RubyGems - hubssolib - Versions diffs - 3.8.0 → 3.8.2 - Mend

hubssolib 3.8.0 → 3.8.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 32438e5c41d655367f4bb0e8385b9d972645f2649871a09ab7b09dc5d617fe9e
-  data.tar.gz: a999f01f88325690644675acc1b06b33b7b275374e980c6c3f2fa346c3875d93
+  metadata.gz: 6b90f9617fc1a625f402510ee5497d4d357f914d7f35284e6c1e25b62ae07f4b
+  data.tar.gz: 450ead4d1423e6b42fd6a0aba65fdf043d6c5e3a6c3dc1b7b04412b2fcd4e65c
 SHA512:
-  metadata.gz: 881e57fa9c2e42ed8465b2faabf98cabdacf2dcea5df20d3c617836e50ff74d2255bbe1b8c11ca39b0bb3d57f2927e229ca1a390de11d0fcff9b8e4b32851ae6
-  data.tar.gz: 15aa2e97054fe9a8a86e45d901bdfa36bff0d0a6473ba88d279ec0bf622ce8413e6bc1a7b0427bac1f0e2bc0c2b994d9a3550d48897a8efec7cf2acf0c74abfa
+  metadata.gz: 1a03c285659733df8dd98c93faaf458549229c8a096cba58c797c04139788bddf2592c2a12b99a5c87d02ffac4a936db703317d4957ec48d25790a21eb3ddadb
+  data.tar.gz: b392255f66a678625bab09ec613d69f77ab8cf60818764fcc4b2b55028e317854e24e8125a527ccac598b6845ba10f794524ffa82579a2f5ef30258fafbba887

data/CHANGELOG.md CHANGED Viewed

@@ -1,3 +1,12 @@
+## 3.8.2, 17-May-2025
+* General maintenance update.
+## 3.8.1, 09-Apr-2025
+* It's been too long since I worked with DRb! Important fix for "live" (undumpable) vs copied objects which could lead to session enumeration problems in clients. Now, sessions enumerated by user ID are copies as is user data returned by HubSsoLib::Core#hubssolib_enumerate_users.
+* Other data is still live, since there's a fair amount of write-back that expects to be updating objects held by the DRb server itself. This will all get replaced by database storage in HubSsoLib 4, so I'm not going to address the weaknesses present wherein a session might be expired or deleted "under the feet" of a client. The Hub gem's own write-based operations are all on a "current" session, so that could only vanish if an admin independently elected to destroy all user sessions via the Hub Rails app front-end. The implication is that the other user was probably up to no good, and I don't really mind if they just seem to be suddenly logged out, or see a 500 error due to a _very_ inconveniently-timed page fetch.
 ## 3.8.0, 03-Apr-2025
 * Adds helper `HubSsoLib::Core#hubssolib_flash_markup` to compliment `HubSsoLib::Core#hubssolib_flash_data` and help make Flash presentation simpler and more consistent across integrated applications.

