diff options
author | 115100 <115100@users.noreply.github.com> | 2018-10-24 14:21:47 +0300 |
---|---|---|
committer | 115100 <115100@users.noreply.github.com> | 2018-10-25 14:08:07 +0300 |
commit | 2a8a4897ffebd01c784c028200d0cbdfaf32695e (patch) | |
tree | d6fc3e47823dc8b7abdecebfba01e503af7b813c /spec/lib/gitlab/auth | |
parent | 5726e51aaa19f37f76474219d0b0aa75894489e7 (diff) |
saml/auth_hash: Allow 2FA bypass for SAML 2.0 responses
Closes gitlab-org/gitlab-ce/#53102.
Diffstat (limited to 'spec/lib/gitlab/auth')
-rw-r--r-- | spec/lib/gitlab/auth/saml/auth_hash_spec.rb | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/spec/lib/gitlab/auth/saml/auth_hash_spec.rb b/spec/lib/gitlab/auth/saml/auth_hash_spec.rb index 76f49e778fb..3620e1afe25 100644 --- a/spec/lib/gitlab/auth/saml/auth_hash_spec.rb +++ b/spec/lib/gitlab/auth/saml/auth_hash_spec.rb @@ -82,6 +82,17 @@ describe Gitlab::Auth::Saml::AuthHash do end end + context 'with SAML 2.0 response_object' do + before do + auth_hash_data[:extra][:response_object] = { document: + saml_xml(File.read('spec/fixtures/authentication/saml2_response.xml')) } + end + + it 'can extract authn_context' do + expect(saml_auth_hash.authn_context).to eq 'urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport' + end + end + context 'without response_object' do it 'returns an empty string' do expect(saml_auth_hash.authn_context).to be_nil |