blob: 014225753c7cbcad6c204fe6aad57ed6a5da9efa (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
|
# frozen_string_literal: true
RSpec.describe Saml::Kit::Cli::Commands::Decode do
let(:user) { User.new(SecureRandom.uuid) }
describe '#redirect' do
let(:command) { "decode redirect #{redirect_binding.serialize(builder)[0]}" }
let(:document) { builder.build }
let(:builder) do
Saml::Kit::AuthenticationRequest.builder do |x|
x.sign_with(Xml::Kit::KeyPair.generate(use: :signing))
end
end
let(:redirect_binding) do
Saml::Kit::Bindings::HttpRedirect.new(location: 'https://www.example.com/')
end
specify { expect(status).to be_success }
specify { expect(output).to include(document.to_xml(pretty: true)) }
specify { expect(output).to include("Decoded #{document.send(:name)}") }
specify { expect(output).not_to include('Signature Value') }
end
describe '#post' do
let(:post_binding) do
Saml::Kit::Bindings::HttpPost.new(location: 'https://www.example.com/')
end
context 'when the document is an AuthnRequest' do
let(:command) { "decode post #{post_binding.serialize(builder)[1]['SAMLRequest']}" }
let(:builder) { Saml::Kit::AuthenticationRequest.builder }
let(:document) { builder.build }
specify { expect(status).to be_success }
specify { expect(output).to include(document.to_xml(pretty: true)) }
specify { expect(output).to include("Decoded #{document.send(:name)}") }
end
context 'when the document is a Response' do
let(:command) { "decode post #{post_binding.serialize(builder)[1]['SAMLResponse']}" }
let(:builder) do
Saml::Kit::Response.builder(user) do |x|
x.sign_with(Xml::Kit::KeyPair.generate(use: :signing))
end
end
let(:document) { builder.build }
specify { expect(status).to be_success }
specify { expect(output).to include(document.to_xml(pretty: true)) }
specify { expect(output).to include("Decoded #{document.send(:name)}") }
specify { expect(output).to include(document.signature.certificate.x509.to_text) }
end
context 'when the document is a LogoutRequest' do
let(:command) { "decode post #{post_binding.serialize(builder)[1]['SAMLRequest']}" }
let(:builder) { Saml::Kit::LogoutRequest.builder(user) }
let(:document) { builder.build }
specify { expect(status).to be_success }
specify { expect(output).to include(document.to_xml(pretty: true)) }
specify { expect(output).to include("Decoded #{document.send(:name)}") }
specify { expect(output).to include(user.id) }
end
context 'when the document is a LogoutResponse' do
let(:command) { "decode post #{post_binding.serialize(builder)[1]['SAMLResponse']}" }
let(:builder) { Saml::Kit::LogoutResponse.builder(request) }
let(:request) { instance_double(Saml::Kit::AuthenticationRequest, id: Xml::Kit::Id.generate) }
let(:document) { builder.build }
specify { expect(status).to be_success }
specify { expect(output).to include(document.to_xml(pretty: true)) }
specify { expect(output).to include("Decoded #{document.send(:name)}") }
end
context 'when the document is Invalid' do
let(:command) { "decode post #{Base64.encode64('INVALID')}" }
specify { expect(status).to be_success }
specify { expect(output).to include('error Decoded InvalidDocument') }
end
end
describe '#raw' do
let(:command) { "decode raw #{tempfile}" }
let(:tempfile) { Tempfile.new('saml-kit').path }
let(:document) { Saml::Kit::AuthenticationRequest.build }
before { IO.write(tempfile, document.to_xml) }
after { File.unlink(tempfile) }
specify { expect(status).to be_success }
specify { expect(output).to include(document.to_xml(pretty: true)) }
specify { expect(output).to include("Decoded #{document.send(:name)}") }
end
end
|
