RubyGems - omniauth-saml - Versions diffs - 2.1.0 → 2.2.3 - Mend

omniauth-saml 2.1.0 → 2.2.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +51 -0
data/README.md +4 -4
data/lib/omniauth/strategies/saml.rb +1 -1
data/lib/omniauth-saml/version.rb +1 -1
data/spec/omniauth/strategies/saml_spec.rb +3 -2
metadata +25 -31

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 032f34c12924a5666a189462f819b871c2e321891cbe23b45e56c47acdbfc53c
-  data.tar.gz: 17bb6e9741181862fcb34f3ca0a47084b9805aba71b3dd5dadfb951c7cd20d27
+  metadata.gz: 74e6f8ffd71deca8c0cf5a47561df7c878b200af810dbf893f89677eb49da313
+  data.tar.gz: 217c895d6d946983062dc1f66f362f98aa394c94a8f0267e69e2af9f1555cbc4
 SHA512:
-  metadata.gz: eb87a7392dc23407ab0064b67efd4ffefd9ec3fbbca18b32e96bf973281dffb9477bffc3765d8b4c3e278df7aedca255a95aa03deb44053b33c3cfff5af9435e
-  data.tar.gz: 22daef0cc26447f27023c5dc2e6f816e1f79c57c0538b86ffae0f8a2ea9d08492bc351aa31838ca7b4a272ae577aea3f914a87dba0656e1ac2e098f49f034041
+  metadata.gz: '0825de571d12121384accff0a106c4d76420308d007698632dd2661f030942cc4ed570e649f8b455ddcf2340d9109d26422de44ec3eb36f06978b732023409b4'
+  data.tar.gz: 5229a183ad1d335f01b9de5111293925d5be4d8e461de89e2d5f4924a14939eb4286fe4d307af7c7e5db2b126a0ff495a0c3c9ba064f6d430624f207c25119df

data/CHANGELOG.md CHANGED Viewed

@@ -1,3 +1,54 @@
+<a name="v2.2.3"></a>
+### v2.2.3 (2025-03-12)
+#### Features
+* new release 2.2.3	 ([0d06a3c](/../../commit/0d06a3c))
+#### Bug Fixes
+* bump ruby-saml to 1.18	 ([7a348b4](/../../commit/7a348b4))
+<a name="v2.2.2"></a>
+### v2.2.2 (2025-03-04)
+#### Features
+* log errors on failed logout	 ([23ef364](/../../commit/23ef364))
+<a name="v2.2.1"></a>
+### v2.2.1 (2024-09-11)
+* Fix permission file permissions within published gem (#226)
+<a name="v2.2.0"></a>
+### v2.2.0 (2024-09-10)
+This release fixes:
+* [GHSA-jw9c-mfg7-9rx2](https://github.com/SAML-Toolkits/ruby-saml/security/advisories/GHSA-jw9c-mfg7-9rx2)
+* [GHSA-cvp8-5r8g-fhvq](https://github.com/omniauth/omniauth-saml/security/advisories/GHSA-cvp8-5r8g-fhvq)
+#### Chores
+* use semantic versioning for ruby-saml as per gem build hints ([e17f460](/../../commit/e17f460))
+<a name="v2.1.1"></a>
+### v2.1.1 (2024-09-10)
+#### Chores
+* Add Ruby 3.1 to the CI matrix ([8954310](/../../commit/8954310))
+* Add Ruby 3.2 to CI matrix ([9403366](/../../commit/9403366))
+* Fix copy-pasteability of code example ([3eb8942](/../../commit/3eb8942))
+* bump dependencies and remove ruby eol versions  ([c6fc2db](/../../commit/c6fc2db))
+* Remove old maintainer email from gemspec ([9f6daa](/../../commit/9f6daa))
 <a name="v2.1.0"></a>
 ### v2.1.0 (2022-03-01)

