Commit 3572105
Changed files (2)
lib
saml
kit
spec
saml
lib/saml/kit/url_builder.rb
@@ -23,9 +23,9 @@ module Saml
saml_document.query_string_parameter => Content.encode_raw_saml(saml_document.to_xml),
'RelayState' => relay_state,
'SigAlg' => Saml::Kit::Namespaces::SHA256,
- }.map do |(x, y)|
- "#{x}=#{y}"
- end.join('&')
+ }.map do |(key, value)|
+ value.present? ? "#{key}=#{value}" : nil
+ end.compact.join('&')
payload = URI.encode(payload)
end
end
spec/saml/url_builder_spec.rb
@@ -41,6 +41,11 @@ RSpec.describe Saml::Kit::UrlBuilder do
expect(result).to include("RelayState=#{URI.encode(relay_state)}")
end
+ it 'excludes the relay state' do
+ query_params = to_query_params(subject.build(response))
+ expect(query_params['RelayState']).to be_nil
+ end
+
it 'includes a signature' do
result = subject.build(response, relay_state: relay_state)
query_params = to_query_params(result)
@@ -52,6 +57,17 @@ RSpec.describe Saml::Kit::UrlBuilder do
expected_signature = Base64.strict_encode64(Saml::Kit.configuration.signing_private_key.sign(OpenSSL::Digest::SHA256.new, payload))
expect(query_params['Signature']).to eql(expected_signature)
end
+
+ it 'generates the signature correctly when the relay state is absent' do
+ result = subject.build(response)
+ query_params = to_query_params(result)
+ expect(query_params['SigAlg']).to eql(URI.encode(Saml::Kit::Namespaces::SHA256))
+
+ payload = "#{query_string_parameter}=#{query_params[query_string_parameter]}"
+ payload << "&SigAlg=#{query_params['SigAlg']}"
+ expected_signature = Base64.strict_encode64(Saml::Kit.configuration.signing_private_key.sign(OpenSSL::Digest::SHA256.new, payload))
+ expect(query_params['Signature']).to eql(expected_signature)
+ end
end
end
end