ruby-saml 1.11.0 → 1.14.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of ruby-saml might be problematic. Click here for more details.

Files changed (160) hide show
  1. checksums.yaml +5 -5
  2. data/.github/workflows/test.yml +25 -0
  3. data/{changelog.md → CHANGELOG.md} +49 -1
  4. data/README.md +363 -218
  5. data/UPGRADING.md +149 -0
  6. data/lib/onelogin/ruby-saml/attributes.rb +24 -1
  7. data/lib/onelogin/ruby-saml/authrequest.rb +12 -8
  8. data/lib/onelogin/ruby-saml/idp_metadata_parser.rb +154 -83
  9. data/lib/onelogin/ruby-saml/logoutrequest.rb +13 -7
  10. data/lib/onelogin/ruby-saml/logoutresponse.rb +6 -2
  11. data/lib/onelogin/ruby-saml/metadata.rb +62 -17
  12. data/lib/onelogin/ruby-saml/response.rb +57 -32
  13. data/lib/onelogin/ruby-saml/saml_message.rb +8 -3
  14. data/lib/onelogin/ruby-saml/setting_error.rb +6 -0
  15. data/lib/onelogin/ruby-saml/settings.rb +92 -50
  16. data/lib/onelogin/ruby-saml/slo_logoutrequest.rb +17 -30
  17. data/lib/onelogin/ruby-saml/slo_logoutresponse.rb +32 -18
  18. data/lib/onelogin/ruby-saml/utils.rb +83 -8
  19. data/lib/onelogin/ruby-saml/version.rb +1 -1
  20. data/lib/xml_security.rb +39 -13
  21. data/ruby-saml.gemspec +14 -5
  22. metadata +29 -288
  23. data/.travis.yml +0 -46
  24. data/test/certificates/certificate.der +0 -0
  25. data/test/certificates/certificate1 +0 -12
  26. data/test/certificates/certificate_without_head_foot +0 -1
  27. data/test/certificates/formatted_certificate +0 -14
  28. data/test/certificates/formatted_chained_certificate +0 -42
  29. data/test/certificates/formatted_private_key +0 -12
  30. data/test/certificates/formatted_rsa_private_key +0 -12
  31. data/test/certificates/invalid_certificate1 +0 -1
  32. data/test/certificates/invalid_certificate2 +0 -1
  33. data/test/certificates/invalid_certificate3 +0 -12
  34. data/test/certificates/invalid_chained_certificate1 +0 -1
  35. data/test/certificates/invalid_private_key1 +0 -1
  36. data/test/certificates/invalid_private_key2 +0 -1
  37. data/test/certificates/invalid_private_key3 +0 -10
  38. data/test/certificates/invalid_rsa_private_key1 +0 -1
  39. data/test/certificates/invalid_rsa_private_key2 +0 -1
  40. data/test/certificates/invalid_rsa_private_key3 +0 -10
  41. data/test/certificates/ruby-saml-2.crt +0 -15
  42. data/test/certificates/ruby-saml.crt +0 -14
  43. data/test/certificates/ruby-saml.key +0 -15
  44. data/test/idp_metadata_parser_test.rb +0 -594
  45. data/test/logging_test.rb +0 -62
  46. data/test/logout_requests/invalid_slo_request.xml +0 -6
  47. data/test/logout_requests/slo_request.xml +0 -4
  48. data/test/logout_requests/slo_request.xml.base64 +0 -1
  49. data/test/logout_requests/slo_request_deflated.xml.base64 +0 -1
  50. data/test/logout_requests/slo_request_with_name_id_format.xml +0 -4
  51. data/test/logout_requests/slo_request_with_session_index.xml +0 -5
  52. data/test/logout_responses/logoutresponse_fixtures.rb +0 -86
  53. data/test/logoutrequest_test.rb +0 -260
  54. data/test/logoutresponse_test.rb +0 -427
  55. data/test/metadata/idp_descriptor.xml +0 -26
  56. data/test/metadata/idp_descriptor_2.xml +0 -56
  57. data/test/metadata/idp_descriptor_3.xml +0 -14
  58. data/test/metadata/idp_descriptor_4.xml +0 -72
  59. data/test/metadata/idp_metadata_different_sign_and_encrypt_cert.xml +0 -72
  60. data/test/metadata/idp_metadata_multi_certs.xml +0 -75
  61. data/test/metadata/idp_metadata_multi_signing_certs.xml +0 -52
  62. data/test/metadata/idp_metadata_same_sign_and_encrypt_cert.xml +0 -71
  63. data/test/metadata/idp_multiple_descriptors.xml +0 -59
  64. data/test/metadata/idp_multiple_descriptors_2.xml +0 -59
  65. data/test/metadata/no_idp_descriptor.xml +0 -21
  66. data/test/metadata_test.rb +0 -331
