Ruby 1.8.7 compatibility

pitbulk · pitbulk · commit 0661c678dbb7 · 2021-08-16T19:41:45.000+02:00
diff --git a/lib/onelogin/ruby-saml/idp_metadata_parser.rb b/lib/onelogin/ruby-saml/idp_metadata_parser.rb
@@ -119,8 +119,10 @@ def parse(idp_metadata, options = {})
 
         unless parsed_metadata[:cache_duration].nil?
           cache_valid_until_timestamp = OneLogin::RubySaml::Utils.parse_duration(parsed_metadata[:cache_duration])
-          if parsed_metadata[:valid_until].nil? || cache_valid_until_timestamp < Time.parse(parsed_metadata[:valid_until], Time.now.utc).to_i
-            parsed_metadata[:valid_until] = Time.at(cache_valid_until_timestamp).utc.strftime("%Y-%m-%dT%H:%M:%SZ")
+          unless cache_valid_until_timestamp.nil?
+            if parsed_metadata[:valid_until].nil? || cache_valid_until_timestamp < Time.parse(parsed_metadata[:valid_until], Time.now.utc).to_i
+              parsed_metadata[:valid_until] = Time.at(cache_valid_until_timestamp).utc.strftime("%Y-%m-%dT%H:%M:%SZ")
+            end
           end
         end
         # Remove the cache_duration because on the settings
diff --git a/lib/onelogin/ruby-saml/utils.rb b/lib/onelogin/ruby-saml/utils.rb
@@ -13,8 +13,8 @@ module RubySaml
     class Utils
       @@uuid_generator = UUID.new if RUBY_VERSION < '1.9'
 
-      BINDINGS = { post: "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST".freeze,
-                   redirect: "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect".freeze }.freeze
+      BINDINGS = { :post => "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST".freeze,
+                   :redirect => "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect".freeze }.freeze
       DSIG = "http://www.w3.org/2000/09/xmldsig#".freeze
       XENC = "http://www.w3.org/2001/04/xmlenc#".freeze
       DURATION_FORMAT = %r(^
@@ -55,6 +55,8 @@ def self.is_cert_expired(cert)
       # @return [Integer] The new timestamp, after the duration is applied.
       #
       def self.parse_duration(duration, timestamp=Time.now.utc)
+        return nil if RUBY_VERSION < '1.9'  # 1.8.7 not supported
+
         matches = duration.match(DURATION_FORMAT)
 
         if matches.nil?
diff --git a/test/idp_metadata_parser_test.rb b/test/idp_metadata_parser_test.rb
@@ -354,13 +354,16 @@ def initialize; end
     end
 
     it "if no ValidUntil but CacheDuration return CacheDuration converted in ValidUntil" do
+      return if RUBY_VERSION < '1.9'
       Timecop.freeze(Time.parse("2020-01-02T10:02:33Z", Time.now.utc)) do
         settings = @idp_metadata_parser.parse(idp_metadata_descriptor5)
         assert_equal '2020-01-03T10:02:33Z', settings.valid_until
       end
     end
 
     it "if ValidUntil and CacheDuration return the sooner timestamp" do
+      return if RUBY_VERSION < '1.9'
+
       Timecop.freeze(Time.parse("2020-01-01T10:12:55Z", Time.now.utc)) do
         settings = @idp_metadata_parser.parse(idp_metadata_descriptor6)
         assert_equal '2020-01-03T10:12:55Z', settings.valid_until
@@ -585,7 +588,7 @@ def initialize; end
     it "should return idp_cert and idp_cert_fingerprint and no idp_cert_multi" do
       assert_equal(expected_cert, @settings.idp_cert)
       assert_equal("2D:A9:40:88:28:EE:67:BB:4A:5B:E0:58:A7:CC:71:95:2D:1B:C9:D3", @settings.idp_cert_fingerprint)
-      assert_equal({ signing: [expected_cert], encryption: [expected_cert] }, @settings.idp_cert_multi)
+      assert_equal({ :signing => [expected_cert], :encryption => [expected_cert] }, @settings.idp_cert_multi)
       assert_equal("https://app.onelogin.com/saml/metadata/383123", @settings.idp_entity_id)
       assert_equal("urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress", @settings.name_identifier_format)
       assert_equal("https://app.onelogin.com/trust/saml2/http-post/sso/383123", @settings.idp_sso_service_url)
diff --git a/test/utils_test.rb b/test/utils_test.rb
@@ -22,20 +22,22 @@ class UtilsTest < Minitest::Test
     }
 
     def result(duration, reference = 0)
+      return nil if RUBY_VERSION < '1.9'
       Time.at(
         OneLogin::RubySaml::Utils.parse_duration(duration, reference)
       ).utc.iso8601(3)
     end
 
     DURATIONS_FROM_EPOCH.each do |duration, expected|
       it "parses #{duration} to return #{expected} from the given timestamp" do
+        return if RUBY_VERSION < '1.9'
         assert_equal expected, result(duration)
       end
     end
 
     it "returns the last calendar day of the next month when advancing from a longer month to a shorter one" do
       initial_timestamp = Time.iso8601("1970-01-31T00:00:00.000Z").to_i
-
+      return if RUBY_VERSION < '1.9'
       assert_equal "1970-02-28T00:00:00.000Z", result("P1M", initial_timestamp)
     end
   end
diff --git a/test/xml_security_test.rb b/test/xml_security_test.rb
@@ -402,13 +402,12 @@ class XmlSecurityTest < Minitest::Test
 
       describe 'with invalid document ' do
         describe 'when certificate is invalid' do
-          let(:document_data) { read_response('response_with_signed_message_and_assertion.xml')
-            .sub(/<ds:X509Certificate>.*<\/ds:X509Certificate>/, "<ds:X509Certificate>invalid<\/ds:X509Certificate>") }
           let(:document) { OneLogin::RubySaml::Response.new(document_data).document }
-          let(:idp_cert) { OpenSSL::X509::Certificate.new(ruby_saml_cert_text) }
 
           it 'is invalid' do
-            refute document.validate_document_with_cert(idp_cert), 'Document should be invalid'
+            wrong_document_data = document_data.sub(/<ds:X509Certificate>.*<\/ds:X509Certificate>/, "<ds:X509Certificate>invalid<\/ds:X509Certificate>")
+            wrong_document = OneLogin::RubySaml::Response.new(wrong_document_data).document
+            refute wrong_document.validate_document_with_cert(idp_cert), 'Document should be invalid'
           end
         end
       end
