1require_relative './principal'
 2
 3RSpec.describe "Logout Response" do
 4  let(:user) { Principal.new(id: SecureRandom.uuid, email: "hello@example.com") }
 5
 6  it 'generates a logout response' do
 7    xml = Saml::Kit::Metadata.build_xml do |builder|
 8      builder.contact_email = 'hi@example.com'
 9      builder.organization_name = "Acme, Inc"
10      builder.organization_url = 'https://www.example.com'
11      builder.build_identity_provider do |x|
12        x.add_single_sign_on_service('https://www.example.com/login', binding: :http_post)
13        x.add_single_sign_on_service('https://www.example.com/login', binding: :http_redirect)
14        x.add_single_logout_service('https://www.example.com/logout', binding: :http_post)
15        x.name_id_formats = [ Saml::Kit::Namespaces::EMAIL_ADDRESS ]
16        x.attributes << :id
17        x.attributes << :email
18      end
19      builder.build_service_provider do |x|
20        x.add_assertion_consumer_service('https://www.example.com/consume', binding: :http_post)
21        x.add_single_logout_service('https://www.example.com/logout', binding: :http_post)
22      end
23    end
24
25    idp = Saml::Kit::IdentityProviderMetadata.new(xml)
26    url, saml_params = idp.logout_request_for(user, binding: :http_post)
27    uri = URI.parse("#{url}?#{saml_params.map { |(x, y)| "#{x}=#{y}" }.join('&')}")
28
29    raw_params = Hash[uri.query.split("&amp;").map { |x| x.split("=", 2) }].symbolize_keys
30
31    binding = idp.single_logout_service_for(binding: :http_post)
32    saml_request = binding.deserialize(raw_params)
33    sp = Saml::Kit::ServiceProviderMetadata.new(xml)
34    allow(saml_request).to receive(:provider).and_return(sp)
35    url, saml_params = saml_request.response_for(binding: :http_post)
36    expect(url).to eql("https://www.example.com/logout")
37    expect(saml_params['SAMLResponse']).to be_present
38  end
39end