  67. data/test/request_test.rb +0 -340
  68. data/test/response_test.rb +0 -1629
  69. data/test/responses/adfs_response_sha1.xml +0 -46
  70. data/test/responses/adfs_response_sha256.xml +0 -46
  71. data/test/responses/adfs_response_sha384.xml +0 -46
  72. data/test/responses/adfs_response_sha512.xml +0 -46
  73. data/test/responses/adfs_response_xmlns.xml +0 -45
  74. data/test/responses/attackxee.xml +0 -13
  75. data/test/responses/invalids/duplicated_attributes.xml.base64 +0 -1
  76. data/test/responses/invalids/empty_destination.xml.base64 +0 -1
  77. data/test/responses/invalids/empty_nameid.xml.base64 +0 -1
  78. data/test/responses/invalids/encrypted_new_attack.xml.base64 +0 -1
  79. data/test/responses/invalids/invalid_audience.xml.base64 +0 -1
  80. data/test/responses/invalids/invalid_issuer_assertion.xml.base64 +0 -1
  81. data/test/responses/invalids/invalid_issuer_message.xml.base64 +0 -1
  82. data/test/responses/invalids/invalid_signature_position.xml.base64 +0 -1
  83. data/test/responses/invalids/invalid_subjectconfirmation_inresponse.xml.base64 +0 -1
  84. data/test/responses/invalids/invalid_subjectconfirmation_nb.xml.base64 +0 -1
  85. data/test/responses/invalids/invalid_subjectconfirmation_noa.xml.base64 +0 -1
  86. data/test/responses/invalids/invalid_subjectconfirmation_recipient.xml.base64 +0 -1
  87. data/test/responses/invalids/multiple_assertions.xml.base64 +0 -2
  88. data/test/responses/invalids/multiple_signed.xml.base64 +0 -1
  89. data/test/responses/invalids/no_authnstatement.xml.base64 +0 -1
  90. data/test/responses/invalids/no_conditions.xml.base64 +0 -1
  91. data/test/responses/invalids/no_id.xml.base64 +0 -1
  92. data/test/responses/invalids/no_issuer_assertion.xml.base64 +0 -1
  93. data/test/responses/invalids/no_issuer_response.xml.base64 +0 -1
  94. data/test/responses/invalids/no_nameid.xml.base64 +0 -1
  95. data/test/responses/invalids/no_saml2.xml.base64 +0 -1
  96. data/test/responses/invalids/no_signature.xml.base64 +0 -1
  97. data/test/responses/invalids/no_status.xml.base64 +0 -1
  98. data/test/responses/invalids/no_status_code.xml.base64 +0 -1
  99. data/test/responses/invalids/no_subjectconfirmation_data.xml.base64 +0 -1
  100. data/test/responses/invalids/no_subjectconfirmation_method.xml.base64 +0 -1
  101. data/test/responses/invalids/response_invalid_signed_element.xml.base64 +0 -1
  102. data/test/responses/invalids/response_with_concealed_signed_assertion.xml +0 -51
  103. data/test/responses/invalids/response_with_doubled_signed_assertion.xml +0 -49
  104. data/test/responses/invalids/signature_wrapping_attack.xml.base64 +0 -1
  105. data/test/responses/invalids/status_code_responder.xml.base64 +0 -1
  106. data/test/responses/invalids/status_code_responer_and_msg.xml.base64 +0 -1
  107. data/test/responses/invalids/wrong_spnamequalifier.xml.base64 +0 -1
  108. data/test/responses/no_signature_ns.xml +0 -48
  109. data/test/responses/open_saml_response.xml +0 -56
  110. data/test/responses/response_assertion_wrapped.xml.base64 +0 -93
  111. data/test/responses/response_audience_self_closed_tag.xml.base64 +0 -1
  112. data/test/responses/response_double_status_code.xml.base64 +0 -1
  113. data/test/responses/response_encrypted_attrs.xml.base64 +0 -1
  114. data/test/responses/response_encrypted_nameid.xml.base64 +0 -1
  115. data/test/responses/response_eval.xml +0 -7
  116. data/test/responses/response_no_cert_and_encrypted_attrs.xml +0 -29
  117. data/test/responses/response_node_text_attack.xml.base64 +0 -1
  118. data/test/responses/response_node_text_attack2.xml.base64 +0 -1
  119. data/test/responses/response_node_text_attack3.xml.base64 +0 -1
  120. data/test/responses/response_unsigned_xml_base64 +0 -1
  121. data/test/responses/response_with_ampersands.xml +0 -139
