Commit 2009de7
Changed files (6)
lib/saml/kit/authentication_request.rb
@@ -3,7 +3,6 @@ module Saml
class AuthenticationRequest < Document
include Requestable
validates_presence_of :acs_url, if: :expected_type?
- validate :must_be_registered
def initialize(xml)
super(xml, name: "AuthnRequest")
@@ -33,16 +32,6 @@ module Saml
return acs_urls.first[:location] if acs_urls.any?
end
- def must_be_registered
- return unless expected_type?
- if provider.nil?
- errors[:service_provider] << error_message(:unregistered)
- return
- end
- return if trusted?
- errors[:fingerprint] << error_message(:invalid_fingerprint)
- end
-
class Builder
attr_accessor :id, :now, :issuer, :acs_url, :name_id_format, :sign, :destination
attr_accessor :version
lib/saml/kit/logout_request.rb
@@ -3,7 +3,6 @@ module Saml
class LogoutRequest < Document
include Requestable
validates_presence_of :single_logout_service, if: :expected_type?
- validate :must_be_registered
def initialize(xml)
super(xml, name: "LogoutRequest")
@@ -29,15 +28,6 @@ module Saml
private
- def must_be_registered
- return unless expected_type?
- if provider.nil?
- errors[:provider] << error_message(:unregistered)
- return
- end
- return if trusted?
- errors[:fingerprint] << error_message(:invalid_fingerprint)
- end
class Builder
lib/saml/kit/response.rb
@@ -5,7 +5,6 @@ module Saml
attr_reader :request_id
validates_presence_of :id
- validate :must_be_registered
validate :must_be_valid_version
validates_inclusion_of :status_code, in: [Namespaces::SUCCESS]
@@ -51,13 +50,6 @@ module Saml
private
- def must_be_registered
- return unless expected_type?
- return if trusted?
-
- errors[:base] << error_message(:unregistered)
- end
-
def must_be_valid_version
return unless expected_type?
return if "2.0" == version
lib/saml/kit/trustable.rb
@@ -5,6 +5,7 @@ module Saml
included do
validate :must_have_valid_signature
+ validate :must_be_registered
end
def certificate
@@ -46,6 +47,16 @@ module Saml
errors[:base] << error
end
end
+
+ def must_be_registered
+ return unless expected_type?
+ if provider.nil?
+ errors[:provider] << error_message(:unregistered)
+ return
+ end
+ return if trusted?
+ errors[:fingerprint] << error_message(:invalid_fingerprint)
+ end
end
end
end
spec/saml/authentication_request_spec.rb
@@ -99,7 +99,7 @@ RSpec.describe Saml::Kit::AuthenticationRequest do
builder = described_class::Builder.new
subject = described_class.new(builder.to_xml)
expect(subject).to be_invalid
- expect(subject.errors[:service_provider]).to be_present
+ expect(subject.errors[:provider]).to be_present
end
it 'is invalid when an assertion consumer service url is not provided' do
spec/saml/response_spec.rb
@@ -120,7 +120,7 @@ RSpec.describe Saml::Kit::Response do
allow(metadata).to receive(:matches?).and_return(false)
subject = described_class.new(builder.to_xml)
expect(subject).to be_invalid
- expect(subject.errors[:base]).to be_present
+ expect(subject.errors[:fingerprint]).to be_present
end
it 'validates the schema of the response' do