Skip to content

Commit

Permalink
Fix #299
Browse files Browse the repository at this point in the history
  • Loading branch information
@pitbulk
pitbulk committed Apr 26, 2016
1 parent 6c54131 commit b7061b7
Show file tree
Hide file tree
Showing 2 changed files with 34 additions and 0 deletions.
8 changes: 8 additions & 0 deletions lib/onelogin/ruby-saml/idp_metadata_parser.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -146,6 +146,14 @@ def certificate_base64
"/md:EntityDescriptor/md:IDPSSODescriptor/md:KeyDescriptor[@use='signing']/ds:KeyInfo/ds:X509Data/ds:X509Certificate",
{ "md" => METADATA, "ds" => DSIG }
)

unless node
node = REXML::XPath.first(
document,
"/md:EntityDescriptor/md:IDPSSODescriptor/md:KeyDescriptor/ds:KeyInfo/ds:X509Data/ds:X509Certificate",
{ "md" => METADATA, "ds" => DSIG }
)
end
node.text if node
end
end
Expand Down
26 changes: 26 additions & 0 deletions test/idp_metadata_parser_test.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,33 @@ def initialize; end
assert_equal "https://example.hello.com/access/saml/logout", settings.idp_slo_target_url
assert_equal "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified", settings.name_identifier_format
assert_equal ["AuthToken", "SSOStartPage"], settings.idp_attribute_names
assert_equal "F1:3C:6B:80:90:5A:03:0E:6C:91:3E:5D:15:FA:DD:B0:16:45:48:72", settings.idp_cert_fingerprint
end

it "extract certificate from md:KeyDescriptor[@use='signing']" do
idp_metadata_parser = OneLogin::RubySaml::IdpMetadataParser.new
idp_metadata = read_response("idp_descriptor.xml")
settings = idp_metadata_parser.parse(idp_metadata)
assert_equal "F1:3C:6B:80:90:5A:03:0E:6C:91:3E:5D:15:FA:DD:B0:16:45:48:72", settings.idp_cert_fingerprint
end

it "extract certificate from md:KeyDescriptor[@use='encryption']" do
idp_metadata_parser = OneLogin::RubySaml::IdpMetadataParser.new
idp_metadata = read_response("idp_descriptor.xml")
idp_metadata = idp_metadata.sub(/<md:KeyDescriptor use="signing">(.*?)<\/md:KeyDescriptor>/m, "")
settings = idp_metadata_parser.parse(idp_metadata)
assert_equal "F1:3C:6B:80:90:5A:03:0E:6C:91:3E:5D:15:FA:DD:B0:16:45:48:72", settings.idp_cert_fingerprint
end

it "extract certificate from md:KeyDescriptor" do
idp_metadata_parser = OneLogin::RubySaml::IdpMetadataParser.new
idp_metadata = read_response("idp_descriptor.xml")
idp_metadata = idp_metadata.sub(/<md:KeyDescriptor use="signing">(.*?)<\/md:KeyDescriptor>/m, "")
idp_metadata = idp_metadata.sub('<md:KeyDescriptor use="encryption">', '<md:KeyDescriptor>')
settings = idp_metadata_parser.parse(idp_metadata)
assert_equal "F1:3C:6B:80:90:5A:03:0E:6C:91:3E:5D:15:FA:DD:B0:16:45:48:72", settings.idp_cert_fingerprint
end

end

describe "download and parse IdP descriptor file" do
Expand Down

0 comments on commit b7061b7

Please sign in to comment.