  122. data/test/responses/response_with_ampersands.xml.base64 +0 -93
  123. data/test/responses/response_with_ds_namespace_at_the_root.xml.base64 +0 -1
  124. data/test/responses/response_with_multiple_attribute_statements.xml +0 -72
  125. data/test/responses/response_with_multiple_attribute_values.xml +0 -67
  126. data/test/responses/response_with_retrieval_method.xml +0 -26
  127. data/test/responses/response_with_saml2_namespace.xml.base64 +0 -102
  128. data/test/responses/response_with_signed_assertion.xml.base64 +0 -66
  129. data/test/responses/response_with_signed_assertion_2.xml.base64 +0 -1
  130. data/test/responses/response_with_signed_assertion_3.xml +0 -30
  131. data/test/responses/response_with_signed_message_and_assertion.xml +0 -34
  132. data/test/responses/response_with_undefined_recipient.xml.base64 +0 -1
  133. data/test/responses/response_without_attributes.xml.base64 +0 -79
  134. data/test/responses/response_without_reference_uri.xml.base64 +0 -1
  135. data/test/responses/response_wrapped.xml.base64 +0 -150
  136. data/test/responses/signed_message_encrypted_signed_assertion.xml.base64 +0 -1
  137. data/test/responses/signed_message_encrypted_unsigned_assertion.xml.base64 +0 -1
  138. data/test/responses/signed_nameid_in_atts.xml +0 -47
  139. data/test/responses/signed_unqual_nameid_in_atts.xml +0 -47
  140. data/test/responses/simple_saml_php.xml +0 -71
  141. data/test/responses/starfield_response.xml.base64 +0 -1
  142. data/test/responses/test_sign.xml +0 -43
  143. data/test/responses/unsigned_encrypted_adfs.xml +0 -23
  144. data/test/responses/unsigned_message_aes128_encrypted_signed_assertion.xml.base64 +0 -1
  145. data/test/responses/unsigned_message_aes192_encrypted_signed_assertion.xml.base64 +0 -1
  146. data/test/responses/unsigned_message_aes256_encrypted_signed_assertion.xml.base64 +0 -1
  147. data/test/responses/unsigned_message_des192_encrypted_signed_assertion.xml.base64 +0 -1
  148. data/test/responses/unsigned_message_encrypted_assertion_without_saml_namespace.xml.base64 +0 -1
  149. data/test/responses/unsigned_message_encrypted_signed_assertion.xml.base64 +0 -1
  150. data/test/responses/unsigned_message_encrypted_unsigned_assertion.xml.base64 +0 -1
  151. data/test/responses/valid_response.xml.base64 +0 -1
  152. data/test/responses/valid_response_with_formatted_x509certificate.xml.base64 +0 -1
  153. data/test/responses/valid_response_without_x509certificate.xml.base64 +0 -1
  154. data/test/saml_message_test.rb +0 -56
  155. data/test/settings_test.rb +0 -338
  156. data/test/slo_logoutrequest_test.rb +0 -467
  157. data/test/slo_logoutresponse_test.rb +0 -233
  158. data/test/test_helper.rb +0 -333
  159. data/test/utils_test.rb +0 -259
  160. data/test/xml_security_test.rb +0 -421
@@ -1,338 +0,0 @@
1
- require File.expand_path(File.join(File.dirname(__FILE__), "test_helper"))
2
-
3
- require 'onelogin/ruby-saml/settings'
4
- require 'onelogin/ruby-saml/validation_error'
5
-
6
- class SettingsTest < Minitest::Test
7
-
8
- describe "Settings" do
9
- before do
10
- @settings = OneLogin::RubySaml::Settings.new
11
- end
12
-
13
- it "should provide getters and settings" do
14
- accessors = [
15
- :idp_entity_id, :idp_sso_target_url, :idp_slo_target_url, :valid_until,
16
- :idp_cert, :idp_cert_fingerprint, :idp_cert_fingerprint_algorithm, :idp_cert_multi,
17
- :idp_attribute_names, :issuer, :assertion_consumer_service_url, :assertion_consumer_service_binding,
18
- :single_logout_service_url, :single_logout_service_binding,
19
- :sp_name_qualifier, :name_identifier_format, :name_identifier_value, :name_identifier_value_requested,
20
- :sessionindex, :attributes_index, :passive, :force_authn,
21
- :compress_request, :double_quote_xml_attribute_values, :protocol_binding,
