Draft
Conversation
* Allow SP config force signature validation * Allow SP config force signature validation Tested with Slack with Authn request signature option --------- Co-authored-by: zogoo <ch.tsogbadrakh@gmail.com>
I have tested with live SAML SP apps and it works fine * Unspecified certifciate from SP metadata --------- Co-authored-by: zogoo <ch.tsogbadrakh@gmail.com>
* Set minimum test coverage (saml-idp#207) * Set minimum test coverage to a very high value for testing * Update minimum coverage to actual current value * Try with proper way to update helper method * Correctly decode and mock with correct REXML class * Drop the min coverage --------- Co-authored-by: Mathieu Jobin <majobin@mdsol.com> Co-authored-by: zogoo <ch.tsogbadrakh@gmail.com>
* wip add error collector * Fix type and rewrite request with proper validation test cases * Lead error render decision to gem user * Validate the certificate's existence before verifying the signature. --------- Co-authored-by: zogoo <ch.tsogbadrakh@gmail.com>
Co-authored-by: zogoo <ch.tsogbadrakh@gmail.com>
* Remove duplications * Pre-conditions need to be defined in before section * Le's not test logger in here --------- Co-authored-by: zogoo <ch.tsogbadrakh@gmail.com>
* Pass ref id as Session Index * Official Rails 8 is not released yet to RubyGem until that let's stick official older version --------- Co-authored-by: zogoo <ch.tsogbadrakh@gmail.com>
Co-authored-by: zogoo <ch.tsogbadrakh@gmail.com>
Co-authored-by: zogoo <ch.tsogbadrakh@gmail.com>
Co-authored-by: zogoo <ch.tsogbadrakh@gmail.com>
* Signable logic with given certificate information * Update unit test with new test certificate * Assertion builder with certificate attribute * Response builder with ceritificate * Use directly provided cert and pv key * Remove config dependency from low layer logics * Use correct attribute name * Remove config dependency from low level logics * Remove config dependency from low level logics and fix test * Revert Proc approach * Switchable assertion signature flag (saml-idp#228) Co-authored-by: zogoo <ch.tsogbadrakh@gmail.com> * MetadataBuilder uses custom configurator (#25) Co-authored-by: Andrea Lorenzetti <64900248+andnoz@users.noreply.github.com> * Use concurrent ruby fixed version for test (saml-idp#230) * Squash commits for saml_idp gem * [feat] Allow SP config force signature validation (#16) * Allow SP config force signature validation * Allow SP config force signature validation Tested with Slack with Authn request signature option --------- Co-authored-by: zogoo <ch.tsogbadrakh@gmail.com> * [feat] Don’t ignore certificates without usage (#17) I have tested with live SAML SP apps and it works fine * Unspecified certifciate from SP metadata --------- Co-authored-by: zogoo <ch.tsogbadrakh@gmail.com> * Try with proper way to update helper method (#19) * Set minimum test coverage (saml-idp#207) * Set minimum test coverage to a very high value for testing * Update minimum coverage to actual current value * Try with proper way to update helper method * Correctly decode and mock with correct REXML class * Drop the min coverage --------- Co-authored-by: Mathieu Jobin <majobin@mdsol.com> Co-authored-by: zogoo <ch.tsogbadrakh@gmail.com> * [feat] Collect request validation errors (#18) * wip add error collector * Fix type and rewrite request with proper validation test cases * Lead error render decision to gem user * Validate the certificate's existence before verifying the signature. --------- Co-authored-by: zogoo <ch.tsogbadrakh@gmail.com> * Support lowercase percent-encoded sequences for URL encoding (#20) Co-authored-by: zogoo <ch.tsogbadrakh@gmail.com> * [fix] Gem CI updates for latest versions (#22) * Remove duplications * Pre-conditions need to be defined in before section * Le's not test logger in here --------- Co-authored-by: zogoo <ch.tsogbadrakh@gmail.com> * [fix] Allow IdP set reference ID for SAML response (#21) * Pass ref id as Session Index * Official Rails 8 is not released yet to RubyGem until that let's stick official older version --------- Co-authored-by: zogoo <ch.tsogbadrakh@gmail.com> * Support rails 8 for dev env (#23) Co-authored-by: zogoo <ch.tsogbadrakh@gmail.com> * Assertion flag should able switchable by application (#24) Co-authored-by: zogoo <ch.tsogbadrakh@gmail.com> * concurrent-ruby v1.3.5 has removed the dependency on logger --------- Co-authored-by: zogoo <ch.tsogbadrakh@gmail.com> Co-authored-by: Mathieu Jobin <majobin@mdsol.com> --------- Co-authored-by: zogoo <ch.tsogbadrakh@gmail.com> Co-authored-by: Massimo Zappino <99500013+mzappino-noz@users.noreply.github.com> Co-authored-by: Andrea Lorenzetti <64900248+andnoz@users.noreply.github.com> Co-authored-by: Mathieu Jobin <majobin@mdsol.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
One of the required features is the SLO request from IdP. However, the "SamlIdp::LogoutRequestBuilder" class was not found in the controller.