Fix update_from_saml_metadata() overwriting saml_idp_sso_binding_urn

medusa-project · Feb 2, 2024 · ceb0b24 · ceb0b24
1 parent 31d7dd0
commit ceb0b24
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 5 deletions.
diff --git a/app/models/institution.rb b/app/models/institution.rb
@@ -807,9 +807,11 @@ def update_from_saml_metadata(metadata_xml_file)
           self.saml_idp_sso_post_service_url = node.attr("Location")
         end
       end
-      self.saml_idp_sso_binding_urn = self.saml_idp_sso_post_service_url.present? ?
-                                        "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" :
-                                        "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
+      if self.saml_idp_sso_binding_urn.blank?
+        self.saml_idp_sso_binding_urn = self.saml_idp_sso_redirect_service_url.present? ?
+                                          "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" :
+                                          "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+      end
 
       # IdP cert(s) - there should be at most 4 (two each for signing and
       # encryption).

diff --git a/test/models/institution_test.rb b/test/models/institution_test.rb
@@ -1086,7 +1086,7 @@ class InstitutionTest < ActiveSupport::TestCase
 
     assert_equal "https://southwest.edu/entity",
                  @instance.saml_idp_entity_id
-    assert_equal "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST",
+    assert_equal "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect",
                  @instance.saml_idp_sso_binding_urn
     assert_equal "https://login.openathens.net/saml/2/POST/sso/southwest.edu",
                  @instance.saml_idp_sso_post_service_url
@@ -1114,7 +1114,7 @@ class InstitutionTest < ActiveSupport::TestCase
 
     @instance.update_from_saml_metadata(xml_file)
 
-    assert_equal "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST",
+    assert_equal "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect",
                  @instance.saml_idp_sso_binding_urn
     assert_equal "https://login.openathens.net/saml/2/POST/sso/southwest.edu",
                  @instance.saml_idp_sso_post_service_url