Commit 27f4fb7

mo <mo@mokhan.ca>
2017-12-13 02:40:37
encrypt the response if the provider has an encryption certificate.
main
1 parent 09765c3
Changed files (2)
lib
saml
kit
builders
response.rb
spec
saml
builders
response_spec.rb
lib/saml/kit/builders/response.rb
@@ -19,7 +19,7 @@ module Saml
           @status_code = Namespaces::SUCCESS
           @issuer = configuration.issuer
           @sign = want_assertions_signed
-          @encrypt = false
+          @encrypt = encryption_certificate.present?
           @configuration = configuration
         end
 
@@ -42,6 +42,9 @@ module Saml
 
         def encryption_certificate
           request.provider.encryption_certificates.first
+        rescue => error
+          Saml::Kit.logger.error(error)
+          nil
         end
 
         def response_options
spec/saml/builders/response_spec.rb
@@ -35,6 +35,7 @@ RSpec.describe Saml::Kit::Builders::Response do
       travel_to 1.second.from_now
       allow(Saml::Kit.configuration).to receive(:issuer).and_return(issuer)
       subject.destination = assertion_consumer_service_url
+      subject.encrypt = false
       hash = Hash.from_xml(subject.to_xml)
 
       expect(hash['Response']['ID']).to be_present