scashin133-rsaml 0.1.0

data/test/conditions_test.rb

@@ -0,0 +1,84 @@
+require File.dirname(__FILE__) + '/test_helper'
+
+class ConditionsTest < Test::Unit::TestCase
+  context "an conditions collection" do
+    setup do
+      @conditions = Conditions.new
+    end
+    should "have 0 conditions by default" do
+      assert_equal 0, @conditions.conditions.length
+      assert_equal 0, @conditions.length
+    end
+    should "be valid with 0 conditions" do
+      assert_nothing_raised do
+        @conditions.assert
+      end
+    end
+    should "be cacheable" do
+      assert @conditions.cache?
+    end
+    should "be able to add a condition" do
+      @conditions << Condition.new
+      assert_equal 1, @conditions.length
+    end
+    
+    context "when asserting" do
+      should "fail an assertion for NotBefore if that value is in the future" do
+        @conditions.not_before = Time.now + 1000
+        assert_raise(AssertionError) { @conditions.assert }
+      end
+      should "fail an assertion for NotOnOrAfter if that value is now" do
+        @conditions.not_on_or_after = Time.now
+        assert_raise(AssertionError) { @conditions.assert }
+      end
+      should "fail an assertion for NotOnOrAfter if that value is in the past" do
+        @conditions.not_on_or_after = Time.now - 1000
+        assert_raise(AssertionError) { @conditions.assert }
+      end
+      should "assert without error if NotBefore is in the past" do
+        @conditions.not_before = Time.now - 1000
+        assert_nothing_raised do
+          @conditions.assert
+        end
+      end
+      should "assert without error if NotOnOrAfter is in the future" do
+        @conditions.not_on_or_after = Time.now + 1000
+        assert_nothing_raised do
+          @conditions.assert
+        end
+      end
+    end
+  
+    context "when producing xml" do
+      setup do
+        @conditions = Conditions.new
+      end
+      should "optionally include NotBefore attribute" do
+        t = @conditions.not_before = Time.now
+        assert_equal %Q(<saml:Conditions NotBefore="#{t.xmlschema}"></saml:Conditions>), @conditions.to_xml
+      end
+      should "optionally include NotOnOrAfter attribute" do
+        t = @conditions.not_on_or_after = Time.now
+        assert_equal %Q(<saml:Conditions NotOnOrAfter="#{t.xmlschema}"></saml:Conditions>), @conditions.to_xml
+      end
+      should "optionally include conditions" do
+        @conditions << Condition.new
+        assert_equal "<saml:Conditions><saml:Condition/></saml:Conditions>", @conditions.to_xml
+      end
+      should "optionally include audience restriction" do
+        audience = Audience.new('http://example.org/audience_terms')
+        @conditions.audience_restrictions << audience
+        assert_equal "<saml:Conditions><saml:AudienceRestriction><saml:Audience>#{audience.uri}</saml:Audience></saml:AudienceRestriction></saml:Conditions>", @conditions.to_xml
+      end
+      should "optionally include a proxy restriction" do
+        proxy_restriction = ProxyRestriction.new
+        @conditions.proxy_restriction = proxy_restriction
+        assert_equal "<saml:Conditions><saml:ProxyRestriction></saml:ProxyRestriction></saml:Conditions>", @conditions.to_xml
+      end
+      should "optionally include a one time use" do
+        @conditions.one_time_use = true
+        assert_equal "<saml:Conditions><OneTimeUse/></saml:Conditions>", @conditions.to_xml
+      end
+    end
+  end
+end

data/test/evidence_test.rb

@@ -0,0 +1,33 @@
+require File.dirname(__FILE__) + '/test_helper'
+
+class EvidenceTest < Test::Unit::TestCase
+  context "an evidence instance" do
+    setup do 
+      @evidence = Evidence.new
+    end
+    should "not be valid unless at least one assertion is specified" do
+      assert_raise ValidationError do
+        @evidence.validate
+      end
+    end
+    
+    context "when producing xml" do
+      should "optionally include an assertion id ref" do
+        @evidence.assertions << AssertionIDRef.new('149369035468035')
+        assert_match(/<saml:Evidence><saml:AssertionIDRef>149369035468035<\/saml:AssertionIDRef><\/saml:Evidence>/, @evidence.to_xml)
+      end
+      should "optionally include an assertion uri ref" do
+        @evidence.assertions << AssertionURIRef.new('http://xyz.com/assertion/uri')
+        assert_equal(
+          '<saml:Evidence><saml:AssertionURIRef>http://xyz.com/assertion/uri</saml:AssertionURIRef></saml:Evidence>',     
+          @evidence.to_xml
+        )
+      end
+      should "optionally include an assertion" do
+        @evidence.assertions << Assertion.new(Identifier::Issuer.new('example'))
+        assert_match(/<saml:Evidence><saml:Assertion /, @evidence.to_xml)
+      end
+      should_eventually "optionally include an encrypted assertion"
+    end
+  end
+end

