Commit 7742545

mo <mo.khan@gmail.com>
2017-12-15 18:13:35
return a Certificate object instead of the raw cert.
main
1 parent 6a28e40
Changed files (3)
lib
saml
kit
assertion.rb
trustable.rb
spec
saml
response_spec.rb
lib/saml/kit/assertion.rb
@@ -36,7 +36,12 @@ module Saml
       end
 
       def certificate
-        assertion.fetch('Signature', {}).fetch('KeyInfo', {}).fetch('X509Data', {}).fetch('X509Certificate', nil)
+        return unless signed?
+
+        Saml::Kit::Certificate.new(
+          assertion.fetch('Signature', {}).fetch('KeyInfo', {}).fetch('X509Data', {}).fetch('X509Certificate', nil),
+          use: :signing
+        )
       end
 
       def audiences
lib/saml/kit/trustable.rb
@@ -11,12 +11,15 @@ module Saml
 
       def certificate
         return unless signed?
-        to_h.fetch(name, {}).fetch('Signature', {}).fetch('KeyInfo', {}).fetch('X509Data', {}).fetch('X509Certificate', nil)
+
+        value = to_h.fetch(name, {}).fetch('Signature', {}).fetch('KeyInfo', {}).fetch('X509Data', {}).fetch('X509Certificate', nil)
+        return if value.nil?
+        Saml::Kit::Certificate.new(value, use: :signing)
       end
 
       def fingerprint
         return if certificate.blank?
-        Fingerprint.new(certificate)
+        certificate.fingerprint
       end
 
       def signed?
spec/saml/response_spec.rb
@@ -246,7 +246,12 @@ RSpec.describe Saml::Kit::Response do
     let(:now) { Time.now.utc }
     let(:id) { Saml::Kit::Id.generate }
     let(:url) { FFaker::Internet.uri("https") }
-    let(:certificate) { FFaker::Movie.title }
+    let(:certificate) do
+      Saml::Kit::Certificate.new(
+        Saml::Kit::SelfSignedCertificate.new("password").create[0],
+        use: :signing
+      )
+    end
 
     it 'returns the certificate when the Assertion is signed' do
       xml = <<-XML
@@ -269,7 +274,7 @@ RSpec.describe Saml::Kit::Response do
       <ds:SignatureValue></ds:SignatureValue>
       <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
         <ds:X509Data>
-          <ds:X509Certificate>#{certificate}</ds:X509Certificate>
+          <ds:X509Certificate>#{certificate.stripped}</ds:X509Certificate>
         </ds:X509Data>
       </KeyInfo>
     </ds:Signature>
@@ -277,7 +282,8 @@ RSpec.describe Saml::Kit::Response do
 </samlp:Response>
       XML
       subject = described_class.new(xml)
-      expect(subject.certificate).to eql(certificate)
+      expect(subject.certificate).to be_instance_of(Saml::Kit::Certificate)
+      expect(subject.certificate.stripped).to eql(certificate.stripped)
     end
 
     it 'returns the certificate when the Response is signed' do