devise_saml_authenticatable 1.9.0 → 2.0.0

data/spec/support/saml_idp_controller.rb.erb

@@ -45,7 +45,7 @@ class SamlIdpController < StubSamlIdp::IdpController
     now = Time.now.utc
     response_id = SecureRandom.uuid
     audience_uri = opts[:audience_uri] || "#{saml_acs_url[/^(.*?\/\/.*?\/)/, 1]}saml/metadata"
-    issuer_uri = opts[:issuer_uri] || (defined?(request) && request.url) || "http://example.com"
+    issuer_uri = opts[:issuer_uri] || (defined?(request) && request.url) || "https://example.com"
 
     attributes = opts.fetch(:attributes, {})
     if attributes.any?
@@ -96,17 +96,14 @@ class SamlIdpController < StubSamlIdp::IdpController
     if Idp::Application.config.slo_sp_url
       redirect_to "#{Idp::Application.config.slo_sp_url}?SAMLResponse=#{@saml_slo_response}"
     else
-      redirect_to 'http://example.com'
+      redirect_to 'https://example.com'
     end
   end
 
   def sp_sign_out
     idp_slo_authenticate(params[:name_id])
     saml_slo_request = encode_SAML_SLO_Request("you@example.com")
-    uri = URI.parse("http://localhost:8020/users/saml/idp_sign_out")
-    require 'net/http'
-    Net::HTTP.post_form(uri, {"SAMLRequest" => saml_slo_request})
-    head :no_content
+    redirect_to "http://localhost:8020/users/saml/idp_sign_out?SAMLRequest=#{URI.encode_www_form_component(saml_slo_request)}"
   end
 
   def idp_slo_authenticate(email)
@@ -148,7 +145,7 @@ class SamlIdpController < StubSamlIdp::IdpController
     now = Time.now.utc
     response_id = SecureRandom.uuid
     audience_uri = opts[:audience_uri] || (@saml_slo_acs_url && @saml_slo_acs_url[/^(.*?\/\/.*?\/)/, 1])
-    issuer_uri = opts[:issuer_uri] || (defined?(request) && request.url.split("?")[0]) || "http://example.com"
+    issuer_uri = opts[:issuer_uri] || (defined?(request) && request.url.split("?")[0]) || "https://example.com"
 
     assertion = %[<Assertion xmlns="urn:oasis:names:tc:SAML:2.0:assertion" ID="_#{session_index}" IssueInstant="#{now.iso8601}" Version="2.0"><Issuer2>#{issuer_uri}</Issuer2><Subject><NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">#{nameID}</NameID><SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"><SubjectConfirmationData InResponseTo="#{@saml_slo_request_id}" NotOnOrAfter="#{(now+3*60).iso8601}" Recipient="#{@saml_slo_acs_url}"></SubjectConfirmationData></SubjectConfirmation></Subject><Conditions NotBefore="#{(now-5).iso8601}" NotOnOrAfter="#{(now+60*60).iso8601}"><AudienceRestriction><Audience>#{audience_uri}</Audience></AudienceRestriction></Conditions><AttributeStatement><Attribute Name="#{email_address_attribute_key}"><AttributeValue>#{nameID}</AttributeValue></Attribute></AttributeStatement><AuthnStatement AuthnInstant="#{now.iso8601}" SessionIndex="_#{session_index}"><AuthnContext><AuthnContextClassRef>urn:federation:authentication:windows</AuthnContextClassRef></AuthnContext></AuthnStatement></Assertion>]
 
@@ -183,7 +180,7 @@ class SamlIdpController < StubSamlIdp::IdpController
   def encode_SAML_SLO_Request(nameID, opts = {})
     now = Time.now.utc
     response_id = SecureRandom.uuid
-    issuer_uri = opts[:issuer_uri] || (defined?(request) && request.url.split("?")[0]) || "http://example.com"
+    issuer_uri = opts[:issuer_uri] || (defined?(request) && request.url.split("?")[0]) || "https://example.com"
     xml = %[<samlp:LogoutRequest
     xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
     xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"

data/spec/support/sp_template.rb

@@ -12,18 +12,10 @@ ruby_saml_version = ENV.fetch("RUBY_SAML_VERSION")
 
 gem 'devise_saml_authenticatable', path: File.expand_path("../../..", __FILE__)
 gem 'ruby-saml', ruby_saml_version
-gem 'thin'
+gem 'net-smtp', require: false
+gem 'net-imap', require: false
+gem 'net-pop', require: false
 
