From 9780e65feb1cac2e72df0c06334c1e50ad74d65c Mon Sep 17 00:00:00 2001 From: zogoo Date: Tue, 21 Jan 2025 18:29:37 +0100 Subject: [PATCH] Use concurrent ruby fixed version for test (#230) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Squash commits for saml_idp gem * [feat] Allow SP config force signature validation (#16) * Allow SP config force signature validation * Allow SP config force signature validation Tested with Slack with Authn request signature option --------- Co-authored-by: zogoo * [feat] Don’t ignore certificates without usage (#17) I have tested with live SAML SP apps and it works fine * Unspecified certifciate from SP metadata --------- Co-authored-by: zogoo * Try with proper way to update helper method (#19) * Set minimum test coverage (#207) * Set minimum test coverage to a very high value for testing * Update minimum coverage to actual current value * Try with proper way to update helper method * Correctly decode and mock with correct REXML class * Drop the min coverage --------- Co-authored-by: Mathieu Jobin Co-authored-by: zogoo * [feat] Collect request validation errors (#18) * wip add error collector * Fix type and rewrite request with proper validation test cases * Lead error render decision to gem user * Validate the certificate's existence before verifying the signature. --------- Co-authored-by: zogoo * Support lowercase percent-encoded sequences for URL encoding (#20) Co-authored-by: zogoo * [fix] Gem CI updates for latest versions (#22) * Remove duplications * Pre-conditions need to be defined in before section * Le's not test logger in here --------- Co-authored-by: zogoo * [fix] Allow IdP set reference ID for SAML response (#21) * Pass ref id as Session Index * Official Rails 8 is not released yet to RubyGem until that let's stick official older version --------- Co-authored-by: zogoo * Support rails 8 for dev env (#23) Co-authored-by: zogoo * Assertion flag should able switchable by application (#24) Co-authored-by: zogoo * concurrent-ruby v1.3.5 has removed the dependency on logger --------- Co-authored-by: zogoo Co-authored-by: Mathieu Jobin --- gemfiles/rails_5.2.gemfile | 1 + gemfiles/rails_6.1.gemfile | 1 + gemfiles/rails_7.0.gemfile | 1 + lib/saml_idp/controller.rb | 5 +---- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/gemfiles/rails_5.2.gemfile b/gemfiles/rails_5.2.gemfile index 92f56759..0d08dd87 100644 --- a/gemfiles/rails_5.2.gemfile +++ b/gemfiles/rails_5.2.gemfile @@ -4,5 +4,6 @@ source "https://rubygems.org" gem "rails", "~> 5.2.4" gem "activeresource", "~> 5.1.0" +gem 'concurrent-ruby', '1.3.4' gemspec path: "../" diff --git a/gemfiles/rails_6.1.gemfile b/gemfiles/rails_6.1.gemfile index 34b89b00..c22c2925 100644 --- a/gemfiles/rails_6.1.gemfile +++ b/gemfiles/rails_6.1.gemfile @@ -4,5 +4,6 @@ source "https://rubygems.org" gem "rails", "~> 6.1.0" gem "activeresource", "~> 5.1.0" +gem 'concurrent-ruby', '1.3.4' gemspec path: "../" diff --git a/gemfiles/rails_7.0.gemfile b/gemfiles/rails_7.0.gemfile index f759cc55..1e30a8f2 100644 --- a/gemfiles/rails_7.0.gemfile +++ b/gemfiles/rails_7.0.gemfile @@ -4,5 +4,6 @@ source "https://rubygems.org" gem "rails", "~> 7.0.0" gem "activeresource", "~> 6.0.0" +gem 'concurrent-ruby', '1.3.4' gemspec path: "../" diff --git a/lib/saml_idp/controller.rb b/lib/saml_idp/controller.rb index 26ebbf29..a8e689f4 100644 --- a/lib/saml_idp/controller.rb +++ b/lib/saml_idp/controller.rb @@ -34,10 +34,7 @@ def acs_url def validate_saml_request(raw_saml_request = params[:SAMLRequest]) decode_request(raw_saml_request, params[:Signature], params[:SigAlg], params[:RelayState]) - return true if valid_saml_request? - - head :forbidden if defined?(::Rails) - false + valid_saml_request? end def decode_request(raw_saml_request, signature, sig_algorithm, relay_state)