Skip to content

Commit

Permalink
Bump samael to v0.17 to pick up samael#53 (#6558)
Browse files Browse the repository at this point in the history
  • Loading branch information
papertigers authored Sep 12, 2024
1 parent 90eedeb commit 0496637
Show file tree
Hide file tree
Showing 3 changed files with 10 additions and 11 deletions.
8 changes: 4 additions & 4 deletions Cargo.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -528,7 +528,7 @@ rustfmt-wrapper = "0.2"
rustls = "0.22.2"
rustls-pemfile = "2.1.3"
rustyline = "14.0.0"
samael = { version = "0.0.15", features = ["xmlsec"] }
samael = { version = "0.0.17", features = ["xmlsec"] }
schemars = "0.8.21"
secrecy = "0.8.0"
semver = { version = "1.0.23", features = ["std", "serde"] }
Expand Down
11 changes: 5 additions & 6 deletions nexus/auth/src/authn/silos.rs
Original file line number Diff line number Diff line change
Expand Up @@ -107,7 +107,9 @@ impl SamlIdentityProvider {

let authn_request_url = if let Some(key) = self.private_key_bytes()? {
// sign authn request if keys were supplied
authn_request.signed_redirect(&encoded_relay_state, &key)
let pkey = openssl::pkey::PKey::private_key_from_der(&key)
.map_err(|e| anyhow!(e.to_string()))?;
authn_request.signed_redirect(&encoded_relay_state, pkey)
} else {
authn_request.redirect(&encoded_relay_state)
}
Expand Down Expand Up @@ -294,10 +296,7 @@ impl SamlIdentityProvider {
)
})?;

let signature_algorithm: String =
assertion_signature.signed_info.signature_method.algorithm;

match signature_algorithm.as_str() {
match assertion_signature.signed_info.signature_method.algorithm.value() {
// List taken from Signature section of
// https://www.w3.org/TR/xmldsig-core1/#sec-AlgID, removing
// discouraged items.
Expand All @@ -314,7 +313,7 @@ impl SamlIdentityProvider {
"http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512" |
"http://www.w3.org/2009/xmldsig11#dsa-sha256" => {}

_ => {
signature_algorithm => {
return Err(
HttpError::for_bad_request(
None,
Expand Down

0 comments on commit 0496637

Please sign in to comment.