Merge pull request #84 from anthonybatchelor-examtime/protocol_binding

Add support of BindingProtocol attribute

Author: stouset

lib/onelogin/ruby-saml/authrequest.rb

@@ -36,7 +36,7 @@ def create(settings, params = {})
       def create_authentication_xml_doc(settings)
         uuid = "_" + UUID.new.generate
         time = Time.now.utc.strftime("%Y-%m-%dT%H:%M:%SZ")
-        # Create AuthnRequest root element using REXML 
+        # Create AuthnRequest root element using REXML
         request_doc = REXML::Document.new
 
         root = request_doc.add_element "samlp:AuthnRequest", { "xmlns:samlp" => "urn:oasis:names:tc:SAML:2.0:protocol" }
@@ -45,6 +45,7 @@ def create_authentication_xml_doc(settings)
         root.attributes['Version'] = "2.0"
         root.attributes['Destination'] = settings.idp_sso_target_url unless settings.idp_sso_target_url.nil?
         root.attributes['IsPassive'] = settings.passive unless settings.passive.nil?
+        root.attributes['ProtocolBinding'] = settings.protocol_binding unless settings.protocol_binding.nil?
 
         # Conditionally defined elements based on settings
         if settings.assertion_consumer_service_url != nil
@@ -55,7 +56,7 @@ def create_authentication_xml_doc(settings)
           issuer.text = settings.issuer
         end
         if settings.name_identifier_format != nil
-          root.add_element "samlp:NameIDPolicy", { 
+          root.add_element "samlp:NameIDPolicy", {
               "xmlns:samlp" => "urn:oasis:names:tc:SAML:2.0:protocol",
               # Might want to make AllowCreate a setting?
               "AllowCreate" => "true",
@@ -64,14 +65,14 @@ def create_authentication_xml_doc(settings)
         end
 
         # BUG fix here -- if an authn_context is defined, add the tags with an "exact"
-        # match required for authentication to succeed.  If this is not defined, 
+        # match required for authentication to succeed.  If this is not defined,
         # the IdP will choose default rules for authentication.  (Shibboleth IdP)
         if settings.authn_context != nil
-          requested_context = root.add_element "samlp:RequestedAuthnContext", { 
+          requested_context = root.add_element "samlp:RequestedAuthnContext", {
             "xmlns:samlp" => "urn:oasis:names:tc:SAML:2.0:protocol",
             "Comparison" => "exact",
           }
-          class_ref = requested_context.add_element "saml:AuthnContextClassRef", { 
+          class_ref = requested_context.add_element "saml:AuthnContextClassRef", {
             "xmlns:saml" => "urn:oasis:names:tc:SAML:2.0:assertion",
           }
           class_ref.text = settings.authn_context

lib/onelogin/ruby-saml/settings.rb

@@ -18,9 +18,10 @@ def initialize(overrides = {})
       attr_accessor :compress_request
       attr_accessor :double_quote_xml_attribute_values
       attr_accessor :passive
+      attr_accessor :protocol_binding
 
       private
-      
+
       DEFAULTS = {:compress_request => true, :double_quote_xml_attribute_values => false}
     end
   end

test/settings_test.rb

@@ -12,7 +12,7 @@ class SettingsTest < Test::Unit::TestCase
         :idp_sso_target_url, :idp_cert_fingerprint, :name_identifier_format,
         :idp_slo_target_url, :name_identifier_value, :sessionindex,
         :assertion_consumer_logout_service_url,
-        :passive
+        :passive, :protocol_binding
       ]
 
       accessors.each do |accessor|
@@ -33,6 +33,7 @@ class SettingsTest < Test::Unit::TestCase
           :idp_cert_fingerprint => "00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00",
           :name_identifier_format => "urn:oasis:names:tc:SAML:2.0:nameid-format:transient",
           :passive => true,
+          :protocol_binding => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST'
       }
       @settings = Onelogin::Saml::Settings.new(config)