Gems - omniauth-saml - Versions diffs - 1.8.1 → 1.9.0 - Diffend - OSS supply chain security and management platform

omniauth-saml 1.8.1 → 1.9.0

This version of omniauth-saml might be problematic. Click here for more details.

Files changed (5) hide show

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 64a62290bdbae1a6f33c67204014e5e630765689
-  data.tar.gz: ea6ffc77a6943da6a7c7b80cafec26dae7e2b59b
+  metadata.gz: a3895e66de86a36af32ed2a4307562e1d549d69a
+  data.tar.gz: 413848e6bdb2dc31758a1b60f5aeae811afb9b2c
 SHA512:
-  metadata.gz: 8923e8d535ef1debb0473e4b9a80cc3e382c4ae60cff00c22ea7d554b7ab6f9c8d0046787cd8c197ab3a31188127198c0ecbf418b324c43a7dc21a6fed35427c
-  data.tar.gz: ce61b44b7d132885efe4c8d6e07bb9adb5a941ba8b1bf7c80249dd5fa64be21fc5f8f3c501441972457335ee837971a009099a70cc5c89b4242b7abf17e40aa4
+  metadata.gz: f27b3b76a2859c680bdc446b0f678616b43cd2d2e1896bba9297d673e00689c25e55170b1f2a4ea021653704bff92f7885df322518100431c3ac50ef97271782
+  data.tar.gz: 0f0e9056f26ff234e92e000c9a360e12038b8c25e7ae56599eda22b7eb06a8434befbe85ec564d388d9fb0396f3b329db7e66c9bb69ff70afc3ff5bcfa008350

data/CHANGELOG.md CHANGED

@@ -1,3 +1,12 @@
+<a name="v1.9.0"></a>
+### v1.9.0 (2018-01-29)
+#### Bug Fixes
+* Update omniauth gem to 1.3.2 or later 1.3.x	 ([b6bb425](/../../commit/b6bb425))
 <a name="v1.8.1"></a>
 ### v1.8.1 (2017-06-22)

@@ -1,5 +1,5 @@
 module OmniAuth
   module SAML
-    VERSION = '1.8.1'
+    VERSION = '1.9.0'
   end
 end

@@ -87,6 +87,34 @@ describe OmniAuth::Strategies::SAML, :type => :strategy do
         end
       end
     end
+    context 'when authn request signing is requested' do
+      subject { get '/auth/saml' }
+      let(:private_key) { OpenSSL::PKey::RSA.new 2048 }
+      before do
+        saml_options[:compress_request] = false
+        saml_options[:private_key] = private_key.to_pem
+        saml_options[:security] = {
+          authn_requests_signed: true,
+          signature_method: XMLSecurity::Document::RSA_SHA256
+        }
+      end
+      it 'should sign the request' do
+        is_expected.to be_redirect
+        location = URI.parse(last_response.location)
+        query = Rack::Utils.parse_query location.query
+        expect(query).to have_key('SAMLRequest')
+        expect(query).to have_key('Signature')
+        expect(query).to have_key('SigAlg')
+        expect(query['SigAlg']).to eq XMLSecurity::Document::RSA_SHA256
+      end
+    end
   end
   describe 'POST /auth/saml/callback' do

metadata CHANGED

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: omniauth-saml
 version: !ruby/object:Gem::Version
-  version: 1.8.1
+  version: 1.9.0
 platform: ruby
 authors:
 - Raecoo Cao
@@ -14,7 +14,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2017-06-22 00:00:00.000000000 Z
+date: 2018-01-31 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: omniauth
@@ -23,6 +23,9 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '1.3'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.3.2
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -30,6 +33,9 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '1.3'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.3.2
 - !ruby/object:Gem::Dependency
   name: ruby-saml
   requirement: !ruby/object:Gem::Requirement
@@ -172,5 +178,5 @@ signing_key:
 specification_version: 4
 summary: A generic SAML strategy for OmniAuth.
 test_files:
-- spec/omniauth/strategies/saml_spec.rb
 - spec/spec_helper.rb
+- spec/omniauth/strategies/saml_spec.rb