main
1# frozen_string_literal: true
2
3RSpec.describe Saml::Kit::Cli::Commands::Decode do
4 let(:user) { User.new(SecureRandom.uuid) }
5
6 describe '#redirect' do
7 let(:command) { "decode redirect #{redirect_binding.serialize(builder)[0]}" }
8 let(:document) { builder.build }
9 let(:builder) do
10 Saml::Kit::AuthenticationRequest.builder do |x|
11 x.sign_with(Xml::Kit::KeyPair.generate(use: :signing))
12 end
13 end
14 let(:redirect_binding) do
15 Saml::Kit::Bindings::HttpRedirect.new(location: 'https://www.example.com/')
16 end
17
18 specify { expect(status).to be_success }
19 specify { expect(output).to include(document.to_xml(pretty: true)) }
20 specify { expect(output).to include("Decoded #{document.send(:name)}") }
21 specify { expect(output).not_to include('Signature Value') }
22 end
23
24 describe '#post' do
25 let(:post_binding) do
26 Saml::Kit::Bindings::HttpPost.new(location: 'https://www.example.com/')
27 end
28
29 context 'when the document is an AuthnRequest' do
30 let(:command) { "decode post #{post_binding.serialize(builder)[1]['SAMLRequest']}" }
31 let(:builder) { Saml::Kit::AuthenticationRequest.builder }
32 let(:document) { builder.build }
33
34 specify { expect(status).to be_success }
35 specify { expect(output).to include(document.to_xml(pretty: true)) }
36 specify { expect(output).to include("Decoded #{document.send(:name)}") }
37 end
38
39 context 'when the document is a Response' do
40 let(:command) { "decode post #{post_binding.serialize(builder)[1]['SAMLResponse']}" }
41 let(:builder) do
42 Saml::Kit::Response.builder(user) do |x|
43 x.sign_with(Xml::Kit::KeyPair.generate(use: :signing))
44 end
45 end
46 let(:document) { builder.build }
47
48 specify { expect(status).to be_success }
49 specify { expect(output).to include(document.to_xml(pretty: true)) }
50 specify { expect(output).to include("Decoded #{document.send(:name)}") }
51 specify { expect(output).to include(document.signature.certificate.x509.to_text) }
52 end
53
54 context 'when the document is a LogoutRequest' do
55 let(:command) { "decode post #{post_binding.serialize(builder)[1]['SAMLRequest']}" }
56 let(:builder) { Saml::Kit::LogoutRequest.builder(user) }
57 let(:document) { builder.build }
58
59 specify { expect(status).to be_success }
60 specify { expect(output).to include(document.to_xml(pretty: true)) }
61 specify { expect(output).to include("Decoded #{document.send(:name)}") }
62 specify { expect(output).to include(user.id) }
63 end
64
65 context 'when the document is a LogoutResponse' do
66 let(:command) { "decode post #{post_binding.serialize(builder)[1]['SAMLResponse']}" }
67 let(:builder) { Saml::Kit::LogoutResponse.builder(request) }
68 let(:request) { instance_double(Saml::Kit::AuthenticationRequest, id: Xml::Kit::Id.generate) }
69 let(:document) { builder.build }
70
71 specify { expect(status).to be_success }
72 specify { expect(output).to include(document.to_xml(pretty: true)) }
73 specify { expect(output).to include("Decoded #{document.send(:name)}") }
74 end
75
76 context 'when the document is Invalid' do
77 let(:command) { "decode post #{Base64.encode64('INVALID')}" }
78
79 specify { expect(status).to be_success }
80 specify { expect(output).to include('error Decoded InvalidDocument') }
81 end
82 end
83
84 describe '#raw' do
85 let(:command) { "decode raw #{tempfile}" }
86 let(:tempfile) { Tempfile.new('saml-kit').path }
87 let(:document) { Saml::Kit::AuthenticationRequest.build }
88
89 before { IO.write(tempfile, document.to_xml) }
90 after { File.unlink(tempfile) }
91
92 specify { expect(status).to be_success }
93 specify { expect(output).to include(document.to_xml(pretty: true)) }
94 specify { expect(output).to include("Decoded #{document.send(:name)}") }
95 end
96end