Fix Rubocop and minor typos

Author: pitbulk

UPGRADING.md

@@ -238,7 +238,7 @@ how validation happens in the toolkit and also the toolkit by default will check
 when parsing a SAML Message (`settings.check_malformed_doc`).
 
 The SignedDocument class defined at xml_security.rb experienced several changes.
-We don't expect compatibilty issues if you use the main methods offered by ruby-saml, but if
+We don't expect compatibility issues if you use the main methods offered by ruby-saml, but if
 you use a fork or customized usage, it is possible that you will need to adapt your code.
 
 ## Upgrading from 1.12.x to 1.13.0
@@ -276,7 +276,7 @@ Version `1.10.1` improves Ruby 1.8.7 support.
 
 ## Upgrading from 1.9.0 to 1.10.0
 
-Version `1.10.0` improves IdpMetadataParser to allow parse multiple IDPSSODescriptor,
+Version `1.10.0` improves IdpMetadataParser to allow parsing multiple IDPSSODescriptor,
 Add Subject support on AuthNRequest to allow SPs provide info to the IdP about the user
 to be authenticated and updates the format_cert method to accept certs with /\x0d/
 

lib/ruby_saml.rb

@@ -21,16 +21,16 @@
 require 'ruby_saml/version'
 
 # @deprecated This module adds compatibility with v1.x and will be removed in v3.0.0
-unless defined?(::OneLogin)
-    module OneLogin
-        RubySaml = ::RubySaml
-    end
+unless defined?(OneLogin)
+  module OneLogin
+    RubySaml = ::RubySaml
+  end
 end
 
-unless defined?(::OneLogin::RubySaml::Logging)
-    module OneLogin
-        module RubySaml
-            Logging = ::RubySaml::Logging
-        end
+unless defined?(OneLogin::RubySaml::Logging)
+  module OneLogin
+    module RubySaml
+      Logging = ::RubySaml::Logging
     end
-end
+  end
+end

lib/ruby_saml/attributes.rb

@@ -102,7 +102,7 @@ def add(name, values = [])
 
     # Make comparable to another Attributes collection based on attributes
     # @param other [Attributes] An Attributes object to compare with
-    # @return [Boolean] True if are contains the same attributes and values
+    # @return [Boolean] True if it contains the same attributes and values
     #
     def ==(other)
       if other.is_a?(Attributes)

lib/ruby_saml/idp_metadata_parser.rb

@@ -31,7 +31,7 @@ def self.get_idps(noko_document, only_entity_id = nil)
     # IdP values
     #
     # @param url [String] Url where the XML of the Identity Provider Metadata is published.
-    # @param validate_cert [Boolean] If true and the URL is HTTPs, the cert of the domain is checked.
+    # @param validate_cert [Boolean] If true and the URL is HTTPS, the cert of the domain is checked.
     #
     # @param options [Hash] options used for parsing the metadata and the returned Settings instance
     # @option options [RubySaml::Settings, Hash] :settings the RubySaml::Settings object which gets the parsed metadata merged into or an hash for Settings overrides.
@@ -54,7 +54,7 @@ def parse_remote(url, validate_cert = true, options = {})
     # Parse the Identity Provider metadata and return the results as Hash
     #
     # @param url [String] Url where the XML of the Identity Provider Metadata is published.
-    # @param validate_cert [Boolean] If true and the URL is HTTPs, the cert of the domain is checked.
+    # @param validate_cert [Boolean] If true and the URL is HTTPS, the cert of the domain is checked.
     #
     # @param options [Hash] options used for parsing the metadata
     # @option options [String, nil] :entity_id when this is given, the entity descriptor for this ID is used. When omitted, the first entity descriptor is used.
@@ -75,7 +75,7 @@ def parse_remote_to_hash(url, validate_cert = true, options = {})
     # Parse all Identity Provider metadata and return the results as Array
     #
     # @param url [String] Url where the XML of the Identity Provider Metadata is published.
-    # @param validate_cert [Boolean] If true and the URL is HTTPs, the cert of the domain is checked.
+    # @param validate_cert [Boolean] If true and the URL is HTTPS, the cert of the domain is checked.
     #
     # @param options [Hash] options used for parsing the metadata
     # @option options [String, nil] :entity_id when this is given, the entity descriptor for this ID is used. When omitted, all found IdPs are returned.
@@ -116,7 +116,7 @@ def parse(idp_metadata, options = {})
         end
       end
       # Remove the cache_duration because on the settings
-      # we only gonna suppot valid_until
+      # we only going to support valid_until
       parsed_metadata.delete(:cache_duration)
 
       settings = options[:settings]
@@ -174,7 +174,7 @@ def parse_to_idp_metadata_array(idp_metadata, options = {})
 
