Closed Arie closed 6 years ago
btalbot
commented
6 years ago Since the change was unannounced (AFAIK) and there's a non-zero chance that steam might change it back on a whim, I'd prefer a more robust solution to allow http or https. Something like https://github.com/iJJi/omniauth-steam/commit/29cb118de793065798d4ff3298bf74fc8b1e9afd
[edit] and https://github.com/iJJi/omniauth-steam/commit/368049fb44481a8d1de45a84fd1f6448900cac9d with regexp anchors
fbluemel
commented
6 years ago +1 to a robust solution, but ...
Regexp#match? is Ruby 2.4 -- since the gemspec does not declare a min version, it might be better to just use good old Regexp#match ... but I admit I may be biased because I'm too lazy to upgrade from 2.3
MisterTakaashi
commented
6 years ago I merged all your ideas in #31, I hope it's ok for you @Arie too 👍
Arie
commented
6 years ago It's way better than my PR :)
btalbot
commented
6 years ago Thanks for making a better patch. I had to be out of town for a few days and could not get back to this. I like #31 too.
Steam started returning a https uri in the openid response, causing a mismatch with the expected uri. This PR just changes it to expect an https uri.