Ensure validations work when there is no valid service provider#11946
Ensure validations work when there is no valid service provider#11946
Conversation
…valid service provider
| it 'returns FormResponse with success: false' do | ||
| expect(response.to_h).to eq( | ||
| success: false, | ||
| error_details: { service_provider: { unauthorized_service_provider: true } }, |
There was a problem hiding this comment.
I am diving into the weeds and think this is out of scope, but it took me a bit to realize that this bit on line 90:
let(:sp) { ServiceProvider.find_by(issuer: 'foo') }returns nil because it finds nothing. Not knowing this section of code well, I guessed it was a ServiceProvider which existed, but hadn't been "authorized", whatever that might mean.
Would it be more expressive if it was just let(:sp) { nil }? Or I guess the point is that something was passed for an issuer, but it didn't match a real SP?
This PR is a simple bugfix + adding a regression test, so please don't let me derail it unless this sparks something on your end.
There was a problem hiding this comment.
updated in 1545660 -- i think there is some value to having it mirror the actual thing being passed in, but not at the expense of being clear to the folks reading the tests
3 participants
🎫 Ticket
Link to the relevant ticket:
Validation nil error
🛠 Summary of changes
This change adds a guard for the
authorized_authn_contextvalidation. Before, if the service provider did not exist but the authn_context was requesting IdV, IALMax, or IAL2, the validation would throw a no method error.