ruby-saml 1.7.2 → 1.12.2

data/test/test_helper.rb

@@ -1,323 +0,0 @@
-require 'simplecov'
-
-SimpleCov.start do
-  add_filter "test/"
-  add_filter "vendor/"
-  add_filter "lib/onelogin/ruby-saml/logging.rb"
-end
-
-require 'stringio'
-require 'rubygems'
-require 'bundler'
-require 'minitest/autorun'
-require 'mocha/setup'
-require 'timecop'
-
-Bundler.require :default, :test
-
-$LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
-$LOAD_PATH.unshift(File.dirname(__FILE__))
-
-require 'onelogin/ruby-saml/logging'
-
-TEST_LOGGER = Logger.new(StringIO.new)
-OneLogin::RubySaml::Logging.logger = TEST_LOGGER
-
-class Minitest::Test
-  def fixture(document, base64 = true)
-    response = Dir.glob(File.join(File.dirname(__FILE__), "responses", "#{document}*")).first
-    if base64 && response =~ /\.xml$/
-      Base64.encode64(File.read(response))
-    else
-      File.read(response)
-    end
-  end
-
-  def read_response(response)
-    File.read(File.join(File.dirname(__FILE__), "responses", response))
-  end
-
-  def read_invalid_response(response)
-    File.read(File.join(File.dirname(__FILE__), "responses", "invalids", response))
-  end
-
-  def read_logout_request(request)
-    File.read(File.join(File.dirname(__FILE__), "logout_requests", request))
-  end
-
-  def read_certificate(certificate)
-    File.read(File.join(File.dirname(__FILE__), "certificates", certificate))
-  end
-
-  def response_document_valid_signed
-    @response_document_valid_signed ||= read_response("valid_response.xml.base64")
-  end
-
-  def response_document_valid_signed_without_x509certificate
-    @response_document_valid_signed_without_x509certificate ||= read_response("valid_response_without_x509certificate.xml.base64")
-  end
-
-  def response_document_without_recipient
-    @response_document_without_recipient ||= read_response("response_with_undefined_recipient.xml.base64")
-  end
-
-  def response_document_without_recipient_with_time_updated
-    doc = Base64.decode64(response_document_without_recipient)
-    doc.gsub!(/NotBefore=\"(\d{4})-(\d{2})-(\d{2})T(\d{2}):(\d{2}):(\d{2})Z\"/, "NotBefore=\"#{(Time.now-300).getutc.strftime("%Y-%m-%dT%XZ")}\"")
-    doc.gsub!(/NotOnOrAfter=\"(\d{4})-(\d{2})-(\d{2})T(\d{2}):(\d{2}):(\d{2})Z\"/, "NotOnOrAfter=\"#{(Time.now+300).getutc.strftime("%Y-%m-%dT%XZ")}\"")
-    Base64.encode64(doc)
-  end
-
-  def response_document_without_attributes
-    @response_document_without_attributes ||= read_response("response_without_attributes.xml.base64")
-  end
-
-  def response_document_without_reference_uri
-    @response_document_without_reference_uri ||= read_response("response_without_reference_uri.xml.base64")
-  end
-
-  def response_document_with_signed_assertion
-    @response_document_with_signed_assertion ||= read_response("response_with_signed_assertion.xml.base64")
-  end
-
-  def response_document_with_signed_assertion_2
-    @response_document_with_signed_assertion_2 ||= read_response("response_with_signed_assertion_2.xml.base64")
-  end
-
-  def response_document_with_ds_namespace_at_the_root
-    @response_document_with_ds_namespace_at_the_root ||= read_response("response_with_ds_namespace_at_the_root.xml.base64")
-  end
-
-  def response_document_unsigned
