ruby-saml 0.8.11 → 0.8.12

data/test/xml_security_test.rb

@@ -1,94 +1,91 @@
-require 'test_helper'
-require 'xml_security'
+require File.expand_path(File.join(File.dirname(__FILE__), "test_helper"))
 
-class XmlSecurityTest < Test::Unit::TestCase
+class XmlSecurityTest < Minitest::Test
   include XMLSecurity
 
-  context "XmlSecurity" do
-    setup do
+  describe "XmlSecurity" do
+    before do
       @document = XMLSecurity::SignedDocument.new(Base64.decode64(response_document))
       @base64cert = @document.elements["//ds:X509Certificate"].text
     end
 
-    should "should run validate without throwing NS related exceptions" do
+    it "should run validate without throwing NS related exceptions" do
       assert !@document.validate_signature(@base64cert, true)
     end
 
-    should "should run validate with throwing NS related exceptions" do
-      assert_raise(OneLogin::RubySaml::ValidationError) do
+    it "should run validate with throwing NS related exceptions" do
+      assert_raises(OneLogin::RubySaml::ValidationError) do
         @document.validate_signature(@base64cert, false)
       end
     end
 
-    should "not raise an error when softly validating the document multiple times" do
-      assert_nothing_raised do
-        2.times { @document.validate_signature(@base64cert, true) }
-      end
+    it "not raise an error when softly validating the document multiple times" do
+      2.times { @document.validate_signature(@base64cert, true) }
     end
 
-    should "should raise Fingerprint mismatch" do
-      exception = assert_raise(OneLogin::RubySaml::ValidationError) do
+    it "should raise Fingerprint mismatch" do
+      exception = assert_raises(OneLogin::RubySaml::ValidationError) do
         @document.validate_document("no:fi:ng:er:pr:in:t", false)
       end
       assert_equal("Fingerprint mismatch", exception.message)
     end
 
-    should "should raise Digest mismatch" do
-      exception = assert_raise(OneLogin::RubySaml::ValidationError) do
+    it "should raise Digest mismatch" do
+      exception = assert_raises(OneLogin::RubySaml::ValidationError) do
         @document.validate_signature(@base64cert, false)
       end
       assert_equal("Digest mismatch", exception.message)
     end
 
-    should "should raise Key validation error" do
+    it "should raise Key validation error" do
       response = Base64.decode64(response_document)
       response.sub!("<ds:DigestValue>pJQ7MS/ek4KRRWGmv/H43ReHYMs=</ds:DigestValue>",
                     "<ds:DigestValue>b9xsAXLsynugg3Wc1CI3kpWku+0=</ds:DigestValue>")
       document = XMLSecurity::SignedDocument.new(response)
       base64cert = document.elements["//ds:X509Certificate"].text
-      exception = assert_raise(OneLogin::RubySaml::ValidationError) do
+      exception = assert_raises(OneLogin::RubySaml::ValidationError) do
         document.validate_signature(base64cert, false)
       end
       assert_equal("Key validation error", exception.message)
     end
 
-    should "raise validation error when the X509Certificate is missing" do
+    it "raise validation error when the X509Certificate is missing" do
       response = Base64.decode64(response_document)
       response.sub!(/<ds:X509Certificate>.*<\/ds:X509Certificate>/, "")
       document = XMLSecurity::SignedDocument.new(response)
-      exception = assert_raise(OneLogin::RubySaml::ValidationError) do
+      exception = assert_raises(OneLogin::RubySaml::ValidationError) do
         document.validate_document("a fingerprint", false) # The fingerprint isn't relevant to this test
       end
       assert_equal("Certificate element missing in response (ds:X509Certificate)", exception.message)
     end
   end
 
-  context "Algorithms" do
-    should "validate using SHA1" do
+  describe "Algorithms" do
+    it "validate using SHA1" do
       @document = XMLSecurity::SignedDocument.new(fixture(:adfs_response_sha1, false))
       assert @document.validate_document("F1:3C:6B:80:90:5A:03:0E:6C:91:3E:5D:15:FA:DD:B0:16:45:48:72")
     end
 
-    should "validate using SHA256" do
+    it "validate using SHA256" do
       @document = XMLSecurity::SignedDocument.new(fixture(:adfs_response_sha256, false))
       assert @document.validate_document("28:74:9B:E8:1F:E8:10:9C:A8:7C:A9:C3:E3:C5:01:6C:92:1C:B4:BA")
     end
 
