Skip to content

Commit

Permalink
Assertion flag should able switchable by application
Browse files Browse the repository at this point in the history
  • Loading branch information
zogoo committed Nov 10, 2024
1 parent 02f3a7a commit f2d7621
Show file tree
Hide file tree
Showing 2 changed files with 11 additions and 1 deletion.
2 changes: 1 addition & 1 deletion lib/saml_idp/controller.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -66,7 +66,7 @@ def encode_authn_response(principal, opts = {})
signed_message_opts = opts[:signed_message] || false
name_id_formats_opts = opts[:name_id_formats] || nil
asserted_attributes_opts = opts[:attributes] || nil
signed_assertion_opts = opts[:signed_assertion] || true
signed_assertion_opts = opts[:signed_assertion].nil? ? true : opts[:signed_assertion]
compress_opts = opts[:compress] || false

SamlResponse.new(
Expand Down
10 changes: 10 additions & 0 deletions spec/lib/saml_idp/controller_spec.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -66,6 +66,16 @@ def params
end
end

context '#encode_authn_response' do
it 'uses default values when opts are not provided' do
saml_response = encode_authn_response(principal, { audience_uri: 'http://example.com/issuer', issuer_uri: 'http://example.com', acs_url: 'https://foo.example.com/saml/consume', signed_assertion: false })

response = OneLogin::RubySaml::Response.new(saml_response)
response.settings = saml_settings
expect(response.document.to_s).to_not include("<ds:Signature>")
end
end

context "solicited Response" do
before(:each) do
params[:SAMLRequest] = make_saml_request
Expand Down

0 comments on commit f2d7621

Please sign in to comment.