Commit 682f0f6

mo <mo.khan@gmail.com>
2017-11-17 23:42:52
convert content to a module.
main
1 parent 73b0d90
Changed files (7)
lib
saml
kit
content.rb
document.rb
http_post_binding.rb
http_redirect_binding.rb
identity_provider_metadata.rb
spec
saml
http_post_binding_spec.rb
http_redirect_binding_spec.rb
lib/saml/kit/content.rb
@@ -1,30 +1,20 @@
 module Saml
   module Kit
-    class Content
-      def self.deserialize(xml)
-        decoded = decode(xml)
-        begin
-          inflate(decoded)
-        rescue => error
-          Saml::Kit.logger.error(error)
-          decoded
-        end
-      end
-
-      def self.decode(value)
+    module Content
+      def decode(value)
         Base64.decode64(value)
       end
 
-      def self.encode(value)
+      def encode(value)
         Base64.strict_encode64(value)
       end
 
-      def self.inflate(value)
+      def inflate(value)
         inflater = Zlib::Inflate.new(-Zlib::MAX_WBITS)
         inflater.inflate(value)
       end
 
-      def self.deflate(value, level: Zlib::BEST_COMPRESSION)
+      def deflate(value, level: Zlib::BEST_COMPRESSION)
         Zlib::Deflate.deflate(value, level)[2..-5]
       end
     end
lib/saml/kit/document.rb
@@ -2,8 +2,7 @@
 module Saml
   module Kit
     class Document
-      def self.to_saml_document(saml)
-        xml = Saml::Kit::Content.deserialize(saml)
+      def self.to_saml_document(xml)
         hash = Hash.from_xml(xml)
         if hash['Response'].present?
           Response.new(xml)
@@ -16,7 +15,7 @@ module Saml
         end
       rescue => error
         Saml::Kit.logger.error(error)
-        InvalidDocument.new(saml)
+        InvalidDocument.new(xml)
       end
     end
   end
lib/saml/kit/http_post_binding.rb
@@ -1,6 +1,12 @@
 module Saml
   module Kit
     class HttpPostBinding < Binding
+      include Content
+
+      def initialize(location:)
+        super(binding: Saml::Kit::Namespaces::HTTP_POST, location: location)
+      end
+
       def serialize(builder, relay_state: nil)
         builder.sign = true
         builder.destination = location
@@ -13,8 +19,8 @@ module Saml
       end
 
       def deserialize(params)
-        saml_param = saml_param_from(params)
-        Saml::Kit::Document.to_saml_document(saml_param)
+        xml = decode(saml_param_from(params))
+        Saml::Kit::Document.to_saml_document(xml)
       end
     end
   end
lib/saml/kit/http_redirect_binding.rb
@@ -1,6 +1,11 @@
 module Saml
   module Kit
     class HttpRedirectBinding < Binding
+      include Content
+      def initialize(location:)
+        super(binding: Saml::Kit::Namespaces::HTTP_REDIRECT, location: location)
+      end
+
       def serialize(builder, relay_state: nil)
         builder.sign = false
         builder.destination = location
@@ -17,8 +22,8 @@ module Saml
       private
 
       def deserialize_document_from!(params)
-        saml_param = saml_param_from(params)
-        Saml::Kit::Document.to_saml_document(CGI.unescape(saml_param))
+        xml = inflate(decode(CGI.unescape(saml_param_from(params))))
+        Saml::Kit::Document.to_saml_document(xml)
       end
 
       def ensure_valid_signature!(params, document)
lib/saml/kit/identity_provider_metadata.rb
@@ -16,7 +16,8 @@ module Saml
         xpath = "/md:EntityDescriptor/md:#{name}/md:SingleSignOnService"
         find_all(xpath).map do |item|
           binding = item.attribute("Binding").value
-          binding_type_for(binding).new(binding: binding, location: item.attribute("Location").value)
+          location = item.attribute("Location").value
+          binding_for(binding, location)
         end
       end
 
@@ -38,14 +39,14 @@ module Saml
 
       private
 
-      def binding_type_for(binding)
+      def binding_for(binding, location)
         case binding
         when Namespaces::HTTP_REDIRECT
-          Saml::Kit::HttpRedirectBinding
+          Saml::Kit::HttpRedirectBinding.new(location: location)
         when Namespaces::POST
-          Saml::Kit::HttpPostBinding
+          Saml::Kit::HttpPostBinding.new(location: location)
         else
-          Saml::Kit::Binding
+          Saml::Kit::Binding.new(binding: binding, location: location)
         end
       end
spec/saml/http_post_binding_spec.rb
@@ -2,7 +2,7 @@ require 'spec_helper'
 
