Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update saml_idp gem to add support for AES-GCM encryption algorithms #11593

Merged
merged 1 commit into from
Dec 4, 2024
Merged

Update saml_idp gem to add support for AES-GCM encryption algorithms #11593

merged 1 commit into from
Dec 4, 2024

Conversation

mitchellhenke
Copy link
Contributor

🛠 Summary of changes

Brings in the changes from 18F/saml_idp#129 to add IDP support for AES-GCM encryption of SAML responses. Other changes are required within our service provider configurations and partner portal, so it is not available quite yet, but allows for testing manually outside of those contexts.

@mitchellhenke
Update saml_idp gem to add support for AES-GCM encryption algorithms
e9b52e1 
changelog: Upcoming Features, SAML, Update saml_idp gem to add support for AES-GCM encryption algorithms
zachmargolis
zachmargolis approved these changes Dec 4, 2024
View reviewed changes
Gemfile
@@ -85,7 +85,7 @@ gem 'valid_email', '>= 0.1.3', github: 'hallelujah/valid_email', ref: '486b860'
gem 'view_component', '~> 3.0'
gem 'webauthn', '~> 2.5.2'
gem 'xmldsig', '~> 0.6'
gem 'xmlenc', '~> 0.7', '>= 0.7.1'
gem 'xmlenc', '0.8.0'
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

should we keep the version that allows patch changes? This would allow 0.8.1 automatically I think

Suggested change
gem 'xmlenc', '0.8.0'
gem 'xmlenc', '~> 0.8'

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It would, but the gem is very rarely updated and I'm not confident in version updates being safe without some more explicit checks 😅

Copy link
Member

@aduth aduth Dec 4, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Coincidentally I'd tried that syntax earlier in #11590 (gem 'rubocop', '~> 1.69') hoping for the behavior you described, but it installed the outdated .0 version (1.69.0) instead of the latest version (1.69.1) 🤷

@mitchellhenke mitchellhenke merged commit 0dede8b into main Dec 4, 2024
2 checks passed
@mitchellhenke mitchellhenke deleted the mitchellhenke/update-saml-idp-to-support-gcm branch December 4, 2024 20:34
@matthinz matthinz mentioned this pull request Dec 5, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@aduth aduth aduth left review comments

@zachmargolis zachmargolis zachmargolis approved these changes

@Sgtpluck Sgtpluck Awaiting requested review from Sgtpluck

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@mitchellhenke @zachmargolis @aduth