22
- :security, :certificate, :private_key,
23
- :authn_context, :authn_context_comparison, :authn_context_decl_ref,
24
- :assertion_consumer_logout_service_url,
25
- :assertion_consumer_logout_service_binding
26
- ]
27
-
28
- accessors.each do |accessor|
29
- value = Kernel.rand
30
- @settings.send("#{accessor}=".to_sym, value)
31
- assert_equal value, @settings.send(accessor)
32
- end
33
-
34
- end
35
-
36
- it "create settings from hash" do
37
- config = {
38
- :assertion_consumer_service_url => "http://app.muda.no/sso",
39
- :issuer => "http://muda.no",
40
- :sp_name_qualifier => "http://sso.muda.no",
41
- :idp_sso_target_url => "http://sso.muda.no/sso",
42
- :idp_slo_target_url => "http://sso.muda.no/slo",
43
- :idp_cert_fingerprint => "00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00",
44
- :valid_until => '2029-04-16T03:35:08.277Z',
45
- :name_identifier_format => "urn:oasis:names:tc:SAML:2.0:nameid-format:transient",
46
- :attributes_index => 30,
47
- :passive => true,
48
- :protocol_binding => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST'
49
- }
50
- @settings = OneLogin::RubySaml::Settings.new(config)
51
-
52
- config.each do |k,v|
53
- assert_equal v, @settings.send(k)
54
- end
55
- end
56
-
57
- it "configure attribute service attributes correctly" do
58
- @settings.attribute_consuming_service.configure do
59
- service_name "Test Service"
60
- add_attribute :name => "Name", :name_format => "Name Format", :friendly_name => "Friendly Name"
61
- end
62
-
63
- assert_equal @settings.attribute_consuming_service.configured?, true
64
- assert_equal @settings.attribute_consuming_service.name, "Test Service"
65
- assert_equal @settings.attribute_consuming_service.attributes, [{:name => "Name", :name_format => "Name Format", :friendly_name => "Friendly Name" }]
66
- end
67
-
68
- it "does not modify default security settings" do
69
- settings = OneLogin::RubySaml::Settings.new
70
- settings.security[:authn_requests_signed] = true
71
- settings.security[:embed_sign] = true
72
- settings.security[:digest_method] = XMLSecurity::Document::SHA256
73
- settings.security[:signature_method] = XMLSecurity::Document::RSA_SHA256
74
-
75
- new_settings = OneLogin::RubySaml::Settings.new
76
- assert_equal new_settings.security[:authn_requests_signed], false
77
- assert_equal new_settings.security[:embed_sign], false
78
- assert_equal new_settings.security[:digest_method], XMLSecurity::Document::SHA1
79
- assert_equal new_settings.security[:signature_method], XMLSecurity::Document::RSA_SHA1
80
- end
81
-
82
- it "overrides only provided security attributes passing a second parameter" do
83
- config = {
84
- :security => {
85
- :metadata_signed => true
86
- }
87
- }
88
-
89
- @default_attributes = OneLogin::RubySaml::Settings::DEFAULTS
90
-
91
- @settings = OneLogin::RubySaml::Settings.new(config, true)
92
- assert_equal @settings.security[:metadata_signed], true
93
- assert_equal @settings.security[:digest_method], @default_attributes[:security][:digest_method]
94
- end
95
-
96
- it "doesn't override only provided security attributes without passing a second parameter" do
97
- config = {
98
- :security => {
99
- :metadata_signed => true
100
- }
101
- }
102
-
103
- @default_attributes = OneLogin::RubySaml::Settings::DEFAULTS
104
-
105
- @settings = OneLogin::RubySaml::Settings.new(config)
106
- assert_equal @settings.security[:metadata_signed], true
107
- assert_nil @settings.security[:digest_method]
108
- end
109
-
110
- describe "#single_logout_service_url" do
111
- it "when single_logout_service_url is nil but assertion_consumer_logout_service_url returns its value" do
112
- @settings.single_logout_service_url = nil
113
- @settings.assertion_consumer_logout_service_url = "http://app.muda.no/sls"
