SAML-Toolkits#331 Allow options[:settings] to be an hash for Settings overrides in IdpMetadataParser#parse

pitbulk · pitbulk · commit 4616771ee06b · 2016-10-19T13:19:51.000+02:00
diff --git a/lib/onelogin/ruby-saml/idp_metadata_parser.rb b/lib/onelogin/ruby-saml/idp_metadata_parser.rb
@@ -27,7 +27,7 @@ class IdpMetadataParser
       # IdP values
       #
       # @param (see IdpMetadataParser#get_idp_metadata)
-      # @param options  [Hash]   :settings to provide the OneLogin::RubySaml::Settings object
+      # @param options  [Hash]   :settings to provide the OneLogin::RubySaml::Settings object or an hash for Settings overrides
       # @return (see IdpMetadataParser#get_idp_metadata)
       # @raise (see IdpMetadataParser#get_idp_metadata)
       def parse_remote(url, validate_cert = true, options = {})
@@ -37,12 +37,17 @@ def parse_remote(url, validate_cert = true, options = {})
 
       # Parse the Identity Provider metadata and update the settings with the IdP values
       # @param idp_metadata [String] 
-      # @param options  [Hash]   :settings to provide the OneLogin::RubySaml::Settings object
+      # @param options  [Hash]   :settings to provide the OneLogin::RubySaml::Settings object or an hash for Settings overrides
       #
       def parse(idp_metadata, options = {})
         @document = REXML::Document.new(idp_metadata)
 
-        (options[:settings] || OneLogin::RubySaml::Settings.new).tap do |settings|
+        settings = options[:settings]
+        if settings.nil? || settings.is_a?(Hash)
+          settings = OneLogin::RubySaml::Settings.new(settings || {})
+        end
+
+        settings.tap do |settings|
           settings.idp_entity_id = idp_entity_id
           settings.name_identifier_format = idp_name_id_format
           settings.idp_sso_target_url = single_signon_service_url(options)
diff --git a/test/idp_metadata_parser_test.rb b/test/idp_metadata_parser_test.rb
@@ -56,6 +56,22 @@ def initialize; end
       assert_equal "F1:3C:6B:80:90:5A:03:0E:6C:91:3E:5D:15:FA:DD:B0:16:45:48:72", settings.idp_cert_fingerprint
     end
 
+    it "uses settings options as hash for overrides" do
+      idp_metadata_parser = OneLogin::RubySaml::IdpMetadataParser.new
+      idp_metadata = read_response("idp_descriptor.xml")
+      settings = idp_metadata_parser.parse(idp_metadata, {
+        :settings => {
+          :security => {
+            :digest_method => XMLSecurity::Document::SHA256,
+            :signature_method => XMLSecurity::Document::RSA_SHA256
+          }
+        }
+      })
+      assert_equal "F1:3C:6B:80:90:5A:03:0E:6C:91:3E:5D:15:FA:DD:B0:16:45:48:72", settings.idp_cert_fingerprint
+      assert_equal XMLSecurity::Document::SHA256, settings.security[:digest_method]
+      assert_equal XMLSecurity::Document::RSA_SHA256, settings.security[:signature_method]
+    end
+
   end
 
   describe "download and parse IdP descriptor file" do
