omniauth-saml 1.8.1 → 1.9.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.


This version of omniauth-saml might be problematic. Click here for more details.

checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 64a62290bdbae1a6f33c67204014e5e630765689
4
- data.tar.gz: ea6ffc77a6943da6a7c7b80cafec26dae7e2b59b
3
+ metadata.gz: a3895e66de86a36af32ed2a4307562e1d549d69a
4
+ data.tar.gz: 413848e6bdb2dc31758a1b60f5aeae811afb9b2c
5
5
  SHA512:
6
- metadata.gz: 8923e8d535ef1debb0473e4b9a80cc3e382c4ae60cff00c22ea7d554b7ab6f9c8d0046787cd8c197ab3a31188127198c0ecbf418b324c43a7dc21a6fed35427c
7
- data.tar.gz: ce61b44b7d132885efe4c8d6e07bb9adb5a941ba8b1bf7c80249dd5fa64be21fc5f8f3c501441972457335ee837971a009099a70cc5c89b4242b7abf17e40aa4
6
+ metadata.gz: f27b3b76a2859c680bdc446b0f678616b43cd2d2e1896bba9297d673e00689c25e55170b1f2a4ea021653704bff92f7885df322518100431c3ac50ef97271782
7
+ data.tar.gz: 0f0e9056f26ff234e92e000c9a360e12038b8c25e7ae56599eda22b7eb06a8434befbe85ec564d388d9fb0396f3b329db7e66c9bb69ff70afc3ff5bcfa008350
@@ -1,3 +1,12 @@
1
+ <a name="v1.9.0"></a>
2
+ ### v1.9.0 (2018-01-29)
3
+
4
+
5
+ #### Bug Fixes
6
+
7
+ * Update omniauth gem to 1.3.2 or later 1.3.x ([b6bb425](/../../commit/b6bb425))
8
+
9
+
1
10
  <a name="v1.8.1"></a>
2
11
  ### v1.8.1 (2017-06-22)
3
12
 
@@ -1,5 +1,5 @@
1
1
  module OmniAuth
2
2
  module SAML
3
- VERSION = '1.8.1'
3
+ VERSION = '1.9.0'
4
4
  end
5
5
  end
@@ -87,6 +87,34 @@ describe OmniAuth::Strategies::SAML, :type => :strategy do
87
87
  end
88
88
  end
89
89
  end
90
+
91
+ context 'when authn request signing is requested' do
92
+ subject { get '/auth/saml' }
93
+
94
+ let(:private_key) { OpenSSL::PKey::RSA.new 2048 }
95
+
96
+ before do
97
+ saml_options[:compress_request] = false
98
+
99
+ saml_options[:private_key] = private_key.to_pem
100
+ saml_options[:security] = {
101
+ authn_requests_signed: true,
102
+ signature_method: XMLSecurity::Document::RSA_SHA256
103
+ }
104
+ end
105
+
106
+ it 'should sign the request' do
107
+ is_expected.to be_redirect
108
+
109
+ location = URI.parse(last_response.location)
110
+ query = Rack::Utils.parse_query location.query
111
+ expect(query).to have_key('SAMLRequest')
112
+ expect(query).to have_key('Signature')
113
+ expect(query).to have_key('SigAlg')
114
+
115
+ expect(query['SigAlg']).to eq XMLSecurity::Document::RSA_SHA256
116
+ end
117
+ end
90
118
  end
91
119
 
92
120
  describe 'POST /auth/saml/callback' do
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: omniauth-saml
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.8.1
4
+ version: 1.9.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Raecoo Cao
@@ -14,7 +14,7 @@ authors:
14
14
  autorequire:
15
15
  bindir: bin
16
16
  cert_chain: []
17
- date: 2017-06-22 00:00:00.000000000 Z
17
+ date: 2018-01-31 00:00:00.000000000 Z
18
18
  dependencies:
19
19
  - !ruby/object:Gem::Dependency
20
20
  name: omniauth
@@ -23,6 +23,9 @@ dependencies:
23
23
  - - "~>"
24
24
  - !ruby/object:Gem::Version
25
25
  version: '1.3'
26
+ - - ">="
27
+ - !ruby/object:Gem::Version
28
+ version: 1.3.2
26
29
  type: :runtime
27
30
  prerelease: false
28
31
  version_requirements: !ruby/object:Gem::Requirement
@@ -30,6 +33,9 @@ dependencies:
30
33
  - - "~>"
31
34
  - !ruby/object:Gem::Version
32
35
  version: '1.3'
36
+ - - ">="
37
+ - !ruby/object:Gem::Version
38
+ version: 1.3.2
33
39
  - !ruby/object:Gem::Dependency
34
40
  name: ruby-saml
35
41
  requirement: !ruby/object:Gem::Requirement
@@ -172,5 +178,5 @@ signing_key:
172
178
  specification_version: 4
173
179
  summary: A generic SAML strategy for OmniAuth.
174
180
  test_files:
175
- - spec/omniauth/strategies/saml_spec.rb
176
181
  - spec/spec_helper.rb
182
+ - spec/omniauth/strategies/saml_spec.rb