DEV: uses valid SAML and not a string for specs (#138)

The string we were using before is just invalid XML and will explode on latest versions of REXML, what we want to test here is just minimum valid SAML.

Author: jjaffeux

spec/integration/saml_cross_site_spec.rb

@@ -3,13 +3,17 @@
 require "rails_helper"
 
 describe "SAML cross-site with same-site cookie", type: :request do
+  let(:saml_response) do
+    Base64.strict_encode64("<Response xmlns='urn:oasis:names:tc:SAML:2.0:protocol'/>")
+  end
+
   before do
     OmniAuth.config.test_mode = false
     global_setting :saml_target_url, "https://example.com/samlidp"
   end
 
   it "serves an auto-submitting POST form" do
-    post "/auth/saml/callback", params: { "SAMLResponse" => "somesamldata" }
+    post "/auth/saml/callback", params: { "SAMLResponse" => saml_response }
     expect(response.status).to eq(200)
     expect(response.body).to have_tag(
       "form",
@@ -23,7 +27,7 @@
       "form input",
       with: {
         "name" => "SAMLResponse",
-        "value" => "somesamldata",
+        "value" => saml_response,
         "type" => "hidden",
       },
     )
@@ -43,7 +47,7 @@
   end
 
   it "continues once the samesite form has been submitted" do
-    post "/auth/saml/callback", params: { "SAMLResponse" => "somesamldata", "SameSite" => "1" }
+    post "/auth/saml/callback", params: { "SAMLResponse" => saml_response, "SameSite" => "1" }
     expect(response.status).to eq(302)
     expect(response.location).to eq("/auth/failure?message=invalid_ticket&strategy=saml")
   end