From 96aa0789985a2425a0bb7ee302f24266305a52b0 Mon Sep 17 00:00:00 2001 From: Mitchell Henke Date: Thu, 12 Jan 2023 10:07:42 -0600 Subject: [PATCH] drop UUID gem in favor of SecureRandom --- README.md | 2 +- lib/saml_idp/configurator.rb | 2 +- lib/saml_idp/controller.rb | 6 +++--- lib/saml_idp/logout_builder.rb | 2 +- saml_idp.gemspec | 1 - 5 files changed, 6 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index 5bf578ff..3fee6877 100644 --- a/README.md +++ b/README.md @@ -94,7 +94,7 @@ CERT # config.organization_name = "Your Organization" # config.organization_url = "http://example.com" # config.base_saml_location = "#{base}/saml" - # config.reference_id_generator # Default: -> { UUID.generate } + # config.reference_id_generator # Default: -> { SecureRandom.uuid } # config.attribute_service_location = "#{base}/saml/attributes" # config.single_service_post_location = "#{base}/saml/auth" diff --git a/lib/saml_idp/configurator.rb b/lib/saml_idp/configurator.rb index d36ab88e..8c0b1b15 100644 --- a/lib/saml_idp/configurator.rb +++ b/lib/saml_idp/configurator.rb @@ -25,7 +25,7 @@ def initialize self.x509_certificate = Default::X509_CERTIFICATE self.secret_key = Default::SECRET_KEY self.algorithm = :sha1 - self.reference_id_generator = ->() { UUID.generate } + self.reference_id_generator = ->() { SecureRandom.uuid } self.service_provider = OpenStruct.new self.service_provider.finder = ->(_) { Default::SERVICE_PROVIDER } self.service_provider.metadata_persister = ->(id, settings) { } diff --git a/lib/saml_idp/controller.rb b/lib/saml_idp/controller.rb index b453a4a2..60e333e2 100644 --- a/lib/saml_idp/controller.rb +++ b/lib/saml_idp/controller.rb @@ -2,7 +2,7 @@ require 'openssl' require 'base64' require 'time' -require 'uuid' +require 'securerandom' require 'saml_idp/request' require 'saml_idp/logout_response_builder' module SamlIdp @@ -123,11 +123,11 @@ def saml_logout_url end def get_saml_response_id - UUID.generate + SecureRandom.uuid end def get_saml_reference_id - UUID.generate + SecureRandom.uuid end def default_algorithm diff --git a/lib/saml_idp/logout_builder.rb b/lib/saml_idp/logout_builder.rb index 9c4ea03e..851b9ba4 100644 --- a/lib/saml_idp/logout_builder.rb +++ b/lib/saml_idp/logout_builder.rb @@ -9,7 +9,7 @@ def build end def reference_id - UUID.generate + SecureRandom.uuid end def digest diff --git a/saml_idp.gemspec b/saml_idp.gemspec index a864dc8d..0d7343f3 100644 --- a/saml_idp.gemspec +++ b/saml_idp.gemspec @@ -42,7 +42,6 @@ section of the README. INST s.add_dependency('activesupport') - s.add_dependency('uuid') s.add_dependency('builder') s.add_dependency('faraday') s.add_dependency('nokogiri', '>= 1.10.2')