ruby-saml 0.9 → 0.9.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.


This version of ruby-saml might be problematic. Click here for more details.

@@ -1,9 +1,9 @@
1
1
  require File.expand_path(File.join(File.dirname(__FILE__), "test_helper"))
2
2
 
3
- class RequestTest < Test::Unit::TestCase
3
+ class RequestTest < Minitest::Test
4
4
 
5
- context "Authrequest" do
6
- should "create the deflated SAMLRequest URL parameter" do
5
+ describe "Authrequest" do
6
+ it "create the deflated SAMLRequest URL parameter" do
7
7
  settings = OneLogin::RubySaml::Settings.new
8
8
  settings.idp_sso_target_url = "http://example.com"
9
9
  auth_url = OneLogin::RubySaml::Authrequest.new.create(settings)
@@ -19,7 +19,7 @@ class RequestTest < Test::Unit::TestCase
19
19
  assert_match /^<samlp:AuthnRequest/, inflated
20
20
  end
21
21
 
22
- should "create the deflated SAMLRequest URL parameter including the Destination" do
22
+ it "create the deflated SAMLRequest URL parameter including the Destination" do
23
23
  settings = OneLogin::RubySaml::Settings.new
24
24
  settings.idp_sso_target_url = "http://example.com"
25
25
  auth_url = OneLogin::RubySaml::Authrequest.new.create(settings)
@@ -34,7 +34,7 @@ class RequestTest < Test::Unit::TestCase
34
34
  assert_match /<samlp:AuthnRequest[^<]* Destination='http:\/\/example.com'/, inflated
35
35
  end
36
36
 
37
- should "create the SAMLRequest URL parameter without deflating" do
37
+ it "create the SAMLRequest URL parameter without deflating" do
38
38
  settings = OneLogin::RubySaml::Settings.new
39
39
  settings.compress_request = false
40
40
  settings.idp_sso_target_url = "http://example.com"
@@ -46,7 +46,7 @@ class RequestTest < Test::Unit::TestCase
46
46
  assert_match /^<samlp:AuthnRequest/, decoded
47
47
  end
48
48
 
49
- should "create the SAMLRequest URL parameter with IsPassive" do
49
+ it "create the SAMLRequest URL parameter with IsPassive" do
50
50
  settings = OneLogin::RubySaml::Settings.new
51
51
  settings.idp_sso_target_url = "http://example.com"
52
52
  settings.passive = true
@@ -63,7 +63,7 @@ class RequestTest < Test::Unit::TestCase
63
63
  assert_match /<samlp:AuthnRequest[^<]* IsPassive='true'/, inflated
64
64
  end
65
65
 
66
- should "create the SAMLRequest URL parameter with ProtocolBinding" do
66
+ it "create the SAMLRequest URL parameter with ProtocolBinding" do
67
67
  settings = OneLogin::RubySaml::Settings.new
68
68
  settings.idp_sso_target_url = "http://example.com"
69
69
  settings.protocol_binding = 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST'
@@ -80,7 +80,7 @@ class RequestTest < Test::Unit::TestCase
80
80
  assert_match /<samlp:AuthnRequest[^<]* ProtocolBinding='urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST'/, inflated
81
81
  end
82
82
 
83
- should "create the SAMLRequest URL parameter with AttributeConsumingServiceIndex" do
83
+ it "create the SAMLRequest URL parameter with AttributeConsumingServiceIndex" do
84
84
  settings = OneLogin::RubySaml::Settings.new
85
85
  settings.idp_sso_target_url = "http://example.com"
86
86
  settings.attributes_index = 30
@@ -96,7 +96,7 @@ class RequestTest < Test::Unit::TestCase
96
96
  assert_match /<samlp:AuthnRequest[^<]* AttributeConsumingServiceIndex='30'/, inflated
97
97
  end
98
98
 