 RSpec.describe Saml::Kit::HttpPostBinding do
   let(:location) { FFaker::Internet.http_url }
-  subject { Saml::Kit::HttpPostBinding.new(binding: Saml::Kit::Namespaces::POST, location: location) }
+  subject { Saml::Kit::HttpPostBinding.new(location: location) }
 
   describe "#serialize" do
     let(:relay_state) { "ECHO" }
@@ -59,8 +59,6 @@ RSpec.describe Saml::Kit::HttpPostBinding do
   end
 
   describe "#deserialize" do
-    let(:subject) { Saml::Kit::HttpPostBinding.new(binding: Saml::Kit::Namespaces::POST, location: location) }
-
     it 'deserializes to an AuthnRequest' do
       builder = Saml::Kit::AuthenticationRequest::Builder.new
       _, params = subject.serialize(builder)
@@ -90,15 +88,5 @@ RSpec.describe Saml::Kit::HttpPostBinding do
         subject.deserialize({})
       end.to raise_error(/SAMLRequest or SAMLResponse parameter is required/)
     end
-
-    [
-      'fZFPa4QwEMW/iuTumqymroMKC1IQ2lLa0kMvJXUjCjGxmbF/vn2je9le9jpvfm/mzZSoJjPDcaHBPunPRSNFP5OxCJtQscVbcApHBKsmjUAdPB/v72C/4zB7R65zhl0g1wmFqD2NzrKobSr2ngmlpS7yuJc8jbPikMfFjRDxh5SqF7w/5DJl0av2GJiKBYsAIi66tUjKUihxkceBEPJlnwLPgBdvLGpCjtEq2qiBaIYkMa5TZnBIIDnnCWpcTROrv1ldrqvD5uxrNfrZedqd9FeZXArl+VgPIVbbPDozdr/RrfOTouup18p4ivutFeY1DZK2xJL6POD/A+o/&RelayState=%7B"redirect_to":"/"%7D&SigAlg=http://www.w3.org/2001/04/xmlenc%23sha256&Signature=dcM/kfdrERjZ+Q+WpzBTvk3RLVeEM5qGEM5ONJ/r4fxvEtMQyk6nT7PNZGsox0XYv+myi2yPBsqYUNC2kVii/uc34dn9l7Voyu6dGsNQPNTOpEwRHHILdjJUqhxEDBpd49vVbgdlF++pQZ7l74bUw8FdIbJ7W4EcOBQ1ffNtWTQNLv9n/D/jYKeGtJtaf61x8zDOlCyBwNi861bKXNFScyOwEFNcpVsgBIYhqZqKUWQVAcgYiGH5r16mtWFcT8NdnIvtICrN5VBpepK/ARnawhM6KhacQYllMpnXgbtsJcyQrRf1s9hqrkos1mRwgKLawZ5NjmF66dw3mKKs22b9NQ==',
-      'fZFNb4MwDIb/CsqdJtBSWguQKqFJSNs0bdMOvUxZCCISJCw2+/j3C/TSXXrxwfbz2q9doByHCU4z9fZZf84aKfoZB4uwFko2ewtOokGwctQIpODl9HAP6UbA5B055QZ2hdwmJKL2ZJxlUVOX7H1/VEe12+s4y8RHvNuGcNRdHh8OoutUkudt17LoTXsMTMmCRAARZ91YJGkppESSx0kSJ9lruoUkBZGdWVQHH8ZKWqmeaALOB6fk0DskyIQQHDUuotzqb1YVy+qwKvtKGj85T5tWfxX8ulBcjvUYbDX1kxuM+o3unB8l3Xa9ZEwbd2srTIsbJG2J8eoy4P8Dqj8=&RelayState=%7B"redirect_to":"/"%7D&SigAlg=http://www.w3.org/2001/04/xmlenc%23sha256&Signature=sI50KhkFGLxFBnuWCZ4gJ+FrG5mY4f5f4afjdRc0lFHdgzMlJt9xzqh39ufHAkhpi2+OdWjg87pwpPgfz3das4QJMMenb/o5vNnFGqt2OMiyjoQbVc7b5xSA78FU+OlwqK3XgGdqo3KrRL+AJuagm4D3VeSbZhZ/0zPm1RG0/spCuxx+BbFwTW0BI+VU9+1zkmdV1CJt8kYtmNdvYavgD7rcUX2MWgaRVR+t/nNND5Wmdoxxfp/pzhkjrjt20+TpkDI9sKWlUSOZnATDFO/KlnKSvn/LrQ8wofqHViRksMhDIvVD9mNu7tJaQ6NB1yPUrmsOblPtAmRuBDBgChdHRA==',
-      'fZFPa4QwEMW/iuSejdFVy6DCghSEtpS29NDLko1ZFDSxmbF/vn2je9le9jpvfm/mzZSopnGGw0K9fTGfi0GKfqbRImxCxRZvwSkcEKyaDAJpeD08PkCyi2H2jpx2I7tCbhMK0XganGVR21TsGJ/yNM2V5jI/dXwvz4rfpUXCU53LRGdpoZOMRe/GY2AqFiwCiLiY1iIpS6EUy4JLyWX2lqQg9yDlB4uakGOwijaqJ5pBiNFpNfYOCbI4jgUaXE2FNd+sLtfVYXP2tRr87DztOvNVimuhvBzrKcRqm2c3Dvo3und+UnQ79VoZOn7eWmFe0yAZS0zUlwH/H1D/AQ==&RelayState=%7B"redirect_to":"/"%7D&SigAlg=http://www.w3.org/2001/04/xmlenc%23sha256&Signature=vNIzNWsCqdi2rs5HMRWSm+udc42K9sCm/epeV212sP4vYwot9K9xvoz8Z7jvY8zsY2BPdjZsEJPpHjPKb4+xB+riyc5fUP5wUEUSsQF5Q5FtoQx0jJbcNDadHoTdH1IEiQazTt7ED6sYmnY93lxqFtRkoUtov6XGXRT6ypNRGRFqn5T4JYZEROhdLRAOSCyoOjZ8kPcWKGP1Fo0+A25bwl1Yo3tqBTZsc522AaLhK/6f7uLftSUaTMA0lnmQqRXzZrfjVtDAHa5JSHLH2eh7vZavyvmqApshL1qHEihRN9VFx7DPjRspvp8pIn/8CH18ynVzzKPxIUOl3Kt4QNsVJA==',
-    ].each do |saml|
-      it do
-        expect(subject.deserialize('SAMLRequest' => saml)).to be_instance_of(Saml::Kit::AuthenticationRequest)
-      end
-    end
   end
 end
spec/saml/http_redirect_binding_spec.rb
@@ -2,10 +2,10 @@ require 'spec_helper'
 
