lyrebird 0.0.0 → 1.0.0.alpha2

data/test/lyrebird/id_test.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+require "test_helper"
+
+module Lyrebird
+  class IDTest < Minitest::Test
+    def test_generate_starts_with_underscore
+      assert ID.generate.start_with?("_")
+    end
+  end
+end

data/test/lyrebird/response_test.rb

@@ -0,0 +1,240 @@
+# frozen_string_literal: true
+
+require "test_helper"
+
+module Lyrebird
+  class ResponseTest < Minitest::Test
+    def setup
+      @response = Response.new
+      @root = @response.document.root
+    end
+
+    def test_build_with_defaults
+      response = Response.build
+      root = response.document.root
+      assert_equal DEFAULTS.issuer, root.elements["saml:Issuer"].text
+    end
+
+    def test_build_with_kwargs
+      issuer = "https://test.example.com"
+      refute_equal issuer, DEFAULTS.issuer
+      response = Response.build(issuer: issuer)
+      root = response.document.root
+      assert_equal issuer, root.elements["saml:Issuer"].text
+    end
+
+    def test_build_with_block
+      issuer = "https://test.example.com"
+      refute_equal issuer, DEFAULTS.issuer
+      response = Response.build { |r| r.issuer = issuer }
+      root = response.document.root
+      assert_equal issuer, root.elements["saml:Issuer"].text
+    end
+
+    def test_build_with_kwargs_and_block
+      issuer = "https://test.example.com"
+      email = "test@example.com"
+
+      refute_equal issuer, DEFAULTS.issuer
+      refute_equal email, DEFAULTS.name_id
+
+      response = Response.build(issuer: issuer) do |r|
+        r.name_id = email
+      end
+
+      root = response.document.root
+      assert_equal issuer, root.elements["saml:Issuer"].text
+      name_id = root.elements["saml:Assertion/saml:Subject/saml:NameID"]
+      assert_equal email, name_id.text
+    end
+
+    def test_build_with_attributes_block
+      email = "test@example.com"
+      role = "admin"
+
+      response = Response.build do |r|
+        r.attributes do |a|
+          a.email = email
+          a.role = role
+        end
+      end
+
+      root = response.document.root
+      statement = root.elements["saml:Assertion/saml:AttributeStatement"]
+      email_element = statement.elements["saml:Attribute[@Name='email']"]
+      role_element = statement.elements["saml:Attribute[@Name='role']"]
+
+      assert_equal email, email_element.elements["saml:AttributeValue"].text
+      assert_equal role, role_element.elements["saml:AttributeValue"].text
+    end
+
+    def test_build_with_attributes_hash
+      email = "user@example.com"
+
+      response = Response.build do |r|
+        r.attributes = { email: email }
+      end
+
+      root = response.document.root
+      statement = root.elements["saml:Assertion/saml:AttributeStatement"]
+      email_element = statement.elements["saml:Attribute[@Name='email']"]
+      assert_equal email, email_element.elements["saml:AttributeValue"].text
+    end
+
+    def test_mimic_returns_base64
+      encoded = @response.mimic
+      decoded = Base64.strict_decode64(encoded)
+      assert decoded.include?("<samlp:Response")
+      assert decoded.include?("<saml:Assertion")
+    end
+
+    def test_root_name
+      assert_equal "Response", @root.name
+      assert_equal "samlp", @root.prefix
+    end
+
+    def test_root_namespace
+      assert_equal SAML_PROTOCOL_NS, @root.namespace
+    end
+
+    def test_saml_namespace_declared
+      assert_equal SAML_ASSERTION_NS, @root.namespace("saml")
+    end
+
+    def test_root_id
+      assert @root.attributes["ID"].start_with?("_")
+    end
+
+    def test_root_version
+      assert_equal "2.0", @root.attributes["Version"]
+    end
+
+    def test_root_issue_instant
+      instant = Time.iso8601(@root.attributes["IssueInstant"])
+      assert_in_delta Time.now.to_i, instant.to_i, 1
+    end
+
+    def test_destination_default
+      assert_equal DEFAULTS.recipient, @root.attributes["Destination"]
+    end
+
+    def test_destination_override
+      destination = "https://test.example.com/acs"
+      refute_equal destination, DEFAULTS.recipient