data/Gemfile.lock CHANGED Viewed

@@ -1,36 +1,38 @@
 PATH
   remote: .
   specs:
-    hubssolib (3.8.0)
+    hubssolib (3.8.2)
       base64 (~> 0.2)
       drb (~> 2.2)
 GEM
   remote: https://rubygems.org/
   specs:
-    actioncable (8.0.2)
-      actionpack (= 8.0.2)
-      activesupport (= 8.0.2)
+    action_text-trix (2.1.19)
+      railties
+    actioncable (8.1.3)
+      actionpack (= 8.1.3)
+      activesupport (= 8.1.3)
       nio4r (~> 2.0)
       websocket-driver (>= 0.6.1)
       zeitwerk (~> 2.6)
-    actionmailbox (8.0.2)
-      actionpack (= 8.0.2)
-      activejob (= 8.0.2)
-      activerecord (= 8.0.2)
-      activestorage (= 8.0.2)
-      activesupport (= 8.0.2)
+    actionmailbox (8.1.3)
+      actionpack (= 8.1.3)
+      activejob (= 8.1.3)
+      activerecord (= 8.1.3)
+      activestorage (= 8.1.3)
+      activesupport (= 8.1.3)
       mail (>= 2.8.0)
-    actionmailer (8.0.2)
-      actionpack (= 8.0.2)
-      actionview (= 8.0.2)
-      activejob (= 8.0.2)
-      activesupport (= 8.0.2)
+    actionmailer (8.1.3)
+      actionpack (= 8.1.3)
+      actionview (= 8.1.3)
+      activejob (= 8.1.3)
+      activesupport (= 8.1.3)
       mail (>= 2.8.0)
       rails-dom-testing (~> 2.2)
-    actionpack (8.0.2)
-      actionview (= 8.0.2)
-      activesupport (= 8.0.2)
+    actionpack (8.1.3)
+      actionview (= 8.1.3)
+      activesupport (= 8.1.3)
       nokogiri (>= 1.8.5)
       rack (>= 2.2.4)
       rack-session (>= 1.0.1)
@@ -38,87 +40,93 @@ GEM
       rails-dom-testing (~> 2.2)
       rails-html-sanitizer (~> 1.6)
       useragent (~> 0.16)
-    actiontext (8.0.2)
-      actionpack (= 8.0.2)
-      activerecord (= 8.0.2)
-      activestorage (= 8.0.2)
-      activesupport (= 8.0.2)
+    actiontext (8.1.3)
+      action_text-trix (~> 2.1.15)
+      actionpack (= 8.1.3)
+      activerecord (= 8.1.3)
+      activestorage (= 8.1.3)
+      activesupport (= 8.1.3)
       globalid (>= 0.6.0)
       nokogiri (>= 1.8.5)
-    actionview (8.0.2)
-      activesupport (= 8.0.2)
+    actionview (8.1.3)
+      activesupport (= 8.1.3)
       builder (~> 3.1)
       erubi (~> 1.11)
       rails-dom-testing (~> 2.2)
       rails-html-sanitizer (~> 1.6)
-    activejob (8.0.2)
-      activesupport (= 8.0.2)
+    activejob (8.1.3)
+      activesupport (= 8.1.3)
       globalid (>= 0.3.6)
-    activemodel (8.0.2)
-      activesupport (= 8.0.2)
-    activerecord (8.0.2)
-      activemodel (= 8.0.2)
-      activesupport (= 8.0.2)
+    activemodel (8.1.3)
+      activesupport (= 8.1.3)
+    activerecord (8.1.3)
+      activemodel (= 8.1.3)
+      activesupport (= 8.1.3)
       timeout (>= 0.4.0)
-    activestorage (8.0.2)
-      actionpack (= 8.0.2)
-      activejob (= 8.0.2)
-      activerecord (= 8.0.2)
-      activesupport (= 8.0.2)
+    activestorage (8.1.3)
+      actionpack (= 8.1.3)
+      activejob (= 8.1.3)
+      activerecord (= 8.1.3)
+      activesupport (= 8.1.3)
       marcel (~> 1.0)
-    activesupport (8.0.2)
+    activesupport (8.1.3)
       base64
-      benchmark (>= 0.3)
       bigdecimal
       concurrent-ruby (~> 1.0, >= 1.3.1)
       connection_pool (>= 2.2.5)
       drb
       i18n (>= 1.6, < 2)
+      json
       logger (>= 1.4.2)
       minitest (>= 5.1)
       securerandom (>= 0.3)
       tzinfo (~> 2.0, >= 2.0.5)
       uri (>= 0.13.1)
-    base64 (0.2.0)
-    benchmark (0.4.0)
-    bigdecimal (3.1.9)
+    base64 (0.3.0)
+    bigdecimal (4.1.2)
     builder (3.3.0)
-    concurrent-ruby (1.3.5)
-    connection_pool (2.5.0)
+    concurrent-ruby (1.3.6)
+    connection_pool (3.0.2)
     crass (1.0.6)
-    date (3.4.1)
-    debug (1.10.0)
+    date (3.5.1)
+    debug (1.11.1)
       irb (~> 1.10)
       reline (>= 0.3.8)
-    diff-lcs (1.6.1)
+    diff-lcs (1.6.2)
     docile (1.4.1)
     doggo (1.4.0)
       rspec-core (~> 3.13)
-    drb (2.2.1)
+    drb (2.2.3)
+    erb (6.0.4)
     erubi (1.13.1)
-    globalid (1.2.1)
+    globalid (1.3.0)
       activesupport (>= 6.1)
-    i18n (1.14.7)
+    i18n (1.14.8)
       concurrent-ruby (~> 1.0)
-    io-console (0.8.0)
-    irb (1.15.2)
+    io-console (0.8.2)
+    irb (1.18.0)
       pp (>= 0.6.0)
+      prism (>= 1.3.0)
       rdoc (>= 4.0.0)
