Commit 77d1530
Changed files (6)
lib
saml
kit
builders
lib/saml/kit/builders/xml_signature.rb
@@ -25,7 +25,7 @@ module Saml
@configuration = configuration
@reference_id = reference_id
@sign = sign
- @x509_certificate = configuration.signing_certificate.stripped
+ @x509_certificate = configuration.certificates(use: :signing).last.stripped
end
def signature_method
lib/saml/kit/configuration.rb
@@ -24,18 +24,15 @@ module Saml
})
end
- def certificates(use: :signing)
- key_pairs.map { |x| x[:certificate] }.find_all { |x| x.for?(use) }
+ def certificates(use: nil)
+ certificates = key_pairs.map { |x| x[:certificate] }
+ use.present? ? certificates.find_all { |x| x.for?(use) } : certificates
end
def private_keys(use: :signing)
key_pairs.find_all { |x| x[:certificate].for?(use) }.map { |x| x[:private_key] }
end
- def signing_certificate
- certificates(use: :signing).last
- end
-
def encryption_certificate
certificates(use: :encryption).last
end
spec/saml/builders/identity_provider_metadata_spec.rb
@@ -38,10 +38,8 @@ RSpec.describe Saml::Kit::Builders::IdentityProviderMetadata do
expect(result['EntityDescriptor']['IDPSSODescriptor']['SingleLogoutService']['Location']).to eql("https://www.example.com/logout")
expect(result['EntityDescriptor']['IDPSSODescriptor']['Attribute']['Name']).to eql("id")
certificates = result['EntityDescriptor']['IDPSSODescriptor']['KeyDescriptor'].map { |x| x['KeyInfo']['X509Data']['X509Certificate'] }
- expect(certificates).to match_array([
- Saml::Kit.configuration.signing_certificate.stripped,
- Saml::Kit.configuration.encryption_certificate.stripped,
- ])
+ expected_certificates = Saml::Kit.configuration.certificates.map(&:stripped)
+ expect(certificates).to match_array(expected_certificates)
expect(result['EntityDescriptor']['Organization']['OrganizationName']).to eql(org_name)
expect(result['EntityDescriptor']['Organization']['OrganizationDisplayName']).to eql(org_name)
expect(result['EntityDescriptor']['Organization']['OrganizationURL']).to eql(url)
spec/saml/builders/service_provider_metadata_spec.rb
@@ -37,10 +37,8 @@ RSpec.describe Saml::Kit::Builders::ServiceProviderMetadata do
expect(result['EntityDescriptor']['SPSSODescriptor']['AssertionConsumerService']['index']).to eql('0')
expect(result['EntityDescriptor']['Signature']).to be_present
expect(result['EntityDescriptor']['SPSSODescriptor']['KeyDescriptor'].map { |x| x['use'] }).to match_array(['signing', 'encryption'])
- expect(result['EntityDescriptor']['SPSSODescriptor']['KeyDescriptor'].map { |x| x['KeyInfo']['X509Data']['X509Certificate'] }).to match_array([
- Saml::Kit.configuration.signing_certificate.stripped,
- Saml::Kit.configuration.encryption_certificate.stripped,
- ])
+ expected_certificates = Saml::Kit.configuration.certificates.map(&:stripped)
+ expect(result['EntityDescriptor']['SPSSODescriptor']['KeyDescriptor'].map { |x| x['KeyInfo']['X509Data']['X509Certificate'] }).to match_array(expected_certificates)
expect(result['EntityDescriptor']['Organization']['OrganizationName']).to eql(org_name)
expect(result['EntityDescriptor']['Organization']['OrganizationDisplayName']).to eql(org_name)
expect(result['EntityDescriptor']['Organization']['OrganizationURL']).to eql(url)
spec/saml/certificate_spec.rb
@@ -1,7 +1,7 @@
require 'spec_helper'
RSpec.describe Saml::Kit::Certificate do
- subject { Saml::Kit.configuration.signing_certificate }
+ subject { Saml::Kit.configuration.certificates(use: :signing).last }
describe "#fingerprint" do
it 'returns a fingerprint' do
spec/saml/service_provider_metadata_spec.rb
@@ -19,10 +19,10 @@ RSpec.describe Saml::Kit::ServiceProviderMetadata do
end
it 'returns each of the certificates' do
- expect(subject.certificates).to match_array([
- Saml::Kit::Certificate.new(Saml::Kit.configuration.signing_certificate.stripped, use: :signing),
- Saml::Kit::Certificate.new(Saml::Kit.configuration.encryption_certificate.stripped, use: :encryption),
- ])
+ expected_certificates = Saml::Kit.configuration.certificates.map do |x|
+ Saml::Kit::Certificate.new(x.stripped, use: x.use)
+ end
+ expect(subject.certificates).to match_array(expected_certificates)
end
it 'returns each acs url and binding' do