More Rubocop fixes

Author: johnnyshields

.rubocop_todo.yml

@@ -40,8 +40,8 @@ def initialize(attrs = {})
 
       # Iterate over all attributes
       #
-      def each
-        attributes.each{|name, values| yield name, values}
+      def each(&block)
+        attributes.each(&block)
       end
 
       # Test attribute presence by name

lib/onelogin/ruby-saml/attributes.rb

@@ -24,6 +24,7 @@ class Authrequest < SamlMessage
       #
       def initialize
         @uuid = OneLogin::RubySaml::Utils.uuid
+        super()
       end
 
       def request_id

lib/onelogin/ruby-saml/authrequest.rb

@@ -42,7 +42,7 @@ module Vocabulary
 
       # fetch IdP descriptors from a metadata document
       def self.get_idps(metadata_document, only_entity_id=nil)
-        path = "//md:EntityDescriptor#{only_entity_id && '[@entityID="' + only_entity_id + '"]'}/md:IDPSSODescriptor"
+        path = "//md:EntityDescriptor#{('[@entityID="' + only_entity_id + '"]') if only_entity_id}/md:IDPSSODescriptor"
         REXML::XPath.match(
           metadata_document,
           path,
@@ -197,7 +197,7 @@ def parse_to_idp_metadata_array(idp_metadata, options = {})
       # @raise [HttpError] Failure to fetch remote IdP metadata
       def get_idp_metadata(url, validate_cert)
         uri = URI.parse(url)
-        raise ArgumentError.new("url must begin with http or https") unless /^https?/ =~ uri.scheme
+        raise ArgumentError.new("url must begin with http or https") unless /^https?/.match?(uri.scheme)
         http = Net::HTTP.new(uri.host, uri.port)
 
         if uri.scheme == "https"
@@ -250,14 +250,14 @@ def to_hash(options = {})
         #
         def valid_until
           root = @idpsso_descriptor.root
-          root.attributes['validUntil'] if root && root.attributes
+          root.attributes['validUntil'] if root&.attributes
         end
 
         # @return [String|nil] 'cacheDuration' attribute of metadata
         #
         def cache_duration
           root = @idpsso_descriptor.root
-          root.attributes['cacheDuration'] if root && root.attributes
+          root.attributes['cacheDuration'] if root&.attributes
         end
 
         # @param name_id_priority [String|Array<String>] The prioritized list of NameIDFormat values to select. Will select first value if nil.
@@ -308,7 +308,7 @@ def single_signon_service_url(binding_priority = nil)
             "md:SingleSignOnService[@Binding=\"#{binding}\"]/@Location",
             SamlMetadata::NAMESPACE
           )
-          node.value if node
+          node&.value
         end
 
         # @param binding_priority [String|Array<String>] The prioritized list of Binding values to select. Will select first value if nil.
@@ -323,7 +323,7 @@ def single_logout_service_url(binding_priority = nil)
             "md:SingleLogoutService[@Binding=\"#{binding}\"]/@Location",
             SamlMetadata::NAMESPACE
           )
-          node.value if node
+          node&.value
         end
 
         # @param binding_priority [String|Array<String>] The prioritized list of Binding values to select. Will select first value if nil.
@@ -338,7 +338,7 @@ def single_logout_response_service_url(binding_priority = nil)
             "md:SingleLogoutService[@Binding=\"#{binding}\"]/@ResponseLocation",
             SamlMetadata::NAMESPACE
           )
-          node.value if node
+          node&.value
         end
 
         # @return [String|nil] Unformatted Certificate if exists
@@ -394,7 +394,7 @@ def fingerprint(certificate, fingerprint_algorithm = XMLSecurity::Document::SHA1
         #
         def attribute_names
           nodes = REXML::XPath.match(
-            @idpsso_descriptor  ,
+            @idpsso_descriptor,
             "saml:Attribute/@Name",
             SamlMetadata::NAMESPACE
           )
@@ -404,8 +404,8 @@ def attribute_names
         def merge_certificates_into(parsed_metadata)
           if (certificates.size == 1 &&
               (certificates_has_one('signing') || certificates_has_one('encryption'))) ||
-              (certificates_has_one('signing') && certificates_has_one('encryption') &&
-              certificates["signing"][0] == certificates["encryption"][0])
+             (certificates_has_one('signing') && certificates_has_one('encryption') &&
+             certificates["signing"][0] == certificates["encryption"][0])
 
             parsed_metadata[:idp_cert] = if certificates.key?("signing")
                                            certificates["signing"][0]

lib/onelogin/ruby-saml/idp_metadata_parser.rb

@@ -6,29 +6,29 @@
 module OneLogin
   module RubySaml
     class Logging
-      DEFAULT_LOGGER = ::Logger.new(STDOUT)
+      DEFAULT_LOGGER = ::Logger.new($stdout)
 
       def self.logger
         @logger ||= begin
-          (defined?(::Rails) && Rails.respond_to?(:logger) && Rails.logger) ||
-            DEFAULT_LOGGER
+          logger = Rails.logger if defined?(::Rails) && Rails.respond_to?(:logger)
+          logger ||= DEFAULT_LOGGER
         end
       end
 
