From ba211eeb20ae0ef576de1ab5c54e42d5a3ef43c6 Mon Sep 17 00:00:00 2001 From: zogoo Date: Sat, 16 Jul 2022 15:44:03 +0900 Subject: [PATCH 1/3] To meke easier to access SLO url. --- lib/saml_idp/incoming_metadata.rb | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/lib/saml_idp/incoming_metadata.rb b/lib/saml_idp/incoming_metadata.rb index fe0f5c61..7ee3cc4f 100644 --- a/lib/saml_idp/incoming_metadata.rb +++ b/lib/saml_idp/incoming_metadata.rb @@ -85,9 +85,9 @@ def single_logout_services xpath( "//md:SPSSODescriptor/md:SingleLogoutService", md: metadata_namespace - ).reduce({}) do |hash, el| - hash[el["Binding"].to_s.split(":").last] = el["Location"] - hash + ).reduce([]) do |array, el| + props = el["Binding"].to_s.match /urn:oasis:names:tc:SAML:(?\S+):bindings:(?\S+)/ + array << { binding: props[:name], location: el["Location"], default: !!el["isDefault"], response_location: el["ResponseLocation"] } end end hashable :single_logout_services From 9304ccc132be7a3ba3c68b9e58e47208b2e9b919 Mon Sep 17 00:00:00 2001 From: zogoo Date: Sat, 16 Jul 2022 15:51:03 +0900 Subject: [PATCH 2/3] Add simple test --- spec/lib/saml_idp/incoming_metadata_spec.rb | 25 +++++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/spec/lib/saml_idp/incoming_metadata_spec.rb b/spec/lib/saml_idp/incoming_metadata_spec.rb index 7d483e0b..0abe99d4 100644 --- a/spec/lib/saml_idp/incoming_metadata_spec.rb +++ b/spec/lib/saml_idp/incoming_metadata_spec.rb @@ -29,6 +29,24 @@ module SamlIdp eos + metadata_with_slo = <<-eos + + + + + urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified + + + + + eos + describe IncomingMetadata do it 'should properly set sign_assertions to false' do metadata = SamlIdp::IncomingMetadata.new(metadata_1) @@ -56,5 +74,12 @@ module SamlIdp metadata = SamlIdp::IncomingMetadata.new(metadata_4) expect(metadata.sign_authn_request).to eq(false) end + + it 'should parse single logout url as array' do + metadata = SamlIdp::IncomingMetadata.new(metadata_with_slo) + expect(metadata.single_logout_services).to be_a(Array) + expect(metadata.single_logout_services.size).to eq(1) + expect(metadata.single_logout_services.first[:binding]).to eq("HTTP-Redirect") + end end end From 30e6279a9e0f81140b10ec805007620a95e9afae Mon Sep 17 00:00:00 2001 From: zogoo Date: Wed, 3 Jan 2024 16:30:57 +0100 Subject: [PATCH 3/3] Check other required attributes --- spec/lib/saml_idp/incoming_metadata_spec.rb | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/spec/lib/saml_idp/incoming_metadata_spec.rb b/spec/lib/saml_idp/incoming_metadata_spec.rb index 0abe99d4..81ad1740 100644 --- a/spec/lib/saml_idp/incoming_metadata_spec.rb +++ b/spec/lib/saml_idp/incoming_metadata_spec.rb @@ -79,7 +79,11 @@ module SamlIdp metadata = SamlIdp::IncomingMetadata.new(metadata_with_slo) expect(metadata.single_logout_services).to be_a(Array) expect(metadata.single_logout_services.size).to eq(1) - expect(metadata.single_logout_services.first[:binding]).to eq("HTTP-Redirect") + expect(metadata.single_logout_services).to include( + hash_including(binding: "HTTP-Redirect"), + hash_including(location: "https://test/logout"), + hash_including(default: false) + ) end end end