Merge pull request #80 from lawrencepit/metadata

Lordnibbler · Lordnibbler · commit 7c429153a4f5 · 2014-09-11T09:57:20.000-07:00
SAML metadata changes
diff --git a/README.md b/README.md
@@ -120,7 +120,7 @@ class SamlController < ApplicationController
   def metadata
     settings = Account.get_saml_settings
     meta = OneLogin::RubySaml::Metadata.new
-    render :xml => meta.generate(settings)
+    render :xml => meta.generate(settings), :content_type => "application/samlmetadata+xml"
   end
 end
 ```
diff --git a/lib/onelogin/ruby-saml/metadata.rb b/lib/onelogin/ruby-saml/metadata.rb
@@ -48,18 +48,17 @@ def generate(settings)
               "index" => 0
           }
         end
+
         # With OpenSSO, it might be required to also include
         #  <md:RoleDescriptor xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:query="urn:oasis:names:tc:SAML:metadata:ext:query" xsi:type="query:AttributeQueryDescriptorType" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"/>
         #  <md:XACMLAuthzDecisionQueryDescriptor WantAssertionsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"/>
 
-        meta_doc << REXML::XMLDecl.new
+        meta_doc << REXML::XMLDecl.new("1.0", "UTF-8")
         ret = ""
         # pretty print the XML so IdP administrators can easily see what the SP supports
         meta_doc.write(ret, 1)
 
-        Logging.debug "Generated metadata:\n#{ret}"
-
-        ret
+        return ret
       end
     end
   end
diff --git a/test/metadata_test.rb b/test/metadata_test.rb
@@ -0,0 +1,34 @@
+require File.expand_path(File.join(File.dirname(__FILE__), "test_helper"))
+
+class MetadataTest < Test::Unit::TestCase
+
+  should "should generate Service Provider Metadata" do
+    settings = OneLogin::RubySaml::Settings.new
+    settings.issuer = "https://example.com"
+    settings.name_identifier_format = "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
+    settings.assertion_consumer_service_url = "https://foo.example/saml/consume"
+
+    xml_text = OneLogin::RubySaml::Metadata.new.generate(settings)
+
+    # assert correct xml declaration
+    start = "<?xml version='1.0' encoding='UTF-8'?>\n<md:EntityDescriptor"
+    assert xml_text[0..start.length-1] == start
+
+    # assert xml_text can be parsed into an xml doc
+    xml_doc = REXML::Document.new(xml_text)
+
+    assert_equal "https://example.com", REXML::XPath.first(xml_doc, "//md:EntityDescriptor").attribute("entityID").value
+
+    spsso_descriptor = REXML::XPath.first(xml_doc, "//md:SPSSODescriptor")
+    assert_equal "urn:oasis:names:tc:SAML:2.0:protocol", spsso_descriptor.attribute("protocolSupportEnumeration").value
+    assert_equal "false", spsso_descriptor.attribute("AuthnRequestsSigned").value
+    assert_equal "false", spsso_descriptor.attribute("WantAssertionsSigned").value
+
+    assert_equal "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress", REXML::XPath.first(xml_doc, "//md:NameIDFormat").text.strip
+
+    acs = REXML::XPath.first(xml_doc, "//md:AssertionConsumerService")
+    assert_equal "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST", acs.attribute("Binding").value
+    assert_equal "https://foo.example/saml/consume", acs.attribute("Location").value
+  end
+
+end