+      root = Response.new(destination: destination).document.root
+      assert_equal destination, root.attributes["Destination"]
+    end
+
+    def test_in_response_to_default
+      assert_equal DEFAULTS.in_response_to, @root.attributes["InResponseTo"]
+    end
+
+    def test_in_response_to_override
+      in_response_to = "_test_request"
+      refute_equal in_response_to, DEFAULTS.in_response_to
+      root = Response.new(in_response_to: in_response_to).document.root
+      assert_equal in_response_to, root.attributes["InResponseTo"]
+    end
+
+    def test_destination_omitted_when_nil
+      root = Response.new(destination: nil).document.root
+      assert_nil root.attributes["Destination"]
+    end
+
+    def test_in_response_to_omitted_when_nil
+      root = Response.new(in_response_to: nil).document.root
+      assert_nil root.attributes["InResponseTo"]
+    end
+
+    def test_issuer
+      issuer = @root.elements["saml:Issuer"]
+      assert_equal "Issuer", issuer.name
+      assert_equal "saml", issuer.prefix
+      assert_equal DEFAULTS.issuer, issuer.text
+    end
+
+    def test_issuer_override
+      url = "https://test.idp.example.com"
+      refute_equal url, DEFAULTS.issuer
+      root = Response.new(issuer: url).document.root
+      issuer = root.elements["saml:Issuer"]
+      assert_equal url, issuer.text
+    end
+
+    def test_status
+      status = @root.elements["samlp:Status"]
+      assert_equal "Status", status.name
+      assert_equal "samlp", status.prefix
+    end
+
+    def test_status_code
+      status_code = @root.elements["samlp:Status/samlp:StatusCode"]
+      assert_equal "StatusCode", status_code.name
+      assert_equal "samlp", status_code.prefix
+      assert_equal STATUS_SUCCESS, status_code.attributes["Value"]
+    end
+
+    def test_assertion_embedded
+      assertion = @root.elements["saml:Assertion"]
+      assert_equal "Assertion", assertion.name
+      assert_equal "saml", assertion.prefix
+    end
+
+    def test_assertion_has_id
+      assertion = @root.elements["saml:Assertion"]
+      assert assertion.attributes["ID"].start_with?("_")
+    end
+
+    def test_assertion_inherits_issuer
+      url = "https://test.idp.example.com"
+      refute_equal url, DEFAULTS.issuer
+      root = Response.new(issuer: url).document.root
+      assertion = root.elements["saml:Assertion"]
+      issuer = assertion.elements["saml:Issuer"]
+      assert_equal url, issuer.text
+    end
+
+    def test_assertion_options_flow_through
+      email = "test@example.com"
+      refute_equal email, DEFAULTS.name_id
+      root = Response.new(name_id: email).document.root
+      assertion = root.elements["saml:Assertion"]
+      name_id = assertion.elements["saml:Subject/saml:NameID"]
+      assert_equal email, name_id.text
+    end
+
+    def test_unsigned_by_default
+      assert_nil @root.elements["ds:Signature"]
+      assert_nil @root.elements["saml:Assertion/ds:Signature"]
+    end
+
+    def test_sign_with_signs_response_and_assertion
+      root = Response.new(sign_with: Certificate.generate).document.root
+      refute_nil root.elements["ds:Signature"]
+      refute_nil root.elements["saml:Assertion/ds:Signature"]
+    end
+
+    def test_not_encrypted_by_default
+      assert_nil @root.elements["saml:EncryptedAssertion"]
+    end
+
+    def test_encrypt_with_creates_encrypted_assertion
+      root = Response.new(encrypt_with: Certificate.generate).document.root
+      ea = root.elements["saml:EncryptedAssertion"]
+      assert_equal "EncryptedAssertion", ea.name
+      assert_equal "saml", ea.prefix
+    end
+
+    def test_encrypt_with_removes_plain_assertion
+      root = Response.new(encrypt_with: Certificate.generate).document.root
+      assert_nil root.elements["saml:Assertion"]
+    end
+
+    def test_encrypt_with_contains_encrypted_data
+      root = Response.new(encrypt_with: Certificate.generate).document.root
+      ed = root.elements["saml:EncryptedAssertion/xenc:EncryptedData"]
+      assert_equal "EncryptedData", ed.name
+    end
+
+  end
+end