data/README.md CHANGED Viewed

@@ -15,8 +15,8 @@ https://github.com/omniauth/omniauth-saml
 ## Requirements
-* [OmniAuth](http://www.omniauth.org/) 1.3+
-* Ruby 2.4.x+
+* [OmniAuth](http://www.omniauth.org/) 2.1+
+* Ruby 3.1.x+
 ## Versioning
@@ -37,7 +37,7 @@ use OmniAuth::Strategies::SAML,
   :idp_cert_multi                     => {
                                            :signing => ["-----BEGIN CERTIFICATE-----\n...-----END CERTIFICATE-----", "-----BEGIN CERTIFICATE-----\n...-----END CERTIFICATE-----", ...],
                                            :encryption => []
-                                         }
+                                         },
   :idp_cert_fingerprint               => "E7:91:B2:E1:...",
   :idp_cert_fingerprint_validator     => lambda { |fingerprint| fingerprint },
   :name_identifier_format             => "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
@@ -64,7 +64,7 @@ Rails.application.config.middleware.use OmniAuth::Builder do
     :idp_cert_multi                     => {
                                              :signing => ["-----BEGIN CERTIFICATE-----\n...-----END CERTIFICATE-----", "-----BEGIN CERTIFICATE-----\n...-----END CERTIFICATE-----", ...],
                                              :encryption => []
-                                           }
+                                           },
     :idp_cert_fingerprint               => "E7:91:B2:E1:...",
     :idp_cert_fingerprint_validator     => lambda { |fingerprint| fingerprint },
     :name_identifier_format             => "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"

data/lib/omniauth/strategies/saml.rb CHANGED Viewed

@@ -190,7 +190,7 @@ module OmniAuth
           logout_response = OneLogin::RubySaml::SloLogoutresponse.new.create(settings, logout_request_id, nil, RelayState: slo_relay_state)
           redirect(logout_response)
         else
-          raise OmniAuth::Strategies::SAML::ValidationError.new("SAML failed to process LogoutRequest")
+          raise OmniAuth::Strategies::SAML::ValidationError.new("SAML failed to process LogoutRequest (#{logout_request.errors.join(', ')})")
         end
       end

data/lib/omniauth-saml/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 module OmniAuth
   module SAML
-    VERSION = '2.1.0'
+    VERSION = '2.2.3'
   end
 end

data/spec/omniauth/strategies/saml_spec.rb CHANGED Viewed

@@ -346,12 +346,13 @@ describe OmniAuth::Strategies::SAML, :type => :strategy do
       context "when request is an invalid logout request" do
         before :each do
           allow_any_instance_of(OneLogin::RubySaml::SloLogoutrequest).to receive(:is_valid?).and_return(false)
+          allow_any_instance_of(OneLogin::RubySaml::SloLogoutrequest).to receive(:errors).and_return(['Blank logout request'])
         end
         # TODO: Maybe this should not raise an exception, but return some 4xx error instead?
         it "should raise an exception" do
           expect { subject }.
-            to raise_error(OmniAuth::Strategies::SAML::ValidationError, 'SAML failed to process LogoutRequest')
+            to raise_error(OmniAuth::Strategies::SAML::ValidationError, 'SAML failed to process LogoutRequest (Blank logout request)')
         end
       end
@@ -410,7 +411,7 @@ describe OmniAuth::Strategies::SAML, :type => :strategy do
     it 'should get SP metadata page' do
       expect(last_response.status).to eq 200
-      expect(last_response.header["Content-Type"]).to eq "application/xml"
+      expect(last_response.headers["Content-Type"]).to eq "application/xml"
     end
     it 'should configure attributes consuming service' do

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: omniauth-saml
 version: !ruby/object:Gem::Version
-  version: 2.1.0
+  version: 2.2.3
 platform: ruby
 authors:
 - Raecoo Cao
@@ -14,7 +14,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-03-01 00:00:00.000000000 Z
+date: 2025-03-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: omniauth
@@ -22,120 +22,114 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.0'
+        version: '2.1'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.0'
+        version: '2.1'
 - !ruby/object:Gem::Dependency
   name: ruby-saml
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.12'
+        version: '1.18'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.12'
+        version: '1.18'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 12.3.3
+        version: '13.2'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 12.3.3
+        version: '13.2'
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.4'
+        version: '3.13'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.4'
+        version: '3.13'
 - !ruby/object:Gem::Dependency
   name: simplecov
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.11'
+        version: '0.10'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.11'
+        version: '0.10'
 - !ruby/object:Gem::Dependency
   name: rack-test
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.6'
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 0.6.3
+        version: '2.1'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.6'
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 0.6.3
+        version: '2.1'
 - !ruby/object:Gem::Dependency
   name: conventional-changelog
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.2'
+        version: '1.3'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.2'
+        version: '1.3'
 - !ruby/object:Gem::Dependency
   name: coveralls
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.8.23
+        version: '0.8'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.8.23
+        version: '0.8'
 description: A generic SAML strategy for OmniAuth.
-email: rajiv@alum.mit.edu
+email:
 executables: []
 extensions: []
 extra_rdoc_files: []
@@ -161,14 +155,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '2.4'
+      version: '3.1'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.2.32
+rubygems_version: 3.4.19
 signing_key:
 specification_version: 4
 summary: A generic SAML strategy for OmniAuth.