Merge pull request #38 from 18F/add-default-aal-authn-context

add default aal authn context
18F · Apr 7, 2021 · fd7c822 · fd7c822
2 parents e5ca445 + e21de03
commit fd7c822
Show file tree

Hide file tree

Showing 3 changed files with 11 additions and 2 deletions.
diff --git a/lib/saml_idp/request.rb b/lib/saml_idp/request.rb
@@ -4,7 +4,7 @@ module SamlIdp
   class Request
     IAL_PREFIX = %r{^http://idmanagement.gov/ns/assurance/ial}.freeze
     LOA_PREFIX = %r{^http://idmanagement.gov/ns/assurance/loa}.freeze
-    AAL_PREFIX = %r{^http://idmanagement.gov/ns/assurance/aal}.freeze
+    AAL_PREFIX = %r{^http://idmanagement.gov/ns/assurance/aal|urn:gov:gsa:ac:classes:sp:PasswordProtectedTransport:duo}.freeze
 
     def self.from_deflated_request(raw, options = {})
       if raw

diff --git a/lib/saml_idp/version.rb b/lib/saml_idp/version.rb
@@ -1,4 +1,4 @@
 # encoding: utf-8
 module SamlIdp
-  VERSION = '0.12.1-18f'.freeze
+  VERSION = '0.12.2-18f'.freeze
 end
diff --git a/spec/lib/saml_idp/request_spec.rb b/spec/lib/saml_idp/request_spec.rb
@@ -2,6 +2,7 @@
 module SamlIdp
   describe Request do
     let(:aal) { 'http://idmanagement.gov/ns/assurance/aal/3' }
+    let(:default_aal) { 'urn:gov:gsa:ac:classes:sp:PasswordProtectedTransport:duo' }
     let(:ial) { 'http://idmanagement.gov/ns/assurance/ial/2' }
     let(:password) { 'urn:oasis:names:tc:SAML:2.0:ac:classes:Password' }
     let(:authn_context_classref) { build_authn_context_classref(password) }
@@ -133,6 +134,14 @@ module SamlIdp
         end
       end
 
+      context "context requested is default aal" do
+        let(:authn_context_classref) { build_authn_context_classref(default_aal) }
+
+        it "should return the aal uri" do
+          expect(subject.requested_aal_authn_context).to eq(default_aal)
+        end
+      end
+
       context "only context requested is aal" do
         let(:authn_context_classref) { build_authn_context_classref(aal) }