version"
 - Gemfile
 - LICENSE
 - README.md
@@ -78,20 +80,20 @@ files:
 - spec/rails_helper.rb
 - spec/routes/routes_spec.rb
 - spec/spec_helper.rb
-- spec/support/Gemfile.rails4
-- spec/support/Gemfile.rails5
-- spec/support/Gemfile.rails5.1
 - spec/support/Gemfile.rails5.2
+- spec/support/Gemfile.rails6
+- spec/support/Gemfile.rails6.1
 - spec/support/attribute-map.yml
 - spec/support/attribute_map_resolver.rb.erb
 - spec/support/idp_settings_adapter.rb.erb
 - spec/support/idp_template.rb
 - spec/support/rails_app.rb
 - spec/support/response_encrypted_nameid.xml.base64
+- spec/support/ruby_saml_support.rb
 - spec/support/saml_idp-saml_slo_post.html.erb
 - spec/support/saml_idp_controller.rb.erb
 - spec/support/sp_template.rb
-homepage: ''
+homepage: https://github.com/apokalipto/devise_saml_authenticatable
 licenses:
 - MIT
 metadata: {}
@@ -103,14 +105,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 2.6.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3
+rubygems_version: 3.4.1
 signing_key:
 specification_version: 4
 summary: SAML Authentication for devise
@@ -126,16 +128,16 @@ test_files:
 - spec/rails_helper.rb
 - spec/routes/routes_spec.rb
 - spec/spec_helper.rb
-- spec/support/Gemfile.rails4
-- spec/support/Gemfile.rails5
-- spec/support/Gemfile.rails5.1
 - spec/support/Gemfile.rails5.2
+- spec/support/Gemfile.rails6
+- spec/support/Gemfile.rails6.1
 - spec/support/attribute-map.yml
 - spec/support/attribute_map_resolver.rb.erb
 - spec/support/idp_settings_adapter.rb.erb
 - spec/support/idp_template.rb
 - spec/support/rails_app.rb
 - spec/support/response_encrypted_nameid.xml.base64
+- spec/support/ruby_saml_support.rb
 - spec/support/saml_idp-saml_slo_post.html.erb
 - spec/support/saml_idp_controller.rb.erb
 - spec/support/sp_template.rb

data/.travis.yml DELETED Viewed

@@ -1,52 +0,0 @@
-language: ruby
-rvm:
-  - "2.0.0"
-  - "2.1.10"
-  - "2.2.10"
-  - "2.3.8"
-  - "2.4.10"
-  - "2.5.8"
-  - "2.6.6"
-  - "2.7.1"
-gemfile:
-  - Gemfile
-  - spec/support/Gemfile.rails5.2
-  - spec/support/Gemfile.rails5.1
-  - spec/support/Gemfile.rails5
-  - spec/support/Gemfile.rails4
-matrix:
-  allow_failures:
-    - rvm: "2.0.0"
-      gemfile: Gemfile
-    - rvm: "2.0.0"
-      gemfile: spec/support/Gemfile.rails5
-    - rvm: "2.0.0"
-      gemfile: spec/support/Gemfile.rails5.1
-    - rvm: "2.0.0"
-      gemfile: spec/support/Gemfile.rails5.2
-    - rvm: "2.1.10"
-      gemfile: Gemfile
-    - rvm: "2.1.10"
-      gemfile: spec/support/Gemfile.rails5
-    - rvm: "2.1.10"
-      gemfile: spec/support/Gemfile.rails5.1
-    - rvm: "2.1.10"
-      gemfile: spec/support/Gemfile.rails5.2
-    - rvm: "2.2.10"
-      gemfile: Gemfile
-    - rvm: "2.2.10"
-      gemfile: spec/support/Gemfile.rails5.2
-    - rvm: "2.3.8"
-      gemfile: Gemfile
-    - rvm: "2.4.10"
-      gemfile: Gemfile
-    - rvm: "2.6.6"
-      gemfile: spec/support/Gemfile.rails4
-    - rvm: "2.7.1"
-      gemfile: spec/support/Gemfile.rails4
-before_install:
-  - command -v bundle || gem install bundler -v '~> 1.17.3'
-script:
-  - bundle exec rake

data/spec/support/Gemfile.rails4 DELETED Viewed

@@ -1,41 +0,0 @@
-source 'https://rubygems.org'
-# Specify your gem's dependencies in devise_saml_authenticatable.gemspec
-gemspec path: '../..'
-group :test do
-  gem 'rspec', '~> 3.0'
-  gem 'rails', '~> 4.0'
-  gem 'rspec-rails', '~> 3.9'
-  gem 'sqlite3', '~> 1.3.6'
-  gem 'capybara'
-  gem 'poltergeist'
-  # Lock down versions of gems for older versions of Ruby
-  if Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new("2.1")
-    gem 'rake', '~> 12.2'
-  else
-    gem 'rake'
-  end
-  if Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new("2.1")
-    gem 'devise', '~> 3.5'
-    gem 'minitest', '~> 5.11.0'
-    gem 'nokogiri', '~> 1.6.8'
-    gem 'public_suffix', '~> 2.0.5'
-  end
-  if Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new("2.1")
-    gem 'responders', '~> 1.0'
-  elsif Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new("2.4")
-    gem 'responders', '~> 2.0'
-  end
-  if Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new("2.2")
-    gem 'byebug', '~> 9.0'
-  elsif Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new("2.3")
-    gem 'byebug', '~> 10.0'
-  elsif Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new("2.4")
-    gem 'byebug', '~> 11.0.0'
-  end
-end

data/spec/support/Gemfile.rails5 DELETED Viewed

@@ -1,25 +0,0 @@
-source 'https://rubygems.org'
-# Specify your gem's dependencies in devise_saml_authenticatable.gemspec
-gemspec path: '../..'
-group :test do
-  gem 'rake'
-  gem 'rspec', '~> 3.0'
-  gem 'rails', '~> 5.0.0'
-  gem 'rspec-rails', '~> 3.9'
-  gem 'sqlite3', '~> 1.3.6'
-  gem 'capybara'
-  gem 'poltergeist'
-  # Lock down versions of gems for older versions of Ruby
-  if Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new("2.4")
-    gem 'responders', '~> 2.4'
-  end
-  if Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new("2.3")
-    gem 'byebug', '~> 10.0'
-  elsif Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new("2.4")
-    gem 'byebug', '~> 11.0.0'
-  end
-end

data/spec/support/Gemfile.rails5.1 DELETED Viewed

@@ -1,25 +0,0 @@
-source 'https://rubygems.org'
-# Specify your gem's dependencies in devise_saml_authenticatable.gemspec
-gemspec path: '../..'
-group :test do
-  gem 'rake'
-  gem 'rspec', '~> 3.0'
-  gem 'rails', '~> 5.1.0'
-  gem 'rspec-rails', '~> 3.9'
-  gem 'sqlite3', '~> 1.3.6'
-  gem 'capybara'
-  gem 'poltergeist'
-  # Lock down versions of gems for older versions of Ruby
-  if Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new("2.4")
-    gem 'responders', '~> 2.4'
-  end
-  if Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new("2.3")
-    gem 'byebug', '~> 10.0'
-  elsif Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new("2.4")
-    gem 'byebug', '~> 11.0.0'
-  end
-end