99
- should "create the SAMLRequest URL parameter with ForceAuthn" do
99
+ it "create the SAMLRequest URL parameter with ForceAuthn" do
100
100
  settings = OneLogin::RubySaml::Settings.new
101
101
  settings.idp_sso_target_url = "http://example.com"
102
102
  settings.force_authn = true
@@ -112,7 +112,7 @@ class RequestTest < Test::Unit::TestCase
112
112
  assert_match /<samlp:AuthnRequest[^<]* ForceAuthn='true'/, inflated
113
113
  end
114
114
 
115
- should "accept extra parameters" do
115
+ it "accept extra parameters" do
116
116
  settings = OneLogin::RubySaml::Settings.new
117
117
  settings.idp_sso_target_url = "http://example.com"
118
118
 
@@ -123,8 +123,8 @@ class RequestTest < Test::Unit::TestCase
123
123
  assert auth_url =~ /&hello=$/
124
124
  end
125
125
 
126
- context "when the target url doesn't contain a query string" do
127
- should "create the SAMLRequest parameter correctly" do
126
+ describe "when the target url doesn't contain a query string" do
127
+ it "create the SAMLRequest parameter correctly" do
128
128
  settings = OneLogin::RubySaml::Settings.new
129
129
  settings.idp_sso_target_url = "http://example.com"
130
130
 
@@ -133,8 +133,8 @@ class RequestTest < Test::Unit::TestCase
133
133
  end
134
134
  end
135
135
 
136
- context "when the target url contains a query string" do
137
- should "create the SAMLRequest parameter correctly" do
136
+ describe "when the target url contains a query string" do
137
+ it "create the SAMLRequest parameter correctly" do
138
138
  settings = OneLogin::RubySaml::Settings.new
139
139
  settings.idp_sso_target_url = "http://example.com?field=value"
140
140
 
@@ -143,8 +143,8 @@ class RequestTest < Test::Unit::TestCase
143
143
  end
144
144
  end
145
145
 
146
- context "when the settings indicate to sign (embebed) the request" do
147
- should "create a signed request" do
146
+ describe "when the settings indicate to sign (embebed) the request" do
147
+ it "create a signed request" do
148
148
  settings = OneLogin::RubySaml::Settings.new
149
149
  settings.compress_request = false
150
150
  settings.idp_sso_target_url = "http://example.com?field=value"
@@ -160,7 +160,7 @@ class RequestTest < Test::Unit::TestCase
160
160
  request_xml =~ /<ds:DigestMethod Algorithm='http:\/\/www.w3.org\/2000\/09\/xmldsig#rsa-sha1'\/>/
161
161
  end
162
162
 
163
- should "create a signed request with 256 digest and signature methods" do
163
+ it "create a signed request with 256 digest and signature methods" do
164
164
  settings = OneLogin::RubySaml::Settings.new
165
165
  settings.compress_request = false
166
166
  settings.idp_sso_target_url = "http://example.com?field=value"
@@ -180,8 +180,8 @@ class RequestTest < Test::Unit::TestCase
180
180
  end
181
181
 
182
182
 
183
- context "when the settings indicate to sign the request" do
184
- should "create a signature parameter" do
183
+ describe "when the settings indicate to sign the request" do
184
+ it "create a signature parameter" do
185
185
  settings = OneLogin::RubySaml::Settings.new
186
186
  settings.compress_request = false
187
187
  settings.idp_sso_target_url = "http://example.com?field=value"
@@ -204,7 +204,7 @@ class RequestTest < Test::Unit::TestCase
204
204
  end
205
205
  end
206
206
 
207
- should "create the saml:AuthnContextClassRef element correctly" do
207
+ it "create the saml:AuthnContextClassRef element correctly" do
208
208
  settings = OneLogin::RubySaml::Settings.new
209
209
  settings.idp_sso_target_url = "http://example.com"
210
210
  settings.authn_context = 'secure/name/password/uri'
@@ -212,7 +212,7 @@ class RequestTest < Test::Unit::TestCase
212
212
  assert auth_doc.to_s =~ /<saml:AuthnContextClassRef>secure\/name\/password\/uri<\/saml:AuthnContextClassRef>/
213
213
  end
214
214
 