       reline (>= 0.4.2)
+    json (2.19.5)
     logger (1.7.0)
-    loofah (2.24.0)
+    loofah (2.25.1)
       crass (~> 1.0.2)
       nokogiri (>= 1.12.0)
-    mail (2.8.1)
+    mail (2.9.0)
+      logger
       mini_mime (>= 0.1.1)
       net-imap
       net-pop
       net-smtp
-    marcel (1.0.4)
+    marcel (1.1.0)
     mini_mime (1.1.5)
-    mini_portile2 (2.8.8)
-    minitest (5.25.5)
-    net-imap (0.5.6)
+    mini_portile2 (2.8.9)
+    minitest (6.0.6)
+      drb (~> 2.0)
+      prism (~> 1.5)
+    net-imap (0.6.4)
       date
       net-protocol
     net-pop (0.1.2)
@@ -127,91 +135,96 @@ GEM
       timeout
     net-smtp (0.5.1)
       net-protocol
-    nio4r (2.7.4)
-    nokogiri (1.18.7)
+    nio4r (2.7.5)
+    nokogiri (1.19.3)
       mini_portile2 (~> 2.8.2)
       racc (~> 1.4)
-    pp (0.6.2)
+    pp (0.6.3)
       prettyprint
     prettyprint (0.2.0)
-    psych (5.2.3)
+    prism (1.9.0)
+    psych (5.3.1)
       date
       stringio
     racc (1.8.1)
-    rack (3.1.12)
-    rack-session (2.1.0)
+    rack (3.2.6)
+    rack-session (2.1.2)
       base64 (>= 0.1.0)
       rack (>= 3.0.0)
     rack-test (2.2.0)
       rack (>= 1.3)
-    rackup (2.2.1)
+    rackup (2.3.1)
       rack (>= 3)
-    rails (8.0.2)
-      actioncable (= 8.0.2)
-      actionmailbox (= 8.0.2)
-      actionmailer (= 8.0.2)
-      actionpack (= 8.0.2)
-      actiontext (= 8.0.2)
-      actionview (= 8.0.2)
-      activejob (= 8.0.2)
-      activemodel (= 8.0.2)
-      activerecord (= 8.0.2)
-      activestorage (= 8.0.2)
-      activesupport (= 8.0.2)
+    rails (8.1.3)
+      actioncable (= 8.1.3)
+      actionmailbox (= 8.1.3)
+      actionmailer (= 8.1.3)
+      actionpack (= 8.1.3)
+      actiontext (= 8.1.3)
+      actionview (= 8.1.3)
+      activejob (= 8.1.3)
+      activemodel (= 8.1.3)
+      activerecord (= 8.1.3)
+      activestorage (= 8.1.3)
+      activesupport (= 8.1.3)
       bundler (>= 1.15.0)
-      railties (= 8.0.2)
-    rails-dom-testing (2.2.0)
+      railties (= 8.1.3)
+    rails-dom-testing (2.3.0)
       activesupport (>= 5.0.0)
       minitest
       nokogiri (>= 1.6)
-    rails-html-sanitizer (1.6.2)
-      loofah (~> 2.21)
+    rails-html-sanitizer (1.7.0)
+      loofah (~> 2.25)
       nokogiri (>= 1.15.7, != 1.16.7, != 1.16.6, != 1.16.5, != 1.16.4, != 1.16.3, != 1.16.2, != 1.16.1, != 1.16.0.rc1, != 1.16.0)
-    railties (8.0.2)
-      actionpack (= 8.0.2)
-      activesupport (= 8.0.2)
+    railties (8.1.3)
+      actionpack (= 8.1.3)
+      activesupport (= 8.1.3)
       irb (~> 1.13)
       rackup (>= 1.0.0)
       rake (>= 12.2)
       thor (~> 1.0, >= 1.2.2)
+      tsort (>= 0.2)
       zeitwerk (~> 2.6)
-    rake (13.2.1)
-    rdoc (6.13.1)
+    rake (13.4.2)
+    rdoc (7.2.0)
+      erb
       psych (>= 4.0.0)
-    reline (0.6.0)
+      tsort
+    reline (0.6.3)
       io-console (~> 0.5)
-    rspec (3.13.0)
+    rspec (3.13.2)
       rspec-core (~> 3.13.0)
       rspec-expectations (~> 3.13.0)
       rspec-mocks (~> 3.13.0)
-    rspec-core (3.13.3)
+    rspec-core (3.13.6)
       rspec-support (~> 3.13.0)
-    rspec-expectations (3.13.3)
+    rspec-expectations (3.13.5)
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.13.0)
-    rspec-mocks (3.13.2)
+    rspec-mocks (3.13.8)
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.13.0)
-    rspec-support (3.13.2)
+    rspec-support (3.13.7)
     securerandom (0.4.1)
     simplecov (0.22.0)
       docile (~> 1.1)
       simplecov-html (~> 0.11)
       simplecov_json_formatter (~> 0.1)
-    simplecov-html (0.13.1)
+    simplecov-html (0.13.2)
     simplecov_json_formatter (0.1.4)
-    stringio (3.1.6)
-    thor (1.3.2)
-    timeout (0.4.3)
+    stringio (3.2.0)
+    thor (1.5.0)
+    timeout (0.6.1)
+    tsort (0.2.0)
     tzinfo (2.0.6)
       concurrent-ruby (~> 1.0)
-    uri (1.0.3)
+    uri (1.1.1)
     useragent (0.16.11)
-    websocket-driver (0.7.7)
+    websocket-driver (0.8.0)
       base64
       websocket-extensions (>= 0.1.0)
     websocket-extensions (0.1.5)
-    zeitwerk (2.7.2)
+    zeitwerk (2.7.5)
 PLATFORMS
   ruby
@@ -226,4 +239,4 @@ DEPENDENCIES
   simplecov (~> 0.22)
 BUNDLED WITH
-   2.6.2
+  4.0.10