-    should "validate using SHA384" do
+    it "validate using SHA384" do
       @document = XMLSecurity::SignedDocument.new(fixture(:adfs_response_sha384, false))
       assert @document.validate_document("F1:3C:6B:80:90:5A:03:0E:6C:91:3E:5D:15:FA:DD:B0:16:45:48:72")
     end
 
-    should "validate using SHA512" do
+    it "validate using SHA512" do
       @document = XMLSecurity::SignedDocument.new(fixture(:adfs_response_sha512, false))
       assert @document.validate_document("F1:3C:6B:80:90:5A:03:0E:6C:91:3E:5D:15:FA:DD:B0:16:45:48:72")
     end
   end
 
-  context "XmlSecurity::SignedDocument" do
+  describe "XmlSecurity::SignedDocument" do
 
-    context "#extract_inclusive_namespaces" do
-      should "support explicit namespace resolution for exclusive canonicalization" do
+    describe "#extract_inclusive_namespaces" do
+      it "support explicit namespace resolution for exclusive canonicalization" do
         response = fixture(:open_saml_response, false)
         document = XMLSecurity::SignedDocument.new(response)
         inclusive_namespaces = document.send(:extract_inclusive_namespaces)
@@ -96,7 +93,7 @@ class XmlSecurityTest < Test::Unit::TestCase
         assert_equal %w[ xs ], inclusive_namespaces
       end
 
-      should "support implicit namespace resolution for exclusive canonicalization" do
+      it "support implicit namespace resolution for exclusive canonicalization" do
         response = fixture(:no_signature_ns, false)
         document = XMLSecurity::SignedDocument.new(response)
         inclusive_namespaces = document.send(:extract_inclusive_namespaces)
@@ -104,7 +101,8 @@ class XmlSecurityTest < Test::Unit::TestCase
         assert_equal %w[ #default saml ds xs xsi ], inclusive_namespaces
       end
 
-      should_eventually 'support inclusive canonicalization' do
+      it 'support inclusive canonicalization' do
+        skip('test not yet implemented')
 
         response = OneLogin::RubySaml::Response.new(fixture("tdnf_response.xml"))
         response.stubs(:conditions).returns(nil)
@@ -117,7 +115,7 @@ class XmlSecurityTest < Test::Unit::TestCase
         assert response.validate!
       end
 
-      should "return an empty list when inclusive namespace element is missing" do
+      it "return an empty list when inclusive namespace element is missing" do
         response = fixture(:no_signature_ns, false)
         response.slice! %r{<InclusiveNamespaces xmlns="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="#default saml ds xs xsi"/>}
 
@@ -128,27 +126,27 @@ class XmlSecurityTest < Test::Unit::TestCase
       end
     end
 
-    context "StarfieldTMS" do
-      setup do
+    describe "StarfieldTMS" do
+      before do
         @response = OneLogin::RubySaml::Response.new(fixture(:starfield_response))
         @response.settings = OneLogin::RubySaml::Settings.new(
                                                           :idp_cert_fingerprint => "8D:BA:53:8E:A3:B6:F9:F1:69:6C:BB:D9:D8:BD:41:B3:AC:4F:9D:4D"
                                                           )
       end
 
-      should "be able to validate a good response" do
+      it "be able to validate a good response" do
         Timecop.freeze Time.parse('2012-11-28 17:55:00 UTC') do
           assert @response.validate!
         end
       end
 
-      should "fail before response is valid" do
+      it "fail before response is valid" do
         Timecop.freeze Time.parse('2012-11-20 17:55:00 UTC') do
           assert ! @response.is_valid?
         end
       end
 
-      should "fail after response expires" do
+      it "fail after response expires" do
         Timecop.freeze Time.parse('2012-11-30 17:55:00 UTC') do
           assert ! @response.is_valid?
         end