data/test/lyrebird/signature_test.rb

@@ -0,0 +1,137 @@
+# frozen_string_literal: true
+
+require "test_helper"
+
+module Lyrebird
+  class SignatureTest < Minitest::Test
+    def setup
+      @certificate = Certificate.generate
+      @assertion = Assertion.new.document
+      @element = @assertion.root
+      Signature.new(@element, @certificate).sign!
+      @signature = @element.elements["ds:Signature"]
+      @signed_info = @signature.elements["ds:SignedInfo"]
+      @reference = @signed_info.elements["ds:Reference"]
+    end
+
+    def test_sign_inserts_after_issuer
+      children = @element.elements.to_a
+      issuer_index = children.index { |e| e.name == "Issuer" }
+      signature_index = children.index { |e| e.name == "Signature" }
+      assert_equal issuer_index + 1, signature_index
+    end
+
+    def test_signature_element
+      assert_equal "Signature", @signature.name
+      assert_equal "ds", @signature.prefix
+      assert_equal XMLDSIG_NS, @signature.namespace
+    end
+
+    def test_signature_element_children
+      children = @signature.elements.to_a
+      assert_equal 3, children.size
+      assert_equal "SignedInfo", children[0].name
+      assert_equal "SignatureValue", children[1].name
+      assert_equal "KeyInfo", children[2].name
+    end
+
+    def test_signed_info_element
+      assert_equal "SignedInfo", @signed_info.name
+      assert_equal "ds", @signed_info.prefix
+    end
+
+    def test_canonicalization_method
+      cm = @signed_info.elements["ds:CanonicalizationMethod"]
+      assert_equal "CanonicalizationMethod", cm.name
+      assert_equal EXC_C14N, cm.attributes["Algorithm"]
+    end
+
+    def test_signature_method
+      sm = @signed_info.elements["ds:SignatureMethod"]
+      assert_equal "SignatureMethod", sm.name
+      assert_equal RSA_SHA256, sm.attributes["Algorithm"]
+    end
+
+    def test_reference_element
+      assert_equal "Reference", @reference.name
+      assert_equal "ds", @reference.prefix
+    end
+
+    def test_reference_uri
+      element_id = @element.attributes["ID"]
+      assert_equal "##{element_id}", @reference.attributes["URI"]
+    end
+
+    def test_transforms_element
+      transforms = @reference.elements["ds:Transforms"]
+      assert_equal "Transforms", transforms.name
+      assert_equal "ds", transforms.prefix
+    end
+
+    def test_enveloped_signature_transform
+      transforms = @reference.elements["ds:Transforms"]
+      transform = transforms.elements.to_a("ds:Transform")[0]
+      assert_equal ENVELOPED_SIG, transform.attributes["Algorithm"]
+    end
+
+    def test_c14n_transform
+      transforms = @reference.elements["ds:Transforms"]
+      transform = transforms.elements.to_a("ds:Transform")[1]
+      assert_equal EXC_C14N, transform.attributes["Algorithm"]
+    end
+
+    def test_digest_method_element
+      digest_method = @reference.elements["ds:DigestMethod"]
+      assert_equal "DigestMethod", digest_method.name
+      assert_equal "ds", digest_method.prefix
+    end
+
+    def test_digest_method_algorithm
+      digest_method = @reference.elements["ds:DigestMethod"]
+      assert_equal SHA256_DIGEST, digest_method.attributes["Algorithm"]
+    end
+
+    def test_digest_value_element
+      digest_value = @reference.elements["ds:DigestValue"]
+      assert_equal "DigestValue", digest_value.name
+      assert_equal "ds", digest_value.prefix
+    end
+
+    def test_digest_value_is_base64
+      digest_value = @reference.elements["ds:DigestValue"]
+      decoded = Base64.strict_decode64(digest_value.text)
+      assert_equal 32, decoded.bytesize
+    end
+
+    def test_signature_value_element
+      sv = @signature.elements["ds:SignatureValue"]
+      assert_equal "SignatureValue", sv.name
+      assert_equal "ds", sv.prefix
+    end
+
+    def test_signature_value_is_base64
+      sv = @signature.elements["ds:SignatureValue"]
+      decoded = Base64.strict_decode64(sv.text)
+      assert_equal 256, decoded.bytesize
+    end
+
+    def test_key_info_element
+      ki = @signature.elements["ds:KeyInfo"]
+      assert_equal "KeyInfo", ki.name
+      assert_equal "ds", ki.prefix
+    end
+
+    def test_x509_data_element
+      x509_data = @signature.elements["ds:KeyInfo/ds:X509Data"]
+      assert_equal "X509Data", x509_data.name
+      assert_equal "ds", x509_data.prefix
+    end
+
+    def test_x509_certificate_element
+      cert = @signature.elements["ds:KeyInfo/ds:X509Data/ds:X509Certificate"]
+      assert_equal "X509Certificate", cert.name
+      assert_equal "ds", cert.prefix
+      assert_equal @certificate.base64, cert.text
+    end
+  end
+end

