Commit d892f9e

mo <mo.khan@gmail.com>
2018-02-26 00:45:15
check for encryption using xpath and ivars.
main
1 parent cfb4f6d
Changed files (2)
lib
saml
kit
assertion.rb
spec
saml
kit
assertion_spec.rb
lib/saml/kit/assertion.rb
@@ -70,7 +70,7 @@ module Saml
       end
 
       def encrypted?
-        @xml_hash.fetch('EncryptedAssertion', nil).present?
+        @encrypted
       end
 
       def decryptable?
@@ -91,9 +91,9 @@ module Saml
       attr_reader :configuration
 
       def decrypt!(decryptor)
-        return unless encrypted?
-
         encrypted_assertion = at_xpath('./xmlenc:EncryptedData')
+        @encrypted = encrypted_assertion.present?
+        return unless @encrypted
         @node = decryptor.decrypt_node(encrypted_assertion)
       rescue Xml::Kit::DecryptionError => error
         @cannot_decrypt = true
@@ -130,6 +130,7 @@ module Saml
       end
 
       def at_xpath(xpath)
+        return unless @node
         @node.at_xpath(xpath, Saml::Kit::Document::NAMESPACES)
       end
spec/saml/kit/assertion_spec.rb
@@ -148,6 +148,21 @@ XML
     end
   end
 
+  describe "#encrypted?" do
+    it 'returns true when encrypted' do
+      key_pair = Xml::Kit::KeyPair.generate(use: :encryption)
+      response = Saml::Kit::Response.build(user, request) do |x|
+        x.encrypt_with(key_pair)
+      end
+      subject = response.assertion([key_pair.private_key])
+      expect(subject).to be_encrypted
+    end
+
+    it 'returns false when not encrypted' do
+      expect(subject).not_to be_encrypted
+    end
+  end
+
   describe '#to_xml' do
     let(:request) { instance_double(Saml::Kit::AuthenticationRequest, id: ::Xml::Kit::Id.generate, issuer: FFaker::Internet.http_url, assertion_consumer_service_url: FFaker::Internet.http_url, name_id_format: Saml::Kit::Namespaces::PERSISTENT, provider: nil, signed?: true, trusted?: true) }
     let(:user) { User.new(attributes: { id: SecureRandom.uuid }) }