omniauth-suomifi 0.7.0 → 0.8.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: bc0704db48f42ecbc14c86e3e629e611b535b427cfd23ee9d0363545d12f0ee7
-  data.tar.gz: e895872a3b621fa5e7a3fe61b45156c8ce12b05abdc55b962dd2a3d4a5e7df8b
+  metadata.gz: 73fe21e9c9621ccdf65ff05a986ed1c078cd4e4e8bae541d85441713a8df12dc
+  data.tar.gz: 73a64e776f800ac6bc69a956c5e8e7b37ad4f95a497a43367ba583c82a1688eb
 SHA512:
-  metadata.gz: 4f4c2d1ffb1e80a120a832aae423ead500d3a725be94bbd776127c28892d02a70ab4f8748e0ff01a95fba14f8747b8742c63b33f49b35867add4970bbe812cba
-  data.tar.gz: 30dc8039e91aa1e6def01027596e47a060ef190fedcc68537b7c1ad0496a4e8d87efa38d2b03084744cc976adfa7e5353509814549dc95ebf3af2d5b61b8a663
+  metadata.gz: 6e361fa187b5f6a3f91b30255eddc0d936079b5f0f0909ddf2d7a0b94cfda4bdd2175de2beac6b705ccb1868004d5ad6a34030b6556a0d02c7e6bb8c28d1b900
+  data.tar.gz: 0f31b85bfe3c9cba91819bcc1466ac313b52d850c9bcb18137431b087fb922b3a0a594c9a7372845fb86cef77ecac4002abc89b50b54d7c483541b32711b57cf

data/lib/omniauth/strategies/suomifi.rb

@@ -458,7 +458,7 @@ module OmniAuth
         eidas_id = find_attribute_by(
           ['http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier']
         )
-        hash_salt = begin
+        hash_salt =
           if options.uid_salt
             options.uid_salt
           elsif defined?(::Rails) && ::Rails.application
@@ -466,14 +466,13 @@ module OmniAuth
           else
             ''
           end
-        end
 
         if !electronic_id.nil?
-          'FINUID:' + electronic_id
+          "FINUID:#{electronic_id}"
         elsif !national_id.nil?
-          'FIHETU:' + Digest::MD5.hexdigest("FI:#{national_id}:#{hash_salt}")
+          "FIHETU:#{Digest::MD5.hexdigest("FI:#{national_id}:#{hash_salt}")}"
         elsif !eidas_id.nil?
-          'EIDASPID:' + Digest::MD5.hexdigest("EIDAS:#{eidas_id}:#{hash_salt}")
+          "EIDASPID:#{Digest::MD5.hexdigest("EIDAS:#{eidas_id}:#{hash_salt}")}"
         else
           @name_id
         end
@@ -491,6 +490,7 @@ module OmniAuth
       attr_accessor :options
       attr_reader :suomifi_thread
 
+      # rubocop:disable Metrics/MethodLength
       def initialize(app, *args, &block)
         super
 
@@ -520,6 +520,7 @@ module OmniAuth
           )
         end
       end
+      # rubocop:enable Metrics/MethodLength
 
       # Override the request phase to be able to pass the locale parameter to
       # the redirect URL. Note that this needs to be the last parameter to
@@ -572,7 +573,7 @@ module OmniAuth
       # storing the Suomi.fi sessions in a database and then comparing the SAML
       # uid of the SLO request to the values stored witin the database to log
       # out the user who requested the logout. There is no other way to transfer
-      # this information from the
+      # this information from the SLO page.
       #
       # The default functionality within the `omniauth-saml` strategy relies on
       # the session variables to compare the SAML uid during the SLO request but
@@ -583,16 +584,16 @@ module OmniAuth
         # application itself. If not, the code below calls the application which
         # can do the validation against the database where the sessions are
         # stored.
-        return super if session["saml_uid"]
+        return super if session['saml_uid']
 
         # Otherwise, the application itself needs to handle the logout because
         # this is not happening within the same session that the user has
         # currently open at the website.
         logout_request = OneLogin::RubySaml::SloLogoutrequest.new(
           raw_request,
-          { settings: settings, get_params: @request.params }
+          {settings: settings, get_params: @request.params}
         )
-        raise OmniAuth::Strategies::SAML::ValidationError.new("SAML failed to process LogoutRequest") unless logout_request.is_valid?
+        raise OmniAuth::Strategies::SAML::ValidationError.new('SAML failed to process LogoutRequest') unless logout_request.is_valid?
 
