Commit 9651bd5

mo <mo.khan@gmail.com>
2017-12-22 22:18:10
add specs.
main
1 parent 999e479
Changed files (4)
app
controllers
concerns
saml_respondable.rb
spec
requests
sessions_controller_spec.rb
Gemfile
Gemfile.lock
app/controllers/concerns/saml_respondable.rb
@@ -2,12 +2,15 @@ module SamlRespondable
   extend ActiveSupport::Concern
 
   def saml_params(allowed_params = [:SAMLRequest, :SAMLResponse, :SAMLEncoding, :SigAlg, :Signature, :RelayState])
-    if request.post?
-      params.permit(*allowed_params)
-    else
-      result = Hash[request.query_string.split("&amp;").map { |x| x.split("=", 2) }].symbolize_keys
-      result.reject! { |key, value| !allowed_params.include?(key.to_sym) }
-      result
-    end
+    @saml_params ||=
+      if request.post?
+        params.permit(*allowed_params)
+      else
+        query_string = request.query_string
+        on = query_string.include?("&amp;") ? "&amp;" : "&"
+        result = Hash[query_string.split(on).map { |x| x.split("=", 2) }].symbolize_keys
+        result.reject! { |key, value| !allowed_params.include?(key.to_sym) }
+        result
+      end
   end
 end
spec/requests/sessions_controller_spec.rb
@@ -83,5 +83,31 @@ describe SessionsController do
 
       expect(response).to redirect_to('/dashboard')
     end
+
+    it 'posts the response back to the ACS endpoint' do
+      allow(registry).to receive(:metadata_for).with(issuer).and_return(sp_metadata)
+      redirect_binding = Saml::Kit::Bindings::HttpRedirect.new(location: new_session_url)
+      get redirect_binding.serialize(Saml::Kit::AuthenticationRequest.builder)[0]
+
+      post '/session', params: { user: { email: user.email, password: password } }
+
+      expect(response).to have_http_status(:ok)
+      expect(response.body).to include(sp_metadata.assertion_consumer_service_for(binding: :http_post).location)
+      expect(response.body).to include('SAMLResponse')
+    end
+
+    it 'includes the RelayState in the response' do
+      relay_state = SecureRandom.uuid
+      allow(registry).to receive(:metadata_for).with(issuer).and_return(sp_metadata)
+      redirect_binding = Saml::Kit::Bindings::HttpRedirect.new(location: new_session_url)
+
+      get redirect_binding.serialize(Saml::Kit::AuthenticationRequest.builder, relay_state: relay_state)[0]
+
+      post '/session', params: { user: { email: user.email, password: password } }
+
+      expect(response).to have_http_status(:ok)
+      expect(response.body).to include('RelayState')
+      expect(response.body).to include(relay_state)
+    end
   end
 end
Gemfile
@@ -61,7 +61,7 @@ end
 # Windows does not include zoneinfo files, so bundle the tzinfo-data gem
 gem 'tzinfo-data', platforms: [:mingw, :mswin, :x64_mingw, :jruby]
 gem 'dotenv-rails'
-gem 'saml-kit', '0.2.15'
+gem 'saml-kit', '0.2.17'
 gem 'rails-assets-bootstrap', source: 'https://rails-assets.org'
 gem 'jwt'
 gem 'activerecord-session_store'
Gemfile.lock
@@ -177,7 +177,7 @@ GEM
     ruby_dep (1.5.0)
     rubyzip (1.2.1)
     safe_yaml (1.0.4)
-    saml-kit (0.2.15)
+    saml-kit (0.2.17)
       activemodel (>= 4.2.0)
       builder (~> 3.2)
       nokogiri (~> 1.8)
@@ -261,7 +261,7 @@ DEPENDENCIES
   rails-controller-testing
   rails_12factor
   rspec-rails (~> 3.6)
-  saml-kit (= 0.2.15)
+  saml-kit (= 0.2.17)
   sass-rails (~> 5.0)
   selenium-webdriver
   spring