data/README.md CHANGED Viewed

@@ -462,7 +462,7 @@ The payload items shown above are both mandatory:
 If either item is missing or blank, or if for any reason Hub finds itself unable to associated the action with a user record on Hub's side, then no e-mail message will be sent.
-**IMPORTANT:** The Hub application's database migration at the time you updated to 3.7.0 will have set existing users to trusted for historic data, but new users are untrusted. If you introduce trust integration to your site's other apps after this, you might want to enter the console to update any new users added since likewise; inside `app/hub`, issue:
+**OPTIONAL DATA MIGRATION:** The Hub application's database migration at the time you updated to 3.7.0 will have set existing users to trusted for historic data, but new users are untrusted. If you introduce trust integration to your site's other apps after this, you might want to enter the console to update any new users added since likewise; inside `app/hub`, issue:
 ```
 $ bundle exec rails c
@@ -471,3 +471,17 @@ $ bundle exec rails c
 ```
 The trust mechanism involves a fair amount of effort on the integrating app's side but it can be very useful if you have a site where, despite your best efforts, sometimes spam/bot accounts manage to get inside and try to flood the system with spam. It's just one of many different potential protection and mitigation mechanisms that your site might choose to employ.
+**SERVER NOTE:** The Trust DRb server runs inside the Hub application, which runs using Puma as a server by default. The Trust server is started within the Hub application's `puma.rb` configuration file, because it needs to make sure it runs once, after booting, and is not destroyed by worker fork teardown/standup. If you aren't going to use Puma, you'll need to find a way to set this up; you'll want code akin to this in `app/hub/config/application.rb`:
+```ruby
+if defined? Rails::Server
+  Rails::Application::Finisher.initializer 'uk.org.pond.hubssolib.trustserver' do
+    Thread.new do
+      HubSsoLib::Trust.launch_server()
+    end
+  end
+end
+```
+...but that only works if the code would be run once and never torn down (a one-process server setup). There are many different Ruby web server approaches and it's not possible to be more specific; you just need to read the documentation about lifecycles and callbacks for the server you choose.

data/hubssolib.gemspec CHANGED Viewed

@@ -4,7 +4,7 @@ spec = Gem::Specification.new do |s|
   s.platform = Gem::Platform::RUBY
   s.name     = 'hubssolib'
-  s.version  = '3.8.0'
+  s.version  = '3.8.2'
   s.author   = 'Andrew Hodgkinson and others'
   s.email    = 'ahodgkin@rowing.org.uk'
   s.homepage = 'http://pond.org.uk/'

