test/response_test.rb in ruby-saml-0.4.6 vs test/response_test.rb in ruby-saml-0.4.7
- old
+ new
@@ -46,10 +46,19 @@
assert !response.is_valid?
settings.idp_cert_fingerprint = signature_fingerprint_1
assert response.is_valid?
end
+ should "return true when using certificate instead of fingerprint" do
+ response = Onelogin::Saml::Response.new(response_document_4)
+ response.stubs(:conditions).returns(nil)
+ settings = Onelogin::Saml::Settings.new
+ response.settings = settings
+ settings.idp_cert = signature_1
+ assert response.is_valid?
+ end
+
should "not allow signature wrapping attack" do
response = Onelogin::Saml::Response.new(response_document_4)
response.stubs(:conditions).returns(nil)
settings = Onelogin::Saml::Settings.new
settings.idp_cert_fingerprint = signature_fingerprint_1
@@ -75,15 +84,15 @@
response = Onelogin::Saml::Response.new(response_document_3)
assert_equal "someone@example.com", response.name_id
end
- should_eventually "be extractable from an OpenSAML response" do
+ should "be extractable from an OpenSAML response" do
response = Onelogin::Saml::Response.new(fixture(:open_saml))
assert_equal "someone@example.org", response.name_id
end
- should_eventually "be extractable from a Simple SAML PHP response" do
+ should "be extractable from a Simple SAML PHP response" do
response = Onelogin::Saml::Response.new(fixture(:simple_saml_php))
assert_equal "someone@example.com", response.name_id
end
end