Skip to content
Snippets Groups Projects
  1. Mar 19, 2024
  2. Dec 29, 2022
  3. Dec 14, 2022
  4. Feb 08, 2022
  5. Jan 05, 2022
  6. Jan 04, 2022
    • David Taylor's avatar
      DEV: Avoid storing state in the SAMLAuthenticator instance (#61) · b486bfdb
      David Taylor authored
      There is only one SAMLAuthenticator instance per-process. Storing user-specific state in it is risky (although, in our default unicorn-based config, is unlikely to cause issues because we only handle one concurrent request per process).
      
      This commit also updates our implementation to use the built-in `#single` and `#multi` methods provided by the SAML gem. This avoids the need for our custom `&.first`, `&.split` and `&.join` implementation.
      b486bfdb
  7. Dec 29, 2021
  8. Dec 23, 2021
  9. Dec 10, 2021
  10. Dec 09, 2021
  11. Dec 08, 2021
    • David Taylor's avatar
      DEV: Move `saml_request_method` handling into the OmniAuth strategy (#44) · 95ccea3f
      David Taylor authored
      Putting this logic into the omniauth strategy is much cleaner because:
      - we no longer need a Rails controller and the associated `custom_url` parameter
      - we can re-use the `authn_request` instance which is automatically generated by the omniauth strategy, rather than re-implementing that logic
      - the behavior is decided at runtime, rather than during initialization. This makes it testable, and is another step on the way to making the plugin multisite-compatible
      
      This commit also introduces a spec for the feature.
      95ccea3f
    • David Taylor's avatar
      DEV: Configure Omniauth strategy at runtime (#43) · 12cae03c
      David Taylor authored
      This will allow much easier testing of the strategy, and is one more step towards making the SAML plugin multisite-compatible
      12cae03c
  12. Dec 07, 2021
    • David Taylor's avatar
      FIX: Update name selection logic (#42) · 9b079332
      David Taylor authored
      For `name`, the previous intention was to use the `fullName` attribute, and then fallback to "firstname lastname". However, a bug in the implementation meant that the `fullName` was skipped.
      
      This commit updates the logic to lean on omniauth-saml's attribute_statements for the fullName, firstName and lastName attributes, and also updates the priority logic so that fullName is indeed prioritized.
      9b079332
  13. Dec 06, 2021
  14. Oct 27, 2021
  15. Oct 21, 2021
  16. Jul 27, 2021
  17. Jul 23, 2021
  18. Nov 12, 2020
  19. Jun 05, 2020
  20. Apr 29, 2020
  21. Apr 23, 2020
  22. Apr 17, 2020
  23. Apr 07, 2020
  24. Jan 07, 2020
  25. Nov 27, 2019
  26. Nov 25, 2019
  27. Nov 18, 2019
  28. Nov 13, 2019
  29. Jun 26, 2019
  30. Mar 21, 2019
  31. Dec 19, 2018
Loading