Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add Destination validation for ruby-saml/response #302

Merged
merged 1 commit into from
Feb 11, 2016
Merged

add Destination validation for ruby-saml/response #302

merged 1 commit into from
Feb 11, 2016

Conversation

alperkokmen
Copy link
Contributor

Status

READY

Migrations

NO

Description

this change adds validation for Destination attribute which is optionally included in the SAML response.

  • response method to return Destination attribute via REXML.
  • response method to validate the destination against consumer service URL available in settings.
  • unit tests.

note that @pitbulk originally implemented these changes in #197; however, this specific validation didn't make it to master branch (or >= 1.0.0). i merely duplicated his work and matched the new validation pattern (no soft) in master.

if accepted, this would fix #301.

Related PRs

branch PR
response_validations #197
improve_validations #239

Todos

  • Tests
  • Documentation – i don't think this is applicable; other validations aren't documented individually in README.

Deploy Notes

no migrations or breaking changes; some IdPs may not send the right Destination due to configuration issues – since it's an optional value, when provided, expectation is that it must be valid. to keep those integrations working, #consume action be tweaked to ignore validations for Destination attribute.

Steps to Test or Reproduce

N/A

Impacted Areas in Application

List general components of the application that this PR will affect:

  • Response validation.

add Destination validation for ruby-saml/response
f04b0ee 
this change adds validation for Destination attribute which is
optionally included in the SAML response.

- response method to return Destination attribute via REXML
- response method to validate the destination against consumer service
  URL available in settings.
- unit tests.

note that @pitbulk originally implemented these changes in
#197; however, this specific
validation didn't make it to master branch (or >= 1.0.0).

i am hoping this will resolve
#301.
@pitbulk
Copy link
Collaborator

pitbulk commented Feb 11, 2016

Thanks for the contribution.

pitbulk added a commit that referenced this pull request Feb 11, 2016
@pitbulk
Merge pull request #302 from alperkokmen/destination-validation-for-s…
b95c2b6 
…aml-response

add Destination validation for ruby-saml/response
@pitbulk pitbulk merged commit b95c2b6 into SAML-Toolkits:master Feb 11, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

missing validation for Destination in response
2 participants
@alperkokmen @pitbulk