-    @response_document_unsigned ||= read_response("response_unsigned_xml_base64")
-  end
-
-  def response_document_with_saml2_namespace
-    @response_document_with_saml2_namespace ||= read_response("response_with_saml2_namespace.xml.base64")
-  end
-
-  def ampersands_document
-    @ampersands_response ||= read_response("response_with_ampersands.xml.base64")
-  end
-
-  def response_document_no_cert_and_encrypted_attrs
-    @response_document_no_cert_and_encrypted_attrs ||= Base64.encode64(read_response("response_no_cert_and_encrypted_attrs.xml"))
-  end
-
-  def response_document_wrapped
-    @response_document_wrapped ||= read_response("response_wrapped.xml.base64")
-  end
-
-  def response_document_assertion_wrapped
-    @response_document_assertion_wrapped ||= read_response("response_assertion_wrapped.xml.base64")
-  end
-
-  def response_document_encrypted_nameid
-    @response_document_encrypted_nameid ||= File.read(File.join(File.dirname(__FILE__), 'responses', 'response_encrypted_nameid.xml.base64'))
-  end
-
-  def signed_message_encrypted_unsigned_assertion
-    @signed_message_encrypted_unsigned_assertion ||= File.read(File.join(File.dirname(__FILE__), 'responses', 'signed_message_encrypted_unsigned_assertion.xml.base64'))    
-  end
-
-  def signed_message_encrypted_signed_assertion
-    @signed_message_encrypted_signed_assertion ||= File.read(File.join(File.dirname(__FILE__), 'responses', 'signed_message_encrypted_signed_assertion.xml.base64'))    
-  end
-
-  def unsigned_message_encrypted_signed_assertion
-    @unsigned_message_encrypted_signed_assertion ||= File.read(File.join(File.dirname(__FILE__), 'responses', 'unsigned_message_encrypted_signed_assertion.xml.base64'))    
-  end
-
-  def unsigned_message_encrypted_unsigned_assertion
-    @unsigned_message_encrypted_unsigned_assertion ||= File.read(File.join(File.dirname(__FILE__), 'responses', 'unsigned_message_encrypted_unsigned_assertion.xml.base64'))
-  end
-
-  def response_document_encrypted_attrs
-    @response_document_encrypted_attrs ||= File.read(File.join(File.dirname(__FILE__), 'responses', 'response_encrypted_attrs.xml.base64'))
-  end
-
-  def response_document_double_status_code
-    @response_document_double_status_code ||= File.read(File.join(File.dirname(__FILE__), 'responses', 'response_double_status_code.xml.base64'))
-  end
-
-  def signature_fingerprint_1
-    @signature_fingerprint1 ||= "C5:19:85:D9:47:F1:BE:57:08:20:25:05:08:46:EB:27:F6:CA:B7:83"
-  end
-
-  # certificate used on response_with_undefined_recipient
-  def signature_1  
-    @signature1 ||= read_certificate("certificate1")
-  end
-
-  # certificate used on response_document_with_signed_assertion_2
-  def certificate_without_head_foot
-    @certificate_without_head_foot ||= read_certificate("certificate_without_head_foot")
-  end
-
-  def idp_metadata_descriptor
-    @idp_metadata_descriptor ||= File.read(File.join(File.dirname(__FILE__), 'metadata', 'idp_descriptor.xml'))
-  end
-
-  def idp_metadata_descriptor2
-    @idp_metadata_descriptor2 ||= File.read(File.join(File.dirname(__FILE__), 'metadata', 'idp_descriptor_2.xml'))
-  end
-
-  def idp_metadata_descriptor3
-    @idp_metadata_descriptor3 ||= File.read(File.join(File.dirname(__FILE__), 'metadata', 'idp_descriptor_3.xml'))