data/test/identifier_test.rb

@@ -0,0 +1,22 @@
+require File.dirname(__FILE__) + '/test_helper'
+
+class IdentifierTest < Test::Unit::TestCase
+  context "an identifier" do
+    setup do
+      @identifier = Identifier::Base.new
+    end
+    context "when producing xml" do
+      should "always include value" do
+        assert_equal '<saml:BaseID></saml:BaseID>', @identifier.to_xml
+      end
+      should "optionally include a name qualifier" do
+        @identifier.name_qualifier = 'a_name_qualifier'
+        assert_equal '<saml:BaseID NameQualifier="a_name_qualifier"></saml:BaseID>', @identifier.to_xml
+      end
+      should "optionally include an service provider name qualifier" do
+        @identifier.sp_name_qualifier = 'an_sp_name_qualifier'
+        assert_equal '<saml:BaseID SPNameQualifier="an_sp_name_qualifier"></saml:BaseID>', @identifier.to_xml
+      end
+    end
+  end
+end

data/test/issuer_test.rb

@@ -0,0 +1,32 @@
+require File.dirname(__FILE__) + '/test_helper'
+
+class IssuerTest < Test::Unit::TestCase
+  context "a name" do
+    setup do
+      @identifier = Identifier::Issuer.new('Some Issuer')
+    end
+    should "have a value" do
+      assert_equal 'Some Issuer', @identifier.value
+    end
+    should "have the entity format by default" do
+      assert_equal Identifier::Name.formats[:entity], @identifier.format
+    end
+    context "when producing xml" do
+      should "always include format and value" do
+        assert_equal '<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">Some Issuer</saml:Issuer>', @identifier.to_xml
+      end
+      should "optionally include a name qualifier" do
+        @identifier.name_qualifier = 'a_name_qualifier'
+        assert_equal '<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity" NameQualifier="a_name_qualifier">Some Issuer</saml:Issuer>', @identifier.to_xml
+      end
+      should "optionally include an service provider name qualifier" do
+        @identifier.sp_name_qualifier = 'an_sp_name_qualifier'
+        assert_equal '<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity" SPNameQualifier="an_sp_name_qualifier">Some Issuer</saml:Issuer>', @identifier.to_xml
+      end
+      should "optionally include an service provider provided id" do
+        @identifier.sp_provided_id = 'sp-x'
+        assert_equal '<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity" SPProvidedID="sp-x">Some Issuer</saml:Issuer>', @identifier.to_xml
+      end
+    end
+  end
+end

data/test/name_test.rb

@@ -0,0 +1,32 @@
+require File.dirname(__FILE__) + '/test_helper'
+
+class NameTest < Test::Unit::TestCase
+  context "a name" do
+    setup do
+      @name = Identifier::Name.new('example')
+    end
+    should "have a value" do
+      assert_equal 'example', @name.value
+    end
+    should "have the unspecified format by default" do
+      assert_equal Identifier::Name.formats[:unspecified], @name.format
+    end
+    context "when producing xml" do
+      should "always include format and value" do
+        assert_equal '<saml:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">example</saml:NameID>', @name.to_xml
+      end
+      should "optionally include a name qualifier" do
+        @name.name_qualifier = 'a_name_qualifier'
+        assert_equal '<saml:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified" NameQualifier="a_name_qualifier">example</saml:NameID>', @name.to_xml
+      end
+      should "optionally include an service provider name qualifier" do
+        @name.sp_name_qualifier = 'an_sp_name_qualifier'
+        assert_equal '<saml:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified" SPNameQualifier="an_sp_name_qualifier">example</saml:NameID>', @name.to_xml
+      end
+      should "optionally include an service provider provided id" do
+        @name.sp_provided_id = 'sp-x'
+        assert_equal '<saml:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified" SPProvidedID="sp-x">example</saml:NameID>', @name.to_xml
+      end
+    end
+  end
+end