metadata

@@ -1,54 +1,49 @@
---- !ruby/object:Gem::Specification
+--- !ruby/object:Gem::Specification 
 name: ruby-saml
-version: !ruby/object:Gem::Version
-  version: 0.8.11
+version: !ruby/object:Gem::Version 
+  version: 0.8.12
 platform: ruby
-authors:
+authors: 
 - OneLogin LLC
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-11-05 00:00:00.000000000 Z
-dependencies:
-- !ruby/object:Gem::Dependency
+
+date: 2020-05-08 00:00:00 Z
+dependencies: 
+- !ruby/object:Gem::Dependency 
   name: uuid
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '2.3'
-  type: :runtime
   prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '2.3'
-- !ruby/object:Gem::Dependency
-  name: nokogiri
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 1.5.0
+  requirement: &id001 !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        version: "2.3"
   type: :runtime
+  version_requirements: *id001
+- !ruby/object:Gem::Dependency 
+  name: nokogiri
   prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
+  requirement: &id002 !ruby/object:Gem::Requirement 
+    requirements: 
     - - ">="
-      - !ruby/object:Gem::Version
+      - !ruby/object:Gem::Version 
         version: 1.5.0
+  type: :runtime
+  version_requirements: *id002
 description: SAML toolkit for Ruby on Rails
 email: support@onelogin.com
 executables: []
+
 extensions: []
-extra_rdoc_files:
+
+extra_rdoc_files: 
 - LICENSE
 - README.md
-files:
-- ".document"
-- ".gitignore"
-- ".travis.yml"
+files: 
+- .document
+- .gitignore
+- .travis.yml
 - Gemfile
 - LICENSE
 - README.md
@@ -86,6 +81,7 @@ files:
 - test/responses/adfs_response_sha256.xml
 - test/responses/adfs_response_sha384.xml
 - test/responses/adfs_response_sha512.xml
+- test/responses/encrypted_new_attack.xml.base64
 - test/responses/logoutresponse_fixtures.rb
 - test/responses/no_signature_ns.xml
 - test/responses/open_saml_response.xml
@@ -99,10 +95,14 @@ files:
 - test/responses/response_node_text_attack.xml.base64
 - test/responses/response_with_ampersands.xml
 - test/responses/response_with_ampersands.xml.base64
+- test/responses/response_with_concealed_signed_assertion.xml
+- test/responses/response_with_doubled_signed_assertion.xml
 - test/responses/response_with_multiple_attribute_statements.xml
 - test/responses/response_with_multiple_attribute_values.xml
+- test/responses/response_wrapped.xml.base64
 - test/responses/simple_saml_php.xml
 - test/responses/starfield_response.xml.base64
+- test/responses/valid_response.xml.base64
 - test/responses/wrapped_response_2.xml.base64
 - test/settings_test.rb
 - test/slo_logoutresponse_test.rb
@@ -111,29 +111,31 @@ files:
 - test/xml_security_test.rb
 homepage: http://github.com/onelogin/ruby-saml
 licenses: []
+
 metadata: {}
+
 post_install_message: 
-rdoc_options:
-- "--charset=UTF-8"
-require_paths:
+rdoc_options: 
+- --charset=UTF-8
+require_paths: 
 - lib
-required_ruby_version: !ruby/object:Gem::Requirement
-  requirements:
-  - - ">="
-    - !ruby/object:Gem::Version
-      version: '0'
-required_rubygems_version: !ruby/object:Gem::Requirement
-  requirements:
-  - - ">="
-    - !ruby/object:Gem::Version
-      version: '0'
+required_ruby_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - &id003 
+    - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - *id003
 requirements: []
+
 rubyforge_project: http://www.rubygems.org/gems/ruby-saml
-rubygems_version: 2.5.1
+rubygems_version: 2.7.7
 signing_key: 
 specification_version: 4
 summary: SAML Ruby Tookit
-test_files:
+test_files: 
 - test/certificates/certificate1
 - test/certificates/r1_certificate2_base64
 - test/certificates/ruby-saml.crt
@@ -146,6 +148,7 @@ test_files:
 - test/responses/adfs_response_sha256.xml
 - test/responses/adfs_response_sha384.xml
 - test/responses/adfs_response_sha512.xml
+- test/responses/encrypted_new_attack.xml.base64
 - test/responses/logoutresponse_fixtures.rb
 - test/responses/no_signature_ns.xml
 - test/responses/open_saml_response.xml
@@ -159,10 +162,14 @@ test_files:
 - test/responses/response_node_text_attack.xml.base64
 - test/responses/response_with_ampersands.xml
 - test/responses/response_with_ampersands.xml.base64
+- test/responses/response_with_concealed_signed_assertion.xml
+- test/responses/response_with_doubled_signed_assertion.xml
 - test/responses/response_with_multiple_attribute_statements.xml
 - test/responses/response_with_multiple_attribute_values.xml
+- test/responses/response_wrapped.xml.base64
 - test/responses/simple_saml_php.xml
 - test/responses/starfield_response.xml.base64
+- test/responses/valid_response.xml.base64
 - test/responses/wrapped_response_2.xml.base64
 - test/settings_test.rb
 - test/slo_logoutresponse_test.rb