     # Retrieve the remote IdP metadata from the URL or a cached copy.
     # @param url [String] Url where the XML of the Identity Provider Metadata is published.
-    # @param validate_cert [Boolean] If true and the URL is HTTPs, the cert of the domain is checked.
+    # @param validate_cert [Boolean] If true and the URL is HTTPS, the cert of the domain is checked.
     # @param options [Hash] Options used for requesting the remote URL
     # @option options [Numeric, nil] :open_timeout Number of seconds to wait for the connection to open. See Net::HTTP#open_timeout for more info. Default is the Net::HTTP default.
     # @option options [Numeric, nil] :read_timeout Number of seconds to wait for one block to be read. See Net::HTTP#read_timeout for more info. Default is the Net::HTTP default.
@@ -362,7 +362,7 @@ def certificates
         end
       end
 
-      # @return [String|nil] the fingerpint of the X509Certificate if it exists
+      # @return [String|nil] the fingerprint of the X509Certificate if it exists
       #
       def fingerprint(certificate, fingerprint_algorithm = RubySaml::XML::SHA256)
         return unless certificate

lib/ruby_saml/logoutresponse.rb

@@ -18,13 +18,13 @@ class Logoutresponse < SamlMessage
 
     attr_accessor :soft
 
-    # Constructs the Logout Response. A Logout Response Object that is an extension of the SamlMessage class.
+    # Constructs the Logout Response. A Logout Response object that is an extension of the SamlMessage class.
     # @param response  [String] A UUEncoded logout response from the IdP.
     # @param settings  [RubySaml::Settings|nil] Toolkit settings
     # @param options   [Hash] Extra parameters.
     #                    :matches_request_id It will validate that the logout response matches the ID of the request.
     #                    :get_params GET Parameters, including the SAMLResponse
-    #                    :relax_signature_validation to accept signatures if no idp certificate registered on settings
+    #                    :relax_signature_validation to accept signatures if no IdP certificate registered on settings
     #
     # @raise [ArgumentError] if response is nil
     #
@@ -50,7 +50,7 @@ def response_id
     end
 
     # Checks if the Status has the "Success" code
-    # @return [Boolean] True if the StatusCode is Sucess
+    # @return [Boolean] True if the StatusCode is Success
     # @raise [ValidationError] if soft == false and validation fails
     #
     def success?
@@ -145,7 +145,7 @@ def validate_structure
     end
 
     # Validates that the Logout Response provided in the initialization is not empty,
-    # also check that the setting and the IdP cert were also provided
+    # also check that the settings and the IdP cert were also provided
     # @return [Boolean] True if the required info is found, otherwise False if soft=True
     # @raise [ValidationError] if soft == false and validation fails
     #
@@ -163,9 +163,9 @@ def valid_state?
       true
     end
 
-    # Validates if a provided :matches_request_id matchs the inResponseTo value.
+    # Validates if a provided :matches_request_id matches the inResponseTo value.
     # @param soft [String|nil] request_id The ID of the Logout Request sent by this SP to the IdP (if was sent any)
-    # @return [Boolean] True if there is no request_id or it match, otherwise False if soft=True
+    # @return [Boolean] True if there is no request_id or it matches, otherwise False if soft=True
     # @raise [ValidationError] if soft == false and validation fails
     #
     def valid_in_response_to?
@@ -178,7 +178,7 @@ def valid_in_response_to?
     end
 
     # Validates the Issuer of the Logout Response
-    # @return [Boolean] True if the Issuer matchs the IdP entityId, otherwise False if soft=True
+    # @return [Boolean] True if the Issuer matches the IdP entityId, otherwise False if soft=True
     # @raise [ValidationError] if soft == false and validation fails
     #
     def valid_issuer?

lib/ruby_saml/metadata.rb

@@ -10,7 +10,7 @@ class Metadata
     # Return SP metadata based on the settings.
     # @param settings [RubySaml::Settings|nil] Toolkit settings
     # @param pretty_print [Boolean] Pretty print or not the response
-    #   (No pretty print if you gonna validate the signature)
+    #   (No pretty print if you are going to validate the signature)
     # @param valid_until [DateTime] Metadata's valid time
     # @param cache_duration [Integer] Duration of the cache in seconds
     # @return [String] XML Metadata of the Service Provider

lib/ruby_saml/response.rb

@@ -70,7 +70,7 @@ def initialize(response, options = {})
     end
 
     # Validates the SAML Response with the default values (soft = true)
-    # @param collect_errors [Boolean] Stop validation when first error appears or keep validating. (if soft=true)
+    # @param collect_errors [Boolean] Stop validation when the first error appears or keep validating. (if soft=true)
     # @return [Boolean] TRUE if the SAML Response is valid
     #
     def is_valid?(collect_errors = false)
@@ -209,7 +209,7 @@ def authn_context_class_ref
     end
 
