Merge pull request SAML-Toolkits#39 from drywheattoast/error_on_multi…

…ple_validations Fixes bug with SignedDocument#validate_doc
orslumen · Sep 17, 2012 · 0df0438 · 0df0438
2 parents 8d69f7a + e252342
commit 0df0438
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 4 deletions.
diff --git a/lib/xml_security.rb b/lib/xml_security.rb
@@ -36,7 +36,7 @@ module XMLSecurity
   class SignedDocument < REXML::Document
     DSIG = "http://www.w3.org/2000/09/xmldsig#"
 
-    attr_accessor :signed_element_id
+    attr_accessor :signed_element_id, :sig_element
 
     def initialize(response)
       super(response)
@@ -73,9 +73,11 @@ def validate_doc(base64_cert, soft = true)
         inclusive_namespaces          = prefix_list.split(" ")
       end
 
-      # remove signature node
-      sig_element = REXML::XPath.first(self, "//ds:Signature", {"ds"=>DSIG})
-      sig_element.remove
+      # store and remove signature node
+      self.sig_element ||= begin
+        element = REXML::XPath.first(self, "//ds:Signature", {"ds"=>DSIG})
+        element.remove
+      end
 
       # check digests
       REXML::XPath.each(sig_element, "//ds:Reference", {"ds"=>DSIG}) do |ref|

diff --git a/test/xml_security_test.rb b/test/xml_security_test.rb
@@ -19,6 +19,12 @@ class XmlSecurityTest < Test::Unit::TestCase
         @document.validate_doc(@base64cert, false)
       end
     end
+
+    should "not raise an error when softly validating the document multiple times" do
+      assert_nothing_raised do
+        2.times { @document.validate_doc(@base64cert, true) }
+      end
+    end
 
     should "should raise Fingerprint mismatch" do
       exception = assert_raise(Onelogin::Saml::ValidationError) do