-  end
-
-  def no_idp_metadata_descriptor
-    @no_idp_metadata_descriptor ||= File.read(File.join(File.dirname(__FILE__), 'metadata', 'no_idp_descriptor.xml'))
-  end
-
-  def idp_metadata_multiple_descriptors
-    @idp_metadata_multiple_descriptors ||= File.read(File.join(File.dirname(__FILE__), 'metadata', 'idp_multiple_descriptors.xml'))
-  end
-
-  def idp_metadata_multiple_certs
-    @idp_metadata_multiple_descriptors ||= File.read(File.join(File.dirname(__FILE__), 'metadata', 'idp_metadata_multi_certs.xml'))
-  end
-
-  def idp_metadata_multiple_signing_certs
-    @idp_metadata_multiple_signing_certs ||= File.read(File.join(File.dirname(__FILE__), 'metadata', 'idp_metadata_multi_signing_certs.xml'))
-  end
-
-  def idp_metadata_same_sign_and_encrypt_cert
-    @idp_metadata_same_sign_and_encrypt_cert ||= File.read(File.join(File.dirname(__FILE__), 'metadata', 'idp_metadata_same_sign_and_encrypt_cert.xml'))
-  end
-
-  def idp_metadata_different_sign_and_encrypt_cert
-    @idp_metadata_different_sign_and_encrypt_cert ||= File.read(File.join(File.dirname(__FILE__), 'metadata', 'idp_metadata_different_sign_and_encrypt_cert.xml'))
-  end
-
-  def logout_request_document
-    unless @logout_request_document
-      xml = read_logout_request("slo_request.xml")
-      deflated = Zlib::Deflate.deflate(xml, 9)[2..-5]
-      @logout_request_document = Base64.encode64(deflated)
-    end
-    @logout_request_document
-  end
-
-  def logout_request_document_with_name_id_format
-    unless @logout_request_document_with_name_id_format
-      xml = read_logout_request("slo_request_with_name_id_format.xml")
-      deflated = Zlib::Deflate.deflate(xml, 9)[2..-5]
-      @logout_request_document_with_name_id_format = Base64.encode64(deflated)
-    end
-    @logout_request_document_with_name_id_format
-  end
-
-  def logout_request_xml_with_session_index
-    @logout_request_xml_with_session_index ||= File.read(File.join(File.dirname(__FILE__), 'logout_requests', 'slo_request_with_session_index.xml'))
-  end
-
-  def invalid_logout_request_document
-    unless @invalid_logout_request_document
-      xml = File.read(File.join(File.dirname(__FILE__), 'logout_requests', 'invalid_slo_request.xml'))
-      deflated = Zlib::Deflate.deflate(xml, 9)[2..-5]
-      @invalid_logout_request_document = Base64.encode64(deflated)
-    end
-    @invalid_logout_request_document
-  end
-
-  def logout_request_base64
-    @logout_request_base64 ||= File.read(File.join(File.dirname(__FILE__), 'logout_requests', 'slo_request.xml.base64'))
-  end
-
-  def logout_request_deflated_base64
-    @logout_request_deflated_base64 ||= File.read(File.join(File.dirname(__FILE__), 'logout_requests', 'slo_request_deflated.xml.base64'))
-  end
-
-  def ruby_saml_cert
-    @ruby_saml_cert ||= OpenSSL::X509::Certificate.new(ruby_saml_cert_text)
-  end
-
-  def ruby_saml_cert2
-    @ruby_saml_cert2 ||= OpenSSL::X509::Certificate.new(ruby_saml_cert_text2)
-  end
-
-  def ruby_saml_cert_fingerprint
-    @ruby_saml_cert_fingerprint ||= Digest::SHA1.hexdigest(ruby_saml_cert.to_der).scan(/../).join(":")
-  end
-
-  def ruby_saml_cert_text
-    read_certificate("ruby-saml.crt")
-  end
-