     # Checks if the Status has the "Success" code
-    # @return [Boolean] True if the StatusCode is Sucess
+    # @return [Boolean] True if the StatusCode is Success
     #
     def success?
       status_code == 'urn:oasis:names:tc:SAML:2.0:status:Success'
@@ -430,7 +430,7 @@ def validate_structure
     end
 
     # Validates that the SAML Response provided in the initialization is not empty,
-    # also check that the setting and the IdP cert were also provided
+    # also check that the settings and the IdP cert were also provided
     # @return [Boolean] True if the required info is found, false otherwise
     #
     def validate_response_state
@@ -515,7 +515,7 @@ def validate_no_duplicated_attributes
     # Validates the Signed elements
     # If fails, the error is added to the errors array
     # @return [Boolean] True if there is 1 or 2 Elements signed in the SAML Response
-    #                                   an are a Response or an Assertion Element, otherwise False if soft=True
+    #                   and are a Response or an Assertion Element, otherwise False if soft=True
     #
     def validate_signed_elements
       signature_nodes = (decrypted_document.nil? ? document : decrypted_document).xpath(
@@ -574,9 +574,9 @@ def validate_signed_elements
       true
     end
 
-    # Validates if the provided request_id match the inResponseTo value.
+    # Validates if the provided request_id matches the inResponseTo value.
     # If fails, the error is added to the errors array
-    # @return [Boolean] True if there is no request_id or it match, otherwise False if soft=True
+    # @return [Boolean] True if there is no request_id or it matches, otherwise False if soft=True
     # @raise [ValidationError] if soft == false and validation fails
     #
     def validate_in_response_to
@@ -655,7 +655,7 @@ def validate_one_conditions
 
     # Checks that the samlp:Response/saml:Assertion/saml:AuthnStatement element exists and is unique.
     # If fails, the error is added to the errors array
-    # @return [Boolean] True if there is a authnstatement element and is unique
+    # @return [Boolean] True if there is a AuthnStatement element and is unique
     #
     def validate_one_authnstatement
       return true if options[:skip_authnstatement]
@@ -717,7 +717,7 @@ def validate_issuer
       true
     end
 
-    # Validates that the Session haven't expired (If the response was initialized with the :allowed_clock_drift option,
+    # Validates that the Session hasn't expired (If the response was initialized with the :allowed_clock_drift option,
     # this time validation is relaxed by the allowed_clock_drift value)
     # If fails, the error is added to the errors array
     # @param soft [Boolean] soft Enable or Disable the soft mode (In order to raise exceptions when the response is invalid or not)
@@ -736,12 +736,12 @@ def validate_session_expiration
       true
     end
 
-    # Validates if exists valid SubjectConfirmation (If the response was initialized with the :allowed_clock_drift option,
-    # timimg validation are relaxed by the allowed_clock_drift value. If the response was initialized with the
+    # Validates if a valid SubjectConfirmation (If the response was initialized with the :allowed_clock_drift option,
+    # timing validation are relaxed by the allowed_clock_drift value. If the response was initialized with the
     # :skip_subject_confirmation option, this validation is skipped)
     # There is also an optional Recipient check
     # If fails, the error is added to the errors array
-    # @return [Boolean] True if exists a valid SubjectConfirmation, otherwise False if soft=True
+    # @return [Boolean] True if a valid SubjectConfirmation, otherwise False if soft=True
     # @raise [ValidationError] if soft == false and validation fails
     #
     def validate_subject_confirmation
@@ -945,17 +945,17 @@ def signed_assertion
       @signed_assertion ||= cached_signed_assertion
     end
 
-    # Extracts the first appearance that matchs the subpath (pattern)
-    # Search on any Assertion that is signed, or has a Response parent signed
+    # Extracts the first appearance that matches the subpath (pattern)
+    # Searches on any Assertion that is signed, or has a Response parent signed
     # @param subpath [String] The XPath pattern
     # @return [Nokogiri::XML::Element | nil] If any matches, return the Element
     def xpath_first_from_signed_assertion(subpath = nil)
       return if !subpath || subpath.empty?
       signed_assertion.at_xpath("./#{subpath}", SAML_NAMESPACES)
     end
 
