Raise SettingError if invoking an action with no endpoint defined on the settings

pitbulk · pitbulk · commit bda2864f65dd · 2019-11-05T13:15:15.000+01:00
diff --git a/lib/onelogin/ruby-saml/authrequest.rb b/lib/onelogin/ruby-saml/authrequest.rb
@@ -3,6 +3,7 @@
 require "onelogin/ruby-saml/logging"
 require "onelogin/ruby-saml/saml_message"
 require "onelogin/ruby-saml/utils"
+require "onelogin/ruby-saml/setting_error"
 
 # Only supports SAML 2.0
 module OneLogin
@@ -36,7 +37,7 @@ def create(settings, params = {})
         params.each_pair do |key, value|
           request_params << "&#{key.to_s}=#{CGI.escape(value.to_s)}"
         end
-        raise "Invalid settings, idp_sso_target_url is not set!" if settings.idp_sso_target_url.nil?
+        raise SettingError.new "Invalid settings, idp_sso_target_url is not set!" if settings.idp_sso_target_url.nil? or settings.idp_sso_target_url.empty?
         @login_url = settings.idp_sso_target_url + request_params
       end
 
@@ -107,7 +108,7 @@ def create_xml_document(settings)
         root.attributes['ID'] = uuid
         root.attributes['IssueInstant'] = time
         root.attributes['Version'] = "2.0"
-        root.attributes['Destination'] = settings.idp_sso_target_url unless settings.idp_sso_target_url.nil?
+        root.attributes['Destination'] = settings.idp_sso_target_url unless settings.idp_sso_target_url.nil? or settings.idp_sso_target_url.empty?
         root.attributes['IsPassive'] = settings.passive unless settings.passive.nil?
         root.attributes['ProtocolBinding'] = settings.protocol_binding unless settings.protocol_binding.nil?
         root.attributes["AttributeConsumingServiceIndex"] = settings.attributes_index unless settings.attributes_index.nil?
diff --git a/lib/onelogin/ruby-saml/logoutrequest.rb b/lib/onelogin/ruby-saml/logoutrequest.rb
@@ -1,6 +1,7 @@
 require "onelogin/ruby-saml/logging"
 require "onelogin/ruby-saml/saml_message"
 require "onelogin/ruby-saml/utils"
+require "onelogin/ruby-saml/setting_error"
 
 # Only supports SAML 2.0
 module OneLogin
@@ -33,6 +34,7 @@ def create(settings, params={})
         params.each_pair do |key, value|
           request_params << "&#{key.to_s}=#{CGI.escape(value.to_s)}"
         end
+        raise SettingError.new "Invalid settings, idp_slo_target_url is not set!" if settings.idp_slo_target_url.nil? or settings.idp_slo_target_url.empty?
         @logout_url = settings.idp_slo_target_url + request_params
       end
 
@@ -103,7 +105,7 @@ def create_xml_document(settings)
         root.attributes['ID'] = uuid
         root.attributes['IssueInstant'] = time
         root.attributes['Version'] = "2.0"
-        root.attributes['Destination'] = settings.idp_slo_target_url  unless settings.idp_slo_target_url.nil?
+        root.attributes['Destination'] = settings.idp_slo_target_url  unless settings.idp_slo_target_url.nil? or settings.idp_slo_target_url.empty?
 
         if settings.sp_entity_id
           issuer = root.add_element "saml:Issuer"
diff --git a/lib/onelogin/ruby-saml/setting_error.rb b/lib/onelogin/ruby-saml/setting_error.rb
@@ -0,0 +1,6 @@
+module OneLogin
+  module RubySaml
+    class SettingError < StandardError
+    end
+  end
+end
diff --git a/lib/onelogin/ruby-saml/slo_logoutresponse.rb b/lib/onelogin/ruby-saml/slo_logoutresponse.rb
@@ -2,6 +2,7 @@
 
 require "onelogin/ruby-saml/saml_message"
 require "onelogin/ruby-saml/utils"
+require "onelogin/ruby-saml/setting_error"
 
 # Only supports SAML 2.0
 module OneLogin
@@ -37,6 +38,7 @@ def create(settings, request_id = nil, logout_message = nil, params = {})
           response_params << "&#{key.to_s}=#{CGI.escape(value.to_s)}"
         end
 
+        raise SettingError.new "Invalid settings, idp_slo_target_url is not set!" if settings.idp_slo_target_url.nil? or settings.idp_slo_target_url.empty?
         @logout_url = settings.idp_slo_target_url + response_params
       end
 
@@ -112,7 +114,7 @@ def create_xml_document(settings, request_id = nil, logout_message = nil)
         root.attributes['IssueInstant'] = time
         root.attributes['Version'] = '2.0'
         root.attributes['InResponseTo'] = request_id unless request_id.nil?
-        root.attributes['Destination'] = settings.idp_slo_target_url unless settings.idp_slo_target_url.nil?
+        root.attributes['Destination'] = settings.idp_slo_target_url unless settings.idp_slo_target_url.nil? or settings.idp_slo_target_url.empty?
 
         if settings.sp_entity_id != nil
           issuer = root.add_element "saml:Issuer"
diff --git a/test/request_test.rb b/test/request_test.rb
@@ -1,6 +1,7 @@
 require File.expand_path(File.join(File.dirname(__FILE__), "test_helper"))
 
 require 'onelogin/ruby-saml/authrequest'
+require 'onelogin/ruby-saml/setting_error'
 
 class RequestTest < Minitest::Test
 
@@ -166,7 +167,7 @@ class RequestTest < Minitest::Test
       end
 
       it "raises an error with a descriptive message" do
-        err = assert_raises RuntimeError do
+        err = assert_raises OneLogin::RubySaml::SettingError do
           OneLogin::RubySaml::Authrequest.new.create(settings)
         end
         assert_match /idp_sso_target_url is not set/, err.message