-      def self.logger=(logger)
-        @logger = logger
+      class << self
+        attr_writer :logger
       end
 
       def self.debug(message)
-        return if !!ENV["ruby-saml/testing"]
+        return if ENV["ruby-saml/testing"]
 
-        logger.debug message
+        logger.debug(message)
       end
 
       def self.info(message)
-        return if !!ENV["ruby-saml/testing"]
+        return if ENV["ruby-saml/testing"]
 
-        logger.info message
+        logger.info(message)
       end
     end
   end

lib/onelogin/ruby-saml/logging.rb

@@ -21,6 +21,7 @@ class Logoutrequest < SamlMessage
       #
       def initialize
         @uuid = OneLogin::RubySaml::Utils.uuid
+        super()
       end
 
       def request_id

lib/onelogin/ruby-saml/logoutrequest.rb

@@ -47,6 +47,7 @@ def initialize(response, settings = nil, options = {})
         @options = options
         @response = decode_raw_saml(response, settings)
         @document = XMLSecurity::SignedDocument.new(@response)
+        super()
       end
 
       def response_id
@@ -159,11 +160,11 @@ def validate_structure
         true
       end
 
-       # Validates that the Logout Response provided in the initialization is not empty,
-       # also check that the setting and the IdP cert were also provided
-       # @return [Boolean] True if the required info is found, otherwise False if soft=True
-       # @raise [ValidationError] if soft == false and validation fails
-       #
+      # Validates that the Logout Response provided in the initialization is not empty,
+      # also check that the setting and the IdP cert were also provided
+      # @return [Boolean] True if the required info is found, otherwise False if soft=True
+      # @raise [ValidationError] if soft == false and validation fails
+      #
       def valid_state?
         return append_error("Blank logout response") if response.empty?
 

lib/onelogin/ruby-saml/logoutresponse.rb

@@ -70,7 +70,7 @@ def add_sp_certificates(sp_sso, settings)
         cert = settings.get_sp_cert
         cert_new = settings.get_sp_cert_new
 
-        for sp_cert in [cert, cert_new]
+        [cert, cert_new].each do |sp_cert|
           if sp_cert
             cert_text = Base64.encode64(sp_cert.to_der).gsub("\n", '')
             kd = sp_sso.add_element "md:KeyDescriptor", { "use" => "signing" }

lib/onelogin/ruby-saml/metadata.rb

@@ -38,7 +38,7 @@ class Response < SamlMessage
       AVAILABLE_OPTIONS = [
         :allowed_clock_drift, :check_duplicated_attributes, :matches_request_id, :settings, :skip_audience, :skip_authnstatement, :skip_conditions,
         :skip_destination, :skip_recipient_check, :skip_subject_confirmation
-      ]
+      ].freeze
       # TODO: Update the comment on initialize to describe every option
 
       # Constructs the SAML Response. A Response Object that is an extension of the SamlMessage class.
@@ -71,6 +71,8 @@ def initialize(response, options = {})
         if assertion_encrypted?
           @decrypted_document = generate_decrypted_document
         end
+
+        super()
       end
 
       # Validates the SAML Response with the default values (soft = true)
@@ -93,7 +95,7 @@ def name_id
       #
       def name_id_format
         @name_id_format ||=
-          if name_id_node && name_id_node.attribute("Format")
+          if name_id_node&.attribute("Format")
             name_id_node.attribute("Format").value
           end
       end
@@ -104,7 +106,7 @@ def name_id_format
       #
       def name_id_spnamequalifier
         @name_id_spnamequalifier ||=
-          if name_id_node && name_id_node.attribute("SPNameQualifier")
+          if name_id_node&.attribute("SPNameQualifier")
             name_id_node.attribute("SPNameQualifier").value
           end
       end
@@ -113,7 +115,7 @@ def name_id_spnamequalifier
       #
       def name_id_namequalifier
         @name_id_namequalifier ||=
-          if name_id_node && name_id_node.attribute("NameQualifier")
+          if name_id_node&.attribute("NameQualifier")
             name_id_node.attribute("NameQualifier").value
           end
       end
@@ -165,11 +167,11 @@ def attributes
                 raise ValidationError.new("Found an Attribute element with duplicated Name")
               end
 
