Skip to content

Commit

Permalink
Merge remote-tracking branch 'remotes/origin/master' into v2.x
Browse files Browse the repository at this point in the history
  • Loading branch information
johnnyshields committed Jul 9, 2024
2 parents 3e31760 + 6e33ed3 commit cf69b7f
Show file tree
Hide file tree
Showing 5 changed files with 30 additions and 18 deletions.
12 changes: 8 additions & 4 deletions .github/workflows/test.yml
Original file line number Diff line number Diff line change
Expand Up @@ -11,15 +11,22 @@ jobs:
os:
- ubuntu-20.04
- macos-latest
- windows-latest
ruby-version:
- 3.0
- 3.1
- 3.2
- 3.3
- jruby-9.4
- truffleruby
exclude:
- os: windows-latest
ruby-version: jruby-9.4
- os: windows-latest
ruby-version: truffleruby
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v2
- uses: actions/checkout@v4
- name: Set up Ruby ${{ matrix.ruby-version }}
uses: ruby/setup-ruby@v1
with:
Expand All @@ -33,9 +40,6 @@ jobs:

- name: Coveralls
uses: coverallsapp/github-action@master
# 2023/03/07 - Simplecov is not working on TruffleRuby.
# TruffleRuby tests are otherwise passing.
if: ${{ matrix.ruby-version != 'truffleruby' }}
with:
github-token: ${{ secrets.github_token }}
parallel: true
Expand Down
2 changes: 2 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -11,12 +11,14 @@
* [#690](https://github.com/SAML-Toolkits/ruby-saml/pull/690) Remove deprecated `settings.security[:embed_sign]` parameter.

### 1.17.0
* [#687](https://github.com/SAML-Toolkits/ruby-saml/pull/687) Add CI coverage for Ruby 3.3 and Windows.
* [#673](https://github.com/SAML-Toolkits/ruby-saml/pull/673) Add `Settings#sp_cert_multi` paramter to facilitate SP certificate and key rotation.
* [#673](https://github.com/SAML-Toolkits/ruby-saml/pull/673) Support multiple simultaneous SP decryption keys via `Settings#sp_cert_multi` parameter.
* [#673](https://github.com/SAML-Toolkits/ruby-saml/pull/673) Deprecate `Settings#certificate_new` parameter.
* [#673](https://github.com/SAML-Toolkits/ruby-saml/pull/673) `:check_sp_cert_expiration` will use the first non-expired certificate/key when signing/decrypting. It will raise an error only if there are no valid certificates/keys.
* [#673](https://github.com/SAML-Toolkits/ruby-saml/pull/673) `:check_sp_cert_expiration` now validates the certificate `not_before` condition; previously it was only validating `not_after`.
* [#673](https://github.com/SAML-Toolkits/ruby-saml/pull/673) `:check_sp_cert_expiration` now causes the generated SP metadata to exclude any inactive/expired certificates.
* [#691](https://github.com/SAML-Toolkits/ruby-saml/pull/691) Make IdpMetadataParser#get_idp_metadata public.

### 1.16.0 (Oct 09, 2023)
* [#671](https://github.com/SAML-Toolkits/ruby-saml/pull/671) Add support on LogoutRequest with Encrypted NameID
Expand Down
11 changes: 5 additions & 6 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -20,14 +20,13 @@ We created a demo project for Rails 4 that uses the latest version of this libra

### Supported Ruby Versions

* 3.0
* 3.1
* 3.2
* JRuby 9.3
The following Ruby versions are covered by CI testing:

* Ruby (MRI) 3.0 to 3.3
* JRuby 9.4
* TruffleRuby (latest)

For older Ruby support, please refer to older major versions of Ruby SAML.
Older Ruby versions are supported on the 1.x release of Ruby SAML.

## Adding Features, Pull Requests

Expand Down Expand Up @@ -989,4 +988,4 @@ be written entirely in future versions.
## License
RubySaml is made available under the MIT License. Refer to [LICENSE](LICENSE).
Ruby SAML is made available under the MIT License. Refer to [LICENSE](LICENSE).
4 changes: 2 additions & 2 deletions lib/ruby_saml/idp_metadata_parser.rb
Original file line number Diff line number Diff line change
Expand Up @@ -185,8 +185,6 @@ def parse_to_idp_metadata_array(idp_metadata, options = {})
idpsso_descriptors.map {|id| IdpMetadata.new(id, id.parent.attributes["entityID"])}
end

private

# Retrieve the remote IdP metadata from the URL or a cached copy.
# @param url [String] Url where the XML of the Identity Provider Metadata is published.
# @param validate_cert [Boolean] If true and the URL is HTTPs, the cert of the domain is checked.
Expand All @@ -213,6 +211,8 @@ def get_idp_metadata(url, validate_cert)
)
end

private

class IdpMetadata
attr_reader :idpsso_descriptor, :entity_id

Expand Down
19 changes: 13 additions & 6 deletions lib/ruby_saml/utils.rb
Original file line number Diff line number Diff line change
Expand Up @@ -68,13 +68,20 @@ def self.parse_duration(duration, timestamp=Time.now.utc)
sign = matches[1] == '-' ? -1 : 1

durYears, durMonths, durDays, durHours, durMinutes, durSeconds, durWeeks =
matches[2..8].map { |match| match ? sign * match.tr(',', '.').to_f : 0.0 }
matches[2..8].map do |match|
if match
match = match.tr(',', '.').gsub(/\.0*\z/, '')
sign * (match.include?('.') ? match.to_f : match.to_i)
else
0
end
end

initial_datetime = Time.at(timestamp).utc.to_datetime
final_datetime = initial_datetime.next_year(durYears)
final_datetime = final_datetime.next_month(durMonths)
final_datetime = final_datetime.next_day((7*durWeeks) + durDays)
final_datetime.to_time.utc.to_i + (durHours * 3600) + (durMinutes * 60) + durSeconds
datetime = Time.at(timestamp).utc.to_datetime
datetime = datetime.next_year(durYears)
datetime = datetime.next_month(durMonths)
datetime = datetime.next_day((7*durWeeks) + durDays)
datetime.to_time.utc.to_i + (durHours * 3600) + (durMinutes * 60) + durSeconds
end

# Return a properly formatted x509 certificate
Expand Down

0 comments on commit cf69b7f

Please sign in to comment.