Commit bc23491

mo <mo.khan@gmail.com>
2017-11-12 23:34:48
allow idp to build login and logout requests.
1 parent 2b2e17f
Changed files (5)
airport
app
controllers
metadata_controller.rb
sessions_controller.rb
saml-kit
lib
saml
kit
identity_provider_metadata.rb
logout_request.rb
spec
saml
identity_provider_metadata_spec.rb
airport/app/controllers/metadata_controller.rb
@@ -12,6 +12,7 @@ class MetadataController < ApplicationController
       builder = Saml::Kit::ServiceProviderMetadata::Builder.new
       builder.sign = false
       builder.add_assertion_consumer_service(session_url, binding: :post)
+      builder.add_single_logout_service(session_url, binding: :post)
       builder.to_xml
     end
   end
airport/app/controllers/sessions_controller.rb
@@ -3,7 +3,7 @@ class SessionsController < ApplicationController
   skip_before_action :authenticate!
 
   def new
-    @saml_request = idp_metadata.build_authentication_request.serialize
+    @saml_request = idp_metadata.build_request(Saml::Kit::AuthenticationRequest).serialize
     @relay_state = JSON.generate(redirect_to: '/')
     @post_uri = idp_metadata.single_sign_on_service_for(binding: :post)
     @redirect_uri = http_redirect_url_for_login(@saml_request, @relay_state)
@@ -19,7 +19,7 @@ class SessionsController < ApplicationController
 
   def destroy
     @post_uri = idp_metadata.single_logout_service_for(:post)
-    @saml_request = idp_metadata.build_logout_request.serialize
+    @saml_request = idp_metadata.build_request(Saml::Kit::LogoutRequest).serialize
   end
 
   private
saml-kit/lib/saml/kit/identity_provider_metadata.rb
@@ -39,8 +39,8 @@ module Saml
         end
       end
 
-      def build_authentication_request
-        builder = AuthenticationRequest::Builder.new(sign: want_authn_requests_signed)
+      def build_request(type)
+        builder = type::Builder.new(sign: want_authn_requests_signed)
         yield builder if block_given?
         builder.build
       end
saml-kit/lib/saml/kit/logout_request.rb
@@ -77,6 +77,14 @@ module Saml
         to_h[name]['Signature'].present?
       end
 
+      def to_s
+        to_xml
+      end
+
+      def serialize
+        Saml::Kit::Content.encode_raw_saml(to_xml)
+      end
+
       private
 
       def registry
saml-kit/spec/saml/identity_provider_metadata_spec.rb
@@ -265,21 +265,21 @@ RSpec.describe Saml::Kit::IdentityProviderMetadata do
     end
   end
 
-  describe "#build_authentication_request" do
+  describe "#build_request" do
     let(:builder) { described_class::Builder.new }
 
     it 'it signs the authentication request when the idp metadata demands it' do
       builder.want_authn_requests_signed = true
       subject = builder.build
 
-      expect(subject.build_authentication_request).to be_signed
+      expect(subject.build_request(Saml::Kit::AuthenticationRequest)).to be_signed
     end
 
     it 'does not sign the authentication request when the idp does not require it' do
       builder.want_authn_requests_signed = false
       subject = builder.build
 
-      expect(subject.build_authentication_request).to_not be_signed
+      expect(subject.build_request(Saml::Kit::AuthenticationRequest)).to_not be_signed
     end
   end
 end