From c2c538c37155624b39c564ea59a2ba1ccb647cdb Mon Sep 17 00:00:00 2001
From: Charles Jones <cbj3@chuckbjones.com>
Date: Sun, 19 Oct 2014 17:19:45 -0500
Subject: [PATCH 1/3] Allow for namespaces outside of the root element in
 single sign out requests

---
 lib/omniauth/strategies/cas/logout_request.rb | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/lib/omniauth/strategies/cas/logout_request.rb b/lib/omniauth/strategies/cas/logout_request.rb
index eba676c..17a1b89 100644
--- a/lib/omniauth/strategies/cas/logout_request.rb
+++ b/lib/omniauth/strategies/cas/logout_request.rb
@@ -31,8 +31,9 @@ def call(options = {})
         def logout_request
           @logout_request ||= begin
             saml = Nokogiri.parse(@request.params['logoutRequest'])
-            name_id = saml.xpath('//saml:NameID').text
-            sess_idx = saml.xpath('//samlp:SessionIndex').text
+            ns = saml.collect_namespaces
+            name_id = saml.xpath('//saml:NameID', ns).text
+            sess_idx = saml.xpath('//samlp:SessionIndex', ns).text
             inject_params(name_id:name_id, session_index:sess_idx)
             @request
           end

From 81c2ae58310cb4b2060569fe0c94a96440150cbf Mon Sep 17 00:00:00 2001
From: njfranck <njfranck@ca20c521.ugent.be>
Date: Tue, 1 Sep 2015 13:57:23 +0200
Subject: [PATCH 2/3] use method update_param instead of updating environment
 variable rack.input

---
 lib/omniauth/strategies/cas/logout_request.rb | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/lib/omniauth/strategies/cas/logout_request.rb b/lib/omniauth/strategies/cas/logout_request.rb
index 17a1b89..0318bab 100644
--- a/lib/omniauth/strategies/cas/logout_request.rb
+++ b/lib/omniauth/strategies/cas/logout_request.rb
@@ -40,9 +40,11 @@ def logout_request
         end
 
         def inject_params(new_params)
-          rack_input = @request.env['rack.input'].read
-          params = Rack::Utils.parse_query(rack_input, '&').merge new_params
-          @request.env['rack.input'] = StringIO.new(Rack::Utils.build_query(params))
+          #params is only read once from env['rack.input'] so updating this environment variable has no use
+          #cf. https://github.com/rack/rack/blob/master/lib/rack/request.rb
+          new_params.each do |k,v|
+            @request.update_param(k,v)
+          end
         rescue
           # A no-op intended to ensure that the ensure block is run
           raise

From 456dde83ba721828be313de8182e03a6cf32929d Mon Sep 17 00:00:00 2001
From: njfranck <njfranck@ca20c521.ugent.be>
Date: Wed, 2 Sep 2015 09:11:25 +0200
Subject: [PATCH 3/3] remove comments and rescue block

---
 lib/omniauth/strategies/cas/logout_request.rb | 7 -------
 1 file changed, 7 deletions(-)

diff --git a/lib/omniauth/strategies/cas/logout_request.rb b/lib/omniauth/strategies/cas/logout_request.rb
index 0318bab..9fa1654 100644
--- a/lib/omniauth/strategies/cas/logout_request.rb
+++ b/lib/omniauth/strategies/cas/logout_request.rb
@@ -40,16 +40,9 @@ def logout_request
         end
 
         def inject_params(new_params)
-          #params is only read once from env['rack.input'] so updating this environment variable has no use
-          #cf. https://github.com/rack/rack/blob/master/lib/rack/request.rb
           new_params.each do |k,v|
             @request.update_param(k,v)
           end
-        rescue
-          # A no-op intended to ensure that the ensure block is run
-          raise
-        ensure
-          @request.env['rack.input'].rewind
         end
 
         def single_sign_out_callback