-  def ruby_saml_cert_text2
-    read_certificate("ruby-saml-2.crt")
-  end
-
-  def ruby_saml_key
-    @ruby_saml_key ||= OpenSSL::PKey::RSA.new(ruby_saml_key_text)
-  end
-
-  def ruby_saml_key_text
-    read_certificate("ruby-saml.key")
-  end
-
-  #
-  # logoutresponse fixtures
-  #
-  def random_id
-    "_#{OneLogin::RubySaml::Utils.uuid}"
-  end
-
-  #
-  # decodes a base64 encoded SAML response for use in SloLogoutresponse tests
-  #
-  def decode_saml_response_payload(unauth_url)
-    payload = CGI.unescape(unauth_url.split("SAMLResponse=").last)
-    decoded = Base64.decode64(payload)
-
-    zstream = Zlib::Inflate.new(-Zlib::MAX_WBITS)
-    inflated = zstream.inflate(decoded)
-    zstream.finish
-    zstream.close
-    inflated
-  end
-
-  #
-  # decodes a base64 encoded SAML request for use in Logoutrequest tests
-  #
-  def decode_saml_request_payload(unauth_url)
-    payload = CGI.unescape(unauth_url.split("SAMLRequest=").last)
-    decoded = Base64.decode64(payload)
-
-    zstream = Zlib::Inflate.new(-Zlib::MAX_WBITS)
-    inflated = zstream.inflate(decoded)
-    zstream.finish
-    zstream.close
-    inflated
-  end
-
-  SCHEMA_DIR = File.expand_path(File.join(__FILE__, '../../lib/schemas'))
-
-  #
-  # validate an xml document against the given schema
-  #
-  def validate_xml!(document, schema)
-    Dir.chdir(SCHEMA_DIR) do
-      xsd = if schema.is_a? Nokogiri::XML::Schema
-              schema
-            else
-              Nokogiri::XML::Schema(File.read(schema))
-            end
-
-      xml = if document.is_a? Nokogiri::XML::Document
-              document
-            else
-              Nokogiri::XML(document) { |c| c.strict }
-            end
-
-      result = xsd.validate(xml)
-
-      if result.length != 0
-        raise "Schema validation failed! XSD validation errors: #{result.join(", ")}"
-      else
-        true
-      end
-    end
-  end
-end

data/test/utils_test.rb

@@ -1,254 +0,0 @@
-require File.expand_path(File.join(File.dirname(__FILE__), "test_helper"))
-
-class UtilsTest < Minitest::Test
-  describe ".format_cert" do
-    let(:formatted_certificate) {read_certificate("formatted_certificate")}
-    let(:formatted_chained_certificate) {read_certificate("formatted_chained_certificate")}
-
-    it "returns empty string when the cert is an empty string" do
-      cert = ""
-      assert_equal "", OneLogin::RubySaml::Utils.format_cert(cert)
-    end
-
-    it "returns nil when the cert is nil" do
-      cert = nil
-      assert_nil OneLogin::RubySaml::Utils.format_cert(cert)
-    end
-
-    it "returns the certificate when it is valid" do
-      assert_equal formatted_certificate, OneLogin::RubySaml::Utils.format_cert(formatted_certificate)
-    end
-
-    it "reformats the certificate when there are spaces and no line breaks" do
-      invalid_certificate1 = read_certificate("invalid_certificate1")
-      assert_equal formatted_certificate, OneLogin::RubySaml::Utils.format_cert(invalid_certificate1)
-    end
-
-    it "reformats the certificate when there are spaces and no headers" do
-      invalid_certificate2 = read_certificate("invalid_certificate2")
-      assert_equal formatted_certificate, OneLogin::RubySaml::Utils.format_cert(invalid_certificate2)
-    end