-    # Extracts all the appearances that matchs the subpath (pattern)
-    # Search on any Assertion that is signed, or has a Response parent signed
+    # Extracts all the appearances that matches the subpath (pattern)
+    # Searches on any Assertion that is signed, or has a Response parent signed
     # @param subpath [String] The XPath pattern
     # @return [Array of Nokogiri::XML::Element] Return all matches
     def xpath_from_signed_assertion(subpath = nil)

lib/ruby_saml/settings.rb

@@ -130,7 +130,7 @@ def get_fingerprint
       end
     end
 
-    # @return [OpenSSL::X509::Certificate|nil] Build the IdP certificate from the settings (previously format it)
+    # @return [OpenSSL::X509::Certificate|nil] Build the IdP certificate from the settings (previously formatting it)
     #
     def get_idp_cert
       RubySaml::Utils.build_cert_object(idp_cert)
@@ -190,7 +190,7 @@ def get_sp_cert
       node[0] if node
     end
 
-    # @return [OpenSSL::PKey::RSA] The SP signing key.
+    # @return [OpenSSL::PKey::PKey] The SP signing key.
     def get_sp_signing_key
       node = get_sp_signing_pair
       node[1] if node

lib/ruby_saml/slo_logoutrequest.rb

@@ -24,7 +24,7 @@ class SloLogoutrequest < SamlMessage
     # @param request [String] A UUEncoded Logout Request from the IdP.
     # @param options [Hash]  :settings to provide the RubySaml::Settings object
     #                        Or :allowed_clock_drift for the logout request validation process to allow a clock drift when checking dates with
-    #                        Or :relax_signature_validation to accept signatures if no idp certificate registered on settings
+    #                        Or :relax_signature_validation to accept signatures if no IdP certificate registered on settings
     #
     # @raise [ArgumentError] If Request is nil
     #
@@ -49,7 +49,7 @@ def request_id
     end
 
     # Validates the Logout Request with the default values (soft = true)
-    # @param collect_errors [Boolean] Stop validation when first error appears or keep validating.
+    # @param collect_errors [Boolean] Stop validation when the first error appears or keep validating.
     # @return [Boolean] TRUE if the Logout Request is valid
     #
     def is_valid?(collect_errors = false)
@@ -79,7 +79,7 @@ def name_id_node
       end
     end
 
-    # @return [String|nil] Gets the ID attribute from the Logout Request. if exists.
+    # @return [String|nil] Gets the ID attribute from the Logout Request. if it exists.
     #
     def id
       super(document)
@@ -94,7 +94,7 @@ def issuer
       )&.text
     end
 
-    # @return [Time|nil] Gets the NotOnOrAfter Attribute value if exists.
+    # @return [Time|nil] Gets the NotOnOrAfter Attribute value if it exists.
     #
     def not_on_or_after
       @not_on_or_after ||= begin
@@ -109,7 +109,7 @@ def not_on_or_after
       end
     end
 
-    # @return [Array] Gets the SessionIndex if exists (Supported multiple values). Empty Array if none found
+    # @return [Array] Gets the SessionIndex if exists (Supports multiple values). Empty Array if none found
     #
     def session_indexes
       document.xpath(
@@ -127,7 +127,7 @@ def allowed_clock_drift
     end
 
     # Hard aux function to validate the Logout Request
-    # @param collect_errors [Boolean] Stop validation when first error appears or keep validating. (if soft=true)
+    # @param collect_errors [Boolean] Stop validation when the first error appears or keep validating. (if soft=true)
     # @return [Boolean] TRUE if the Logout Request is valid
     # @raise [ValidationError] if soft == false and validation fails
     #
@@ -211,7 +211,7 @@ def validate_request_state
 
     # Validates the Issuer of the Logout Request
     # If fails, the error is added to the errors array
-    # @return [Boolean] True if the Issuer matchs the IdP entityId, otherwise False if soft=True
+    # @return [Boolean] True if the Issuer matches the IdP entityId, otherwise False if soft=True
     # @raise [ValidationError] if soft == false and validation fails
     #
     def validate_issuer
@@ -224,8 +224,8 @@ def validate_issuer
       true
     end
 
-    # Validates the Signature if exists and GET parameters are provided
-    # @return [Boolean] True if not contains a Signature or if the Signature is valid, otherwise False if soft=True
+    # Validates the Signature if it exists and GET parameters are provided
+    # @return [Boolean] True if does not contain a Signature or if the Signature is valid, otherwise False if soft=True
     # @raise [ValidationError] if soft == false and validation fails
     #
     def validate_signature