Fix Rubocop

pitbulk · pitbulk · commit a7c847fedbed · 2025-11-30T11:58:39.000+01:00
diff --git a/lib/ruby_saml/idp_metadata_parser.rb b/lib/ruby_saml/idp_metadata_parser.rb
@@ -161,7 +161,12 @@ def parse_to_array(idp_metadata, options = {})
     end
 
     def parse_to_idp_metadata_array(idp_metadata, options = {})
-      @document = RubySaml::XML.safe_load_xml(idp_metadata, check_malformed_doc: true)
+      begin
+        @document = RubySaml::XML.safe_load_xml(idp_metadata, check_malformed_doc: true)
+      rescue StandardError => e
+        raise ArgumentError.new("XML load failed: #{e.message}") if e.message != 'Empty document'
+      end
+
       @options = options
 
       idpsso_descriptors = self.class.get_idps(@document, options[:entity_id])
diff --git a/lib/ruby_saml/logoutresponse.rb b/lib/ruby_saml/logoutresponse.rb
@@ -33,6 +33,8 @@ def initialize(response, settings = nil, options = {})
       raise ArgumentError.new("Logoutresponse cannot be nil") if response.nil?
       @settings = settings
 
+      raise ValidationError.new("Invalid settings type: expected RubySaml::Settings, got #{@settings.class.name}") if !@settings.is_a?(Settings) && !@settings.nil?
+
       if settings.nil? || settings.soft.nil?
         @soft = true
       else
@@ -44,8 +46,8 @@ def initialize(response, settings = nil, options = {})
       begin
         @document = RubySaml::XML.safe_load_xml(@response, check_malformed_doc: @soft)
       rescue StandardError => e
-        @errors << e.message if e.message != "Empty document"
-        return false if @soft
+        @errors << "XML load failed: #{e.message}" if e.message != "Empty document"
+        return if @soft
         raise ValidationError.new("XML load failed: #{e.message}") if e.message != "Empty document"
       end
 
diff --git a/lib/ruby_saml/response.rb b/lib/ruby_saml/response.rb
@@ -1,6 +1,5 @@
 # frozen_string_literal: true
 
-
 require "ruby_saml/settings"
 require "ruby_saml/xml"
 require "ruby_saml/attributes"
@@ -58,25 +57,23 @@ def initialize(response, options = {})
       unless options[:settings].nil?
         @settings = options[:settings]
 
-        raise ValidationError.new("Invalid settings type: expected RubySaml::Settings, got #{@settings. class. name}") if !@settings.is_a?(Settings) && !@settings.nil?
+        raise ValidationError.new("Invalid settings type: expected RubySaml::Settings, got #{@settings.class.name}") if !@settings.is_a?(Settings) && !@settings.nil?
 
-        @soft = @settings&.respond_to?(:soft) && !@settings.soft.nil?  ? @settings.soft : true
+        @soft = @settings.respond_to?(:soft) && !@settings.soft.nil?  ? @settings.soft : true
         message_max_bytesize = @settings.message_max_bytesize if @settings.respond_to?(:message_max_bytesize)
       end
 
       @response = RubySaml::XML::Decoder.decode_message(response, message_max_bytesize)
       begin
         @document = RubySaml::XML.safe_load_xml(@response, check_malformed_doc: @soft)
       rescue StandardError => e
-        @errors << "XML load failed: #{e.message}" if e.message != "Empty document"
-        return false if @soft
-        raise ValidationError.new("XML load failed: #{e.message}") if e.message != "Empty document"
+        @errors << "XML load failed: #{e.message}" if e.message != 'Empty document'
+        return if @soft
+        raise ValidationError.new("XML load failed: #{e.message}") if e.message != 'Empty document'
       end
 
-      unless @document.nil?
-        if assertion_encrypted?
+      if !@document.nil? && assertion_encrypted?
           @decrypted_document = generate_decrypted_document
-        end
       end
 
       super()
diff --git a/lib/ruby_saml/slo_logoutrequest.rb b/lib/ruby_saml/slo_logoutrequest.rb
@@ -36,16 +36,20 @@ def initialize(request, options = {})
       @soft = true
       unless options[:settings].nil?
         @settings = options[:settings]
-        @soft = @settings.soft unless @settings.soft.nil?
+
+        raise ValidationError.new("Invalid settings type: expected RubySaml::Settings, got #{@settings.class.name}") if !@settings.is_a?(Settings) && !@settings.nil?
+
+        @soft = @settings.respond_to?(:soft) && !@settings.soft.nil? ? @settings.soft : true
+        message_max_bytesize = @settings.message_max_bytesize if @settings.respond_to?(:message_max_bytesize)
       end
 