 RSpec.describe Saml::Kit::HttpRedirectBinding do
   let(:location) { FFaker::Internet.http_url }
+  subject { Saml::Kit::HttpRedirectBinding.new(location: location) }
 
   describe "#serialize" do
     let(:relay_state) { "ECHO" }
-    let(:subject) { Saml::Kit::HttpRedirectBinding.new(binding: Saml::Kit::Namespaces::HTTP_REDIRECT, location: location) }
 
     it 'encodes the request using the HTTP-Redirect encoding' do
       builder = Saml::Kit::AuthenticationRequest::Builder.new
@@ -18,7 +18,6 @@ RSpec.describe Saml::Kit::HttpRedirectBinding do
   end
 
   describe "#deserialize" do
-    let(:subject) { Saml::Kit::HttpRedirectBinding.new(binding: Saml::Kit::Namespaces::HTTP_REDIRECT, location: location) }
     let(:issuer) { FFaker::Internet.http_url }
     let(:provider) { Saml::Kit::IdentityProviderMetadata::Builder.new.build }
 
@@ -41,8 +40,9 @@ RSpec.describe Saml::Kit::HttpRedirectBinding do
     end
 
     it 'returns an invalid request when the SAMLRequest is invalid' do
-      result = subject.deserialize({ 'SAMLRequest' => "nonsense" })
-      expect(result).to be_instance_of(Saml::Kit::InvalidDocument)
+      expect do
+        subject.deserialize({ 'SAMLRequest' => "nonsense" })
+      end.to raise_error(Zlib::DataError)
     end
 
     it 'deserializes the SAMLResponse to a Response' do
@@ -61,9 +61,10 @@ RSpec.describe Saml::Kit::HttpRedirectBinding do
       expect(result).to be_instance_of(Saml::Kit::LogoutResponse)
     end
 
-    it 'returns an invalid response when the SAMLResponse is invalid' do
-      result = subject.deserialize({ 'SAMLResponse' => "nonsense" })
-      expect(result).to be_instance_of(Saml::Kit::InvalidDocument)
+    it 'raise an error when the content is invalid' do
+      expect do
+        subject.deserialize({ 'SAMLResponse' => "nonsense" })
+      end.to raise_error(Zlib::DataError)
     end
 
     it 'raises an error when a saml parameter is not specified' do