Commit 0fa1190
Changed files (3)
lib
saml
kit
locales
spec
saml
lib/saml/kit/locales/en.yml
@@ -26,6 +26,8 @@ en:
invalid_response_to: "must match request id."
invalid_version: "must be 2.0."
unregistered: "must originate from registered identity provider."
+ Signature:
+ digest_value: "is invalid."
SPSSODescriptor:
invalid: "must contain SPSSODescriptor."
invalid_signature: "invalid signature."
lib/saml/kit/signature.rb
@@ -2,11 +2,15 @@ module Saml
module Kit
class Signature
include ActiveModel::Validations
+ include Translatable
validate :validate_signature
validate :validate_certificate
+ attr_reader :name
+
def initialize(xml_hash)
+ @name = "Signature"
if xml_hash.is_a?(Hash)
@xml_hash = xml_hash
else
@@ -44,7 +48,9 @@ module Saml
signature = Xmldsig::Signature.new(@document, 'ID=$uri or @Id')
unless signature.valid?(certificate.x509)
- signature.errors.each { |error| errors.add(error, "is invalid") }
+ signature.errors.each do |attribute|
+ errors.add(attribute, error_message(attribute))
+ end
end
end
spec/saml/signature_spec.rb
@@ -15,6 +15,7 @@ RSpec.describe Saml::Kit::Signature do
it 'is invalid when the xml has been tampered' do
signed_document.at_xpath('//saml:Issuer').content = "INVALID"
expect(subject).to_not be_valid
+ expect(subject.errors[:digest_value]).to be_present
end
it 'is invalid when the signature is missing' do