Skip to content

Commit 6ca9a93

Browse files
pitbulkpitbulk
authored
Merge pull request #402 from graaff/idp_cert_multi-response-check
Allow responses to work with only an idp_cert_multi setting
2 parents 5247202 + ed8bd53 commit 6ca9a93

4 files changed

Lines changed: 4 additions & 2 deletions

File tree

lib/onelogin/ruby-saml/logoutresponse.rb

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -168,7 +168,7 @@ def valid_state?
168168

169169
return append_error("No issuer in settings of the logout response") if settings.issuer.nil?
170170

171-
if settings.idp_cert_fingerprint.nil? && settings.idp_cert.nil?
171+
if settings.idp_cert_fingerprint.nil? && settings.idp_cert.nil? && settings.idp_cert_multi.nil?
172172
return append_error("No fingerprint or certificate on settings of the logout response")
173173
end
174174

lib/onelogin/ruby-saml/response.rb

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -412,7 +412,7 @@ def validate_response_state
412412

413413
return append_error("No settings on response") if settings.nil?
414414

415-
if settings.idp_cert_fingerprint.nil? && settings.idp_cert.nil?
415+
if settings.idp_cert_fingerprint.nil? && settings.idp_cert.nil? && settings.idp_cert_multi.nil?
416416
return append_error("No fingerprint or certificate on settings")
417417
end
418418

test/logoutresponse_test.rb

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -90,6 +90,7 @@ class RubySamlTest < Minitest::Test
9090
it "invalidate logout response when initiated with no idp cert or fingerprint" do
9191
settings.idp_cert_fingerprint = nil
9292
settings.idp_cert = nil
93+
settings.idp_cert_multi = nil
9394
logoutresponse = OneLogin::RubySaml::Logoutresponse.new(valid_logout_response_document, settings)
9495
assert !logoutresponse.validate
9596
assert_includes logoutresponse.errors, "No fingerprint or certificate on settings of the logout response"

test/response_test.rb

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -138,6 +138,7 @@ class RubySamlTest < Minitest::Test
138138
it "raise when No fingerprint or certificate on settings" do
139139
settings.idp_cert_fingerprint = nil
140140
settings.idp_cert = nil
141+
settings.idp_cert_multi = nil
141142
response.settings = settings
142143
error_msg = "No fingerprint or certificate on settings"
143144
assert_raises(OneLogin::RubySaml::ValidationError, error_msg) do

0 commit comments

Comments
 (0)