Commit 074d2ea
Changed files (2)
lib
saml
kit
spec
saml
lib/saml/kit/response.rb
@@ -11,6 +11,7 @@ module Saml
validate :must_be_response
validate :must_be_registered
validate :must_match_xsd
+ validate :must_be_valid_version
def initialize(xml)
@content = xml
@@ -40,6 +41,10 @@ module Saml
@xml_hash[name]['Destination']
end
+ def version
+ @xml_hash[name]['Version']
+ end
+
def to_xml
content
end
@@ -97,6 +102,12 @@ module Saml
matches_xsd?(PROTOCOL_XSD)
end
+ def must_be_valid_version
+ return unless login_response?
+ return if "2.0" == version
+ errors[:base] << error_message(:invalid)
+ end
+
def login_response?
return false if to_xml.blank?
@xml_hash[name].present?
@@ -105,6 +116,7 @@ module Saml
class Builder
attr_reader :user, :request
attr_accessor :id, :reference_id, :now, :name_id_format
+ attr_accessor :version
def initialize(user, request)
@user = user
@@ -113,6 +125,7 @@ module Saml
@reference_id = SecureRandom.uuid
@now = Time.now.utc
@name_id_format = Namespaces::PERSISTENT
+ @version = "2.0"
end
def to_xml
@@ -167,7 +180,7 @@ module Saml
def response_options
{
ID: "_#{id}",
- Version: "2.0",
+ Version: version,
IssueInstant: now.iso8601,
Destination: request.acs_url,
Consent: Namespaces::UNSPECIFIED,
spec/saml/response_spec.rb
@@ -194,5 +194,12 @@ RSpec.describe Saml::Kit::Response do
end
expect(described_class.new(signature.finalize(xml))).to be_invalid
end
+
+ it 'validates the version' do
+ allow(registry).to receive(:metadata_for).and_return(metadata)
+ allow(metadata).to receive(:matches?).and_return(true)
+ builder.version = "1.1"
+ expect(described_class.new(builder.to_xml)).to be_invalid
+ end
end
end