data/test/parser_test.rb

@@ -0,0 +1,32 @@
+require File.dirname(__FILE__) + '/test_helper'
+
+class ParserTest < Test::Unit::TestCase
+  context "a parser" do
+    setup { @parser = Parser.new }
+    context "parsing an attribute query message" do
+      setup do
+        @attribute_query = @parser.parse(attribute_query_xml)
+      end
+      should "return an attribute query instance" do
+        assert @attribute_query.is_a?(Protocol::Query::AttributeQuery)
+      end
+      should "have 1 attribute" do
+        assert_equal 1, @attribute_query.attributes.length
+      end
+      should "have a subject of Anthony Eden" do
+        assert_equal 'Anthony Eden', @attribute_query.subject.identifier.value
+      end
+      should "have an attribute whose name is Name" do
+        assert_equal 'Name', @attribute_query.attributes.first.name
+      end
+    end
+  end
+  
+  def attribute_query_xml
+    @attribute_query_xml ||= begin
+      open(File.dirname(__FILE__) + '/sample_data/attribute_query.xml') do |f|
+        f.read
+      end
+    end
+  end
+end

data/test/protocol/assertion_id_request_test.rb

@@ -0,0 +1,19 @@
+require File.dirname(__FILE__) + '/../test_helper'
+
+class AssertionIdRequestTest < Test::Unit::TestCase
+  include RSAML::Protocol
+  context "an assertion id request instance" do
+    setup do
+      @request = AssertionIDRequest.new
+      @request.assertion_id_refs << AssertionIDRef.new('xyz')
+    end
+    context "when producing xml" do
+      should "output the samlp:AssertionIDRequest element" do
+        assert_match '<samlp:AssertionIDRequest>', @request.to_xml
+      end
+      should "include the assertion id ref children" do
+        assert_match '<saml:AssertionIDRef>xyz</saml:AssertionIDRef>', @request.to_xml
+      end
+    end
+  end
+end

data/test/protocol/attribute_query_test.rb

@@ -0,0 +1,30 @@
+require File.dirname(__FILE__) + '/../test_helper'
+
+class AttributeQueryTest < Test::Unit::TestCase
+  include RSAML::Protocol::Query
+  
+  context "an attribute query" do
+    setup do
+      @query = AttributeQuery.new(Subject.new('example'))
+    end
+    context "with attributes" do
+      setup do
+        @query.attributes << Attribute.new('email')
+      end
+      should "be valid" do
+        assert_nothing_raised { @query.validate }
+      end
+      should "not allow duplicate attributes" do
+        @query.attributes << Attribute.new('email')
+        assert_raise ValidationError do
+          @query.validate
+        end
+      end
+    end
+    context "when producing xml" do
+      should "include a subject" do
+        assert_match('<saml:Subject>example</saml:Subject>', @query.to_xml)
+      end
+    end
+  end
+end

data/test/protocol/authn_query_test.rb

@@ -0,0 +1,20 @@
+require File.dirname(__FILE__) + '/../test_helper'
+
+class AuthnQueryTest < Test::Unit::TestCase
+  include RSAML::Protocol::Query
+  
+  context "an authn query" do
+    setup do
+      @query = AuthnQuery.new(Subject.new('example'))
+    end
+    context "when producing xml" do
+      should "include a subject" do
+        assert_match('<saml:Subject>example</saml:Subject>', @query.to_xml)
+      end
+      should "optionally include a SessionIndex" do
+        @query.session_index = '123'
+        assert_match('<samlp:AuthnQuery SessionIndex="123"', @query.to_xml)
+      end
+    end
+  end
+end

