omniauth-realme 0.2.1 → 2.1.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile +3 -2
  3. data/Gemfile.lock +72 -26
  4. data/lib/omniauth/realme/version.rb +1 -1
  5. data/lib/omniauth/strategies/realme.rb +7 -1
  6. data/omniauth-realme.gemspec +4 -3
  7. metadata +22 -8
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: dffa1aa5b4ac54a63feb3e625adde68e9e8c05a4b3a73e05ac47a4bad4415366
4
- data.tar.gz: 2f7c8a95cbdd11294e48085fbba5c31aa6215e62dd877eef93b1bac7fd84b4b3
3
+ metadata.gz: 8869994f2435a34b3092d7a2225bf5de25f7dd224ae8ae5bc34a2a5f1ec46eb8
4
+ data.tar.gz: 852e0a6165f87d23f0efb4fed7f61a1f411649d2d3f96434cafd0d9a3f94bee8
5
5
  SHA512:
6
- metadata.gz: 19a34fba96441def30a507defd6464b0bee537168647e2853131ae3023675eeab3c5174d0f17a9535e2c1b0a965ec08b8971d40e58768456b1f90aefedb428d1
7
- data.tar.gz: 391927a2bc6015d69455a80ad5335c22ba385dc03a831bb3b8cc023dae505a6636dd04cde37dc3b9ab5a60c67e14f84f09040ed592bb13f452890771a9ce6033
6
+ metadata.gz: e4421dea23f54a81652898f8a67b4ee9761079799992e10c8ed78da56ff2b9270e59338c6fe6190d049c5896f272ea8b1932bc2aca3370aa1440dc2fe1f4737c
7
+ data.tar.gz: 475b78b04d1e87ec76fb67d51eaa277198b763ebe7a6ace822473ee9bf4c2df9c1490cc0959ed5393430c575664cebf3d7cb07c6c7910b53338eb9d051535ac2
data/Gemfile CHANGED
@@ -5,5 +5,6 @@ source 'https://rubygems.org'
5
5
  # Specify your gem's dependencies in omniauth-realme.gemspec
6
6
  gemspec
7
7
 
8
- gem 'rake', '~> 12.0'
9
- gem 'rspec', '~> 3.0'
8
+ gem 'nokogiri', '>= 1.12.5'
9
+ gem 'rake', '~> 13.0.6'
10
+ gem 'rspec', '~> 3.10.0'
data/Gemfile.lock CHANGED
@@ -1,30 +1,64 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- omniauth-realme (0.2.1)
5
- omniauth (~> 1.0)
6
- ruby-saml (~> 1.5)
7
- uuid (~> 2.0)
4
+ omniauth-realme (2.1.1)
5
+ omniauth (~> 2.0.4)
6
+ omniauth-rails_csrf_protection (~> 1.0.0)
7
+ ruby-saml (~> 1.13.0)
8
+ uuid (~> 2.3.9)
8
9
 