215
- should "create the saml:AuthnContextClassRef with comparison exact" do
215
+ it "create the saml:AuthnContextClassRef with comparison exact" do
216
216
  settings = OneLogin::RubySaml::Settings.new
217
217
  settings.idp_sso_target_url = "http://example.com"
218
218
  settings.authn_context = 'secure/name/password/uri'
@@ -221,7 +221,7 @@ class RequestTest < Test::Unit::TestCase
221
221
  assert auth_doc.to_s =~ /<saml:AuthnContextClassRef>secure\/name\/password\/uri<\/saml:AuthnContextClassRef>/
222
222
  end
223
223
 
224
- should "create the saml:AuthnContextClassRef with comparison minimun" do
224
+ it "create the saml:AuthnContextClassRef with comparison minimun" do
225
225
  settings = OneLogin::RubySaml::Settings.new
226
226
  settings.idp_sso_target_url = "http://example.com"
227
227
  settings.authn_context = 'secure/name/password/uri'
@@ -231,7 +231,7 @@ class RequestTest < Test::Unit::TestCase
231
231
  assert auth_doc.to_s =~ /<saml:AuthnContextClassRef>secure\/name\/password\/uri<\/saml:AuthnContextClassRef>/
232
232
  end
233
233
 
234
- should "create the saml:AuthnContextDeclRef element correctly" do
234
+ it "create the saml:AuthnContextDeclRef element correctly" do
235
235
  settings = OneLogin::RubySaml::Settings.new
236
236
  settings.idp_sso_target_url = "http://example.com"
237
237
  settings.authn_context_decl_ref = 'urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport'
@@ -1,13 +1,13 @@
1
1
  require File.expand_path(File.join(File.dirname(__FILE__), "test_helper"))
2
2
 
3
- class RubySamlTest < Test::Unit::TestCase
3
+ class RubySamlTest < Minitest::Test
4
4
 
5
- context "Response" do
6
- should "raise an exception when response is initialized with nil" do
5
+ describe "Response" do
6
+ it "raise an exception when response is initialized with nil" do
7
7
  assert_raises(ArgumentError) { OneLogin::RubySaml::Response.new(nil) }
8
8
  end
9
9
 
10
- should "be able to parse a document which contains ampersands" do
10
+ it "be able to parse a document which contains ampersands" do
11
11
  XMLSecurity::SignedDocument.any_instance.stubs(:digests_match?).returns(true)
12
12
  OneLogin::RubySaml::Response.any_instance.stubs(:validate_conditions).returns(true)
13
13
 
@@ -18,23 +18,23 @@ class RubySamlTest < Test::Unit::TestCase
18
18
  response.validate!
19
19
  end
20
20
 
21
- should "adapt namespace" do
21
+ it "adapt namespace" do
22
22
  response = OneLogin::RubySaml::Response.new(response_document)
23
- assert_not_nil response.name_id
23
+ refute_nil response.name_id
24
24
  response = OneLogin::RubySaml::Response.new(response_document_2)
25
- assert_not_nil response.name_id
25
+ refute_nil response.name_id
26
26
  response = OneLogin::RubySaml::Response.new(response_document_3)
27
- assert_not_nil response.name_id
27
+ refute_nil response.name_id
28
28
  end
29
29
 
30
- should "default to raw input when a response is not Base64 encoded" do
30
+ it "default to raw input when a response is not Base64 encoded" do
31
31
  decoded = Base64.decode64(response_document_2)
32
32
  response = OneLogin::RubySaml::Response.new(decoded)
33
33
  assert response.document
34
34
  end
35
35
 