-      @request = RubySaml::XML::Decoder.decode_message(request, @settings&.message_max_bytesize)
+      @request = RubySaml::XML::Decoder.decode_message(request, message_max_bytesize)
       begin
         @document = RubySaml::XML.safe_load_xml(@request, check_malformed_doc: @soft)
       rescue StandardError => e
-        @errors << e.message if e.message != "Empty document"
-        return false if @soft
-        raise ValidationError.new("XML load failed: #{e.message}") if e.message != "Empty document"
+        @errors << "XML load failed: #{e.message}" if e.message != 'Empty document'
+        return if @soft
+        raise ValidationError.new("XML load failed: #{e.message}") if e.message != 'Empty document'
       end
 
       super()
diff --git a/lib/ruby_saml/xml.rb b/lib/ruby_saml/xml.rb
@@ -59,21 +59,21 @@ def safe_load_xml(document, check_malformed_doc: true)
       raise StandardError.new('Dangerous XML detected. No Doctype nodes allowed') if doc_str.include?('<!DOCTYPE')
 
       begin
-        xml = Nokogiri::XML(doc_str) do |config|
+        doc = Nokogiri::XML(doc_str) do |config|
           config.options = NOKOGIRI_OPTIONS
         end
       rescue StandardError => e
         raise StandardError.new(e.message)
       rescue SyntaxError => e
-        raise StandardError.new(e.message) if check_malformed_doc && e.message != "Empty document"
+        raise StandardError.new(e.message) if check_malformed_doc && e.message != 'Empty document'
       end
 
-      if xml && xml.is_a?(Nokogiri::XML::Document)
-        StandardError.new('Dangerous XML detected. No Doctype nodes allowed') if xml.internal_subset
-        StandardError.new("There were XML errors when parsing: #{xml.errors}") if check_malformed_doc && !xml.errors.empty?
+      if doc.is_a?(Nokogiri::XML::Document)
+        StandardError.new('Dangerous XML detected. No Doctype nodes allowed') if doc.internal_subset
+        StandardError.new("There were XML errors when parsing: #{doc.errors}") if check_malformed_doc && !doc.errors.empty?
       end
 
-      xml
+      doc
     end
 
     def copy_xml(noko)
diff --git a/lib/ruby_saml/xml/decryptor.rb b/lib/ruby_saml/xml/decryptor.rb
@@ -11,8 +11,13 @@ module Decryptor
       # @param decryption_keys [Array] Array of private keys for decryption
       # @return [Nokogiri::XML::Document] The SAML document with assertions decrypted
       def decrypt_document(document, decryption_keys)
-        # Copy the document
-        document = RubySaml::XML.safe_load_xml(document.to_s, check_malformed_doc: true)
+        # Copy the document to avoid modifying the original one
+        begin
+          document = RubySaml::XML.safe_load_xml(document.to_s, check_malformed_doc: true)
+        rescue StandardError => e
+          raise ValidationError.new("XML load failed: #{e.message}") if e.message != 'Empty document'
+        end
+
         validate_decryption_keys!(decryption_keys)
 
         response_node = document.at_xpath(
diff --git a/lib/ruby_saml/xml/document_signer.rb b/lib/ruby_saml/xml/document_signer.rb
@@ -27,7 +27,11 @@ module DocumentSigner
       #   <Object />
       # </Signature>
       def sign_document(document, private_key, certificate, signature_method = RubySaml::XML::RSA_SHA256, digest_method = RubySaml::XML::SHA256)
-        noko = RubySaml::XML.safe_load_xml(document.to_s, check_malformed_doc: true)
+        begin
+          noko = RubySaml::XML.safe_load_xml(document.to_s, check_malformed_doc: true)
+        rescue StandardError => e
+          raise ValidationError.new("XML load failed: #{e.message}") if e.message != 'Empty document'
+        end
 
         sign_document!(noko, private_key, certificate, signature_method, digest_method)
       end
diff --git a/lib/ruby_saml/xml/signed_document_info.rb b/lib/ruby_saml/xml/signed_document_info.rb
@@ -13,16 +13,17 @@ class SignedDocumentInfo
       # @param noko [Nokogiri::XML] The XML document to validate
       # @param check_malformed_doc [Boolean] Whether to check for malformed documents
       def initialize(noko, check_malformed_doc: true)
-        noko = if noko.is_a?(Nokogiri::XML::Document)
-                 RubySaml::XML.copy_xml(noko)
-               else
+        @noko = if noko.is_a?(Nokogiri::XML::Document)
+                  RubySaml::XML.copy_xml(noko)
+                else
                   begin
-                    @document = RubySaml::XML.safe_load_xml(noko, check_malformed_doc: check_malformed_doc)
+                    RubySaml::XML.safe_load_xml(noko, check_malformed_doc: check_malformed_doc)
                   rescue StandardError => e
-                    raise ValidationError.new("XML load failed: #{e.message}") if e.message != "Empty document"
+                    raise ValidationError.new("XML load failed: #{e.message}") if e.message != 'Empty document'
+
+                    nil
                   end
-               end
-        @noko = noko
+                end
         @check_malformed_doc = check_malformed_doc
       end
 