9
10
  GEM
10
11
  remote: https://rubygems.org/
11
12
  specs:
13
+ actionpack (6.1.4.1)
14
+ actionview (= 6.1.4.1)
15
+ activesupport (= 6.1.4.1)
16
+ rack (~> 2.0, >= 2.0.9)
17
+ rack-test (>= 0.6.3)
18
+ rails-dom-testing (~> 2.0)
19
+ rails-html-sanitizer (~> 1.0, >= 1.2.0)
20
+ actionview (6.1.4.1)
21
+ activesupport (= 6.1.4.1)
22
+ builder (~> 3.1)
23
+ erubi (~> 1.4)
24
+ rails-dom-testing (~> 2.0)
25
+ rails-html-sanitizer (~> 1.1, >= 1.2.0)
26
+ activesupport (6.1.4.1)
27
+ concurrent-ruby (~> 1.0, >= 1.0.2)
28
+ i18n (>= 1.6, < 2)
29
+ minitest (>= 5.1)
30
+ tzinfo (~> 2.0)
31
+ zeitwerk (~> 2.3)
12
32
  ast (2.4.0)
33
+ builder (3.2.4)
13
34
  byebug (11.1.3)
14
35
  coderay (1.1.3)
15
- diff-lcs (1.3)
36
+ concurrent-ruby (1.1.9)
37
+ crass (1.0.6)
38
+ diff-lcs (1.4.4)
39
+ erubi (1.10.0)
16
40
  hashie (4.1.0)
41
+ i18n (1.8.10)
42
+ concurrent-ruby (~> 1.0)
17
43
  jaro_winkler (1.5.4)
44
+ loofah (2.12.0)
45
+ crass (~> 1.0.2)
46
+ nokogiri (>= 1.5.9)
18
47
  macaddr (1.7.2)
19
48
  systemu (~> 2.6.5)
20
49
  method_source (1.0.0)
21
- mini_portile2 (2.5.0)
22
- nokogiri (1.11.1)
23
- mini_portile2 (~> 2.5.0)
50
+ mini_portile2 (2.6.1)
51
+ minitest (5.14.4)
52
+ nokogiri (1.12.5)
53
+ mini_portile2 (~> 2.6.1)
24
54
  racc (~> 1.4)
25
- omniauth (1.9.1)
55
+ omniauth (2.0.4)
26
56
  hashie (>= 3.4.6)
27
57
  rack (>= 1.6.2, < 3)
58
+ rack-protection
59
+ omniauth-rails_csrf_protection (1.0.0)
60
+ actionpack (>= 4.2)
61
+ omniauth (~> 2.0)
28
62
  parallel (1.19.1)
29
63
  parser (2.7.0.2)
30
64
  ast (~> 2.4.0)
@@ -36,24 +70,31 @@ GEM
36
70
  pry (~> 0.13.0)
37
71
  racc (1.5.2)
38
72
  rack (2.2.3)
73
+ rack-protection (2.1.0)
74
+ rack
39
75
  rack-test (1.1.0)
40
76
  rack (>= 1.0, < 3)
77
+ rails-dom-testing (2.0.3)
78
+ activesupport (>= 4.2.0)
79
+ nokogiri (>= 1.6)
80
+ rails-html-sanitizer (1.4.2)
81
+ loofah (~> 2.3)
41
82
  rainbow (3.0.0)
42
- rake (12.3.3)
43
- rexml (3.2.4)
44
- rspec (3.9.0)
45
- rspec-core (~> 3.9.0)
46
- rspec-expectations (~> 3.9.0)
47
- rspec-mocks (~> 3.9.0)
48
- rspec-core (3.9.1)
49
- rspec-support (~> 3.9.1)
50
- rspec-expectations (3.9.0)
83
+ rake (13.0.6)
84
+ rexml (3.2.5)
85
+ rspec (3.10.0)
86
+ rspec-core (~> 3.10.0)
87
+ rspec-expectations (~> 3.10.0)
88
+ rspec-mocks (~> 3.10.0)
89
+ rspec-core (3.10.1)
90
+ rspec-support (~> 3.10.0)
91
+ rspec-expectations (3.10.1)
51
92
  diff-lcs (>= 1.2.0, < 2.0)
52
- rspec-support (~> 3.9.0)
53
- rspec-mocks (3.9.1)
93
+ rspec-support (~> 3.10.0)
94
+ rspec-mocks (3.10.2)
54
95
  diff-lcs (>= 1.2.0, < 2.0)
55
- rspec-support (~> 3.9.0)
56
- rspec-support (3.9.2)
96
+ rspec-support (~> 3.10.0)
97
+ rspec-support (3.10.2)
57
98
  rubocop (0.80.0)
58
99
  jaro_winkler (~> 1.5.1)
59
100
  parallel (~> 1.10)
@@ -65,23 +106,28 @@ GEM
65
106
  rubocop-rspec (1.38.1)
66
107
  rubocop (>= 0.68.1)
67
108
  ruby-progressbar (1.10.1)
68
- ruby-saml (1.11.0)
69
- nokogiri (>= 1.5.10)
109
+ ruby-saml (1.13.0)
110
+ nokogiri (>= 1.10.5)
111
+ rexml
70
112
  systemu (2.6.5)
113
+ tzinfo (2.0.4)
114
+ concurrent-ruby (~> 1.0)
71
115
  unicode-display_width (1.6.1)
72
116
  uuid (2.3.9)
73
117
  macaddr (~> 1.0)
118
+ zeitwerk (2.4.2)
74
119
 
