diff --git a/lib/onelogin/ruby-saml/authrequest.rb b/lib/onelogin/ruby-saml/authrequest.rb index 0aadff2f..78a8f385 100644 --- a/lib/onelogin/ruby-saml/authrequest.rb +++ b/lib/onelogin/ruby-saml/authrequest.rb @@ -64,7 +64,7 @@ def create_params(settings, params={}) request_doc = create_authentication_xml_doc(settings) request_doc.context[:attribute_quote] = :quote if settings.double_quote_xml_attribute_values - request = "" + request = "".dup request_doc.write(request) Logging.debug "Created AuthnRequest: #{request}" diff --git a/lib/onelogin/ruby-saml/logoutrequest.rb b/lib/onelogin/ruby-saml/logoutrequest.rb index d2bb21ec..7ed0766d 100644 --- a/lib/onelogin/ruby-saml/logoutrequest.rb +++ b/lib/onelogin/ruby-saml/logoutrequest.rb @@ -61,7 +61,7 @@ def create_params(settings, params={}) request_doc = create_logout_request_xml_doc(settings) request_doc.context[:attribute_quote] = :quote if settings.double_quote_xml_attribute_values - request = "" + request = "".dup request_doc.write(request) Logging.debug "Created SLO Logout Request: #{request}" diff --git a/lib/onelogin/ruby-saml/metadata.rb b/lib/onelogin/ruby-saml/metadata.rb index fed96b67..a50e9e66 100644 --- a/lib/onelogin/ruby-saml/metadata.rb +++ b/lib/onelogin/ruby-saml/metadata.rb @@ -145,7 +145,7 @@ def embed_signature(meta_doc, settings) end def output_xml(meta_doc, pretty_print) - ret = '' + ret = ''.dup # pretty print the XML so IdP administrators can easily see what the SP supports if pretty_print diff --git a/lib/onelogin/ruby-saml/slo_logoutresponse.rb b/lib/onelogin/ruby-saml/slo_logoutresponse.rb index c2c73d0c..9791a73d 100644 --- a/lib/onelogin/ruby-saml/slo_logoutresponse.rb +++ b/lib/onelogin/ruby-saml/slo_logoutresponse.rb @@ -70,7 +70,7 @@ def create_params(settings, request_id = nil, logout_message = nil, params = {}, response_doc = create_logout_response_xml_doc(settings, request_id, logout_message, logout_status_code) response_doc.context[:attribute_quote] = :quote if settings.double_quote_xml_attribute_values - response = "" + response = "".dup response_doc.write(response) Logging.debug "Created SLO Logout Response: #{response}" diff --git a/lib/onelogin/ruby-saml/utils.rb b/lib/onelogin/ruby-saml/utils.rb index 68ee2ed0..b66f6d77 100644 --- a/lib/onelogin/ruby-saml/utils.rb +++ b/lib/onelogin/ruby-saml/utils.rb @@ -32,7 +32,9 @@ class Utils (\d+)W # 8: Weeks ) $)x.freeze + UUID_PREFIX = '_' + @@prefix = '_' # Checks if the x509 cert provided is expired. # @@ -252,6 +254,8 @@ def self.verify_signature(params) # @param status_message [Strig] StatusMessage value # @return [String] The status error message def self.status_error_msg(error_msg, raw_status_code = nil, status_message = nil) + error_msg = error_msg.dup + unless raw_status_code.nil? if raw_status_code.include? "|" status_codes = raw_status_code.split(' | ') @@ -400,11 +404,15 @@ def self.retrieve_plaintext(cipher_text, symmetric_key, algorithm) end def self.set_prefix(value) - UUID_PREFIX.replace value + @@prefix = value + end + + def self.prefix + @@prefix end def self.uuid - "#{UUID_PREFIX}" + (RUBY_VERSION < '1.9' ? "#{@@uuid_generator.generate}" : "#{SecureRandom.uuid}") + "#{prefix}" + (RUBY_VERSION < '1.9' ? "#{@@uuid_generator.generate}" : "#{SecureRandom.uuid}") end # Given two strings, attempt to match them as URIs using Rails' parse method. If they can be parsed, diff --git a/ruby-saml.gemspec b/ruby-saml.gemspec index 2ddce136..3cfd3e7c 100644 --- a/ruby-saml.gemspec +++ b/ruby-saml.gemspec @@ -59,6 +59,12 @@ Gem::Specification.new do |s| s.add_runtime_dependency('rexml') end + if RUBY_VERSION >= '3.4.0' + s.add_runtime_dependency("logger") + s.add_runtime_dependency("base64") + s.add_runtime_dependency('mutex_m') + end + s.add_development_dependency('simplecov', '<0.22.0') if RUBY_VERSION < '2.4.1' s.add_development_dependency('simplecov-lcov', '<0.8.0')