Class: Akami::WSSE::Signature

Inherits:

Object

• Object
• Akami::WSSE::Signature

Includes:

C14nHelper, XPathHelper

Defined in:

lib/akami/wsse/signature.rb

Defined Under Namespace

Classes: MissingCertificate

Constant Summary

ExclusiveXMLCanonicalizationAlgorithm =

'http://www.w3.org/2001/10/xml-exc-c14n#'.freeze

RSASHA1SignatureAlgorithm =

'http://www.w3.org/2000/09/xmldsig#rsa-sha1'.freeze

SHA1DigestAlgorithm =

'http://www.w3.org/2000/09/xmldsig#sha1'.freeze

X509v3ValueType =

'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3'.freeze

Base64EncodingType =

'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary'.freeze

SignatureNamespace =

'http://www.w3.org/2000/09/xmldsig#'.freeze

Instance Attribute Summary

• #certs ⇒ Object

  For a Savon::WSSE::Certs object.

Instance Method Summary

• #body_attributes ⇒ Object
• #body_id ⇒ Object
• #document ⇒ Object

  Without a document, the document cannot be signed.

• #document=(document) ⇒ Object
• #have_document? ⇒ Boolean
• #initialize(certs = Certs.new) ⇒ Signature constructor

  A new instance of Signature.

• #now ⇒ Object

  Cache “now” so that digests match…

• #security_token_id ⇒ Object
• #to_token ⇒ Object

Methods included from C14nHelper

#canonicalize

Methods included from XPathHelper

#at_xpath, #local_name_xpath, #xpath

Constructor Details

#initialize(certs = Certs.new) ⇒ Signature

Returns a new instance of Signature.

# File 'lib/akami/wsse/signature.rb', line 35

def initialize(certs = Certs.new)
  @certs = certs
end

Instance Attribute Details

#certs ⇒ Object

For a Savon::WSSE::Certs object. To hold the certs we need to sign.

# File 'lib/akami/wsse/signature.rb', line 13

def certs
  @certs
end

Instance Method Details

#body_attributes ⇒ Object

# File 'lib/akami/wsse/signature.rb', line 57

def body_attributes
  {
    "xmlns:wsu" => Akami::WSSE::WSU_NAMESPACE,
    "wsu:Id" => body_id,
  }
end

#body_id ⇒ Object

# File 'lib/akami/wsse/signature.rb', line 49

def body_id
  @body_id ||= "Body-#{uid}".freeze
end

#document ⇒ Object

Without a document, the document cannot be signed. Generate the document once, and then set document and recall #to_token

# File 'lib/akami/wsse/signature.rb', line 17

def document
  return nil if @document.nil?
  @document.to_xml(save_with: Nokogiri::XML::Node::SaveOptions::AS_XML)
end

#document=(document) ⇒ Object

# File 'lib/akami/wsse/signature.rb', line 22

def document=(document)
  @document = Nokogiri::XML(document)
end

#have_document? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/akami/wsse/signature.rb', line 39

def have_document?
  !!document
end

#now ⇒ Object

Cache “now” so that digests match… TODO: figure out how we might want to expire this cache…

# File 'lib/akami/wsse/signature.rb', line 45

def now
  @now ||= Time.now
end

#security_token_id ⇒ Object

# File 'lib/akami/wsse/signature.rb', line 53

def security_token_id
  @security_token_id ||= "SecurityToken-#{uid}".freeze
end

#to_token ⇒ Object

# File 'lib/akami/wsse/signature.rb', line 64

def to_token
  return {} unless have_document?

  sig = signed_info.merge(key_info).merge(signature_value)
  sig.merge! :order! => []
  [ "SignedInfo", "SignatureValue", "KeyInfo" ].each do |key|
    sig[:order!] << key if sig[key]
  end

  token = {
    "Signature" => sig,
    :attributes! => { "Signature" => { "xmlns" => SignatureNamespace } },
  }

  Akami::HashHelper.deep_merge!(token, binary_security_token) if certs.cert

  token.merge! :order! => []
  [ "wsse:BinarySecurityToken", "Signature" ].each do |key|
    token[:order!] << key if token[key]
  end

  token
end