Commit 3a88047
Changed files (8)
lib/saml/kit/configuration.rb
@@ -93,7 +93,7 @@ module Saml
# Returns true if there is at least one signing certificate registered.
def sign?
- certificates(use: :signing).any?
+ @sign ||= certificates(use: :signing).any?
end
private
lib/saml/kit/service_provider_metadata.rb
@@ -2,6 +2,9 @@
module Saml
module Kit
+ # This class represents a
+ # SPSSODescriptor element in a
+ # SAML metadata document.
# {include:file:spec/examples/service_provider_metadata_spec.rb}
class ServiceProviderMetadata < Metadata
def initialize(xml)
lib/saml/kit/signature.rb
@@ -2,6 +2,9 @@
module Saml
module Kit
+ # This class is responsible for
+ # validating an xml digital signature
+ # in an xml document.
class Signature
include ActiveModel::Validations
include Translatable
lib/saml/kit/translatable.rb
@@ -2,6 +2,9 @@
module Saml
module Kit
+ # This module is responsible
+ # for translating error messages
+ # to the current locale.
module Translatable
# @!visibility private
def error_message(attribute, options = {})
lib/saml/kit/trustable.rb
@@ -2,6 +2,9 @@
module Saml
module Kit
+ # This module is responsible for
+ # validating the trustworthiness
+ # of a saml document.
module Trustable
extend ActiveSupport::Concern
lib/saml/kit/xml_templatable.rb
@@ -2,6 +2,8 @@
module Saml
module Kit
+ # This module is responsible for
+ # generating converting templates to xml.
module XmlTemplatable
TEMPLATES_DIR = Pathname.new(File.join(__dir__, 'builders/templates/'))
include ::Xml::Kit::Templatable
.reek
@@ -0,0 +1,198 @@
+---
+Attribute:
+ exclude:
+ - Saml::Kit::Assertion#occurred_at
+ - Saml::Kit::Builders::AuthenticationRequest#assertion_consumer_service_url
+ - Saml::Kit::Builders::AuthenticationRequest#destination
+ - Saml::Kit::Builders::AuthenticationRequest#id
+ - Saml::Kit::Builders::AuthenticationRequest#issuer
+ - Saml::Kit::Builders::AuthenticationRequest#name_id_format
+ - Saml::Kit::Builders::AuthenticationRequest#now
+ - Saml::Kit::Builders::AuthenticationRequest#version
+ - Saml::Kit::Builders::IdentityProviderMetadata#attributes
+ - Saml::Kit::Builders::IdentityProviderMetadata#name_id_formats
+ - Saml::Kit::Builders::IdentityProviderMetadata#want_authn_requests_signed
+ - Saml::Kit::Builders::LogoutRequest#destination
+ - Saml::Kit::Builders::LogoutRequest#id
+ - Saml::Kit::Builders::LogoutRequest#issuer
+ - Saml::Kit::Builders::LogoutRequest#name_id_format
+ - Saml::Kit::Builders::LogoutRequest#now
+ - Saml::Kit::Builders::LogoutRequest#version
+ - Saml::Kit::Builders::LogoutResponse#destination
+ - Saml::Kit::Builders::LogoutResponse#id
+ - Saml::Kit::Builders::LogoutResponse#issuer
+ - Saml::Kit::Builders::LogoutResponse#now
+ - Saml::Kit::Builders::LogoutResponse#status_code
+ - Saml::Kit::Builders::LogoutResponse#version
+ - Saml::Kit::Builders::Metadata#contact_email
+ - Saml::Kit::Builders::Metadata#entity_id
+ - Saml::Kit::Builders::Metadata#id
