Metadata AuthnRequestsSigned and WantsAssertionsSigned + added MetadataTest

lawrencepit · lawrencepit · commit ffed02db21d0 · 2014-09-09T10:19:45.000+10:00
diff --git a/lib/onelogin/ruby-saml/metadata.rb b/lib/onelogin/ruby-saml/metadata.rb
@@ -48,18 +48,17 @@ def generate(settings)
               "index" => 0
           }
         end
+
         # With OpenSSO, it might be required to also include
         #  <md:RoleDescriptor xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:query="urn:oasis:names:tc:SAML:metadata:ext:query" xsi:type="query:AttributeQueryDescriptorType" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"/>
         #  <md:XACMLAuthzDecisionQueryDescriptor WantAssertionsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"/>
 
-        meta_doc << REXML::XMLDecl.new
+        meta_doc << REXML::XMLDecl.new("1.0", "UTF-8")
         ret = ""
         # pretty print the XML so IdP administrators can easily see what the SP supports
         meta_doc.write(ret, 1)
 
-        Logging.debug "Generated metadata:\n#{ret}"
-
-        ret
+        return ret
       end
     end
   end
diff --git a/test/metadata_test.rb b/test/metadata_test.rb
@@ -0,0 +1,34 @@
+require File.expand_path(File.join(File.dirname(__FILE__), "test_helper"))
+
+class MetadataTest < Test::Unit::TestCase
+
+  should "should generate Service Provider Metadata" do
+    settings = OneLogin::RubySaml::Settings.new
+    settings.issuer = "https://example.com"
+    settings.name_identifier_format = "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
+    settings.assertion_consumer_service_url = "https://foo.example/saml/consume"
+
+    xml_text = OneLogin::RubySaml::Metadata.new.generate(settings)
+
+    # assert correct xml declaration
+    start = "<?xml version='1.0' encoding='UTF-8'?>\n<md:EntityDescriptor"
+    assert xml_text[0..start.length-1] == start
+
+    # assert xml_text can be parsed into an xml doc
+    xml_doc = REXML::Document.new(xml_text)
+
+    assert_equal "https://example.com", REXML::XPath.first(xml_doc, "//md:EntityDescriptor").attribute("entityID").value
+
+    spsso_descriptor = REXML::XPath.first(xml_doc, "//md:SPSSODescriptor")
+    assert_equal "urn:oasis:names:tc:SAML:2.0:protocol", spsso_descriptor.attribute("protocolSupportEnumeration").value
+    assert_equal "false", spsso_descriptor.attribute("AuthnRequestsSigned").value
+    assert_equal "false", spsso_descriptor.attribute("WantAssertionsSigned").value
+
+    assert_equal "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress", REXML::XPath.first(xml_doc, "//md:NameIDFormat").text.strip
+
+    acs = REXML::XPath.first(xml_doc, "//md:AssertionConsumerService")
+    assert_equal "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST", acs.attribute("Binding").value
+    assert_equal "https://foo.example/saml/consume", acs.attribute("Location").value
+  end
+
+end
