diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml index 3e8096d..60c91ad 100644 --- a/.rubocop_todo.yml +++ b/.rubocop_todo.yml @@ -25,7 +25,7 @@ Metrics/BlockNesting: # Configuration parameters: CountComments, CountAsOne. Metrics/ClassLength: - Max: 148 + Max: 150 # Configuration parameters: AllowedMethods, AllowedPatterns. Metrics/CyclomaticComplexity: @@ -88,7 +88,7 @@ RSpec/NamedSubject: # Configuration parameters: AllowedGroups. RSpec/NestedGroups: - Max: 5 + Max: 6 # Configuration parameters: EnforcedStyle, AllowedPatterns. # SupportedStyles: snake_case, camelCase diff --git a/lib/omniauth/strategies/cas.rb b/lib/omniauth/strategies/cas.rb index 77868ac..d60e9fe 100644 --- a/lib/omniauth/strategies/cas.rb +++ b/lib/omniauth/strategies/cas.rb @@ -65,9 +65,11 @@ class InvalidCASTicket < StandardError; end end extra do - prune!( - raw_info.delete_if { |k, _v| AUTH_HASH_SCHEMA_KEYS.include?(k) } - ) + if skip_info? + {} + else + prune!(raw_info.dup.delete_if { |k, _v| AUTH_HASH_SCHEMA_KEYS.include?(k) }) + end end uid do diff --git a/spec/omniauth/strategies/cas_spec.rb b/spec/omniauth/strategies/cas_spec.rb index 91dee3a..6a272b7 100644 --- a/spec/omniauth/strategies/cas_spec.rb +++ b/spec/omniauth/strategies/cas_spec.rb @@ -203,6 +203,26 @@ expect(subject.hire_date).to eq '2004-07-13' expect(subject.roles).to eq %w[senator lobbyist financier] end + + context 'when skip_info? is specified' do + let(:app) do + Rack::Builder.new do + use OmniAuth::Test::PhonySession + use MyCasProvider, + name: :cas, + host: 'cas.example.org', + ssl: false, + port: 8080, + uid_field: :employeeid, + skip_info: true + run ->(env) { [404, { 'Content-Type' => 'text/plain' }, [env.key?('omniauth.auth').to_s]] } + end.to_app + end + + it 'does not include additional user attributes' do + expect(subject).to be_empty + end + end end context 'the credentials hash' do