File tree Expand file tree Collapse file tree 2 files changed +10
-1
lines changed Expand file tree Collapse file tree 2 files changed +10
-1
lines changed Original file line number Diff line number Diff line change @@ -586,12 +586,14 @@ def validate_audience
586586 true
587587 end
588588
589- # Validates the Destination, (If the SAML Response is received where expected)
589+ # Validates the Destination, (If the SAML Response is received where expected).
590+ # If the response was initialized with the :skip_destination option, this validation is skipped,
590591 # If fails, the error is added to the errors array
591592 # @return [Boolean] True if there is a Destination element that matches the Consumer Service URL, otherwise False
592593 #
593594 def validate_destination
594595 return true if destination . nil?
596+ return true if options [ :skip_destination ]
595597
596598 if destination . empty?
597599 error_msg = "The response has an empty Destination value"
Original file line number Diff line number Diff line change @@ -24,6 +24,7 @@ class RubySamlTest < Minitest::Test
2424 let ( :response_no_conditions ) { OneLogin ::RubySaml ::Response . new ( read_invalid_response ( "no_conditions.xml.base64" ) ) }
2525 let ( :response_no_authnstatement ) { OneLogin ::RubySaml ::Response . new ( read_invalid_response ( "no_authnstatement.xml.base64" ) ) }
2626 let ( :response_empty_destination ) { OneLogin ::RubySaml ::Response . new ( read_invalid_response ( "empty_destination.xml.base64" ) ) }
27+ let ( :response_empty_destination_with_skip ) { OneLogin ::RubySaml ::Response . new ( read_invalid_response ( "empty_destination.xml.base64" ) , { skip_destination : true } ) }
2728 let ( :response_no_status ) { OneLogin ::RubySaml ::Response . new ( read_invalid_response ( "no_status.xml.base64" ) ) }
2829 let ( :response_no_statuscode ) { OneLogin ::RubySaml ::Response . new ( read_invalid_response ( "no_status_code.xml.base64" ) ) }
2930 let ( :response_statuscode_responder ) { OneLogin ::RubySaml ::Response . new ( read_invalid_response ( "status_code_responder.xml.base64" ) ) }
@@ -436,6 +437,12 @@ class RubySamlTest < Minitest::Test
436437 assert_includes response_empty_destination . errors , "The response has an empty Destination value"
437438 end
438439
440+ it "return true when the destination of the SAML Response is empty but skip_destination option is used" do
441+ response_empty_destination_with_skip . settings = settings
442+ assert response_empty_destination_with_skip . send ( :validate_destination )
443+ assert_empty response_empty_destination . errors
444+ end
445+
439446 it "returns true on a case insensitive match on the domain" do
440447 response_valid_signed_without_x509certificate . settings = settings
441448 response_valid_signed_without_x509certificate . settings . assertion_consumer_service_url = 'http://APP.muDa.no/sso/consume'
You can’t perform that action at this time.
0 commit comments