36
- context "Assertion" do
37
- should "only retreive an assertion with an ID that matches the signature's reference URI" do
36
+ describe "Assertion" do
37
+ it "only retreive an assertion with an ID that matches the signature's reference URI" do
38
38
  response = OneLogin::RubySaml::Response.new(wrapped_response_2)
39
39
  response.stubs(:conditions).returns(nil)
40
40
  settings = OneLogin::RubySaml::Settings.new
@@ -44,35 +44,35 @@ class RubySamlTest < Test::Unit::TestCase
44
44
  end
45
45
  end
46
46
 
47
- context "#validate!" do
48
- should "raise when encountering a condition that prevents the document from being valid" do
47
+ describe "#validate!" do
48
+ it "raise when encountering a condition that prevents the document from being valid" do
49
49
  response = OneLogin::RubySaml::Response.new(response_document)
50
- assert_raise(OneLogin::RubySaml::ValidationError) do
50
+ assert_raises(OneLogin::RubySaml::ValidationError) do
51
51
  response.validate!
52
52
  end
53
53
  end
54
54
  end
55
55
 
56
- context "#validate_structure" do
57
- should "raise when encountering a condition that prevents the document from being valid" do
56
+ describe "#validate_structure" do
57
+ it "raise when encountering a condition that prevents the document from being valid" do
58
58
  response = OneLogin::RubySaml::Response.new(response_document_2)
59
59
  response.send(:validate_structure)
60
60
  assert response.errors.include? "Schema validation failed"
61
61
  end
62
62
  end
63
63
 
64
- context "#is_valid?" do
65
- should "return false when response is initialized with blank data" do
64
+ describe "#is_valid?" do
65
+ it "return false when response is initialized with blank data" do
66
66
  response = OneLogin::RubySaml::Response.new('')
67
67
  assert !response.is_valid?
68
68
  end
69
69
 
70
- should "return false if settings have not been set" do
70
+ it "return false if settings have not been set" do
71
71
  response = OneLogin::RubySaml::Response.new(response_document)
72
72
  assert !response.is_valid?
73
73
  end
74
74
 
75
- should "return true when the response is initialized with valid data" do
75
+ it "return true when the response is initialized with valid data" do
76
76
  response = OneLogin::RubySaml::Response.new(response_document_4)
77
77
  response.stubs(:conditions).returns(nil)
78
78
  assert !response.is_valid?
@@ -84,7 +84,7 @@ class RubySamlTest < Test::Unit::TestCase
84
84
  assert response.is_valid?
85
85
  end
86
86
 
87
- should "should be idempotent when the response is initialized with invalid data" do
87
+ it "should be idempotent when the response is initialized with invalid data" do
88
88
  response = OneLogin::RubySaml::Response.new(response_document_4)
89
89
  response.stubs(:conditions).returns(nil)
90
90
  settings = OneLogin::RubySaml::Settings.new
@@ -93,7 +93,7 @@ class RubySamlTest < Test::Unit::TestCase
93
93
  assert !response.is_valid?
94
94
  end
95
95
 
96
- should "should be idempotent when the response is initialized with valid data" do
96
+ it "should be idempotent when the response is initialized with valid data" do
97
97
  response = OneLogin::RubySaml::Response.new(response_document_4)
98
98
  response.stubs(:conditions).returns(nil)
99
99
  settings = OneLogin::RubySaml::Settings.new
@@ -103,7 +103,7 @@ class RubySamlTest < Test::Unit::TestCase
103
103
  assert response.is_valid?
104
104
  end
105
105
 
106
- should "return true when using certificate instead of fingerprint" do
106
+ it "return true when using certificate instead of fingerprint" do
107
107
  response = OneLogin::RubySaml::Response.new(response_document_4)
108
108
  response.stubs(:conditions).returns(nil)
109
109
  settings = OneLogin::RubySaml::Settings.new
@@ -112,7 +112,7 @@ class RubySamlTest < Test::Unit::TestCase
112
112
  assert response.is_valid?
113
113
  end
114
114
 
