Commit dd48234
Changed files (3)
lib
saml
lib/saml/kit/identity_provider_metadata.rb
@@ -25,8 +25,8 @@ module Saml
private
class Builder
- attr_accessor :id, :organization_name, :organization_url, :contact_email, :entity_id, :attributes
- attr_reader :logout_urls, :single_sign_on_urls, :name_id_formats
+ attr_accessor :id, :organization_name, :organization_url, :contact_email, :entity_id, :attributes, :name_id_formats
+ attr_reader :logout_urls, :single_sign_on_urls
def initialize(configuration = Saml::Kit.configuration)
@id = SecureRandom.uuid
spec/saml/identity_provider_metadata_spec.rb
@@ -13,6 +13,11 @@ RSpec.describe Saml::Kit::IdentityProviderMetadata do
subject.entity_id = entity_id
subject.organization_name = org_name
subject.organization_url = url
+ subject.name_id_formats = [
+ Saml::Kit::Namespaces::Formats::NameId::PERSISTENT,
+ Saml::Kit::Namespaces::Formats::NameId::TRANSIENT,
+ Saml::Kit::Namespaces::Formats::NameId::EMAIL_ADDRESS,
+ ]
subject.add_single_sign_on_service("https://www.example.com/login", binding: :http_redirect)
subject.add_single_logout_service("https://www.example.com/logout", binding: :post)
subject.attributes << "id"
@@ -22,7 +27,11 @@ RSpec.describe Saml::Kit::IdentityProviderMetadata do
expect(result['EntityDescriptor']['ID']).to be_present
expect(result['EntityDescriptor']['entityID']).to eql(entity_id)
expect(result['EntityDescriptor']['IDPSSODescriptor']['protocolSupportEnumeration']).to eql('urn:oasis:names:tc:SAML:2.0:protocol')
- expect(result['EntityDescriptor']['IDPSSODescriptor']['NameIDFormat']).to eql('urn:oasis:names:tc:SAML:2.0:nameid-format:persistent')
+ expect(result['EntityDescriptor']['IDPSSODescriptor']['NameIDFormat']).to match_array([
+ Saml::Kit::Namespaces::Formats::NameId::PERSISTENT,
+ Saml::Kit::Namespaces::Formats::NameId::TRANSIENT,
+ Saml::Kit::Namespaces::Formats::NameId::EMAIL_ADDRESS,
+ ])
expect(result['EntityDescriptor']['IDPSSODescriptor']['SingleSignOnService']['Binding']).to eql('urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect')
expect(result['EntityDescriptor']['IDPSSODescriptor']['SingleSignOnService']['Location']).to eql("https://www.example.com/login")
expect(result['EntityDescriptor']['IDPSSODescriptor']['SingleLogoutService']['Binding']).to eql('urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST')
spec/saml/service_provider_metadata_spec.rb
@@ -27,6 +27,11 @@ RSpec.describe Saml::Kit::ServiceProviderMetadata do
it 'builds the service provider metadata' do
subject.entity_id = entity_id
subject.add_assertion_consumer_service(acs_url, binding: :post)
+ subject.name_id_formats = [
+ Saml::Kit::Namespaces::Formats::NameId::PERSISTENT,
+ Saml::Kit::Namespaces::Formats::NameId::TRANSIENT,
+ Saml::Kit::Namespaces::Formats::NameId::EMAIL_ADDRESS,
+ ]
result = Hash.from_xml(subject.build.to_xml)
expect(result['EntityDescriptor']['xmlns']).to eql("urn:oasis:names:tc:SAML:2.0:metadata")
@@ -35,7 +40,11 @@ RSpec.describe Saml::Kit::ServiceProviderMetadata do
expect(result['EntityDescriptor']['SPSSODescriptor']['AuthnRequestsSigned']).to eql('true')
expect(result['EntityDescriptor']['SPSSODescriptor']['WantAssertionsSigned']).to eql('true')
expect(result['EntityDescriptor']['SPSSODescriptor']['protocolSupportEnumeration']).to eql('urn:oasis:names:tc:SAML:2.0:protocol')
- expect(result['EntityDescriptor']['SPSSODescriptor']['NameIDFormat']).to eql("urn:oasis:names:tc:SAML:2.0:nameid-format:persistent")
+ expect(result['EntityDescriptor']['SPSSODescriptor']['NameIDFormat']).to match_array([
+ Saml::Kit::Namespaces::Formats::NameId::PERSISTENT,
+ Saml::Kit::Namespaces::Formats::NameId::TRANSIENT,
+ Saml::Kit::Namespaces::Formats::NameId::EMAIL_ADDRESS,
+ ])
expect(result['EntityDescriptor']['SPSSODescriptor']['AssertionConsumerService']['Binding']).to eql("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST")
expect(result['EntityDescriptor']['SPSSODescriptor']['AssertionConsumerService']['Location']).to eql(acs_url)
expect(result['EntityDescriptor']['SPSSODescriptor']['AssertionConsumerService']['isDefault']).to eql('true')