data/test/test_helper.rb

@@ -0,0 +1,4 @@
+# frozen_string_literal: true
+
+require "lyrebird"
+require "minitest/autorun"

metadata

@@ -1,25 +1,119 @@
 --- !ruby/object:Gem::Specification
 name: lyrebird
 version: !ruby/object:Gem::Version
-  version: 0.0.0
+  version: 1.0.0.alpha2
 platform: ruby
 authors:
 - Josh
-bindir: exe
+autorequire:
+bindir: bin
 cert_chain: []
-date: 1980-01-02 00:00:00.000000000 Z
-dependencies: []
+date: 2026-01-27 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: base64
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: ostruct
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rexml
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: minitest
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description:
+email:
 executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- ".github/workflows/ci.yml"
+- ".github/workflows/publish.yml"
 - README.md
 - Rakefile
 - lib/lyrebird.rb
+- lib/lyrebird/assertion.rb
+- lib/lyrebird/certificate.rb
+- lib/lyrebird/defaults.rb
+- lib/lyrebird/encryption.rb
+- lib/lyrebird/id.rb
+- lib/lyrebird/namespaces.rb
+- lib/lyrebird/response.rb
+- lib/lyrebird/signature.rb
 - lib/lyrebird/version.rb
+- lyrebird.gemspec
 - sig/lyrebird.rbs
+- test/lyrebird/assertion_test.rb
+- test/lyrebird/certificate_test.rb
+- test/lyrebird/defaults_test.rb
+- test/lyrebird/encryption_test.rb
+- test/lyrebird/id_test.rb
+- test/lyrebird/response_test.rb
+- test/lyrebird/signature_test.rb
+- test/test_helper.rb
+homepage:
 licenses: []
 metadata: {}
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -30,11 +124,12 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: 3.2.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">="
+  - - ">"
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 1.3.1
 requirements: []
-rubygems_version: 4.0.3
+rubygems_version: 3.4.19
+signing_key:
 specification_version: 4
-summary: Mimics a SAML IdP for testing
+summary: Mimics SAML Identity Provider (IdP) responses for testing
 test_files: []