Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[READY] Merge master into v2.x (please don't squash commits!) #710

Closed

Conversation

johnnyshields
Copy link
Collaborator

@johnnyshields johnnyshields commented Jul 10, 2024

Please merge this PR without squashing commits so the diff between v2.x and master will be fully caught-up. (This was previously merged here but it was done via squash)

v2.x...master

calebhearth and others added 5 commits July 8, 2024 09:19
I have a use-case for being able to cache the intermediate fetch of
metadata in case of temporary failures, so rather than:

    parser.parse_remote(url)

I'd like to

    begin
      metadata = parser.get_idp_metadata(url, true)
      do_my_caching(metadata)
      parser.parse(metadata)
    rescue HttpError
      load_cache
    end

There's a fair amount of logic in the get_idp_metadata method that I'd
rather not need to re-implement. Right now I have this implemented with
`parser.send(:get_idp_metadata, url, true)` which is obviously not great
if the internals of this class change in the future. Can we move this
method to the public API?
…tadata-public

Make IdpMetadataParser#get_idp_metadata public
…sts-windows

Master: Fix tests on Windows, add Ruby 3.3, and cleanup CI
@johnnyshields johnnyshields changed the title Merge master into v2.x (please don't squash commits!) [READY] Merge master into v2.x (please don't squash commits!) Jul 13, 2024
ahacker1-securesaml and others added 8 commits September 10, 2024 19:12
* Use correct XPaths and resolve to correct elements

* Update xml_security.rb

* Block references that resolve to multiple nodes to prevent signature wrapping attacks
This test warns

    warning: ambiguity between regexp and two divisions: wrap regexp in parentheses or add a space after `/' operator

We can fix this warning by using the %r regex syntax instead
@johnnyshields
Copy link
Collaborator Author

Replaced by #725

@johnnyshields johnnyshields deleted the merge-master-20240711 branch September 30, 2024 21:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

6 participants