115
- should "not allow signature wrapping attack" do
115
+ it "not allow signature wrapping attack" do
116
116
  response = OneLogin::RubySaml::Response.new(response_document_4)
117
117
  response.stubs(:conditions).returns(nil)
118
118
  settings = OneLogin::RubySaml::Settings.new
@@ -122,7 +122,7 @@ class RubySamlTest < Test::Unit::TestCase
122
122
  assert response.name_id == "test@onelogin.com"
123
123
  end
124
124
 
125
- should "support dynamic namespace resolution on signature elements" do
125
+ it "support dynamic namespace resolution on signature elements" do
126
126
  response = OneLogin::RubySaml::Response.new(fixture("no_signature_ns.xml"))
127
127
  response.stubs(:conditions).returns(nil)
128
128
  settings = OneLogin::RubySaml::Settings.new
@@ -132,7 +132,7 @@ class RubySamlTest < Test::Unit::TestCase
132
132
  assert response.validate!
133
133
  end
134
134
 
135
- should "validate ADFS assertions" do
135
+ it "validate ADFS assertions" do
136
136
  response = OneLogin::RubySaml::Response.new(fixture(:adfs_response_sha256))
137
137
  response.stubs(:conditions).returns(nil)
138
138
  settings = OneLogin::RubySaml::Settings.new
@@ -141,7 +141,7 @@ class RubySamlTest < Test::Unit::TestCase
141
141
  assert response.validate!
142
142
  end
143
143
 
144
- should "validate the digest" do
144
+ it "validate the digest" do
145
145
  response = OneLogin::RubySaml::Response.new(r1_response_document_6)
146
146
  response.stubs(:conditions).returns(nil)
147
147
  settings = OneLogin::RubySaml::Settings.new
@@ -150,7 +150,7 @@ class RubySamlTest < Test::Unit::TestCase
150
150
  assert response.validate!
151
151
  end
152
152
 
153
- should "validate SAML 2.0 XML structure" do
153
+ it "validate SAML 2.0 XML structure" do
154
154
  resp_xml = Base64.decode64(response_document_4).gsub(/emailAddress/,'test')
155
155
  response = OneLogin::RubySaml::Response.new(Base64.encode64(resp_xml))
156
156
  response.stubs(:conditions).returns(nil)
@@ -161,8 +161,8 @@ class RubySamlTest < Test::Unit::TestCase
161
161
  end
162
162
  end
163
163
 
164
- context "#name_id" do
165
- should "extract the value of the name id element" do
164
+ describe "#name_id" do
165
+ it "extract the value of the name id element" do
166
166
  response = OneLogin::RubySaml::Response.new(response_document)
167
167
  assert_equal "support@onelogin.com", response.name_id
168
168
 
@@ -170,19 +170,19 @@ class RubySamlTest < Test::Unit::TestCase
170
170
  assert_equal "someone@example.com", response.name_id
171
171
  end
172
172
 
173
- should "be extractable from an OpenSAML response" do
173
+ it "be extractable from an OpenSAML response" do
174
174
  response = OneLogin::RubySaml::Response.new(fixture(:open_saml))
175
175
  assert_equal "someone@example.org", response.name_id
176
176
  end
177
177
 
178
- should "be extractable from a Simple SAML PHP response" do
178
+ it "be extractable from a Simple SAML PHP response" do
179
179
  response = OneLogin::RubySaml::Response.new(fixture(:simple_saml_php))
180
180
  assert_equal "someone@example.com", response.name_id
181
181
  end
182
182
  end
183
183
 
