Merge pull request SAML-Toolkits#493 from perryism/signed_element_id_message

pitbulk · web-flow · commit 367189d9f127 · 2019-03-21T19:04:12.000+01:00
Explicit about the error when signed element is not found and found m…
diff --git a/lib/onelogin/ruby-saml/response.rb b/lib/onelogin/ruby-saml/response.rb
@@ -821,6 +821,11 @@ def validate_signature
         end
 
         if sig_elements.size != 1
+          if  sig_elements.size == 0
+             append_error("Signed element id ##{doc.signed_element_id} is not found")
+          else
+             append_error("Signed element id ##{doc.signed_element_id} is found more than once")
+          end
           return append_error(error_msg)
         end
 
diff --git a/test/response_test.rb b/test/response_test.rb
@@ -905,6 +905,7 @@ def generate_audience_error(expected, actual)
         response_wrapped.settings = settings
         assert !response_wrapped.send(:validate_signature)
         assert_includes response_wrapped.errors, "Invalid Signature on SAML Response"
+        assert_includes response_wrapped.errors, "Signed element id #pfxc3d2b542-0f7e-8767-8e87-5b0dc6913375 is not found"
       end
     end
 