         @env['omniauth.saml_request'] = logout_request
 
@@ -665,6 +666,7 @@ module OmniAuth
         end
       end
 
+      # rubocop:disable Metrics/MethodLength
       def suomifi_options
         idp_metadata_parser = OneLogin::RubySaml::IdpMetadataParser.new
 
@@ -705,6 +707,7 @@ module OmniAuth
 
         settings
       end
+      # rubocop:enable Metrics/MethodLength
 
       # This will return true if the VTJ search (population information system,
       # väestötietojärjestelmä) was successful and information about the person

data/lib/omniauth-suomifi/ruby_saml_extensions.rb

@@ -28,6 +28,7 @@ OneLogin::RubySaml::Utils.class_eval do
   # @param symmetric_key [String] The symetric key used to encrypt the text
   # @param algorithm [String]     The encrypted algorithm
   # @return [String] The deciphered text
+  # rubocop:disable Metrics/CyclomaticComplexity, Metrics/PerceivedComplexity, Metrics/MethodLength
   def self.retrieve_plaintext(cipher_text, symmetric_key, algorithm)
     case algorithm
     when 'http://www.w3.org/2001/04/xmlenc#tripledes-cbc' then cipher = OpenSSL::Cipher.new('DES-EDE3-CBC').decrypt
@@ -43,7 +44,7 @@ OneLogin::RubySaml::Utils.class_eval do
 
     if cipher
       iv_len = cipher.iv_len
-      data = cipher_text[iv_len..-1]
+      data = cipher_text[iv_len..]
       cipher.padding = 0
       cipher.key = symmetric_key
       cipher.iv = cipher_text[0..iv_len - 1]
@@ -58,7 +59,7 @@ OneLogin::RubySaml::Utils.class_eval do
       auth_cipher.key = symmetric_key
       auth_cipher.iv = cipher_text[0..iv_len - 1]
       auth_cipher.auth_data = ''
-      auth_cipher.auth_tag = cipher_text[text_len - tag_len..-1]
+      auth_cipher.auth_tag = cipher_text[text_len - tag_len..]
       assertion_plaintext = auth_cipher.update(data)
       assertion_plaintext << auth_cipher.final
     elsif rsa
@@ -69,4 +70,5 @@ OneLogin::RubySaml::Utils.class_eval do
       cipher_text
     end
   end
+  # rubocop:enable Metrics/CyclomaticComplexity, Metrics/PerceivedComplexity, Metrics/MethodLength
 end

data/lib/omniauth-suomifi/test/certificate_generator.rb

@@ -17,14 +17,14 @@ module OmniAuth
             cert = OpenSSL::X509::Certificate.new
             cert.subject = cert.issuer = OpenSSL::X509::Name.parse(subject)
             cert.not_before = Time.now
-            cert.not_after = Time.now + 365 * 24 * 60 * 60
+            cert.not_after = Time.now + (365 * 24 * 60 * 60)
             cert.public_key = public_key
             cert.serial = 0x0
             cert.version = 2
 
             inject_certificate_extensions(cert)
 
-            cert.sign(private_key, OpenSSL::Digest::SHA1.new)
+            cert.sign(private_key, OpenSSL::Digest.new('SHA1'))
 
             cert
           end

data/lib/omniauth-suomifi/test/xml_encryptor.rb

@@ -33,7 +33,7 @@ module OmniAuth
         end
 
         def self.encrypted_xml(raw_xml_file, cert, sign_cert, sign_key)
-          raw_xml = IO.read(raw_xml_file)
+          raw_xml = File.read(raw_xml_file)
           encrypted_xml_from_string(raw_xml, cert, sign_cert, sign_key)
         end
 
@@ -53,7 +53,7 @@ module OmniAuth
           template_path = Utility.template_filepath(
             'encrypted_data_template.xml'
           )
-          template_io = IO.read(template_path)
+          template_io = File.read(template_path)
 
           Nokogiri::XML::Document.parse(template_io).root
         end

data/lib/omniauth-suomifi/version.rb

@@ -2,6 +2,6 @@
 
 module OmniAuth
   module Suomifi
-    VERSION = '0.7.0'
+    VERSION = '0.8.0'
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: omniauth-suomifi
 version: !ruby/object:Gem::Version
-  version: 0.7.0
+  version: 0.8.0
 platform: ruby
 authors:
 - Antti Hukkanen
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2024-02-08 00:00:00.000000000 Z
+date: 2024-09-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: omniauth-saml
@@ -16,118 +16,112 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.0'
+        version: '2.1'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.0'
+        version: '2.1'
 - !ruby/object:Gem::Dependency
   name: ruby-saml
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.13.0
+        version: '1.17'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.13.0
+        version: '1.17'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '13.0'
+        version: '13.1'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '13.0'
+        version: '13.1'
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.9'
+        version: '3.13'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.9'
+        version: '3.13'
 - !ruby/object:Gem::Dependency
   name: rack-test
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.1.0
+        version: 2.1.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.1.0
+        version: 2.1.0
 - !ruby/object:Gem::Dependency
   name: webmock
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.6'
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 3.6.2
+        version: '3.20'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.6'
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 3.6.2
+        version: '3.20'
 - !ruby/object:Gem::Dependency
   name: xmlenc
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.7.1
+        version: 0.8.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.7.1
+        version: 0.8.0
 - !ruby/object:Gem::Dependency
   name: simplecov
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.19.0
+        version: 0.22.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.19.0
+        version: 0.22.0
 description: Suomi.fi e-Identification service integration for OmniAuth.
 email:
 - antti.hukkanen@mainiotech.fi
@@ -150,7 +144,8 @@ files:
 homepage: https://github.com/mainio/omniauth-suomifi
 licenses:
 - MIT
-metadata: {}
+metadata:
+  rubygems_mfa_required: 'true'
 post_install_message: 
 rdoc_options: []
 require_paths:
@@ -159,7 +154,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '2.5'
+      version: '2.6'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="