Commit 79db53b

mo <mo@mokhan.ca>
2017-11-18 02:24:08
push up must_be_response.
main
1 parent 308b2e1
Changed files (6)
lib
saml
kit
authentication_request.rb
logout_request.rb
requestable.rb
respondable.rb
response.rb
spec
saml
response_spec.rb
lib/saml/kit/authentication_request.rb
@@ -60,8 +60,7 @@ module Saml
       end
 
       def login?
-        return false if to_xml.blank?
-        to_h[name].present?
+        request?
       end
 
       class Builder
lib/saml/kit/logout_request.rb
@@ -56,8 +56,7 @@ module Saml
       end
 
       def logout?
-        return false if to_xml.blank?
-        to_h[name].present?
+        request?
       end
 
       class Builder
lib/saml/kit/requestable.rb
@@ -2,6 +2,7 @@ module Saml
   module Kit
     module Requestable
       extend ActiveSupport::Concern
+
       included do
         validate :must_be_request
       end
lib/saml/kit/respondable.rb
@@ -1,6 +1,12 @@
 module Saml
   module Kit
     module Respondable
+      extend ActiveSupport::Concern
+
+      included do
+        validate :must_be_response
+      end
+
       def query_string_parameter
         'SAMLResponse'
       end
@@ -12,6 +18,17 @@ module Saml
       def in_response_to
         to_h.fetch(name, {}).fetch('InResponseTo', nil)
       end
+
+      def must_be_response
+        return if to_xml.blank?
+
+        errors[:base] << error_message(:invalid) unless response?
+      end
+
+      def response?
+        return false if to_xml.blank?
+        to_h[name].present?
+      end
     end
   end
 end
lib/saml/kit/response.rb
@@ -6,7 +6,6 @@ module Saml
       attr_reader :request_id
       validates_presence_of :id
       validate :must_have_valid_signature
-      validate :must_be_response
       validate :must_be_registered
       validate :must_match_xsd
       validate :must_be_valid_version
@@ -64,14 +63,8 @@ module Saml
         end
       end
 
-      def must_be_response
-        return if to_xml.blank?
-
-        errors[:base] << error_message(:invalid) unless login_response?
-      end
-
       def must_be_registered
-        return unless login_response?
+        return unless login?
         return if trusted?
 
         errors[:base] << error_message(:unregistered)
@@ -82,7 +75,7 @@ module Saml
       end
 
       def must_be_valid_version
-        return unless login_response?
+        return unless login?
         return if "2.0" == version
         errors[:version] << error_message(:invalid_version)
       end
@@ -96,12 +89,12 @@ module Saml
       end
 
       def must_be_active_session
-        return unless login_response?
+        return unless login?
         errors[:base] << error_message(:expired) unless active?
       end
 
       def must_match_issuer
-        return unless login_response?
+        return unless login?
 
         unless audiences.include?(Saml::Kit.configuration.issuer)
           errors[:audience] << error_message(:must_match_issuer)
@@ -115,9 +108,8 @@ module Saml
         []
       end
 
-      def login_response?
-        return false if to_xml.blank?
-        to_h[name].present?
+      def login?
+        response?
       end
 
       def parse_date(value)
spec/saml/response_spec.rb
@@ -112,7 +112,7 @@ RSpec.describe Saml::Kit::Response do
       xml = Saml::Kit::IdentityProviderMetadata::Builder.new.to_xml
       subject = described_class.new(xml)
       expect(subject).to be_invalid
-      expect(subject.errors[:base]).to be_present
+      expect(subject.errors[:base]).to include(subject.error_message(:invalid))
     end
 
     it 'is invalid when the fingerprint of the certificate does not match the registered fingerprint' do