data/lib/hub_sso_lib.rb CHANGED Viewed

@@ -366,17 +366,16 @@ module HubSsoLib
   #          26-Feb-2025 (ADH): Add 'trusted' concept.                  #
   #######################################################################
+  # This *must not* be 'undumped', since it gets passed from clients back to
+  # the persistent DRb server process. A client thread may disappear and be
+  # recreated by the web server at any time; if the user object is undumpable,
+  # then the DRb server has to *call back to the client* (in DRb, clients are
+  # also servers...!) to find out about the object. Trouble is, if the client
+  # thread has been recreated, the server will be trying to access to stale
+  # objects that only exist if the garbage collector hasn't got to them yet.
+  #
   class User
-    # This *must not* be 'undumped', since it gets passed from clients
-    # back to the persistent DRb server process. A client thread may
-    # disappear and be recreated by the web server at any time; if the
-    # user object is undumpable, then the DRb server has to *call back
-    # to the client* (in DRb, clients are also servers...!) to find out
-    # about the object. Trouble is, if the client thread has been
-    # recreated, the server will be trying to access to stale objects
-    # that only exist if the garbage collector hasn't got to them yet.
     attr_accessor :user_salt
     attr_accessor :user_roles
     attr_accessor :user_updated_at
@@ -397,8 +396,8 @@ module HubSsoLib
   end # User class
   #######################################################################
-  # Class:   Session                                                    #
-  #          (C) Hipposoft 2006                                         #
+  # Class:   Session family                                             #
+  #          (C) Hipposoft 2006-2025                                    #
   #                                                                     #
   # Purpose: Session support object, used to store session metadata in  #
   #          an insecure cross-application cookie.                      #
@@ -406,37 +405,67 @@ module HubSsoLib
   # Author:  A.D.Hodgkinson                                             #
   #                                                                     #
   # History: 22-Oct-2006 (ADH): Created.                                #
+  #          09-Apr-2025 (ADH): Dumpable/undumpable variants created.   #
   #######################################################################
-  class Session
-    # Unlike a User, this *is* undumpable since it only gets passed from
-    # server to client. The server's always here to service requests
-    # from the client and used sessions are never garbage collected
-    # since the DRb server's front object, a SessionFactory, keeps them
-    # in a hash held within an instance variable.
-    include DRb::DRbUndumped
-    attr_accessor :session_last_used
-    attr_reader   :session_return_to # DEPRECATED
-    attr_accessor :session_flash
-    attr_accessor :session_user
-    attr_accessor :session_rotated_key
-    def initialize
-      @session_last_used   = Time.now.utc
-      @session_return_to   = nil
-      @session_flash       = {}
-      @session_user        = HubSsoLib::User.new
-      @session_rotated_key = nil
+  # A dumpable base class that can be used for undumpable proxies, where a
+  # change made in an object passed to a client is reflected on the server
+  # where the object actually lives; or for dumpable clones of sessions sent
+  # as read-only copies to clients which won't disppear due to server side
+  # deletion from key rotation, expiry or admin-driven deletion.
+  #
+  class SessionBase
+    ATTRIBUTES = %i{
+      session_last_used
+      session_flash
+      session_user
+      session_rotated_key
+    }
+    ATTRIBUTES.each { | attr | attr_accessor(attr) }
+    attr_reader :session_return_to # DEPRECATED
+    def initialize(copying_session: nil)
+      if copying_session.nil?
+        self.session_last_used   = Time.now.utc
+        self.session_flash       = {}
+        self.session_user        = HubSsoLib::User.new
+        self.session_rotated_key = nil
+      else
+        ATTRIBUTES.each do | attr |
+          self.send("#{attr}=", copying_session.send(attr))
+        end
+      end
     rescue => e
       Sentry.capture_exception(e) if defined?(Sentry) && Sentry.respond_to?(:capture_exception)
       raise
     end
+  end # SessionBase class
+  # Unlike a User, this *is* undumpable since it only gets passed from server
+  # to client. The server's always here to service requests from the client and
+  # used sessions are never garbage collected since the DRb server's front
+  # object, a SessionFactory, keeps them in a hash held within an instance
+  # variable.
+  #
+  # A recognised weakness here is that a session might disappear from under the
+  # feet of an accessing application, due to key rotation or explicit deletion.
+  #
+  class Session < SessionBase