184
- context "#check_conditions" do
185
- should "check time conditions" do
184
+ describe "#check_conditions" do
185
+ it "check time conditions" do
186
186
  response = OneLogin::RubySaml::Response.new(response_document)
187
187
  assert !response.send(:validate_conditions, true)
188
188
  response = OneLogin::RubySaml::Response.new(response_document_6)
@@ -193,7 +193,7 @@ class RubySamlTest < Test::Unit::TestCase
193
193
  assert response.send(:validate_conditions, true)
194
194
  end
195
195
 
196
- should "optionally allow for clock drift" do
196
+ it "optionally allow for clock drift" do
197
197
  # The NotBefore condition in the document is 2011-06-14T18:21:01.516Z
198
198
  Time.stubs(:now).returns(Time.parse("2011-06-14T18:21:01Z"))
199
199
  response = OneLogin::RubySaml::Response.new(response_document_5, :allowed_clock_drift => 0.515)
@@ -205,45 +205,45 @@ class RubySamlTest < Test::Unit::TestCase
205
205
  end
206
206
  end
207
207
 
208
- context "#attributes" do
209
- should "extract the first attribute in a hash accessed via its symbol" do
208
+ describe "#attributes" do
209
+ it "extract the first attribute in a hash accessed via its symbol" do
210
210
  response = OneLogin::RubySaml::Response.new(response_document)
211
211
  assert_equal "demo", response.attributes[:uid]
212
212
  end
213
213
 
214
- should "extract the first attribute in a hash accessed via its name" do
214
+ it "extract the first attribute in a hash accessed via its name" do
215
215
  response = OneLogin::RubySaml::Response.new(response_document)
216
216
  assert_equal "demo", response.attributes["uid"]
217
217
  end
218
218
 
219
- should "extract all attributes" do
219
+ it "extract all attributes" do
220
220
  response = OneLogin::RubySaml::Response.new(response_document)
221
221
  assert_equal "demo", response.attributes[:uid]
222
222
  assert_equal "value", response.attributes[:another_value]
223
223
  end
224
224
 
225
- should "work for implicit namespaces" do
225
+ it "work for implicit namespaces" do
226
226
  response = OneLogin::RubySaml::Response.new(response_document_3)
227
227
  assert_equal "someone@example.com", response.attributes["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"]
228
228
  end
229
229
 
230
- should "not raise errors about nil/empty attributes for EncryptedAttributes" do
230
+ it "not raise errors about nil/empty attributes for EncryptedAttributes" do
231
231
  response = OneLogin::RubySaml::Response.new(response_document_7)
232
232
  assert_equal 'Demo', response.attributes["first_name"]
233
233
  end
234
234
 
235
- should "not raise on responses without attributes" do
235
+ it "not raise on responses without attributes" do
236
236
  response = OneLogin::RubySaml::Response.new(response_document_4)
237
237
  assert_equal OneLogin::RubySaml::Attributes.new, response.attributes
238
238
  end
239
239
 
240
- context "#multiple values" do
241
- should "extract single value as string" do
240
+ describe "#multiple values" do
241
+ it "extract single value as string" do
242
242
  response = OneLogin::RubySaml::Response.new(fixture(:response_with_multiple_attribute_values))
243
243
  assert_equal "demo", response.attributes[:uid]
244
244
  end
245
245
 
246
- should "extract single value as string in compatibility mode off" do
246
+ it "extract single value as string in compatibility mode off" do
247
247
  response = OneLogin::RubySaml::Response.new(fixture(:response_with_multiple_attribute_values))
248
248
  OneLogin::RubySaml::Attributes.single_value_compatibility = false
249
249
  assert_equal ["demo"], response.attributes[:uid]
@@ -251,79 +251,79 @@ class RubySamlTest < Test::Unit::TestCase
251
251
  OneLogin::RubySaml::Attributes.single_value_compatibility = true
252
252
  end
253
253
 
254
- should "extract first of multiple values as string for b/w compatibility" do
254
+ it "extract first of multiple values as string for b/w compatibility" do
255
255
  response = OneLogin::RubySaml::Response.new(fixture(:response_with_multiple_attribute_values))
256
256
  assert_equal 'value1', response.attributes[:another_value]
257
257
  end
258
258
 
