Commit 3d63acb

mo <mo.khan@gmail.com>
2018-01-27 18:59:04
fix how error messages are aggregated from xml-kit tag: v1.0.1
main
1 parent 3b8aa3f
Changed files (3)
lib
saml
kit
trustable.rb
version.rb
spec
saml
authentication_request_spec.rb
lib/saml/kit/trustable.rb
@@ -52,8 +52,8 @@ module Saml
           "samlp": Namespaces::PROTOCOL,
         })
         xml.valid?
-        xml.errors.each do |error|
-          errors[:base] << error
+        xml.errors.each do |attribute, error|
+          errors[attribute] << error
         end
       end
lib/saml/kit/version.rb
@@ -1,5 +1,5 @@
 module Saml
   module Kit
-    VERSION = "1.0.0"
+    VERSION = "1.0.1"
   end
 end
spec/saml/authentication_request_spec.rb
@@ -133,6 +133,28 @@ RSpec.describe Saml::Kit::AuthenticationRequest do
       subject = described_class.new(raw_xml, configuration: configuration)
       expect(subject).to be_invalid
     end
+
+    context "when the certificate is expired" do
+      let(:expired_certificate) do
+        certificate = OpenSSL::X509::Certificate.new
+        certificate.public_key = private_key.public_key
+        certificate.not_before = 1.day.ago
+        certificate.not_after = 1.second.ago
+        certificate
+      end
+      let(:private_key) { OpenSSL::PKey::RSA.new(2048) }
+      let(:configuration) do
+        Saml::Kit::Configuration.new do |config|
+          config.add_key_pair(expired_certificate, private_key, passphrase: nil, use: :signing)
+        end
+      end
+
+      it 'is invalid' do
+        subject = described_class.new(raw_xml, configuration: configuration)
+        expect(subject).to be_invalid
+        expect(subject.errors[:certificate]).to be_present
+      end
+    end
   end
 
   describe "#assertion_consumer_service_url" do