Remove canonix dependency

[brendon]

Glad to see that Nokogiri has canonicalisation support now! You can safely remove the canonix dependency :)

[jkamenik]

+1 for this.

This has caused me a lot of grief with attributes. Canonix is rearranging and in some cases removing attributes. This causes the digests to fail. Nokogiri (for some reason) seems to be able to deal with this situation more consistently.

[brendon]

Lol, I forgot about this! It's failing but not because of my change :)

[dteoh]

I would really like to see this fixed, I am also running into digest mismatch errors.

[brendon]

Hi Douglas, this library is no longer maintained and isn't actively used in
ruby-saml. I'd suggest using the nokogiri methods instead.

On Wed, Feb 5, 2014 at 6:52 PM, Douglas Teoh notifications@github.comwrote:

I would really like to see this fixed, I am also running into digest
mismatch errors.

Reply to this email directly or view it on GitHubhttps://github.com//pull/97#issuecomment-34139687
.

[dteoh]

Hmmm, OK, I was really hoping that this was the source of the the digest mismatch issues that I'm encountering sporadically. I'm indirectly using ruby-saml through omniauth-saml.

[brendon]

The only thing I can think of is that omniauth-saml is using an old version
of ruby-saml?

On Wed, Feb 5, 2014 at 7:52 PM, Douglas Teoh notifications@github.comwrote:

Hmmm, OK, I was really hoping that this was the source of the the digest
mismatch issues that I'm encountering sporadically. I'm indirectly using
ruby-saml through omniauth-saml.

Reply to this email directly or view it on GitHubhttps://github.com//pull/97#issuecomment-34141862
.

[dteoh]

IIRC, it is using ruby-saml v0.7.2. I'm using omniauth-saml v1.1.0.

[brendon]

Yea, that's pretty weird, I definitely know they don't use our functions
though. It might pay to walk through their code and see where it's messing
things up for you. I have a ticket open to remove canonix from their
gemspec.

On Wed, Feb 5, 2014 at 8:33 PM, Douglas Teoh notifications@github.comwrote:

IIRC, it is using ruby-saml v0.7.2. I'm using omniauth-saml v1.1.0.

Reply to this email directly or view it on GitHubhttps://github.com//pull/97#issuecomment-34143491
.

[dteoh]

Today, I traced it down to what I believe is a multiple encoding/decoding bug involving ampersand literals.

I'm not sure whether ruby-saml is at fault, the SAML setup (I'm bridging with another SAML provider), or the SAML software (SimpleSAMLphp). I can see that the history of xml_security.rb contains a bunch of attempts at fixing bad ampersands so I'll have to try and figure out what should be the "correct" ampersand representation for my setup.

[brendon]

Thanks Douglas, glad to hear you're close to figuring it out :) Close the
ticket if you think you've found the real cause elsewhere :)

Cheers,

Brendon

On Thu, Feb 6, 2014 at 9:09 PM, Douglas Teoh notifications@github.comwrote:

Today, I traced it down to what I believe is a multiple encoding/decoding
bug involving ampersands literals (&).

I'm not sure whether ruby-saml is at fault, the SAML setup (I'm bridging
with another SAML provider), or the SAML software (SimpleSAMLphp). I can
see that the history of xml_security.rb contains a bunch of attempts at
fixing bad ampersands so I'll have to try and figure out what should be the
"correct" ampersand representation for my setup.

Reply to this email directly or view it on GitHubhttps://github.com//pull/97#issuecomment-34300730
.

[Lordnibbler]

@brendon @dteoh did you guys decide this was an issue from elsewhere?

If so, please close the ticket.

If not, can you please rebase off master and re-run the specs?

Do you suggest we remove canonix from the gemspec?

[brendon]

Lol, I didn't realise I was replying to this pull request from the email :) Yes having canonix listed as a gem in this project is still a problem. I've rebased and the tests run fine now. You can merge :)

[Lordnibbler]

@brendon thanks for the changes 👍 sorry we took so long to merge!

[brendon]

You're welcome :)