259
- should "extract first of multiple values as string for b/w compatibility in compatibility mode off" do
259
+ it "extract first of multiple values as string for b/w compatibility in compatibility mode off" do
260
260
  response = OneLogin::RubySaml::Response.new(fixture(:response_with_multiple_attribute_values))
261
261
  OneLogin::RubySaml::Attributes.single_value_compatibility = false
262
262
  assert_equal ['value1', 'value2'], response.attributes[:another_value]
263
263
  OneLogin::RubySaml::Attributes.single_value_compatibility = true
264
264
  end
265
265
 
266
- should "return array with all attributes when asked in XML order" do
266
+ it "return array with all attributes when asked in XML order" do
267
267
  response = OneLogin::RubySaml::Response.new(fixture(:response_with_multiple_attribute_values))
268
268
  assert_equal ['value1', 'value2'], response.attributes.multi(:another_value)
269
269
  end
270
270
 
271
- should "return array with all attributes when asked in XML order in compatibility mode off" do
271
+ it "return array with all attributes when asked in XML order in compatibility mode off" do
272
272
  response = OneLogin::RubySaml::Response.new(fixture(:response_with_multiple_attribute_values))
273
273
  OneLogin::RubySaml::Attributes.single_value_compatibility = false
274
274
  assert_equal ['value1', 'value2'], response.attributes.multi(:another_value)
275
275
  OneLogin::RubySaml::Attributes.single_value_compatibility = true
276
276
  end
277
277
 
278
- should "return first of multiple values when multiple Attribute tags in XML" do
278
+ it "return first of multiple values when multiple Attribute tags in XML" do
279
279
  response = OneLogin::RubySaml::Response.new(fixture(:response_with_multiple_attribute_values))
280
280
  assert_equal 'role1', response.attributes[:role]
281
281
  end
282
282
 
283
- should "return first of multiple values when multiple Attribute tags in XML in compatibility mode off" do
283
+ it "return first of multiple values when multiple Attribute tags in XML in compatibility mode off" do
284
284
  response = OneLogin::RubySaml::Response.new(fixture(:response_with_multiple_attribute_values))
285
285
  OneLogin::RubySaml::Attributes.single_value_compatibility = false
286
286
  assert_equal ['role1', 'role2', 'role3'], response.attributes[:role]
287
287
  OneLogin::RubySaml::Attributes.single_value_compatibility = true
288
288
  end
289
289
 
290
- should "return all of multiple values in reverse order when multiple Attribute tags in XML" do
290
+ it "return all of multiple values in reverse order when multiple Attribute tags in XML" do
291
291
  response = OneLogin::RubySaml::Response.new(fixture(:response_with_multiple_attribute_values))
292
292
  assert_equal ['role1', 'role2', 'role3'], response.attributes.multi(:role)
293
293
  end
294
294
 
295
- should "return all of multiple values in reverse order when multiple Attribute tags in XML in compatibility mode off" do
295
+ it "return all of multiple values in reverse order when multiple Attribute tags in XML in compatibility mode off" do
296
296
  response = OneLogin::RubySaml::Response.new(fixture(:response_with_multiple_attribute_values))
297
297
  OneLogin::RubySaml::Attributes.single_value_compatibility = false
298
298
  assert_equal ['role1', 'role2', 'role3'], response.attributes.multi(:role)
299
299
  OneLogin::RubySaml::Attributes.single_value_compatibility = true
300
300
  end
301
301
 
302
- should "return nil value correctly" do
302
+ it "return nil value correctly" do
303
303
  response = OneLogin::RubySaml::Response.new(fixture(:response_with_multiple_attribute_values))
304
304
  assert_nil response.attributes[:attribute_with_nil_value]
305
305
  end
306
306
 
