File tree Expand file tree Collapse file tree 2 files changed +20
-3
lines changed
Expand file tree Collapse file tree 2 files changed +20
-3
lines changed Original file line number Diff line number Diff line change @@ -377,12 +377,11 @@ def generate_audience_error(expected, actual)
377377 end
378378
379379 it "support dynamic namespace resolution on signature elements" do
380- no_signature_response = OneLogin ::RubySaml ::Response . new ( fixture ( "no_signature_ns .xml" ) )
380+ no_signature_response = OneLogin ::RubySaml ::Response . new ( fixture ( "inclusive_namespaces .xml" ) )
381381 no_signature_response . stubs ( :conditions ) . returns ( nil )
382382 no_signature_response . stubs ( :validate_subject_confirmation ) . returns ( true )
383383 no_signature_response . settings = settings
384- no_signature_response . settings . idp_cert_fingerprint = "28:74:9B:E8:1F:E8:10:9C:A8:7C:A9:C3:E3:C5:01:6C:92:1C:B4:BA"
385- XMLSecurity ::SignedDocument . any_instance . expects ( :validate_signature ) . returns ( true )
384+ no_signature_response . settings . idp_cert_fingerprint = "A0:C7:DB:B7:90:E3:47:6D:3C:5D:D2:36:F9:F2:06:0B:1F:D6:E2:53"
386385 assert no_signature_response . is_valid?
387386 end
388387
Original file line number Diff line number Diff line change 1+ <?xml version =" 1.0"
2+ <samlp : Response xmlns : samlp =" urn:oasis:names:tc:SAML:2.0:protocol" ID =" _0263a07b-205f-479c-90fc-7495715ecbbf" Version =" 2.0" IssueInstant =" 2011-06-22T12:49:30.348Z" Destination =" https://someone.example.com/endpoint" Consent =" urn:oasis:names:tc:SAML:2.0:consent:unspecified" InResponseTo =" _fc4a34b0-7efb-012e-caae-782bcb13bb38"
3+ <Issuer xmlns =" urn:oasis:names:tc:SAML:2.0:assertion" Issuer >
4+ <samlp : Status >
5+ <samlp : StatusCode Value =" urn:oasis:names:tc:SAML:2.0:status:Success"
6+ </samlp : Status >
7+ <saml2:Assertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" ID="id8132302868541019755414121" IssueInstant="2013-08-03T21:54:43.942Z" Version="2.0" xmlns:xs="http://www.w3.org/2001/XMLSchema"><saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">http://www.okta.com/k7xkhq0jUHUPQAXVMUAN</saml2:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><ds:Reference URI="#id8132302868541019755414121"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"><ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="xs"/></ds:Transform></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>4G+uveKmtiB1EkY5BAt+8lmQwjI=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>Q80N6FUr5/YPtEzRlRdMoPu+bL0MssDxNUY+yxykzbmxsI0joEo/SmmSgZrDYQKTllZk/KfzBMPFV9yBH4+mEzCU5E3xuCs99jZzafcw3K8mIMTJy1YHxjc359d27R5s50i9w5PHsusRov0MjQIoJ2w48Gy4EnYaViqBR3UVEqE=</ds:SignatureValue><ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICnTCCAgagAwIBAgIGAUBGHxqUMA0GCSqGSIb3DQEBBQUAMIGRMQswCQYDVQQGEwJVUzETMBEG
8+ A1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNU2FuIEZyYW5jaXNjbzENMAsGA1UECgwET2t0YTEU
9+ MBIGA1UECwwLU1NPUHJvdmlkZXIxEjAQBgNVBAMMCWtsdWdsYWJzMjEcMBoGCSqGSIb3DQEJARYN
10+ aW5mb0Bva3RhLmNvbTAeFw0xMzA4MDMyMTM4MzhaFw00MzA4MDMyMTM5MzhaMIGRMQswCQYDVQQG
11+ EwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNU2FuIEZyYW5jaXNjbzENMAsGA1UE
12+ CgwET2t0YTEUMBIGA1UECwwLU1NPUHJvdmlkZXIxEjAQBgNVBAMMCWtsdWdsYWJzMjEcMBoGCSqG
13+ SIb3DQEJARYNaW5mb0Bva3RhLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAsCB9lJTH
14+ qB7vdM5jeOH84cW8u7IHYv4/OAPYF0fBYe9wJy19CgyM2OgiASuAcItnH4WhB+io2ZPwb/Xwl7Uu
15+ 4XmUE0l+mkCNuDYp5fXTZxwv5G6HvkAxXZio0Rk9T0VETCroxgpS5LxQ/o/owjR39S7xzRnj6ddX
16+ 3Mq2yGjKyBcCAwEAATANBgkqhkiG9w0BAQUFAAOBgQAB1qGNqSNLLWq+RPcP+wOaWtYpJOJ8/MbZ
17+ EWWm9/KKHKXM6J/zgUUIXZi3czMeO+Y+X14PR8lGXoAHf5b/JavG9FmFvRn4fGa45VTVo2GfMN6K
18+ aIKF0obeCbYi/QUf8B+Xi1tSIJm1VCKRE7nnliQ/TzGaNulgWeyTbVkG0/X8LQ==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature><saml2:Subject xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"><saml2:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress">admin@kluglabs.com</saml2:NameID><saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"><saml2:SubjectConfirmationData NotOnOrAfter="2013-08-03T21:59:43.942Z" Recipient="https://auth0145.auth0.com"/></saml2:SubjectConfirmation></saml2:Subject><saml2:Conditions NotBefore="2013-08-03T21:49:43.943Z" NotOnOrAfter="2013-08-03T21:59:43.942Z" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"><saml2:AudienceRestriction><saml2:Audience>https://auth0145.auth0.com</saml2:Audience></saml2:AudienceRestriction></saml2:Conditions><saml2:AuthnStatement AuthnInstant="2013-08-03T21:54:43.942Z" SessionIndex="id1375566883942.687610437" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"><saml2:AuthnContext><saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml2:AuthnContextClassRef></saml2:AuthnContext></saml2:AuthnStatement><saml2:AttributeStatement xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"><saml2:Attribute Name="Role" NameFormat="ns"><saml2:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">Admin</saml2:AttributeValue></saml2:Attribute></saml2:AttributeStatement></saml2:Assertion></samlp:Response>
You can’t perform that action at this time.
0 commit comments