spec/lib/response_spec.rb in saml2-2.2.7 vs spec/lib/response_spec.rb in saml2-2.2.8

@@ -276,8 +276,14 @@
                                   verification_time: Time.parse("2014-09-16T22:15:53Z"),
                                   allow_expired_certificate: true)
         expect(response.errors).to eq []
       end
 
+      it "doesn't break the signature by decrypting elements first" do
+        response = Response.parse(fixture("response_with_signed_assertion_and_encrypted_subject.xml"))
+        sp_entity.valid_response?(response, idp_entity, verification_time: Time.parse('2015-02-12T22:51:30Z'))
+        expect(response.errors).to eq []
+        expect(response.assertions.first.subject.name_id.id).to eq 'jacob'
+      end
     end
   end
 end