data/test/protocol/authn_request_test.rb

@@ -0,0 +1,56 @@
+require File.dirname(__FILE__) + '/../test_helper'
+
+class AuthnRequestTest < Test::Unit::TestCase
+  include RSAML::Protocol
+  context "an authentication request instance" do
+    setup do
+      @request = AuthnRequest.new
+    end
+    should "be valid" do
+      assert_nothing_raised { @request.validate }
+    end
+    context "when producing xml" do
+      should "output the samlp:AuthnRequest element" do
+        assert_match '<samlp:AuthnRequest>', @request.to_xml
+      end
+      should "optionally include a subject child" do
+        @request.subject = Subject.new
+        assert_match '<saml:Subject></saml:Subject>', @request.to_xml
+      end
+      should "optionally include a name id policy child" do
+        name_id_policy = NameIdPolicy.new
+        name_id_policy.format = Identifier::Name.formats[:email_address]
+        @request.name_id_policy = name_id_policy
+        assert_match '<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"', @request.to_xml
+      end
+      should "optionally include conditions" do
+        conditions = Conditions.new
+        @request.conditions = conditions
+        assert_match '<saml:Conditions', @request.to_xml
+      end
+      should_eventually "optionally include requested authn context" do
+        
+      end
+      should "optionally include scoping" do
+        scoping = Scoping.new
+        @request.scoping = scoping
+        assert_match '<samlp:Scoping', @request.to_xml
+      end
+      should "optionally include force authn" do
+        @request.force_authn = true
+        assert_match '<samlp:AuthnRequest ForceAuthn="true"', @request.to_xml
+      end
+      should "optionally include passive flag" do
+        @request.is_passive = true
+        assert_match '<samlp:AuthnRequest IsPassive="true"', @request.to_xml
+      end
+      should "optionally include AssertionConsumerServiceURL" do
+        
+      end
+      should "optionally include a provider name" do
+        @request.provider_name = 'example'
+        assert_match '<samlp:AuthnRequest ProviderName="example"', @request.to_xml
+      end
+    end
+  end
+end

data/test/protocol/authz_decision_query_test.rb

@@ -0,0 +1,31 @@
+require File.dirname(__FILE__) + '/../test_helper'
+
+class AuthzDecisionQueryTest < Test::Unit::TestCase
+  include RSAML::Protocol::Query
+  
+  context "an authz decision query" do
+    setup do
+      @query = AuthzDecisionQuery.new(Subject.new('example'))
+      @query.resource = 'http://somesite/some/resource'
+      @query.actions << Action.new('Read')
+    end
+    should "be valid" do
+      assert_nothing_raised { @query.validate }
+    end
+    context "when producing xml" do
+      should "include a subject" do
+        assert_match('<saml:Subject>example</saml:Subject>', @query.to_xml)
+      end
+      should "include a Resource attribute" do
+        assert_match(%Q(<samlp:AuthzDecisionQuery Resource="#{@query.resource}"), @query.to_xml)
+      end
+      should "include actions" do
+        assert_match(%Q(<saml:Action Namespace="urn:oasis:names:tc:SAML:1.0:action:rwedc-negation">Read</saml:Action>), @query.to_xml)
+      end
+      should "optionally include evidence" do
+        @query.evidence = Evidence.new
+        assert_match(%Q(<saml:Evidence></saml:Evidence>), @query.to_xml)
+      end
+    end
+  end
+end

data/test/protocol/idp_list_test.rb

@@ -0,0 +1,15 @@
+require File.dirname(__FILE__) + '/../test_helper'
+
+class IDPListTest < Test::Unit::TestCase
+  include RSAML::Protocol
+  context "an idp list" do
+    setup do
+      @idp_list = IDPList.new
+    end
+    context "when producing xml" do
+      should "have the IDPList element" do
+        assert_match('<samlp:IDPList', @idp_list.to_xml)
+      end
+    end
+  end
+end

