Commit f610621

mo <mo.khan@gmail.com>
2017-12-15 19:51:51
extract signature class.
main
1 parent e82e131
Changed files (5)
lib
saml
kit
assertion.rb
response.rb
signature.rb
trustable.rb
spec
saml
response_spec.rb
lib/saml/kit/assertion.rb
@@ -11,7 +11,12 @@ module Saml
       end
 
       def signed?
-        assertion.fetch('Signature', nil).present?
+        signature.present?
+      end
+
+      def signature
+        xml_hash = assertion.fetch('Signature', nil)
+        xml_hash ? Signature.new(xml_hash, configuration: @configuration) : nil
       end
 
       def attributes
lib/saml/kit/response.rb
@@ -26,14 +26,6 @@ module Saml
         @assertion = Saml::Kit::Assertion.new(to_h, configuration: @configuration)
       end
 
-      def signed?
-        super || assertion.signed?
-      end
-
-      def certificate
-        super || assertion.certificate
-      end
-
       private
 
       def must_be_active_session
lib/saml/kit/signature.rb
@@ -1,4 +1,20 @@
 module Saml
   module Kit
+    class Signature
+      def initialize(xml_hash, configuration:)
+        @xml_hash = xml_hash
+        @configuration = configuration
+      end
+
+      def certificate
+        value = to_h.fetch('KeyInfo', {}).fetch('X509Data', {}).fetch('X509Certificate', nil)
+        return if value.nil?
+        Saml::Kit::Certificate.new(value, use: :signing)
+      end
+
+      def to_h
+        @xml_hash
+      end
+    end
   end
 end
lib/saml/kit/trustable.rb
@@ -11,14 +11,16 @@ module Saml
 
       def certificate
         return unless signed?
-
-        value = to_h.fetch(name, {}).fetch('Signature', {}).fetch('KeyInfo', {}).fetch('X509Data', {}).fetch('X509Certificate', nil)
-        return if value.nil?
-        Saml::Kit::Certificate.new(value, use: :signing)
+        signature.certificate
       end
 
       def signed?
-        to_h.fetch(name, {}).fetch('Signature', nil).present?
+        signature.present?
+      end
+
+      def signature
+        xml_hash = to_h.fetch(name, {}).fetch('Signature', nil)
+        xml_hash ? Signature.new(xml_hash, configuration: configuration) : nil
       end
 
       def trusted?
spec/saml/response_spec.rb
@@ -196,7 +196,8 @@ RSpec.describe Saml::Kit::Response do
 </samlp:Response>
       XML
       subject = described_class.new(xml)
-      expect(subject).to be_signed
+      expect(subject).to_not be_signed
+      expect(subject.assertion).to be_signed
     end
 
     it 'returns true when the Response is signed' do
@@ -282,8 +283,9 @@ RSpec.describe Saml::Kit::Response do
 </samlp:Response>
       XML
       subject = described_class.new(xml)
-      expect(subject.certificate).to be_instance_of(Saml::Kit::Certificate)
-      expect(subject.certificate.stripped).to eql(certificate.stripped)
+      expect(subject.certificate).to be_nil
+      expect(subject.assertion.certificate).to be_instance_of(Saml::Kit::Certificate)
+      expect(subject.assertion.certificate.stripped).to eql(certificate.stripped)
     end
 
     it 'returns the certificate when the Response is signed' do