Merge pull request #7 from zendesk/sdavidovitz/saml_logout

WIP -- LogoutRequest support

Author: morten

lib/samlr.rb

@@ -49,3 +49,4 @@ def try(method)
 require "samlr/signature"
 require "samlr/response"
 require "samlr/request"
+require "samlr/logout_request"

lib/samlr/logout_request.rb

@@ -0,0 +1,7 @@
+module Samlr
+  class LogoutRequest < Request
+    def body
+      @body ||= Samlr::Tools::LogoutRequestBuilder.build(options)
+    end
+  end
+end

lib/samlr/tools.rb

@@ -9,6 +9,7 @@
 require "samlr/tools/request_builder"
 require "samlr/tools/response_builder"
 require "samlr/tools/metadata_builder"
+require "samlr/tools/logout_request_builder"
 
 module Samlr
   module Tools

lib/samlr/tools/logout_request_builder.rb

@@ -0,0 +1,27 @@
+require "nokogiri"
+
+module Samlr
+  module Tools
+    # Use this for building the SAML logout request XML
+    module LogoutRequestBuilder
+      def self.build(options = {})
+        name_id_format  = options[:name_id_format] || EMAIL_FORMAT
+
+        # Mandatory
+        name_id = options.fetch(:name_id)
+        issuer  = options.fetch(:issuer)
+
+        builder = Nokogiri::XML::Builder.new do |xml|
+          xml.LogoutRequest("xmlns:samlp" => NS_MAP["samlp"], "xmlns:saml" => NS_MAP["saml"], "ID" => Samlr::Tools.uuid, "IssueInstant" => Samlr::Tools::Timestamp.stamp, "Version" => "2.0") do
+            xml.doc.root.namespace = xml.doc.root.namespace_definitions.find { |ns| ns.prefix == "samlp" }
+
+            xml["saml"].Issuer(issuer)
+            xml["saml"].NameID(name_id, "Format" => name_id_format)
+          end
+        end
+
+        builder.to_xml(COMPACT)
+      end
+    end
+  end
+end

test/unit/test_logout_request.rb

@@ -0,0 +1,39 @@
+require File.expand_path("test/test_helper")
+
+describe Samlr::LogoutRequest do
+  before do
+    @request = Samlr::LogoutRequest.new(
+      :issuer => "https://sp.example.com/saml2",
+      :name_id => "[email protected]"
+    )
+  end
+
+  describe "#body" do
+    it "should return the generated XML" do
+      document = Nokogiri::XML(@request.body) { |c| c.strict }
+      assert document.at("/samlp:LogoutRequest", Samlr::NS_MAP)
+    end
+
+    it "should delegate the building to the LogoutRequestBuilder" do
+      Samlr::Tools::LogoutRequestBuilder.stub(:build, "hello") do
+        assert_match "hello", @request.body
+      end
+    end
+  end
+
+  describe "#param" do
+    it "returns the encoded body" do
+      @request.stub(:body, "hello") do
+        assert_equal Samlr::Tools.encode("hello"), @request.param
+      end
+    end
+  end
+
+  describe "#url" do
+    it "returns a valid URL" do
+      @request.stub(:param, "hello") do
+        assert_equal("https://foo.com/?SAMLRequest=hello&foo=bar", @request.url("https://foo.com/", :foo => "bar"))
+      end
+    end
+  end
+end

test/unit/tools/test_logout_request_builder.rb

@@ -0,0 +1,26 @@
+require File.expand_path("test/test_helper")
+
+describe Samlr::Tools::LogoutRequestBuilder do
+  describe "#build" do
+    before do
+      @xml = Samlr::Tools::LogoutRequestBuilder.build(
+        :issuer => "https://sp.example.com/saml2",
+        :name_id => "[email protected]"
+      )
+
+      @doc = Nokogiri::XML(@xml) { |c| c.strict }
+    end
+
+    it "generates a request document" do
+      assert_equal "LogoutRequest", @doc.root.name
+
+      issuer = @doc.root.at("./saml:Issuer", Samlr::NS_MAP)
+      assert_equal "https://sp.example.com/saml2", issuer.text
+    end
+
+    it "validates against schemas" do
+      result = Samlr::Tools.validate(:document => @xml)
+      assert result
+    end
+  end
+end