Commit a4eff34

mokha <mokha@cisco.com>
2018-03-11 00:06:17
fix rubocop errors.
main
1 parent 0b73599
Changed files (6)
app
controllers
concerns
saml_respondable.rb
sessions_controller.rb
models
bearer_token.rb
idp.rb
Gemfile
Rakefile
app/controllers/concerns/saml_respondable.rb
@@ -2,6 +2,14 @@
 
 module SamlRespondable
   extend ActiveSupport::Concern
+  ALLOWED_SAML_PARAMS = [
+    :RelayState,
+    :SAMLEncoding,
+    :SAMLRequest,
+    :SAMLResponse,
+    :SigAlg,
+    :Signature,
+  ].freeze
 
   def binding_for(binding, location)
     if binding == :http_post
@@ -11,14 +19,15 @@ module SamlRespondable
     end
   end
 
-  def saml_params(allowed_params = [:SAMLRequest, :SAMLResponse, :SAMLEncoding, :SigAlg, :Signature, :RelayState])
+  def saml_params(allowed_params = ALLOWED_SAML_PARAMS)
     @saml_params ||=
       if request.post?
         params.permit(*allowed_params)
       else
         query_string = request.query_string
         on = query_string.include?("&amp;") ? "&amp;" : "&"
-        result = Hash[query_string.split(on).map { |x| x.split("=", 2) }].symbolize_keys
+        result = Hash[query_string.split(on).map { |x| x.split("=", 2) }]
+        result = result.symbolize_keys
         result.select! { |key, _value| allowed_params.include?(key.to_sym) }
         result
       end
app/controllers/sessions_controller.rb
@@ -5,7 +5,9 @@ class SessionsController < ApplicationController
   skip_before_action :authenticate!, only: [:new, :create, :destroy]
 
   def new
-    binding = binding_for(request.post? ? :http_post : :http_redirect, new_session_url)
+    binding = binding_for(
+      request.post? ? :http_post : :http_redirect, new_session_url
+    )
     @saml_request = binding.deserialize(saml_params)
     if @saml_request.valid?
       session[:saml] = { params: saml_params.to_h, xml: @saml_request.to_xml }
@@ -19,7 +21,7 @@ class SessionsController < ApplicationController
 
   def create
     user_params = params.require(:user).permit(:email, :password)
-    if user = User.login(user_params[:email], user_params[:password])
+    if (user = User.login(user_params[:email], user_params[:password]))
       unless session[:saml].present?
         login(user)
         return redirect_to(dashboard_path)
@@ -45,7 +47,9 @@ class SessionsController < ApplicationController
       end
       raise 'Unknown NameId' unless current_user.uuid == saml_request.name_id
 
-      @url, @saml_params = saml_request.response_for(binding: :http_post, relay_state: saml_params[:RelayState]) do |builder|
+      @url, @saml_params = saml_request.response_for(
+        binding: :http_post, relay_state: saml_params[:RelayState]
+      ) do |builder|
         @saml_response_builder = builder
       end
       reset_session
@@ -63,7 +67,9 @@ class SessionsController < ApplicationController
 
   def post_back(saml_request, user)
     relay_state = session[:saml][:params][:RelayState]
-    @url, @saml_params = saml_request.response_for(user, binding: :http_post, relay_state: relay_state) do |builder|
+    @url, @saml_params = saml_request.response_for(
+      user, binding: :http_post, relay_state: relay_state
+    ) do |builder|
       @saml_response_builder = builder
     end
     login(user)
app/models/bearer_token.rb
@@ -11,7 +11,8 @@ class BearerToken
   end
 
   def decode(token)
-    JWT.decode(token, public_key, true, algorithm: 'RS256')[0].with_indifferent_access
+    decoded = JWT.decode(token, public_key, true, algorithm: 'RS256')[0]
+    decoded.with_indifferent_access
   rescue StandardError
     {}
   end
app/models/idp.rb
@@ -3,7 +3,7 @@
 class Idp
   class << self
     def default(request)
-      @idp ||=
+      @default ||=
         begin
           host = "#{request.protocol}#{request.host}:#{request.port}"
           url_helpers = Rails.application.routes.url_helpers
@@ -13,9 +13,15 @@ class Idp
             builder.organization_name = "Acme, Inc"
             builder.organization_url = url_helpers.root_url(host: host)
             builder.build_identity_provider do |x|
-              x.add_single_sign_on_service(url_helpers.new_session_url(host: host), binding: :http_post)
-              x.add_single_sign_on_service(url_helpers.new_session_url(host: host), binding: :http_redirect)
-              x.add_single_logout_service(url_helpers.logout_url(host: host), binding: :http_post)
+              x.add_single_sign_on_service(
+                url_helpers.new_session_url(host: host), binding: :http_post
+              )
+              x.add_single_sign_on_service(
+                url_helpers.new_session_url(host: host), binding: :http_redirect
+              )
+              x.add_single_logout_service(
+                url_helpers.logout_url(host: host), binding: :http_post
+              )
               x.name_id_formats = [
                 Saml::Kit::Namespaces::EMAIL_ADDRESS,
                 Saml::Kit::Namespaces::PERSISTENT,
Gemfile
@@ -33,9 +33,7 @@ gem 'bcrypt', '~> 3.1.7'
 # gem 'capistrano-rails', group: :development
 
 group :development, :test do
-  # Call 'byebug' anywhere in the code to stop execution and get a debugger console
   gem 'byebug', platforms: [:mri, :mingw, :x64_mingw]
-  # Adds support for Capybara system testing and selenium driver
   gem 'capybara', '~> 2.13'
   gem 'factory_bot_rails'
   gem 'ffaker'
Rakefile
@@ -1,8 +1,5 @@
 # frozen_string_literal: true
 
-# Add your own tasks in files placed in lib/tasks ending in .rake,
-# for example lib/tasks/capistrano.rake, and they will automatically be available to Rake.
-
 require_relative 'config/application'
 
 Rails.application.load_tasks