114
-
115
- assert_equal "http://app.muda.no/sls", @settings.single_logout_service_url
116
- end
117
- end
118
-
119
- describe "#single_logout_service_binding" do
120
- it "when single_logout_service_binding is nil but assertion_consumer_logout_service_binding returns its value" do
121
- @settings.single_logout_service_binding = nil
122
- @settings.assertion_consumer_logout_service_binding = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
123
-
124
- assert_equal "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect", @settings.single_logout_service_binding
125
- end
126
- end
127
-
128
- describe "#get_idp_cert" do
129
- it "returns nil when the cert is an empty string" do
130
- @settings.idp_cert = ""
131
- assert_nil @settings.get_idp_cert
132
- end
133
-
134
- it "returns nil when the cert is nil" do
135
- @settings.idp_cert = nil
136
- assert_nil @settings.get_idp_cert
137
- end
138
-
139
- it "returns the certificate when it is valid" do
140
- @settings.idp_cert = ruby_saml_cert_text
141
- assert @settings.get_idp_cert.kind_of? OpenSSL::X509::Certificate
142
- end
143
-
144
- it "raises when the certificate is not valid" do
145
- # formatted but invalid cert
146
- @settings.idp_cert = read_certificate("formatted_certificate")
147
- assert_raises(OpenSSL::X509::CertificateError) {
148
- @settings.get_idp_cert
149
- }
150
- end
151
- end
152
-
153
- describe "#get_idp_cert_multi" do
154
- it "returns nil when the value is empty" do
155
- @settings.idp_cert = {}
156
- assert_nil @settings.get_idp_cert_multi
157
- end
158
-
159
- it "returns nil when the idp_cert_multi is nil or empty" do
160
- @settings.idp_cert_multi = nil
161
- assert_nil @settings.get_idp_cert_multi
162
- end
163
-
164
- it "returns partial hash when contains some values" do
165
- empty_multi = {
166
- :signing => [],
167
- :encryption => []
168
- }
169
-
170
- @settings.idp_cert_multi = {
171
- :signing => []
172
- }
173
- assert_equal empty_multi, @settings.get_idp_cert_multi
174
-
175
- @settings.idp_cert_multi = {
176
- :encryption => []
177
- }
178
- assert_equal empty_multi, @settings.get_idp_cert_multi
179
-
180
- @settings.idp_cert_multi = {
181
- :signing => [],
182
- :encryption => []
183
- }
184
- assert_equal empty_multi, @settings.get_idp_cert_multi
185
-
186
- @settings.idp_cert_multi = {
187
- :yyy => [],
188
- :zzz => []
189
- }
190
- assert_equal empty_multi, @settings.get_idp_cert_multi
191
- end
192
-
193
- it "returns the hash with certificates when values were valid" do
194
- certificates = ruby_saml_cert_text
195
- @settings.idp_cert_multi = {
196
- :signing => [ruby_saml_cert_text],
197
- :encryption => [ruby_saml_cert_text],
198
- }
199
-
200
- assert @settings.get_idp_cert_multi.kind_of? Hash
201
- assert @settings.get_idp_cert_multi[:signing].kind_of? Array
202
- assert @settings.get_idp_cert_multi[:encryption].kind_of? Array
203
- assert @settings.get_idp_cert_multi[:signing][0].kind_of? OpenSSL::X509::Certificate
204
- assert @settings.get_idp_cert_multi[:encryption][0].kind_of? OpenSSL::X509::Certificate
205
- end
206
-
207
- it "raises when there is a cert in idp_cert_multi not valid" do
208
- certificate = read_certificate("formatted_certificate")
209
-
210
- @settings.idp_cert_multi = {
211
- :signing => [],
212
- :encryption => []
213
- }
214
- @settings.idp_cert_multi[:signing].push(certificate)
215
- @settings.idp_cert_multi[:encryption].push(certificate)
216
-
217
- assert_raises(OpenSSL::X509::CertificateError) {
218
- @settings.get_idp_cert_multi
219
- }
220
- end
221
- end
222
-
223
- describe "#get_sp_cert" do
224
- it "returns nil when the cert is an empty string" do
225
- @settings.certificate = ""
226
- assert_nil @settings.get_sp_cert
227
- end
228
-
229
- it "returns nil when the cert is nil" do