-
-    it "reformats the certificate when there line breaks and no headers" do
-      invalid_certificate3 = read_certificate("invalid_certificate3")
-      assert_equal formatted_certificate, OneLogin::RubySaml::Utils.format_cert(invalid_certificate3)
-    end
-
-    it "returns the chained certificate when it is a valid chained certificate" do
-      assert_equal formatted_chained_certificate, OneLogin::RubySaml::Utils.format_cert(formatted_chained_certificate)
-    end
-
-    it "reformats the chained certificate when there are spaces and no line breaks" do
-      invalid_chained_certificate1 = read_certificate("invalid_chained_certificate1")
-      assert_equal formatted_chained_certificate, OneLogin::RubySaml::Utils.format_cert(invalid_chained_certificate1)
-    end
-
-  end
-
-  describe ".format_private_key" do
-    let(:formatted_private_key) do
-      read_certificate("formatted_private_key")
-    end
-
-    it "returns empty string when the private key is an empty string" do
-      private_key = ""
-      assert_equal "", OneLogin::RubySaml::Utils.format_private_key(private_key)
-    end
-
-    it "returns nil when the private key is nil" do
-      private_key = nil
-      assert_nil OneLogin::RubySaml::Utils.format_private_key(private_key)
-    end
-
-    it "returns the private key when it is valid" do
-      assert_equal formatted_private_key, OneLogin::RubySaml::Utils.format_private_key(formatted_private_key)
-    end
-
-    it "reformats the private key when there are spaces and no line breaks" do
-      invalid_private_key1 = read_certificate("invalid_private_key1")
-      assert_equal formatted_private_key, OneLogin::RubySaml::Utils.format_private_key(invalid_private_key1)
-    end
-
-    it "reformats the private key when there are spaces and no headers" do
-      invalid_private_key2 = read_certificate("invalid_private_key2")
-      assert_equal formatted_private_key, OneLogin::RubySaml::Utils.format_private_key(invalid_private_key2)
-    end
-
-    it "reformats the private key when there line breaks and no headers" do
-      invalid_private_key3 = read_certificate("invalid_private_key3")
-      assert_equal formatted_private_key, OneLogin::RubySaml::Utils.format_private_key(invalid_private_key3)
-    end
-
-    describe "an RSA public key" do
-      let(:formatted_rsa_private_key) do
-        read_certificate("formatted_rsa_private_key")
-      end
-
-      it "returns the private key when it is valid" do
-        assert_equal formatted_rsa_private_key, OneLogin::RubySaml::Utils.format_private_key(formatted_rsa_private_key)
-      end
-
-      it "reformats the private key when there are spaces and no line breaks" do
-        invalid_rsa_private_key1 = read_certificate("invalid_rsa_private_key1")
-        assert_equal formatted_rsa_private_key, OneLogin::RubySaml::Utils.format_private_key(invalid_rsa_private_key1)
-      end
-
-      it "reformats the private key when there are spaces and no headers" do
-        invalid_rsa_private_key2 = read_certificate("invalid_rsa_private_key2")
-        assert_equal formatted_private_key, OneLogin::RubySaml::Utils.format_private_key(invalid_rsa_private_key2)
-      end
-
-      it "reformats the private key when there line breaks and no headers" do
