Skip to content

Commit

Permalink
Fix unsafe offenses in production code
Browse files Browse the repository at this point in the history
  • Loading branch information
@tagliala
tagliala committed Jan 9, 2024
1 parent 62f8e0a commit 0af84ee
Show file tree
Hide file tree
Showing 8 changed files with 19 additions and 52 deletions.
3 changes: 3 additions & 0 deletions .rubocop.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,3 +22,6 @@ RSpec/FilePath:
RSpec/SpecFilePathFormat:
CustomTransform:
OmniAuth: omniauth

Style/NumericPredicate:
Enabled: false
48 changes: 0 additions & 48 deletions .rubocop_todo.yml
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 2 additions & 0 deletions lib/omniauth-cas.rb
View file
Original file line number Diff line number Diff line change
@@ -1 +1,3 @@
# frozen_string_literal: true

require 'omniauth/cas'
2 changes: 2 additions & 0 deletions lib/omniauth/cas.rb
View file
Original file line number Diff line number Diff line change
@@ -1,2 +1,4 @@
# frozen_string_literal: true

require 'omniauth/cas/version'
require 'omniauth/strategies/cas'
2 changes: 2 additions & 0 deletions lib/omniauth/cas/version.rb
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,5 @@
# frozen_string_literal: true

module OmniAuth
module Cas
VERSION = '3.0.0'
Expand Down
8 changes: 5 additions & 3 deletions lib/omniauth/strategies/cas.rb
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,5 @@
# frozen_string_literal: true

require 'omniauth'
require 'addressable/uri'

Expand Down Expand Up @@ -48,7 +50,7 @@ class InvalidCASTicket < StandardError; end
option :phone_key, 'phone'

# As required by https://github.com/intridea/omniauth/wiki/Auth-Hash-Schema
AuthHashSchemaKeys = %w[name email nickname first_name last_name location image phone]
AuthHashSchemaKeys = %w[name email nickname first_name last_name location image phone].freeze
info do
prune!({
name: raw_info[options[:name_key].to_s],
Expand Down Expand Up @@ -104,7 +106,7 @@ def request_phase
end

def on_sso_path?
request.post? && request.params.has_key?('logoutRequest')
request.post? && request.params.key?('logoutRequest')
end

def single_sign_out_phase
Expand Down Expand Up @@ -177,7 +179,7 @@ def login_url(service)
#
# @return [String] the new joined URL.
def append_params(base, params)
params = params.each { |_k, v| v = Rack::Utils.escape(v) }
params = params.each_value { |v| Rack::Utils.escape(v) }
Addressable::URI.parse(base).tap do |base_uri|
base_uri.query_values = (base_uri.query_values || {}).merge(params)
end.to_s
Expand Down
2 changes: 2 additions & 0 deletions lib/omniauth/strategies/cas/logout_request.rb
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,5 @@
# frozen_string_literal: true

module OmniAuth
module Strategies
class CAS
Expand Down
4 changes: 3 additions & 1 deletion lib/omniauth/strategies/cas/service_ticket_validator.rb
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,5 @@
# frozen_string_literal: true

require 'net/http'
require 'net/https'
require 'nokogiri'
Expand All @@ -6,7 +8,7 @@ module OmniAuth
module Strategies
class CAS
class ServiceTicketValidator
VALIDATION_REQUEST_HEADERS = { 'Accept' => '*/*' }
VALIDATION_REQUEST_HEADERS = { 'Accept' => '*/*' }.freeze

attr_reader :success_body

Expand Down

0 comments on commit 0af84ee

Please sign in to comment.