FYI: I rebuilt the gem and released with a 2#1
Open
pboling wants to merge 312 commits intogrosser:masterfrom
Open
FYI: I rebuilt the gem and released with a 2#1pboling wants to merge 312 commits intogrosser:masterfrom
pboling wants to merge 312 commits intogrosser:masterfrom
Conversation
revert serializer changes
If an AX attribute is set to boolean(true) value it results in undefined method `gsub' for true:TrueClass error. If it's set to false then its replaced by empty string resulting in to signature mismatch on the consumer, because the server still computes false AX value. Fix is to set val to empty string if it's nil and if it's boolean type then convert it to string.
OpenId::OpenIDServiceEndpoint and OpenID::Consumer::DiscoveredServices objects are lost when these store into the session. These objects change to Hash object before storing into session.
This avoids an error I was getting while parsing http://localhost:8095/foo `invalid value for Integer(): ":"`
Objects change to Hash object before storing into session.
Handle AX boolean value properly
More safely build filenames
Drop Ruby 1.9.2 from Travis, since this has issues with the latest verison of Minitest, and Ruby 1.9.2 is not supported upstream any more. Remove admin/runtest.rb, since this is deprecated in favor of simply running "rake" to execute the test suite.
The default values of body and headers ought to be "nil", but in fact they end up as the string "0" in test_redirect_limit. This causes all sorts of problems. When body is defined as "0", we follow the conditional that leads us to conn.request_post instead of conn.request_get, and request_post crashes since it expects a key-value string instead of simply "0". The unexpected string for the headers variable wreaks havoc as well; when headers is "0", the hash value assignment at the beginning of fetch() fails, because Ruby can't convert the string to a hash. I'm not sure why these values are "0" instead of nil, but setting them explicitly during the call fixes the bug.
test_no_services() makes use of the with_method_overridden() function. Depending on the order in which the tests ran, this function might or might not be present.
Switch to Minitest, and misc test cleanups
When checking if `Digest::HMAC` is defined, we should not check ancestors, we're only interested if `HMAC` is defined on `Digest`. This will fix an issue in Ruby 2.2 where `Digest::HMAC` has been removed, but the current check will result in the `Digest` library trying to load `digest/hmac` in `Digest.const_missing` and thus causing an error.
Avoid checking ancestors for constant
The Digest::HMAC was an experimental implementation and has been removed from the latest Ruby version (2.2).
Conflicts: test/test_extras.rb
Removed custom String#starts_with? and #ends_with?
Since we changed from `Digest::HMAC` to `OpenSSL::HMAC`, we should check for if `OpenSSL` is loaded, and then we can safely assume that `HMAC` is available. Before `Digest` was always defined, so we had to check if it had loaded its submodules.
From Ruby 2.2 the default `URI.parse` method uses a new RFC 3986 compatible parser, which will parse most of the “invalid” URLs in the trustroot test.
Now you can run all test files individually, because each now correctly requires everything it needs.
An explicit return inside a Proc can return from the current scope. This fixes an issue with the test exiting before all tests are run.
This test became obsolete after openid#61 was merged, since the code now uses Ruby's build in `String#start_with?` rather than a custom implementation.
Use HMAC from OpenSSL rather than Digest.
Use RFC 2396 compatible URI parser for trustroot.
- Ruby 3.5 may remove cgi from std lib - See: https://bugs.ruby-lang.org/issues/21258
Improve CI Setup
Remove HTML Coverage export
Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 5. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v4...v5) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
…ions/checkout-5
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3 to 4. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@v3...v4) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [actions/checkout](https://github.com/actions/checkout) from 5 to 6. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v5...v6) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
…ions/checkout-6
There was a problem hiding this comment.
Pull request overview
This PR releases a new major version (3.1.0) of the ruby-openid2 gem, representing a rebuild and rerelease to pick up compatibility fixes for Ruby 2.7+ and Rails 5+. The changes include regenerated documentation files, version configuration, and release artifact checksums.
- Regenerates YARD documentation files for API documentation
- Adds version management configuration (.tool-versions)
- Includes gem checksums for release verification
Reviewed changes
Copilot reviewed 77 out of 463 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
| docs/OpenID/**/*.html | Regenerated YARD API documentation for OpenID classes and modules |
| checksums/.sha | Checksums for verifying the 3.1.0 gem release artifact |
| .tool-versions | Specifies Ruby 3.4.4 as the project's Ruby version |
Files not reviewed (7)
- .idea/GitLink.xml: Language not supported
- .idea/dbnavigator.xml: Language not supported
- .idea/git_toolbox_prj.xml: Language not supported
- .idea/misc.xml: Language not supported
- .idea/ruby-openid2.iml: Language not supported
- .idea/vcs.xml: Language not supported
- .idea/workspace.xml: Language not supported
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
…hub/codeql-action-4
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
20 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Needed to pickup all the Ruby 2.7+ and Rails 5+ fixes from the fork network, and add working CI (GitHub Actions) in a very short period of time. Not expecting this to be merged, but happy to talk about how we could merge the work.
This repo used to be at the openid org, but that org archived their repo ~a year ago, so this repo is the closest thing to canonical as we have.