-              values = node.elements.collect{|e|
-                if (e.elements.nil? || e.elements.size == 0)
+              values = node.elements.collect  do |e|
+                if e.elements.nil? || e.elements.size == 0
                   # SAMLCore requires that nil AttributeValues MUST contain xsi:nil XML attribute set to "true" or "1"
                   # otherwise the value is to be regarded as empty.
-                  ["true", "1"].include?(e.attributes['xsi:nil']) ? nil : Utils.element_text(e)
+                  %w[true 1].include?(e.attributes['xsi:nil']) ? nil : Utils.element_text(e)
                 # explicitly support saml2:NameID with saml2:NameQualifier if supplied in attributes
                 # this is useful for allowing eduPersonTargetedId to be passed as an opaque identifier to use to
                 # identify the subject in an SP rather than email or other less opaque attributes
@@ -180,7 +182,7 @@ def attributes
                     "#{base_path}#{Utils.element_text(n)}"
                   end
                 end
-              }
+              end
 
               attributes.add(name, values.flatten)
             end
@@ -218,7 +220,7 @@ def status_code
           )
           if nodes.size == 1
             node = nodes[0]
-            code = node.attributes["Value"] if node && node.attributes
+            code = node.attributes["Value"] if node&.attributes
 
             unless code == "urn:oasis:names:tc:SAML:2.0:status:Success"
               nodes = REXML::XPath.match(
@@ -348,7 +350,7 @@ def allowed_clock_drift
       # @return [Boolean] True if the SAML Response contains an EncryptedAssertion element
       #
       def assertion_encrypted?
-        ! REXML::XPath.first(
+        !REXML::XPath.first(
           document,
           "(/p:Response/EncryptedAssertion/)|(/p:Response/a:EncryptedAssertion/)",
           { "p" => PROTOCOL, "a" => ASSERTION }
@@ -622,7 +624,7 @@ def validate_audience
         end
 
         unless audiences.include? settings.sp_entity_id
-          s = audiences.count > 1 ? 's' : '';
+          s = audiences.count > 1 ? 's' : ''
           error_msg = "Invalid Audience#{s}. The audience#{s} #{audiences.join(',')}, did not match the expected audience #{settings.sp_entity_id}"
           return append_error(error_msg)
         end
@@ -792,7 +794,7 @@ def validate_subject_confirmation
           break
         end
 
-        if !valid_subject_confirmation
+        unless valid_subject_confirmation
           error_msg = "A valid SubjectConfirmation was not found on this Response"
           return append_error(error_msg)
         end
@@ -895,7 +897,6 @@ def validate_signature
               @errors = old_errors
               break
             end
-
           end
           if expired
             error_msg = "IdP x509 certificate expired"
@@ -935,13 +936,13 @@ def xpath_first_from_signed_assertion(subelt=nil)
             "/p:Response/a:Assertion[@ID=$id]#{subelt}",
             { "p" => PROTOCOL, "a" => ASSERTION },
             { 'id' => doc.signed_element_id }
-        )
+          )
         node ||= REXML::XPath.first(
             doc,
             "/p:Response[@ID=$id]/a:Assertion#{subelt}",
             { "p" => PROTOCOL, "a" => ASSERTION },
             { 'id' => doc.signed_element_id }
-        )
+          )
         node
       end
 
@@ -957,13 +958,13 @@ def xpath_from_signed_assertion(subelt=nil)
             "/p:Response/a:Assertion[@ID=$id]#{subelt}",
             { "p" => PROTOCOL, "a" => ASSERTION },
             { 'id' => doc.signed_element_id }
-        )
-        node.concat( REXML::XPath.match(
+          )
+        node.concat(REXML::XPath.match(
             doc,
             "/p:Response[@ID=$id]/a:Assertion#{subelt}",
             { "p" => PROTOCOL, "a" => ASSERTION },
             { 'id' => doc.signed_element_id }
-        ))
+          ))
       end
 
       # Generates the decrypted_document

lib/onelogin/ruby-saml/response.rb

@@ -20,14 +20,14 @@ class SamlMessage
       ASSERTION = "urn:oasis:names:tc:SAML:2.0:assertion"
       PROTOCOL  = "urn:oasis:names:tc:SAML:2.0:protocol"
 
-      BASE64_FORMAT = %r(\A([A-Za-z0-9+/]{4})*([A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)?\Z)
+      BASE64_FORMAT = %r(\A([A-Za-z0-9+/]{4})*([A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)?\Z).freeze
       @@mutex = Mutex.new
 
       # @return [Nokogiri::XML::Schema] Gets the schema object of the SAML 2.0 Protocol schema
       #
       def self.schema
         @@mutex.synchronize do
-          Dir.chdir(File.expand_path("../../../schemas", __FILE__)) do
+          Dir.chdir(File.expand_path('../../schemas', __dir__)) do
             ::Nokogiri::XML::Schema(File.read("saml-schema-protocol-2.0.xsd"))
           end
         end
@@ -98,7 +98,7 @@ def decode_raw_saml(saml, settings = nil)
         decoded = decode(saml)
         begin
           inflate(decoded)
-        rescue
+        rescue StandardError
           decoded
         end
       end
@@ -127,7 +127,7 @@ def decode(string)
       # @return [String] The encoded string
       #
       def encode(string)
-        if Base64.respond_to?('strict_encode64')
+        if Base64.respond_to?(:strict_encode64)
           Base64.strict_encode64(string)
         else
           Base64.encode64(string).gsub(/\n/, "")