From 5fb72752be54e0593aed191d67d7608d74b02911 Mon Sep 17 00:00:00 2001 From: Alex Coomans Date: Mon, 10 Aug 2020 15:48:15 -0500 Subject: [PATCH] Remove ca_file and require_cert options to the config builder as we no longer verify the certificate chain --- CHANGES.md | 5 +++++ lib/rails/auth/config_builder.rb | 7 ------- 2 files changed, 5 insertions(+), 7 deletions(-) diff --git a/CHANGES.md b/CHANGES.md index 0f4644b..45db53c 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -1,5 +1,10 @@ ### Unreleased +* [#68](https://github.com/square/rails-auth/pull/68) + Remove `ca_file` and `require_cert` options to the config builder as we no + longer verify the certificate chain. + ([@drcapulet]) + * [#67](https://github.com/square/rails-auth/pull/67) Remove `ca_file`, `require_cert`, and `truststore` options to X509 middleware as we no longer verify the certificate chain. diff --git a/lib/rails/auth/config_builder.rb b/lib/rails/auth/config_builder.rb index 16a821d..2907b45 100644 --- a/lib/rails/auth/config_builder.rb +++ b/lib/rails/auth/config_builder.rb @@ -31,22 +31,15 @@ def test(config) def production( config, cert_filters: nil, - require_cert: false, - ca_file: nil, error_page: Rails.root.join("public/403.html"), monitor: nil ) - raise ArgumentError, "no cert_filters given but require_cert is true" if require_cert && !cert_filters - raise ArgumentError, "no ca_file given but cert_filters were set" if cert_filters && !ca_file - error_page_middleware(config, error_page) if cert_filters config.middleware.insert_before Rails::Auth::ACL::Middleware, Rails::Auth::X509::Middleware, - require_cert: require_cert, cert_filters: cert_filters, - ca_file: ca_file, logger: Rails.logger end