data/test/protocol/request_test.rb

@@ -0,0 +1,66 @@
+require File.dirname(__FILE__) + '/../test_helper'
+
+class RequestTest < Test::Unit::TestCase
+  include RSAML::Protocol
+  context "a request instance" do
+    setup do
+      @request = Request.new
+    end
+    should "require an id" do
+      @request.id = nil
+      assert_raise ValidationError do
+        @request.validate
+      end
+    end
+    should "require a version" do
+      @request.version = nil
+      assert_raise ValidationError do
+        @request.validate
+      end
+    end
+    should "require an issue instant" do
+      @request.issue_instant = nil
+      assert_raise ValidationError do
+        @request.validate
+      end
+    end
+    should "require an issue instant to be UTC" do
+      @request.issue_instant = Time.now
+      assert_raise ValidationError do
+        @request.validate
+      end
+    end
+    should "create a response with in_response_to set properly" do
+      response = @request.respond(Status.new(StatusCode::SUCCESS))
+      assert_not_nil response
+      assert_equal @request.id, response.in_response_to
+    end
+    context "when producing xml" do
+      should "include the samlp:Request element" do
+        assert_match('<samlp:Request', @request.to_xml)
+      end
+      should "require include required attributes" do
+        xml = @request.to_xml
+        assert_match(/ID="#{@request.id}"/, xml)
+        assert_match(/Version="2.0"/, xml)
+        assert_match(/IssueInstant="#{date_match}"/, xml)
+      end
+      should "optionally include a destination" do
+        @request.destination = 'http://somesite/destination'
+        assert_match(/Destination="#{@request.destination}"/, @request.to_xml)
+      end
+      should "optionally include a consent" do
+        @request.consent = 'http://somesite/consent'
+        assert_match(/Consent="#{@request.consent}"/, @request.to_xml)
+      end
+      should "optionally include an issuer child element" do
+        @request.issuer = Identifier::Issuer.new('example')
+        assert_match(%Q(<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">example</saml:Issuer>), @request.to_xml)
+      end
+      should "optionally include a signature" do
+        @request.signature = XmlSig::Signature.new()
+        assert_match(%Q(<ds:Signature), @request.to_xml)
+      end
+    end
+  end
+end

data/test/protocol/response_test.rb

@@ -0,0 +1,68 @@
+require File.dirname(__FILE__) + '/../test_helper'
+
+class ResponseTest < Test::Unit::TestCase
+  include RSAML::Protocol
+  context "a response instance" do
+    setup do
+      @response = Response.new(Status.new(StatusCode::SUCCESS))
+    end
+    should "require an id" do
+      @response.id = nil
+      assert_raise ValidationError do
+        @response.validate
+      end
+    end
+    should "require a version" do
+      @response.version = nil
+      assert_raise ValidationError do
+        @response.validate
+      end
+    end
+    should "require an issue instant" do
+      @response.issue_instant = nil
+      assert_raise ValidationError do
+        @response.validate
+      end
+    end
+    should "require an issue instant to be UTC" do
+      @response.issue_instant = Time.now
+      assert_raise ValidationError do
+        @response.validate
+      end
+    end
+    should "be valid" do
+      assert_nothing_raised { @response.validate }
+    end
+    context "when producing xml" do
+      should "include the samlp:Response element" do
+        assert_match('<samlp:Response', @response.to_xml)
+      end
+      should "require include required attributes" do
+        xml = @response.to_xml
+        assert_match(/ID="#{@response.id}"/, xml)
+        assert_match(/Version="2.0"/, xml)
+        assert_match(/IssueInstant="#{date_match}"/, xml)
+      end
+      should "optionally include an InResponseTo attribute" do
+        @response.in_response_to = 'some_id'
+        assert_match(/InResponseTo="some_id"/, @response.to_xml)
+      end
+      should "optionally include a destination" do
+        @response.destination = 'http://somesite/destination'
+        assert_match(/Destination="#{@response.destination}"/, @response.to_xml)
+      end
+      should "optionally include a consent" do
+        @response.consent = 'http://somesite/consent'
+        assert_match(/Consent="#{@response.consent}"/, @response.to_xml)
+      end
+      should "optionally include an issuer child element" do
+        @response.issuer = Identifier::Issuer.new('example')
+        assert_match(%Q(<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">example</saml:Issuer>), @response.to_xml)
+      end
+      should "optionally include a signature" do
+        @response.signature = XmlSig::Signature.new()
+        assert_match(%Q(<ds:Signature), @response.to_xml)
+      end
+    end
+  end
+end

data/test/protocol/scoping_test.rb

@@ -0,0 +1,20 @@
+require File.dirname(__FILE__) + '/../test_helper'
+
+class ScopingTest < Test::Unit::TestCase
+  include RSAML::Protocol
+  context "a scoping instance" do
+    setup do
+      @scoping = Scoping.new
+    end
+    context "when producing xml" do
+      should "optionally include a proxy count" do
+        @scoping.proxy_count = 2
+        assert_match '<samlp:Scoping ProxyCount="2"', @scoping.to_xml
+      end
+      should "optionally include an idp list" do
+        @scoping.idp_list = IDPList.new(IDPEntry.new('some_provider_id'))
+        assert_match '<samlp:IDPList><samlp:IDPEntry', @scoping.to_xml
+      end
+    end
+  end
+end

