Commit c5a3b3c

mo <mo.khan@gmail.com>
2017-12-15 04:04:20
use the last cert instead of a random one.
main
1 parent d32d787
Changed files (5)
lib
saml
kit
bindings
url_builder.rb
builders
xml_signature.rb
signatures.rb
xml_decryption.rb
spec
saml
bindings
url_builder_spec.rb
lib/saml/kit/bindings/url_builder.rb
@@ -21,7 +21,7 @@ module Saml
         private
 
         def signature_for(payload)
-          private_key = configuration.private_keys(use: :signing).sample
+          private_key = configuration.private_keys(use: :signing).last
           encode(private_key.sign(OpenSSL::Digest::SHA256.new, payload))
         end
lib/saml/kit/builders/xml_signature.rb
@@ -24,7 +24,7 @@ module Saml
         def initialize(reference_id, configuration:)
           @configuration = configuration
           @reference_id = reference_id
-          @x509_certificate = configuration.certificates(use: :signing).sample.stripped
+          @x509_certificate = configuration.certificates(use: :signing).last.stripped
         end
 
         def signature_method
lib/saml/kit/signatures.rb
@@ -14,7 +14,7 @@ module Saml
 
       def complete(raw_xml)
         return raw_xml unless configuration.sign?
-        private_key = configuration.private_keys(use: :signing).sample
+        private_key = configuration.private_keys(use: :signing).last
         Xmldsig::SignedDocument.new(raw_xml).sign(private_key)
       end
     end
lib/saml/kit/xml_decryption.rb
@@ -4,7 +4,7 @@ module Saml
       attr_reader :private_key
 
       def initialize(configuration: Saml::Kit.configuration)
-        @private_key = configuration.private_keys(use: :encryption).sample
+        @private_key = configuration.private_keys(use: :encryption).last
       end
 
       def decrypt(data)
spec/saml/bindings/url_builder_spec.rb
@@ -61,7 +61,7 @@ RSpec.describe Saml::Kit::Bindings::UrlBuilder do
           payload = "#{query_string_parameter}=#{query_params[query_string_parameter]}"
           payload << "&RelayState=#{query_params['RelayState']}"
           payload << "&SigAlg=#{query_params['SigAlg']}"
-          private_key = configuration.private_keys(use: :signing).sample
+          private_key = configuration.private_keys(use: :signing).last
           expected_signature = Base64.strict_encode64(private_key.sign(OpenSSL::Digest::SHA256.new, payload))
           expect(query_params['Signature']).to eql(expected_signature)
         end
@@ -73,7 +73,7 @@ RSpec.describe Saml::Kit::Bindings::UrlBuilder do
 
           payload = "#{query_string_parameter}=#{query_params[query_string_parameter]}"
           payload << "&SigAlg=#{query_params['SigAlg']}"
-          private_key = configuration.private_keys(use: :signing).sample
+          private_key = configuration.private_keys(use: :signing).last
           expected_signature = Base64.strict_encode64(private_key.sign(OpenSSL::Digest::SHA256.new, payload))
           expect(query_params['Signature']).to eql(expected_signature)
         end