From 232fb673ec55b3b1701a39a9757cd65c644b1c33 Mon Sep 17 00:00:00 2001
From: Azul <azul@riseup.net>
Date: Wed, 25 Jan 2017 12:56:24 +0100
Subject: [PATCH] :upgrade: use rbsso 0.3.0 with nonce support

We do not make use of the nonce yet. We lack a way to store the nonce in the session for now. It probably exists as helpy also knows to store the page one tried to visit in the session but I need to research how to access it from within an omniauth strategy.
---
 omniauth-sso.gemspec                 | 2 +-
 test/omniauth/strategies/sso_test.rb | 8 ++++++--
 2 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/omniauth-sso.gemspec b/omniauth-sso.gemspec
index 4f323b6..4701f84 100644
--- a/omniauth-sso.gemspec
+++ b/omniauth-sso.gemspec
@@ -11,7 +11,7 @@ Omniauth strategy for "ai's sso"(https://git.autistici.org/ai/sso) based on rbss
   s.homepage    = 'https://0xacab.org/riseup/omniauth-sso'
 
   s.add_runtime_dependency 'omniauth', '~> 1.3'
-  s.add_runtime_dependency 'rbsso', '~> 0.2.2'
+  s.add_runtime_dependency 'rbsso', '~> 0.3.0'
 
   s.add_development_dependency 'rake', '>= 10', '< 13'
   s.add_development_dependency 'minitest', '~>5.0'
diff --git a/test/omniauth/strategies/sso_test.rb b/test/omniauth/strategies/sso_test.rb
index 04e5783..f84c66c 100644
--- a/test/omniauth/strategies/sso_test.rb
+++ b/test/omniauth/strategies/sso_test.rb
@@ -49,7 +49,7 @@ class OmniAuth::Strategies::SSOTest < Minitest::Test
 
   def test_wrong_service
     assert_raises RuntimeError do
-      post '/auth/sso/callback', t: server.ticket(user, 'other_service', domain)
+      post '/auth/sso/callback', t: ticket_for_other_service
     end
     assert_nil auth_hash
   end
@@ -64,6 +64,10 @@ class OmniAuth::Strategies::SSOTest < Minitest::Test
     end
   end
 
+  def ticket_for_other_service
+    server.ticket user: user, service: 'other_service', domain: domain
+  end
+
   # We modify the content of the ticket so the signature becomes invalid.
   # It still should have the right length and be Base64 compatible.
   def invalid_ticket
@@ -77,7 +81,7 @@ class OmniAuth::Strategies::SSOTest < Minitest::Test
   end
 
   def ticket
-    server.ticket(user, service, domain)
+    server.ticket(user: user, service: service, domain: domain)
   end
 
   def server; RbSSO::Server.new seed; end
-- 
GitLab