Commit 98defed

mo <mo.khan@gmail.com>
2018-02-26 00:35:20
use xpath to find audiences.
main
1 parent 970619f
Changed files (2)
lib
saml
kit
assertion.rb
spec
saml
kit
assertion_spec.rb
lib/saml/kit/assertion.rb
@@ -54,7 +54,7 @@ module Saml
       end
 
       def attributes
-        @attributes ||= @node.search("./saml:AttributeStatement/saml:Attribute", Saml::Kit::Document::NAMESPACES).inject({}) do |memo, item|
+        @attributes ||= search("./saml:AttributeStatement/saml:Attribute").inject({}) do |memo, item|
           memo[item.attribute("Name").value] = item.at_xpath('./saml:AttributeValue', Saml::Kit::Document::NAMESPACES).try(:text)
           memo
         end.with_indifferent_access
@@ -69,10 +69,7 @@ module Saml
       end
 
       def audiences
-        Array(assertion['Conditions']['AudienceRestriction']['Audience'])
-      rescue StandardError => error
-        Saml::Kit.logger.error(error)
-        []
+        search("./saml:Conditions/saml:AudienceRestriction/saml:Audience").map(&:text)
       end
 
       def encrypted?
@@ -148,6 +145,10 @@ module Saml
         @node.at_xpath(xpath, Saml::Kit::Document::NAMESPACES)
       end
 
+      def search(xpath)
+        @node.search(xpath, Saml::Kit::Document::NAMESPACES)
+      end
+
       def hash_from(node)
         return {} if node.nil?
         Hash.from_xml(node.document.root.to_s) || {}
spec/saml/kit/assertion_spec.rb
@@ -4,7 +4,7 @@ RSpec.describe Saml::Kit::Assertion do
       x.issuer = entity_id
     end.assertion
   end
-  let(:request) { instance_double(Saml::Kit::AuthenticationRequest, id: ::Xml::Kit::Id.generate, issuer: entity_id, assertion_consumer_service_url: FFaker::Internet.uri("https"), name_id_format: Saml::Kit::Namespaces::PERSISTENT, provider: nil, signed?: true, trusted?: true) }
+  let(:request) { instance_double(Saml::Kit::AuthenticationRequest, id: ::Xml::Kit::Id.generate, issuer: FFaker::Internet.uri("https"), assertion_consumer_service_url: FFaker::Internet.uri("https"), name_id_format: Saml::Kit::Namespaces::PERSISTENT, provider: nil, signed?: true, trusted?: true) }
   let(:user) { User.new(name_id: SecureRandom.uuid, attributes: { id: SecureRandom.uuid }) }
   let(:entity_id) { FFaker::Internet.uri("https") }
 
@@ -13,6 +13,7 @@ RSpec.describe Saml::Kit::Assertion do
   specify { expect(subject.started_at.to_i).to eql(Time.now.utc.to_i) }
   specify { expect(subject.expired_at.to_i).to eql(Saml::Kit.configuration.session_timeout.since(Time.now).utc.to_i) }
   specify { expect(subject.attributes).to eql("id" => user.attributes[:id]) }
+  specify { expect(subject.audiences).to match_array([request.issuer]) }
 
   describe '#active?' do
     let(:configuration) do