Commit 42bab38
Changed files (3)
lib
saml
kit
builders
spec
saml
kit
builders
lib/saml/kit/builders/authentication_request.rb
@@ -10,6 +10,7 @@ module Saml
attr_accessor :id, :now, :issuer, :assertion_consumer_service_url
attr_accessor :name_id_format, :destination
attr_accessor :version
+ attr_accessor :force_authn
attr_reader :configuration
def initialize(configuration: Saml::Kit.configuration)
@@ -36,6 +37,7 @@ module Saml
IssueInstant: now.utc.iso8601,
Destination: destination,
}
+ options[:ForceAuthn] = force_authn if !force_authn.nil?
if assertion_consumer_service_url.present?
options[:AssertionConsumerServiceURL] =
assertion_consumer_service_url
spec/saml/kit/builders/authentication_request_spec.rb
@@ -25,5 +25,13 @@ RSpec.describe Saml::Kit::Builders::AuthenticationRequest do
expect(result['AuthnRequest']['Issuer']).to eql(issuer)
expect(result['AuthnRequest']['NameIDPolicy']['Format']).to eql(Saml::Kit::Namespaces::PERSISTENT)
end
+
+ context "when force authn is enabled" do
+ before { subject.force_authn = true }
+
+ let(:result) { Hash.from_xml(subject.to_xml) }
+
+ specify { expect(result['AuthnRequest']['ForceAuthn']).to eql('true') }
+ end
end
end
CHANGELOG.md
@@ -1,4 +1,5 @@
Version 1.0.31
+
# Changelog
All notable changes to this project will be documented in this file.
@@ -6,6 +7,9 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
## [Unreleased]
+### Added
+- Add support for ForceAuthn attribute on AuthnRequest
+
### Changed
- Rescue from invalid signature validation
- Change minimum ruby version to 2.4