+    include DRb::DRbUndumped
   end # Session class
+  # No special conditions - this is just a dumpable session. You should usually
+  # create it based on an undumpable, 'live' session thus:
+  #
+  #   SessionCopy.new(copying_session: undumpable_session)
+  #
+  class SessionCopy < SessionBase
+  end # SessionCopy class
   #######################################################################
   # Class:   SessionFactory                                             #
   #          (C) Hipposoft 2006                                         #
@@ -611,6 +640,16 @@ module HubSsoLib
     # given session key. No key rotation occurs. Returns +nil+ if no entry is
     # found for that key.
     #
+    # This returns a *LIVE OBJECT* owned by the DRb server. Writes made to this
+    # object will affect the live session state. However, the session might be
+    # invalidated at any time by actions such as key rotation, expiration or
+    # explicit user deletion. Attempts to read or write properties would then
+    # lead to exceptions such as:
+    #
+    #   "424" is not id value (RangeError)
+    #
+    # ...where 424 is the internal object ID of meaning only to the DRb system.
+    #
     def retrieve_session_by_key(key)
       HUB_MUTEX.synchronize { @hub_sessions[key] }
     end
@@ -622,15 +661,24 @@ module HubSsoLib
     # values yielding HubSsoLib::Session instances as values is returned.
     #
     # The array is ordered by least-recently-active first to most-recent last.
+    # Returned data is a copy of internal session information and should be
+    # considered read-only; changes made will have no effect outside your own
+    # application.
     #
     # IN THE CURRENT IMPLEMENTATION THIS JUST SEQUENTIALLY SCANS ALL ACTIVE
     # SESSIONS IN THE HASH and must therefore lock on mutex for the duration.
     #
     def retrieve_sessions_by_user_id(user_id)
       HUB_MUTEX.synchronize do
-        @hub_sessions.select do | key, session |
-          session&.session_user&.user_id == user_id
+        collection = {}
+        @hub_sessions.each do | key, session |
+          if session&.session_user&.user_id == user_id
+            collection[key] = SessionCopy.new(copying_session: session)
+          end
         end
+        collection
       end
     end
@@ -647,6 +695,8 @@ module HubSsoLib
         @hub_sessions.delete(key)
       end
+      return nil
     rescue => e
       Sentry.capture_exception(e) if defined?(Sentry) && Sentry.respond_to?(:capture_exception)
       raise
@@ -672,6 +722,8 @@ module HubSsoLib
         end
       end
+      return nil
     rescue => e
       Sentry.capture_exception(e) if defined?(Sentry) && Sentry.respond_to?(:capture_exception)
       raise
@@ -696,6 +748,8 @@ module HubSsoLib
         end
       end
+      return nil
     rescue => e
       Sentry.capture_exception(e) if defined?(Sentry) && Sentry.respond_to?(:capture_exception)
       raise
@@ -738,6 +792,8 @@ module HubSsoLib
         puts "Session factory: ...Destroyed #{destroyed} session(s)"
       end
+      return nil
     rescue => e
       Sentry.capture_exception(e) if defined?(Sentry) && Sentry.respond_to?(:capture_exception)
       raise
@@ -862,13 +918,21 @@ module HubSsoLib
       HUB_TRUST_CONNECTION_URI
     end
+    # Is the server already running?
+    #
+    def self.already_running?
+      uri  = self.get_trust_server_connection_uri()
+      path = URI.parse(uri).path
+      return File.exist?(path)
+    end
     # Start the trust server. This should only ever be called by the Hub Rails
     # application, which implements HubSsoLib::Trust::Server.
     #
     def self.launch_server
       uri             = self.get_trust_server_connection_uri()
-      path            = URI.parse(uri).path
-      already_running = File.exist?(path)
+      already_running = self.already_running?
       unless ENV['HUB_QUIET_SERVER'] == 'yes'
         message = unless already_running
@@ -1251,8 +1315,8 @@ module HubSsoLib
       unless hub_session_info[:keys].nil? # (keyset too large, enumeration prohibited)
         hub_session_info[:keys].each do | key |
-          session = hubssolib_factory().retrieve_session_by_key(key)
-          hub_users << session.session_user unless session&.session_user&.user_id.nil?
+          session_user = hubssolib_factory().retrieve_session_by_key(key)&.session_user
+          hub_users << session_user unless session_user&.user_id.nil?
         end
       end

metadata CHANGED Viewed

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification
 name: hubssolib
 version: !ruby/object:Gem::Version
-  version: 3.8.0
+  version: 3.8.2
 platform: ruby
 authors:
 - Andrew Hodgkinson and others
 bindir: bin
 cert_chain: []
-date: 2025-04-04 00:00:00.000000000 Z
+date: 1980-01-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: drb
@@ -158,7 +158,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.6.2
+rubygems_version: 4.0.10
 specification_version: 4
 summary: Cross-application single sign-on support library.
 test_files: []