Commit fc73fcc
Changed files (5)
lib
saml
kit
lib/saml/kit/builders/logout_request.rb
@@ -18,7 +18,7 @@ module Saml
end
def build
- Saml::Kit::LogoutRequest.new(to_xml)
+ Saml::Kit::LogoutRequest.new(to_xml, configuration: configuration)
end
private
lib/saml/kit/locales/en.yml
@@ -11,6 +11,9 @@ en:
invalid_signature: "invalid signature."
InvalidDocument:
invalid: "must contain valid SAMLRequest"
+ LogoutRequest:
+ invalid_fingerprint: "does not match."
+ unregistered: "is unregistered."
LogoutResponse:
unregistered: "is unregistered."
Response:
lib/saml/kit/logout_request.rb
@@ -4,8 +4,8 @@ module Saml
include Requestable
validates_presence_of :single_logout_service, if: :expected_type?
- def initialize(xml)
- super(xml, name: "LogoutRequest")
+ def initialize(xml, configuration: Saml::Kit.configuration)
+ super(xml, name: "LogoutRequest", configuration: configuration)
end
def name_id
spec/saml/authentication_request_spec.rb
@@ -8,7 +8,7 @@ RSpec.describe Saml::Kit::AuthenticationRequest do
let(:destination) { FFaker::Internet.http_url }
let(:name_id_format) { Saml::Kit::Namespaces::EMAIL_ADDRESS }
let(:raw_xml) do
- described_class.build do |builder|
+ described_class.build(configuration: configuration) do |builder|
builder.id = id
builder.now = Time.now.utc
builder.issuer = issuer
@@ -31,12 +31,12 @@ RSpec.describe Saml::Kit::AuthenticationRequest do
describe "#valid?" do
let(:registry) { instance_double(Saml::Kit::DefaultRegistry) }
- let(:metadata) { instance_double(Saml::Kit::ServiceProviderMetadata) }
+ let(:metadata) { Saml::Kit::ServiceProviderMetadata.build(configuration: configuration) }
before :each do
allow(configuration).to receive(:registry).and_return(registry)
allow(registry).to receive(:metadata_for).and_return(metadata)
- allow(metadata).to receive(:matches?).and_return(true)
+ #allow(metadata).to receive(:matches?).and_return(true)
end
it 'is valid when left untampered' do
@@ -105,7 +105,7 @@ RSpec.describe Saml::Kit::AuthenticationRequest do
</samlp:AuthnRequest>
XML
- subject = described_class.new(raw_xml)
+ subject = described_class.new(raw_xml, configuration: configuration)
subject.signature_verified!
expect(subject).to be_valid
end
spec/saml/logout_request_spec.rb
@@ -1,13 +1,21 @@
require 'spec_helper'
RSpec.describe Saml::Kit::LogoutRequest do
- subject { described_class.build(user) }
+ subject { described_class.build(user, configuration: configuration) }
let(:user) { double(:user, name_id_for: name_id) }
let(:name_id) { SecureRandom.uuid }
+ let(:issuer) { FFaker::Internet.uri("https") }
+ let(:registry) { instance_double(Saml::Kit::DefaultRegistry) }
+ let(:configuration) do
+ Saml::Kit::Configuration.new do |config|
+ config.issuer = issuer
+ config.registry = registry
+ config.generate_key_pair_for(use: :signing)
+ end
+ end
it 'parses the issuer' do
- issuer = FFaker::Internet.uri("https")
- subject = described_class.build(user) do |builder|
+ subject = described_class.build(user, configuration: configuration) do |builder|
builder.issuer = issuer
end
expect(subject.issuer).to eql(issuer)
@@ -24,7 +32,7 @@ RSpec.describe Saml::Kit::LogoutRequest do
it 'parses the destination' do
destination = FFaker::Internet.uri("https")
- subject = described_class.build(user) do |builder|
+ subject = described_class.build(user, configuration: configuration) do |builder|
builder.destination = destination
end
expect(subject.destination).to eql(destination)
@@ -35,16 +43,15 @@ RSpec.describe Saml::Kit::LogoutRequest do
end
describe "#valid?" do
- let(:registry) { instance_double(Saml::Kit::DefaultRegistry) }
- let(:metadata) { instance_double(Saml::Kit::ServiceProviderMetadata) }
+ let(:metadata) do
+ Saml::Kit::ServiceProviderMetadata.build(configuration: configuration) do |builder|
+ builder.entity_id = issuer
+ builder.add_single_logout_service(FFaker::Internet.uri("https"), binding: :http_post)
+ end
+ end
before :each do
- allow(Saml::Kit.configuration).to receive(:registry).and_return(registry)
allow(registry).to receive(:metadata_for).and_return(metadata)
- allow(metadata).to receive(:matches?).and_return(true)
- allow(metadata).to receive(:single_logout_services).and_return([
- Saml::Kit::Bindings::HttpPost.new(location: FFaker::Internet.http_url)
- ])
end
it 'is valid when left untampered' do
@@ -53,7 +60,7 @@ RSpec.describe Saml::Kit::LogoutRequest do
it 'is invalid if the document has been tampered with' do
issuer = FFaker::Internet.uri("https")
- raw_xml = described_class.build(user) do |builder|
+ raw_xml = described_class.build(user, configuration: configuration) do |builder|
builder.issuer = issuer
end.to_xml.gsub(issuer, 'corrupt')
@@ -92,7 +99,7 @@ RSpec.describe Saml::Kit::LogoutRequest do
expect(subject.errors[:single_logout_service]).to be_present
end
- it 'is valid when a single lgout service url is available via the registry' do
+ it 'is valid when a single logout service url is available via the registry' do
issuer = FFaker::Internet.uri("https")
allow(registry).to receive(:metadata_for).with(issuer).and_return(metadata)
allow(metadata).to receive(:matches?).and_return(true)
@@ -100,7 +107,7 @@ RSpec.describe Saml::Kit::LogoutRequest do
Saml::Kit::Bindings::HttpPost.new(location: FFaker::Internet.uri("https"))
])
- subject = described_class.build(user) do |builder|
+ subject = described_class.build(user, configuration: configuration) do |builder|
builder.issuer = issuer
end
expect(subject).to be_valid