307
- should "return nil value correctly when not in compatibility mode off" do
307
+ it "return nil value correctly when not in compatibility mode off" do
308
308
  response = OneLogin::RubySaml::Response.new(fixture(:response_with_multiple_attribute_values))
309
309
  OneLogin::RubySaml::Attributes.single_value_compatibility = false
310
310
  assert_equal [nil], response.attributes[:attribute_with_nil_value]
311
311
  OneLogin::RubySaml::Attributes.single_value_compatibility = true
312
312
  end
313
313
 
314
- should "return multiple values including nil and empty string" do
314
+ it "return multiple values including nil and empty string" do
315
315
  response = OneLogin::RubySaml::Response.new(fixture(:response_with_multiple_attribute_values))
316
316
  assert_equal ["", "valuePresent", nil, nil], response.attributes.multi(:attribute_with_nils_and_empty_strings)
317
317
  end
318
318
 
319
- should "return multiple values from [] when not in compatibility mode off" do
319
+ it "return multiple values from [] when not in compatibility mode off" do
320
320
  response = OneLogin::RubySaml::Response.new(fixture(:response_with_multiple_attribute_values))
321
321
  OneLogin::RubySaml::Attributes.single_value_compatibility = false
322
322
  assert_equal ["", "valuePresent", nil, nil], response.attributes[:attribute_with_nils_and_empty_strings]
323
323
  OneLogin::RubySaml::Attributes.single_value_compatibility = true
324
324
  end
325
325
 
326
- should "check what happens when trying retrieve attribute that does not exists" do
326
+ it "check what happens when trying retrieve attribute that does not exists" do
327
327
  response = OneLogin::RubySaml::Response.new(fixture(:response_with_multiple_attribute_values))
328
328
  assert_equal nil, response.attributes[:attribute_not_exists]
329
329
  assert_equal nil, response.attributes.single(:attribute_not_exists)
@@ -339,8 +339,8 @@ class RubySamlTest < Test::Unit::TestCase
339
339
  end
340
340
  end
341
341
 
342
- context "#session_expires_at" do
343
- should "extract the value of the SessionNotOnOrAfter attribute" do
342
+ describe "#session_expires_at" do
343
+ it "extract the value of the SessionNotOnOrAfter attribute" do
344
344
  response = OneLogin::RubySaml::Response.new(response_document)
345
345
  assert response.session_expires_at.is_a?(Time)
346
346
 
@@ -349,27 +349,27 @@ class RubySamlTest < Test::Unit::TestCase
349
349
  end
350
350
  end
351
351
 
352
- context "#issuer" do
353
- should "return the issuer inside the response assertion" do
352
+ describe "#issuer" do
353
+ it "return the issuer inside the response assertion" do
354
354
  response = OneLogin::RubySaml::Response.new(response_document)
355
355
  assert_equal "https://app.onelogin.com/saml/metadata/13590", response.issuer
356
356
  end
357
357
 
358
- should "return the issuer inside the response" do
358
+ it "return the issuer inside the response" do
359
359
  response = OneLogin::RubySaml::Response.new(response_document_2)
360
360
  assert_equal "wibble", response.issuer
361
361
  end
362
362
  end
363
363
 
364
- context "#success" do
365
- should "find a status code that says success" do
364
+ describe "#success" do
365
+ it "find a status code that says success" do
366
366
  response = OneLogin::RubySaml::Response.new(response_document)
367
367
  response.success?
368
368
  end
369
369
  end
370
370
 
371
- context '#xpath_first_from_signed_assertion' do
372
- should 'not allow arbitrary code execution' do
371
+ describe '#xpath_first_from_signed_assertion' do
372
+ it 'not allow arbitrary code execution' do
373
373
  malicious_response_document = fixture('response_eval', false)
374
374
  response = OneLogin::RubySaml::Response.new(malicious_response_document)
375
375
  response.send(:xpath_first_from_signed_assertion)