Commit 94554ea

mo <mo@mokhan.ca>
2018-03-03 02:42:11
record schema error.
main
1 parent 3e8d3f1
Changed files (2)
lib
saml
kit
signature.rb
spec
saml
kit
signature_spec.rb
lib/saml/kit/signature.rb
@@ -69,8 +69,8 @@ module Saml
         node
       end
 
-      def to_xml
-        node.to_s
+      def to_xml(pretty: false)
+        pretty ? node.to_xml(indent: 2) : node.to_s
       end
 
       private
@@ -84,6 +84,8 @@ module Saml
         dsignature.errors.each do |attribute|
           errors.add(attribute, error_message(attribute))
         end
+      rescue Xmldsig::SchemaError => error
+        errors.add(:base, error.message)
       end
 
       def validate_certificate(now = Time.now.utc)
spec/saml/kit/signature_spec.rb
@@ -39,6 +39,15 @@ RSpec.describe Saml::Kit::Signature do
       expect(subject.errors[:base]).to match_array(['is missing.'])
     end
 
+    it 'is invalid when the schema of the signature is invalid' do
+      signature_element = signed_document.at_xpath('//ds:Signature')
+      element = signature_element.at_xpath('./ds:SignedInfo', ds: Xml::Kit::Namespaces::XMLDSIG)
+      element.name = "BLAH"
+      subject = described_class.new(signature_element)
+      expect(subject).not_to be_valid
+      expect(subject.errors[:base]).to include("1:0: ERROR: Element '{http://www.w3.org/2000/09/xmldsig#}BLAH': This element is not expected. Expected is ( {http://www.w3.org/2000/09/xmldsig#}SignedInfo ).")
+    end
+
     describe 'certificate validation' do
       let(:key_pair) { ::Xml::Kit::KeyPair.new(expired_certificate, private_key, nil, :signing) }
       let(:private_key) { OpenSSL::PKey::RSA.new(2048) }