Missing sp_session_init_time in ServiceProvider
I'm getting a nil error when signing into an application using :saml_protect
TypeError in CartController#home
can't convert nil into an exact number
activesupport (6.0.1) lib/active_support/core_ext/time/calculations.rb:274:in `-'
activesupport (6.0.1) lib/active_support/core_ext/time/calculations.rb:274:in `minus_with_duration'
activesupport (6.0.1) lib/active_support/core_ext/time/calculations.rb:285:in `minus_with_coercion'
/Users/ncox/workspace/saml_camel/app/models/saml_camel/service_provider.rb:67:in `check_expired_session'
/Users/ncox/workspace/saml_camel/app/models/saml_camel/service_provider.rb:195:in `validate_sp_session'
/Users/ncox/workspace/saml_camel/app/controllers/concerns/saml_camel/saml_service.rb:40:in `saml_protect'
...
I did some investigating and it seems like the sp_session_init_time
is not being set correctly inside the SamlCamel::ServiceProvider object. A check is made against the @user_cache
and if that comes back false, then the #set_saml_session_lifetime method is called as below:
https://gitlab.oit.duke.edu/da129/saml_camel/blob/master/app/models/saml_camel/service_provider.rb#L150
Based on my understanding of the Rails.cache.fetch method, the SamlCamel::ServiceProvider#set_saml_session_lifetime method is not actually updating the cache, because it does find the cache value for @cache_permit_key
the block does not run and add the :session_start_time
to the cache value hash.
This can be resolved by adding a force: true
option to the #fetch call, or using #write.
Rails.cache.fetch(@cache_permit_key, expires_in: sp_lifetime.hours, force: true) do
user_saml_cache
end
If this makes sense and seems reasonable, I can make a PR for it. I wanted to make sure you're not leaving the force
out for some other reason.