Commit a2b9400
Changed files (2)
lib
saml
spec
lib/saml/kit/xml_templatable.rb
@@ -12,7 +12,8 @@ module Saml
# Returns true if an embedded signature is requested and at least one signing certificate is available via the configuration.
def sign?
return configuration.sign? if embed_signature.nil?
- embed_signature && configuration.sign?
+ (embed_signature && configuration.sign?) ||
+ (embed_signature && @signing_key_pair.present?)
end
def digest_method
spec/saml/authentication_request_spec.rb
@@ -143,14 +143,19 @@ RSpec.describe Saml::Kit::AuthenticationRequest do
certificate
end
let(:private_key) { OpenSSL::PKey::RSA.new(2048) }
- let(:configuration) do
- Saml::Kit::Configuration.new do |config|
- config.add_key_pair(expired_certificate, private_key, passphrase: nil, use: :signing)
- end
+ let(:digest_algorithm) { OpenSSL::Digest::SHA256.new }
+
+ before :each do
+ expired_certificate.sign(private_key, digest_algorithm)
end
it 'is invalid' do
- subject = described_class.new(raw_xml, configuration: configuration)
+ document = described_class.build do |x|
+ x.embed_signature = true
+ certificate = ::Xml::Kit::Certificate.new(expired_certificate)
+ x.sign_with(certificate.to_key_pair(private_key))
+ end
+ subject = described_class.new(document.to_xml)
expect(subject).to be_invalid
expect(subject.errors[:certificate]).to be_present
end