Commit 88d5956
Changed files (4)
lib
saml
kit
spec
saml
lib/saml/kit/builders/assertion.rb
@@ -25,6 +25,10 @@ module Saml
user.assertion_attributes_for(request)
end
+ def signing_key_pair
+ super || @response_builder.signing_key_pair
+ end
+
private
def assertion_options
lib/saml/kit/assertion.rb
@@ -93,9 +93,15 @@ module Saml
@assertion ||=
if encrypted?
decryptor = ::Xml::Kit::Decryption.new(private_keys: private_keys)
- decrypted = decryptor.decrypt_hash(@xml_hash['EncryptedAssertion'])
- Saml::Kit.logger.debug(decrypted)
- Hash.from_xml(decrypted)['Assertion']
+ encrypted_assertion = @node.document.at_xpath(
+ '/samlp:Response/saml:EncryptedAssertion/xmlenc:EncryptedData',
+ 'xmlenc' => ::Xml::Kit::Namespaces::XMLENC,
+ "saml": ::Saml::Kit::Namespaces::ASSERTION,
+ "samlp": ::Saml::Kit::Namespaces::PROTOCOL
+ )
+ @node = decryptor.decrypt_node(encrypted_assertion)
+ @xml_hash = hash_from(@node)['Response'] || {}
+ @xml_hash['Assertion']
else
result = @xml_hash.fetch('Assertion', {})
return result if result.is_a?(Hash)
lib/saml/kit/xml_templatable.rb
@@ -13,7 +13,7 @@ module Saml
def sign?
return configuration.sign? if embed_signature.nil?
(embed_signature && configuration.sign?) ||
- (embed_signature && @signing_key_pair.present?)
+ (embed_signature && signing_key_pair.present?)
end
def encrypt_with(key_pair)
@@ -30,7 +30,7 @@ module Saml
end
def signing_key_pair
- configuration.key_pairs(use: :signing).last
+ @signing_key_pair || configuration.key_pairs(use: :signing).last
end
end
end
spec/saml/assertion_spec.rb
@@ -122,8 +122,9 @@ XML
x.sign_with(Xml::Kit::KeyPair.generate(use: :signing))
x.encrypt_with(encryption_key_pair)
end
- subject = response.assertion([encryption_key_pair.private_key])
- expect(subject).to be_signed
+ assertion = response.assertion([encryption_key_pair.private_key])
+ expect(response).to be_signed
+ expect(assertion).to be_signed
end
end
end