75
120
  PLATFORMS
76
121
  ruby
77
122
 
78
123
  DEPENDENCIES
79
124
  bundler
125
+ nokogiri (>= 1.12.5)
80
126
  omniauth-realme!
81
127
  pry-byebug
82
128
  rack-test
83
- rake (~> 12.0)
84
- rspec (~> 3.0)
129
+ rake (~> 13.0.6)
130
+ rspec (~> 3.10.0)
85
131
  rubocop
86
132
  rubocop-rspec
87
133
 
data/lib/omniauth/realme/version.rb CHANGED
@@ -2,6 +2,6 @@
2
2
 
3
3
  module OmniAuth
4
4
  module Realme
5
- VERSION = '0.2.1'
5
+ VERSION = '2.1.1'
6
6
  end
7
7
  end
data/lib/omniauth/strategies/realme.rb CHANGED
@@ -54,7 +54,7 @@ module OmniAuth
54
54
  # application and `#callback_phase` below is executed.
55
55
  #
56
56
  if request.params['relay_state']
57
- if request.params['relay_state'].length > MAX_LENGTH_OF_RELAY_STATE
57
+ if limit_relay_state? && request.params['relay_state'].length > MAX_LENGTH_OF_RELAY_STATE
58
58
  ex = RelayStateTooLongError.new('RelayState exceeds SAML spec max length of 80 bytes')
59
59
 
60
60
  # fail!() returns a rack response which this callback must also
@@ -252,6 +252,12 @@ module OmniAuth
252
252
  options.fetch('legacy_rails_session_behaviour_enabled', true)
253
253
  end
254
254
 
255
+ # Many providers including RealMe don't limit the RelayState option
256
+ # so allow the limit to be disabled
257
+ def limit_relay_state?
258
+ options.fetch('limit_relay_state', true)
259
+ end
260
+
255
261
  def default_error_messages_for_rails_session(error)
256
262
  case error
257
263
  when /Timeout/
data/omniauth-realme.gemspec CHANGED
@@ -28,9 +28,10 @@ Gem::Specification.new do |spec|
28
28
  spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
29
29
  spec.require_paths = ['lib']
30
30
 
31
- spec.add_dependency 'omniauth', '~> 1.0'
32
- spec.add_dependency 'ruby-saml', '~> 1.5'
33
- spec.add_dependency 'uuid', '~> 2.0'
31
+ spec.add_dependency 'omniauth', '~> 2.0.4'
32
+ spec.add_dependency 'omniauth-rails_csrf_protection', '~> 1.0.0'
33
+ spec.add_dependency 'ruby-saml', '~> 1.13.0'
34
+ spec.add_dependency 'uuid', '~> 2.3.9'
34
35
 
35
36
  spec.add_development_dependency 'bundler'
36
37
  spec.add_development_dependency 'pry-byebug'
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: omniauth-realme
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.1
4
+ version: 2.1.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - DigitalNZ
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2021-01-08 00:00:00.000000000 Z
11
+ date: 2021-09-30 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: omniauth
@@ -16,42 +16,56 @@ dependencies:
16
16
  requirements:
17
17
  - - "~>"
18
18
  - !ruby/object:Gem::Version
19
- version: '1.0'
19
+ version: 2.0.4
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - "~>"
25
25
  - !ruby/object:Gem::Version
26
- version: '1.0'
26
+ version: 2.0.4
27
+ - !ruby/object:Gem::Dependency
28
+ name: omniauth-rails_csrf_protection
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - "~>"
32
+ - !ruby/object:Gem::Version
33
+ version: 1.0.0
34
+ type: :runtime
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - "~>"
39
+ - !ruby/object:Gem::Version
40
+ version: 1.0.0
27
41
  - !ruby/object:Gem::Dependency
28
42
  name: ruby-saml
29
43
  requirement: !ruby/object:Gem::Requirement
30
44
  requirements:
31
45
  - - "~>"
32
46
  - !ruby/object:Gem::Version
33
- version: '1.5'
47
+ version: 1.13.0
34
48
  type: :runtime
35
49
  prerelease: false
36
50
  version_requirements: !ruby/object:Gem::Requirement
37
51
  requirements:
38
52
  - - "~>"
39
53
  - !ruby/object:Gem::Version
40
- version: '1.5'
54
+ version: 1.13.0
41
55
  - !ruby/object:Gem::Dependency
42
56
  name: uuid
43
57
  requirement: !ruby/object:Gem::Requirement
44
58
  requirements:
45
59
  - - "~>"
46
60
  - !ruby/object:Gem::Version
47
- version: '2.0'
61
+ version: 2.3.9
48
62
  type: :runtime
49
63
  prerelease: false
50
64
  version_requirements: !ruby/object:Gem::Requirement
51
65
  requirements:
52
66
  - - "~>"
53
67
  - !ruby/object:Gem::Version
54
- version: '2.0'
68
+ version: 2.3.9
55
69
  - !ruby/object:Gem::Dependency
56
70
  name: bundler
57
71
  requirement: !ruby/object:Gem::Requirement