-if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new("3.1")
-  gem 'net-smtp', require: false
-  gem 'net-imap', require: false
-  gem 'net-pop', require: false
-end
-
-if Rails::VERSION::MAJOR < 6
-  # sqlite3 is hard-coded in Rails < 6 to v1.3.x
-  gsub_file 'Gemfile', /^gem 'sqlite3'.*$/, "gem 'sqlite3', '~> 1.3.6'"
-end
 
 template File.expand_path('../attribute_map_resolver.rb.erb', __FILE__), 'app/lib/attribute_map_resolver.rb'
 template File.expand_path('../idp_settings_adapter.rb.erb', __FILE__), 'app/lib/idp_settings_adapter.rb'
@@ -40,7 +32,7 @@ create_file('app/lib/our_saml_failed_callback_handler.rb', <<-CALLBACKHANDLER)
 
 class OurSamlFailedCallbackHandler
   def handle(response, strategy)
-    strategy.redirect! "http://www.example.com"
+    strategy.redirect! "https://www.example.com"
   end
 end
 CALLBACKHANDLER
@@ -83,7 +75,7 @@ after_bundle do
 
   config.saml_configure do |settings|
     settings.assertion_consumer_service_url = "http://localhost:8020/users/saml/auth"
-    settings.issuer = "http://localhost:8020/saml/metadata"
+    settings.sp_entity_id = "http://localhost:8020/saml/metadata"
     settings.idp_cert_fingerprint = "9E:65:2E:03:06:8D:80:F2:86:C7:6C:77:A1:D9:14:97:0A:4D:F4:4D"
     settings.name_identifier_format = "urn:oasis:names:tc:SAML:2.0:nameid-format:transient"
   end
@@ -139,8 +131,8 @@ end
 
   rake "db:create"
   rake "db:migrate"
-  rake "db:create", env: "production"
-  rake "db:migrate", env: "production"
+  rake "db:create", env: "test"
+  rake "db:migrate", env: "test"
 
   # Remove any specs so that future RSpec runs don't try to also run these
   run 'rm -rf spec'

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: devise_saml_authenticatable
 version: !ruby/object:Gem::Version
-  version: 1.9.0
+  version: 2.0.0
 platform: ruby
 authors:
 - Josef Sauter
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-04-19 00:00:00.000000000 Z
+date: 2025-04-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: devise
@@ -30,14 +30,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.7'
+        version: '1.18'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.7'
+        version: '1.18'
 description: SAML Authentication for devise
 email:
 - Josef.Sauter@gmail.com
@@ -45,6 +45,7 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- ".github/dependabot.yml"
 - ".github/workflows/ci.yml"
 - ".gitignore"
 - ".rspec"
@@ -79,9 +80,9 @@ files:
 - spec/rails_helper.rb
 - spec/routes/routes_spec.rb
 - spec/spec_helper.rb
-- spec/support/Gemfile.rails5.2
-- spec/support/Gemfile.rails6
-- spec/support/Gemfile.rails6.1
+- spec/support/Gemfile.rails7.1
+- spec/support/Gemfile.rails7.2
+- spec/support/Gemfile.rails8.0
 - spec/support/attribute-map.yml
 - spec/support/attribute_map_resolver.rb.erb
 - spec/support/idp_settings_adapter.rb.erb
@@ -92,7 +93,7 @@ files:
 - spec/support/saml_idp-saml_slo_post.html.erb
 - spec/support/saml_idp_controller.rb.erb
 - spec/support/sp_template.rb
-homepage: ''
+homepage: https://github.com/apokalipto/devise_saml_authenticatable
 licenses:
 - MIT
 metadata: {}
@@ -104,14 +105,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 2.6.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.3.3
+rubygems_version: 3.5.22
 signing_key:
 specification_version: 4
 summary: SAML Authentication for devise
@@ -127,9 +128,9 @@ test_files:
 - spec/rails_helper.rb
 - spec/routes/routes_spec.rb
 - spec/spec_helper.rb
-- spec/support/Gemfile.rails5.2
-- spec/support/Gemfile.rails6
-- spec/support/Gemfile.rails6.1
+- spec/support/Gemfile.rails7.1
+- spec/support/Gemfile.rails7.2
+- spec/support/Gemfile.rails8.0
 - spec/support/attribute-map.yml
 - spec/support/attribute_map_resolver.rb.erb
 - spec/support/idp_settings_adapter.rb.erb

data/spec/support/Gemfile.rails6.1

@@ -1,24 +0,0 @@
-source 'https://rubygems.org'
-
-# Specify your gem's dependencies in devise_saml_authenticatable.gemspec
-gemspec path: '../..'
-
-group :test do
-  gem 'rake'
-  gem 'rspec', '~> 3.0'
-  gem 'rails', '~> 6.1.0'
-  gem 'rspec-rails', '~> 5.0'
-  gem 'sqlite3', '~> 1.4.0'
-  gem 'capybara'
-  gem 'selenium-webdriver'
-
-  if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new("3.0")
-    gem 'webrick'
-  end
-
-  if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new("3.1")
-    gem 'net-smtp', require: false
-    gem 'net-imap', require: false
-    gem 'net-pop', require: false
-  end
-end