From e2e335c2e41c2acd2c35938367a5da874e249316 Mon Sep 17 00:00:00 2001 From: Ben Willis Date: Tue, 11 Aug 2015 22:43:01 -0700 Subject: [PATCH 1/3] Remove console.log --- test/samlp.signedresponse.tests.js | 1 - 1 file changed, 1 deletion(-) diff --git a/test/samlp.signedresponse.tests.js b/test/samlp.signedresponse.tests.js index eab58cb..8a0444e 100644 --- a/test/samlp.signedresponse.tests.js +++ b/test/samlp.signedresponse.tests.js @@ -35,7 +35,6 @@ describe('samlp signed response', function () { }); it('should contain a valid signed response', function(){ - console.log(signedResponse); var isValid = xmlhelper.verifySignature( signedResponse, server.credentials.cert); From 515b74d1d382977dca6d28bd6cc841027518b6a6 Mon Sep 17 00:00:00 2001 From: Ben Willis Date: Tue, 11 Aug 2015 22:43:16 -0700 Subject: [PATCH 2/3] Fix order spec assertion --- test/samlp.tests.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/samlp.tests.js b/test/samlp.tests.js index a287d6d..37c6f90 100644 --- a/test/samlp.tests.js +++ b/test/samlp.tests.js @@ -58,7 +58,7 @@ describe('samlp', function () { var signature = doc.documentElement.getElementsByTagName('Signature'); - expect('saml:Issuer', signature[0].previousSibling.nodeName); + expect(signature[0].previousSibling.nodeName).to.equal('saml:Issuer'); }); it('should use sha256 as default signature algorithm', function(){ From 24645f2670ee2b6d05b599e9d8a456b58253995d Mon Sep 17 00:00:00 2001 From: Ben Willis Date: Tue, 11 Aug 2015 22:45:51 -0700 Subject: [PATCH 3/3] Add spec to verify signed response signature/issuer order The SAML 2.0 protocol defines a sequence for Signature and Issuer. This test verifies that it is in the proper order, identical to the Signature/Issuer order verified on the response assertion. --- test/samlp.signedresponse.tests.js | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/test/samlp.signedresponse.tests.js b/test/samlp.signedresponse.tests.js index 8a0444e..73862e5 100644 --- a/test/samlp.signedresponse.tests.js +++ b/test/samlp.signedresponse.tests.js @@ -3,6 +3,7 @@ var server = require('./fixture/server'); var request = require('request'); var cheerio = require('cheerio'); var xmlhelper = require('./xmlhelper'); +var xmldom = require('xmldom'); describe('samlp signed response', function () { before(function (done) { @@ -56,5 +57,12 @@ describe('samlp signed response', function () { expect(destination).to.equal('http://destination'); }); + it('should have signature after issuer', function(){ + var doc = new xmldom.DOMParser().parseFromString(signedResponse); + + var signature = doc.documentElement.getElementsByTagName('Signature'); + + expect(signature[0].previousSibling.nodeName).to.equal('saml:Issuer'); + }); }); -}); \ No newline at end of file +});