+ - Saml::Kit::Builders::Metadata#identity_provider
+ - Saml::Kit::Builders::Metadata#organization_name
+ - Saml::Kit::Builders::Metadata#organization_url
+ - Saml::Kit::Builders::Metadata#service_provider
+ - Saml::Kit::Builders::Response#destination
+ - Saml::Kit::Builders::Response#id
+ - Saml::Kit::Builders::Response#issuer
+ - Saml::Kit::Builders::Response#now
+ - Saml::Kit::Builders::Response#reference_id
+ - Saml::Kit::Builders::Response#status_code
+ - Saml::Kit::Builders::Response#version
+ - Saml::Kit::Builders::ServiceProviderMetadata#acs_urls
+ - Saml::Kit::Builders::ServiceProviderMetadata#logout_urls
+ - Saml::Kit::Builders::ServiceProviderMetadata#name_id_formats
+ - Saml::Kit::Builders::ServiceProviderMetadata#want_assertions_signed
+ - Saml::Kit::Configuration#clock_drift
+ - Saml::Kit::Configuration#digest_method
+ - Saml::Kit::Configuration#entity_id
+ - Saml::Kit::Configuration#logger
+ - Saml::Kit::Configuration#registry
+ - Saml::Kit::Configuration#session_timeout
+ - Saml::Kit::Configuration#signature_method
+ - Saml::Kit::Document#registry
+BooleanParameter:
+ exclude:
+ - Saml::Kit::Assertion#to_xml
+ - Saml::Kit::DefaultRegistry#register_url
+ - Saml::Kit::DefaultRegistry::HttpApi#initialize
+ - Saml::Kit::Document#to_xml
+ - Saml::Kit::Metadata#to_xml
+ - Saml::Kit::Signature#to_xml
+ControlParameter:
+ exclude:
+ - Saml::Kit::Assertion#to_xml
+ - Saml::Kit::Bindings::HttpRedirect#algorithm_for
+ - Saml::Kit::Document#to_xml
+ - Saml::Kit::Metadata#to_xml
+ - Saml::Kit::Signature#to_xml
+InstanceVariableAssumption:
+ exclude:
+ - Saml::Kit::Assertion
+IrresponsibleModule:
+ exclude:
+ - Saml::Kit::Assertion
+ - Saml::Kit::Bindings::Binding
+ - Saml::Kit::Bindings::HttpPost
+ - Saml::Kit::Bindings::HttpRedirect
+ - Saml::Kit::Bindings::UrlBuilder
+ - Saml::Kit::Bindings
+ - Saml::Kit::Buildable
+ - Saml::Kit::Builders::Assertion
+ - Saml::Kit::Builders::EncryptedAssertion
+ - Saml::Kit::Builders
+ - Saml::Kit::CompositeMetadata
+ - Saml::Kit::DefaultRegistry::HttpApi
+ - Saml::Kit::Document
+ - Saml::Kit::InvalidDocument
+ - Saml::Kit::NullAssertion
+ - Saml::Kit::Requestable
+ - Saml::Kit::Respondable
+ - Saml::Kit::Response
+ - Saml::Kit::Serializable
+ - Saml::Kit
+PrimaDonnaMethod:
+ exclude:
+ - Saml::Kit::Assertion
+ - Saml::Kit::Bindings::HttpRedirect
+ - Saml::Kit::Configuration
+TooManyInstanceVariables:
+ exclude:
+ - Saml::Kit::Assertion
+ - Saml::Kit::Builders::AuthenticationRequest
+ - Saml::Kit::Builders::IdentityProviderMetadata
+ - Saml::Kit::Builders::LogoutRequest
+ - Saml::Kit::Builders::LogoutResponse
+ - Saml::Kit::Builders::Metadata
+ - Saml::Kit::Builders::Response
+ - Saml::Kit::Builders::ServiceProviderMetadata
+ - Saml::Kit::Configuration
+TooManyMethods:
+ exclude:
+ - Saml::Kit::Assertion
+ - Saml::Kit::Document
+ - Saml::Kit::Metadata
+ - Saml::Kit::Signature
+TooManyStatements:
+ exclude:
+ - initialize
+ - Saml::Kit::Assertion#decrypt!