-        invalid_rsa_private_key3 = read_certificate("invalid_rsa_private_key3")
-        assert_equal formatted_private_key, OneLogin::RubySaml::Utils.format_private_key(invalid_rsa_private_key3)
-      end
-    end
-  end
-
-  describe "build_query" do
-    it "returns the query string" do
-      params = {}
-      params[:type] = "SAMLRequest"
-      params[:data] = "PHNhbWxwOkF1dGhuUmVxdWVzdCBEZXN0aW5hdGlvbj0naHR0cDovL2V4YW1wbGUuY29tP2ZpZWxkPXZhbHVlJyBJRD0nXzk4NmUxZDEwLWVhY2ItMDEzMi01MGRkLTAwOTBmNWRlZGQ3NycgSXNzdWVJbnN0YW50PScyMDE1LTA2LTAxVDIwOjM0OjU5WicgVmVyc2lvbj0nMi4wJyB4bWxuczpzYW1sPSd1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXNzZXJ0aW9uJyB4bWxuczpzYW1scD0ndXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnByb3RvY29sJy8+"
-      params[:relay_state] = "http://example.com"
-      params[:sig_alg] = "http://www.w3.org/2000/09/xmldsig#rsa-sha1"
-      query_string = OneLogin::RubySaml::Utils.build_query(params)
-      assert_equal "SAMLRequest=PHNhbWxwOkF1dGhuUmVxdWVzdCBEZXN0aW5hdGlvbj0naHR0cDovL2V4YW1wbGUuY29tP2ZpZWxkPXZhbHVlJyBJRD0nXzk4NmUxZDEwLWVhY2ItMDEzMi01MGRkLTAwOTBmNWRlZGQ3NycgSXNzdWVJbnN0YW50PScyMDE1LTA2LTAxVDIwOjM0OjU5WicgVmVyc2lvbj0nMi4wJyB4bWxuczpzYW1sPSd1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXNzZXJ0aW9uJyB4bWxuczpzYW1scD0ndXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnByb3RvY29sJy8%2B&RelayState=http%3A%2F%2Fexample.com&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1", query_string
-    end
-  end
-
-  describe "#verify_signature" do
-    before do
-      @params = {}
-      @params[:cert] = ruby_saml_cert
-      @params[:sig_alg] = "http://www.w3.org/2000/09/xmldsig#rsa-sha1"
-      @params[:query_string] = "SAMLRequest=PHNhbWxwOkF1dGhuUmVxdWVzdCBEZXN0aW5hdGlvbj0naHR0cDovL2V4YW1wbGUuY29tP2ZpZWxkPXZhbHVlJyBJRD0nXzk4NmUxZDEwLWVhY2ItMDEzMi01MGRkLTAwOTBmNWRlZGQ3NycgSXNzdWVJbnN0YW50PScyMDE1LTA2LTAxVDIwOjM0OjU5WicgVmVyc2lvbj0nMi4wJyB4bWxuczpzYW1sPSd1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXNzZXJ0aW9uJyB4bWxuczpzYW1scD0ndXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnByb3RvY29sJy8%2B&RelayState=http%3A%2F%2Fexample.com&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1"
-    end
-
-    it "returns true when the signature is valid" do
-      @params[:signature] = "uWJm/T4gKLYEsVu1j/ZmjDeHp9zYPXPXWTXHFJZf2KKnWg57fUw3x2l6KTyRQ+Xjigb+sfYdGnnwmIz6KngXYRnh7nO6inspRLWOwkqQFy9iR9LDlMcfpXV/0g3oAxBxO6tX8MUHqR2R62SYZRGd1rxC9apg4vQiP97+atOI8t4="
-      assert OneLogin::RubySaml::Utils.verify_signature(@params)
-    end
-
-    it "returns false when the signature is invalid" do
-      @params[:signature] = "uWJm/InVaLiDsVu1j/ZmjDeHp9zYPXPXWTXHFJZf2KKnWg57fUw3x2l6KTyRQ+Xjigb+sfYdGnnwmIz6KngXYRnh7nO6inspRLWOwkqQFy9iR9LDlMcfpXV/0g3oAxBxO6tX8MUHqR2R62SYZRGd1rxC9apg4vQiP97+atOI8t4="
-      assert !OneLogin::RubySaml::Utils.verify_signature(@params)
-    end
-  end
-
-  describe "#status_error_msg" do
-    it "returns a error msg with a status message" do
-      error_msg = "The status code of the Logout Response was not Success"
-      status_code = "urn:oasis:names:tc:SAML:2.0:status:Requester"
-      status_message = "The request could not be performed due to an error on the part of the requester."
