fix how error messages are aggregated from xml-kitv1.0.1

author: mo <mo.khan@gmail.com> 2018-01-27 11:59:04 -0700
committer: mo <mo.khan@gmail.com> 2018-01-27 11:59:04 -0700
commit: 3d63acb0471587f28d5cd85ac63b1010632398bf (patch)
tree: 364f5a800ffa02e8f7397d8139e0c6a348da5dc4 /spec/saml/authentication_request_spec.rb
parent: 3b8aa3f32029e530658a7c345d8f46146b98d842 (diff)
1 files changed, 22 insertions, 0 deletions
diff --git a/spec/saml/authentication_request_spec.rb b/spec/saml/authentication_request_spec.rb
index f1516b3..5c17beb 100644
--- a/spec/saml/authentication_request_spec.rb
+++ b/spec/saml/authentication_request_spec.rb
@@ -133,6 +133,28 @@ RSpec.describe Saml::Kit::AuthenticationRequest do
       subject = described_class.new(raw_xml, configuration: configuration)
       expect(subject).to be_invalid
     end
+
+    context "when the certificate is expired" do
+      let(:expired_certificate) do
+        certificate = OpenSSL::X509::Certificate.new
+        certificate.public_key = private_key.public_key
+        certificate.not_before = 1.day.ago
+        certificate.not_after = 1.second.ago
+        certificate
+      end
+      let(:private_key) { OpenSSL::PKey::RSA.new(2048) }
+      let(:configuration) do
+        Saml::Kit::Configuration.new do |config|
+          config.add_key_pair(expired_certificate, private_key, passphrase: nil, use: :signing)
+        end
+      end
+
+      it 'is invalid' do
+        subject = described_class.new(raw_xml, configuration: configuration)
+        expect(subject).to be_invalid
+        expect(subject.errors[:certificate]).to be_present
+      end
+    end
   end
 
   describe "#assertion_consumer_service_url" do
author	mo <mo.khan@gmail.com>	2018-01-27 11:59:04 -0700
committer	mo <mo.khan@gmail.com>	2018-01-27 11:59:04 -0700
commit	3d63acb0471587f28d5cd85ac63b1010632398bf (patch)
tree	364f5a800ffa02e8f7397d8139e0c6a348da5dc4 /spec/saml/authentication_request_spec.rb
parent	3b8aa3f32029e530658a7c345d8f46146b98d842 (diff)