+ - Saml::Kit::CompositeMetadata#services
+ - Saml::Kit::DefaultRegistry::HttpApi#http
+ - Saml::Kit::Metadata#from
+ - Saml::Kit::Signature#validate_signature
+UtilityFunction:
+ exclude:
+ - Saml::Kit::Assertion#parse_date
+ - Saml::Kit::Bindings::HttpRedirect#algorithm_for
+ - Saml::Kit::Bindings::HttpRedirect#canonicalize
+ - Saml::Kit::Bindings::HttpRedirect#normalize
+ - Saml::Kit::Bindings::HttpRedirect#params_to_hash
+ - Saml::Kit::NullAssertion#expired_at
+ - Saml::Kit::NullAssertion#started_at
+ - uri_for
+ - xml_document
+ - Saml::Kit::Serializable#decode
+ - Saml::Kit::Serializable#deflate
+ - Saml::Kit::Serializable#encode
+ - Saml::Kit::Serializable#escape
+ - Saml::Kit::Serializable#inflate
+ - Saml::Kit::Serializable#unescape
+LongParameterList:
+ exclude:
+ - Saml::Kit::AuthenticationRequest#response_for
+ - Saml::Kit::Configuration#add_key_pair
+UncommunicativeVariableName:
+ exclude:
+ - Saml::Kit::AuthenticationRequest#response_for
+ - Saml::Kit::Bindings::HttpRedirect#params_to_hash
+ - Saml::Kit::Builders::Metadata#build_identity_provider
+ - Saml::Kit::Builders::Metadata#build_service_provider
+ - Saml::Kit::CompositeMetadata#method_missing
+ - Saml::Kit::CompositeMetadata#respond_to_missing?
+ - Saml::Kit::CompositeMetadata#services
+ - Saml::Kit::Configuration#key_pairs
+ - Saml::Kit::IdentityProviderMetadata#login_request_for
+ - Saml::Kit::LogoutRequest#response_for
+ - Saml::Kit::Metadata#logout_request_for
+ - Saml::Kit::Metadata#matches?
+ - Saml::Kit::Metadata#service_for
+ - query_params_from
+ - Saml::Kit::Signature#expected_digest_value
+DuplicateMethodCall:
+ exclude:
+ - Saml::Kit::Bindings::Binding#saml_param_from
+ - Saml::Kit::Bindings::HttpRedirect#ensure_valid_signature!
+ - Saml::Kit::Bindings::UrlBuilder#build
+ - Saml::Kit::Builders::Response#initialize
+ - Saml::Kit::XmlTemplatable#sign?
+FeatureEnvy:
+ exclude:
+ - Saml::Kit::Bindings::Binding#saml_param_from
+ - Saml::Kit::Bindings::HttpRedirect#serialize
+ - Saml::Kit::DefaultRegistry#register
+ - Saml::Kit::Metadata#matches?
+ - Saml::Kit::Signature#expected_digest_value
+ - Saml::Kit::Signature#trusted?
+NilCheck:
+ exclude:
+ - Saml::Kit::Bindings::HttpRedirect#ensure_valid_signature!
+ - Saml::Kit::IdentityProviderMetadata#want_authn_requests_signed
+ - Saml::Kit::LogoutRequest#single_logout_service
+ - Saml::Kit::Respondable#must_match_request_id
+ - Saml::Kit::Response#assertion
+ - Saml::Kit::ServiceProviderMetadata#want_assertions_signed
+ - Saml::Kit::Signature#certificate
+ - Saml::Kit::Signature#trusted?
+ - Saml::Kit::Signature#validate_signature
+ - Saml::Kit::XmlTemplatable#sign?
+ManualDispatch:
+ exclude:
+ - Saml::Kit::Builders::Assertion#assertion_attributes
+ - Saml::Kit::CompositeMetadata#method_missing
+ - Saml::Kit::CompositeMetadata#respond_to_missing?
+UnusedParameters:
+ exclude:
+ - Saml::Kit::InvalidDocument#initialize
+TooManyConstants:
+ exclude:
+ - Saml::Kit::Namespaces
Rakefile
@@ -9,7 +9,9 @@ require 'rubocop/rake_task'
RSpec::Core::RakeTask.new(:spec)
RuboCop::RakeTask.new(:rubocop)
Bundler::Audit::Task.new
-Reek::Rake::Task.new(:reek)
+Reek::Rake::Task.new(:reek) do |task|
+ task.config_file = '.reek'
+end
task lint: [:rubocop, :reek, 'bundle:audit']
task default: :spec