-      status_error_msg = OneLogin::RubySaml::Utils.status_error_msg(error_msg, status_code, status_message)
-      assert_equal = "The status code of the Logout Response was not Success, was Requester -> The request could not be performed due to an error on the part of the requester.", status_error_msg
-
-      status_error_msg2 = OneLogin::RubySaml::Utils.status_error_msg(error_msg, status_code)
-      assert_equal = "The status code of the Logout Response was not Success, was Requester", status_error_msg2
-
-      status_error_msg3 = OneLogin::RubySaml::Utils.status_error_msg(error_msg)
-      assert_equal = "The status code of the Logout Response was not Success", status_error_msg3
-    end
-  end
-
-  describe "Utils" do
-
-    describe ".uuid" do
-      it "returns a uuid starting with an underscore" do
-        assert_match /^_[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}/, OneLogin::RubySaml::Utils.uuid
-      end
-
-      it "doesn't return the same value twice" do
-        refute_equal OneLogin::RubySaml::Utils.uuid, OneLogin::RubySaml::Utils.uuid
-      end
-    end
-
-    describe 'uri_match' do
-      it 'matches two urls' do
-        destination = 'http://www.example.com/test?var=stuff'
-        settings = 'http://www.example.com/test?var=stuff'
-        assert OneLogin::RubySaml::Utils.uri_match?(destination, settings)
-      end
-
-      it 'fails to match two urls' do
-        destination = 'http://www.example.com/test?var=stuff'
-        settings = 'http://www.example.com/othertest?var=stuff'
-        assert !OneLogin::RubySaml::Utils.uri_match?(destination, settings)
-      end
-
-      it "matches two URLs if the scheme case doesn't match" do
-        destination = 'http://www.example.com/test?var=stuff'
-        settings = 'HTTP://www.example.com/test?var=stuff'
-        assert OneLogin::RubySaml::Utils.uri_match?(destination, settings)
-      end
-
-      it "matches two URLs if the host case doesn't match" do
-        destination = 'http://www.EXAMPLE.com/test?var=stuff'
-        settings = 'http://www.example.com/test?var=stuff'
-        assert OneLogin::RubySaml::Utils.uri_match?(destination, settings)
-      end
-
-      it "fails to match two URLs if the path case doesn't match" do
-        destination = 'http://www.example.com/TEST?var=stuff'
-        settings = 'http://www.example.com/test?var=stuff'
-        assert !OneLogin::RubySaml::Utils.uri_match?(destination, settings)
-      end
-
-      it "fails to match two URLs if the query case doesn't match" do
-        destination = 'http://www.example.com/test?var=stuff'
-        settings = 'http://www.example.com/test?var=STUFF'
-        assert !OneLogin::RubySaml::Utils.uri_match?(destination, settings)
-      end
-
-      it 'matches two non urls' do
-        destination = 'stuff'
-        settings = 'stuff'
-        assert OneLogin::RubySaml::Utils.uri_match?(destination, settings)
-      end
-
-      it "fails to match two non urls" do
-        destination = 'stuff'
-        settings = 'not stuff'
-        assert !OneLogin::RubySaml::Utils.uri_match?(destination, settings)
-      end
-    end
-
-    describe 'element_text' do
-      it 'returns the element text' do
-        element = REXML::Document.new('<element>element text</element>').elements.first
-        assert_equal 'element text', OneLogin::RubySaml::Utils.element_text(element)
-      end
-
-      it 'returns all segments of the element text' do
-        element = REXML::Document.new('<element>element <!-- comment -->text</element>').elements.first
-        assert_equal 'element text', OneLogin::RubySaml::Utils.element_text(element)
-      end
-
-      it 'returns normalized element text' do
-        element = REXML::Document.new('<element>element &amp; text</element>').elements.first
-        assert_equal 'element & text', OneLogin::RubySaml::Utils.element_text(element)
-      end
-
-      it 'returns the CDATA element text' do
-        element = REXML::Document.new('<element><![CDATA[element & text]]></element>').elements.first
-        assert_equal 'element & text', OneLogin::RubySaml::Utils.element_text(element)
-      end
-
-      it 'returns the element text with newlines and additional whitespace' do
-        element = REXML::Document.new("<element>  element \n text  </element>").elements.first
-        assert_equal "  element \n text  ", OneLogin::RubySaml::Utils.element_text(element)
-      end
-
-      it 'returns nil when element is nil' do
-        assert_nil OneLogin::RubySaml::Utils.element_text(nil)
-      end
-
-      it 'returns empty string when element has no text' do
-        element = REXML::Document.new('<element></element>').elements.first
-        assert_equal '', OneLogin::RubySaml::Utils.element_text(element)
-      end
-
-    end
-  end
-end