data/test/protocol/status_code_test.rb

@@ -0,0 +1,34 @@
+require File.dirname(__FILE__) + '/../test_helper'
+
+class StatusCodeTest < Test::Unit::TestCase
+  include RSAML::Protocol
+  
+  context "the StatusCode class" do
+    should "have 4 top-level status codes" do
+      assert_equal 4, StatusCode.top_level_status_codes.length
+    end
+    should "have 19 second-level status codes" do
+      assert_equal 19, StatusCode.second_level_status_codes.length
+    end
+    should "have constants for the top-level status codes" do
+      assert_equal StatusCode.top_level_status_codes[:success], StatusCode::SUCCESS
+      assert_equal StatusCode.top_level_status_codes[:requestor], StatusCode::REQUESTOR
+      assert_equal StatusCode.top_level_status_codes[:responder], StatusCode::RESPONDER
+      assert_equal StatusCode.top_level_status_codes[:version_mismatch], StatusCode::VERSION_MISMATCH
+    end
+  end
+  
+  context "a success status code instance" do
+    setup do
+      @status_code = StatusCode::SUCCESS
+    end
+    context "when producing xml" do
+      should "have the samlp:StatusCode element name" do
+        assert_match(/<samlp:StatusCode/, @status_code.to_xml)
+      end
+      should "include a value" do
+        assert_match(/Value="urn:oasis:names:tc:SAML:2.0:status:Success"/, @status_code.to_xml)
+      end
+    end
+  end
+end

data/test/protocol/status_test.rb

@@ -0,0 +1,16 @@
+require File.dirname(__FILE__) + '/../test_helper'
+
+class StatusTest < Test::Unit::TestCase
+  include RSAML::Protocol
+  
+  context "a status instance" do
+    setup do
+      @status = Status.new(StatusCode::SUCCESS)
+    end
+    context "when producing xml" do
+      should "include a status code" do
+        assert_match(%Q(<samlp:StatusCode Value="#{StatusCode::SUCCESS}">), @status.to_xml)
+      end
+    end
+  end
+end

data/test/proxy_restriction_test.rb

@@ -0,0 +1,20 @@
+require File.dirname(__FILE__) + '/test_helper'
+
+class ProxyRestrictionTest < Test::Unit::TestCase
+  context "a proxy restriction" do
+    setup do
+      @proxy_restriction = ProxyRestriction.new
+    end
+    context "when producing xml" do
+      should "optionally include a count" do
+        @proxy_restriction.count = 1
+        assert_equal '<saml:ProxyRestriction Count="1"></saml:ProxyRestriction>', @proxy_restriction.to_xml
+      end
+      should "optionally include audiences" do
+        audience = Audience.new('some_uri')
+        @proxy_restriction.audiences << audience
+        assert_equal '<saml:ProxyRestriction><saml:Audience>some_uri</saml:Audience></saml:ProxyRestriction>', @proxy_restriction.to_xml
+      end
+    end
+  end
+end

data/test/rsaml_test.rb

@@ -0,0 +1,12 @@
+class RSAMLTest < Test::Unit::TestCase
+  context "the RSAML module" do
+    should "provide the SAML namespaces" do
+      assert_equal 'urn:oasis:names:tc:SAML:2.0:assertion', RSAML::saml_namespaces['saml']
+      assert_equal 'urn:oasis:names:tc:SAML:2.0:protocol', RSAML::saml_namespaces['samlp']
+      assert_equal 'http://www.w3.org/2000/09/xmldsig#', RSAML::saml_namespaces['ds']
+      assert_equal 'http://www.w3.org/2001/04/xmlenc#', RSAML::saml_namespaces['xenc']
+      assert_equal 'http://www.w3.org/2001/XMLSchema', RSAML::saml_namespaces['xs']
+      assert_equal 'http://www.w3.org/2001/XMLSchema-instance', RSAML::saml_namespaces['xsi']
+    end
+  end
+end