Commit 449a9b4

mo <mo.khan@gmail.com>
2017-12-17 20:08:20
return unverified document when provider not found.
main
1 parent b1c6456
Changed files (2)
lib
saml
kit
bindings
http_redirect.rb
spec
saml
bindings
http_redirect_spec.rb
lib/saml/kit/bindings/http_redirect.rb
@@ -38,6 +38,7 @@ module Saml
             value.present? ? "#{key}=#{value}" : nil
           end.compact.join('&')
 
+          return if document.provider.nil?
           if document.provider.verify(algorithm_for(params['SigAlg']), signature, canonical_form)
             document.signature_verified!
           else
spec/saml/bindings/http_redirect_spec.rb
@@ -127,5 +127,19 @@ RSpec.describe Saml::Kit::Bindings::HttpRedirect do
       expect(result).to be_instance_of(Saml::Kit::AuthenticationRequest)
       expect(result).to be_valid
     end
+
+    it 'returns an unverfied document when the provider is unknown' do
+      configuration = Saml::Kit::Configuration.new do |config|
+        config.generate_key_pair_for(use: :signing)
+      end
+      url, _ = subject.serialize(Saml::Kit::AuthenticationRequest.builder(configuration: configuration))
+
+      other_configuration = Saml::Kit::Configuration.new
+      allow(other_configuration.registry).to receive(:metadata_for).and_return(nil)
+
+      result = subject.deserialize(query_params_from(url), configuration: other_configuration)
+      expect(result).to_not be_signed
+      expect(result).to_not be_trusted
+    end
   end
 end