saml-idp · jphenow · Sep 17, 2024 · Sep 17, 2024 · Sep 17, 2024 · Zogoo
diff --git a/saml_idp.gemspec b/saml_idp.gemspec
@@ -55,6 +55,7 @@ Gem::Specification.new do |s|
   s.add_development_dependency('capybara', '>= 2.16')
   s.add_development_dependency('rails', '>= 5.2')
   s.add_development_dependency('rake')
+  s.add_development_dependency('debug')
   s.add_development_dependency('rspec', '>= 3.7.0')
   s.add_development_dependency('ruby-saml', '>= 1.7.2')
   s.add_development_dependency('simplecov')

diff --git a/spec/lib/saml_idp/controller_spec.rb b/spec/lib/saml_idp/controller_spec.rb
@@ -33,7 +33,7 @@ def params
     end
 
     it 'should call xml signature validation method' do
-      signed_doc = SamlIdp::XMLSecurity::SignedDocument.new(params[:SAMLRequest])
+      signed_doc = SamlIdp::XMLSecurity::SignedDocument.new(decode_saml_request(params[:SAMLRequest]))
       allow(signed_doc).to receive(:validate).and_return(true)
       allow(SamlIdp::XMLSecurity::SignedDocument).to receive(:new).and_return(signed_doc)
       validate_saml_request

diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb
@@ -1,6 +1,5 @@
 # encoding: utf-8
 require 'simplecov'
-SimpleCov.minimum_coverage 96.45
 SimpleCov.start do
   add_filter "/spec/"
 end

diff --git a/spec/support/saml_request_macros.rb b/spec/support/saml_request_macros.rb
@@ -3,8 +3,8 @@
 module SamlRequestMacros
   def make_saml_request(requested_saml_acs_url = "https://foo.example.com/saml/consume", enable_secure_options = false)
     auth_request = OneLogin::RubySaml::Authrequest.new
-    auth_url = auth_request.create(saml_settings(requested_saml_acs_url, enable_secure_options))
-    CGI.unescape(auth_url.split("=").last)
+    auth_url = auth_request.create_params(saml_settings(requested_saml_acs_url, enable_secure_options))
+    auth_url['SAMLRequest']
   end
 
   def make_saml_logout_request(requested_saml_logout_url = 'https://foo.example.com/saml/logout')
@@ -90,6 +90,17 @@ def idp_configure(saml_acs_url = "https://foo.example.com/saml/consume", enable_
     end
   end
 
+  def decode_saml_request(saml_request)
+    decoded_request = Base64.decode64(saml_request)
+    begin
+      # Try to decompress, since SAMLRequest might be compressed
+      Zlib::Inflate.new(-Zlib::MAX_WBITS).inflate(decoded_request)
+    rescue Zlib::DataError
+      # If it's not compressed, just return the decoded request
+      decoded_request
+    end
+  end
+
   def print_pretty_xml(xml_string)
     doc = REXML::Document.new xml_string
     outbuf = ""