230
- @settings.certificate = nil
231
- assert_nil @settings.get_sp_cert
232
- end
233
-
234
- it "returns the certificate when it is valid" do
235
- @settings.certificate = ruby_saml_cert_text
236
- assert @settings.get_sp_cert.kind_of? OpenSSL::X509::Certificate
237
- end
238
-
239
- it "raises when the certificate is not valid" do
240
- # formatted but invalid cert
241
- @settings.certificate = read_certificate("formatted_certificate")
242
- assert_raises(OpenSSL::X509::CertificateError) {
243
- @settings.get_sp_cert
244
- }
245
- end
246
-
247
- it "raises an error if SP certificate expired and check_sp_cert_expiration enabled" do
248
- @settings.certificate = ruby_saml_cert_text
249
- @settings.security[:check_sp_cert_expiration] = true
250
- assert_raises(OneLogin::RubySaml::ValidationError) {
251
- settings.get_sp_cert
252
- }
253
- end
254
- end
255
-
256
- describe "#get_sp_cert_new" do
257
- it "returns nil when the cert is an empty string" do
258
- @settings.certificate_new = ""
259
- assert_nil @settings.get_sp_cert_new
260
- end
261
-
262
- it "returns nil when the cert is nil" do
263
- @settings.certificate_new = nil
264
- assert_nil @settings.get_sp_cert_new
265
- end
266
-
267
- it "returns the certificate when it is valid" do
268
- @settings.certificate_new = ruby_saml_cert_text
269
- assert @settings.get_sp_cert_new.kind_of? OpenSSL::X509::Certificate
270
- end
271
-
272
- it "raises when the certificate is not valid" do
273
- # formatted but invalid cert
274
- @settings.certificate_new = read_certificate("formatted_certificate")
275
- assert_raises(OpenSSL::X509::CertificateError) {
276
- @settings.get_sp_cert_new
277
- }
278
- end
279
-
280
- end
281
-
282
- describe "#get_sp_key" do
283
- it "returns nil when the private key is an empty string" do
284
- @settings.private_key = ""
285
- assert_nil @settings.get_sp_key
286
- end
287
-
288
- it "returns nil when the private key is nil" do
289
- @settings.private_key = nil
290
- assert_nil @settings.get_sp_key
291
- end
292
-
293
- it "returns the private key when it is valid" do
294
- @settings.private_key = ruby_saml_key_text
295
- assert @settings.get_sp_key.kind_of? OpenSSL::PKey::RSA
296
- end
297
-
298
- it "raises when the private key is not valid" do
299
- # formatted but invalid rsa private key
300
- @settings.private_key = read_certificate("formatted_rsa_private_key")
301
- assert_raises(OpenSSL::PKey::RSAError) {
302
- @settings.get_sp_key
303
- }
304
- end
305
-
306
- end
307
-
308
- describe "#get_fingerprint" do
309
- it "get the fingerprint value when cert and fingerprint in settings are nil" do
310
- @settings.idp_cert_fingerprint = nil
311
- @settings.idp_cert = nil
312
- fingerprint = @settings.get_fingerprint
313
- assert_nil fingerprint
314
- end
315
-
316
- it "get the fingerprint value when there is a cert at the settings" do
317
- @settings.idp_cert_fingerprint = nil
318
- @settings.idp_cert = ruby_saml_cert_text
319
- fingerprint = @settings.get_fingerprint
320
- assert fingerprint.downcase == ruby_saml_cert_fingerprint.downcase
321
- end
322
-
323
- it "get the fingerprint value when there is a fingerprint at the settings" do
324
- @settings.idp_cert_fingerprint = ruby_saml_cert_fingerprint
325
- @settings.idp_cert = nil
326
- fingerprint = @settings.get_fingerprint
327
- assert fingerprint.downcase == ruby_saml_cert_fingerprint.downcase
328
- end
329
-
330
- it "get the fingerprint value when there are cert and fingerprint at the settings" do
331
- @settings.idp_cert_fingerprint = ruby_saml_cert_fingerprint
332
- @settings.idp_cert = ruby_saml_cert_text
333
- fingerprint = @settings.get_fingerprint
334
- assert fingerprint.downcase == ruby_saml_cert_fingerprint.downcase
335
- end
336
- end
337
- end
338
- end