Class: Onelogin::Saml::Response

Inherits:

Object

• Object
• Onelogin::Saml::Response

Defined in:

lib/onelogin/saml/response.rb

Instance Attribute Summary

• #document ⇒ Object

  Returns the value of attribute document.

• #logger ⇒ Object

  Returns the value of attribute logger.

• #response ⇒ Object

  Returns the value of attribute response.

• #settings ⇒ Object

  Returns the value of attribute settings.

Instance Method Summary

• #attributes ⇒ Object

  A hash of alle the attributes with the response.

• #initialize(response) ⇒ Response constructor

  A new instance of Response.

• #is_valid? ⇒ Boolean
• #name_id ⇒ Object

  The value of the user identifier as designated by the initialization request response.

• #session_expires_at ⇒ Object

  When this user session should expire at latest.

Constructor Details

#initialize(response) ⇒ Response

Returns a new instance of Response.

Raises:

• (ArgumentError)

# File 'lib/onelogin/saml/response.rb', line 8

def initialize(response)
  raise ArgumentError.new("Response cannot be nil") if response.nil?
  self.response = response
  self.document = XMLSecurity::SignedDocument.new(Base64.decode64(response))
end

Instance Attribute Details

#document ⇒ Object

Returns the value of attribute document.

# File 'lib/onelogin/saml/response.rb', line 6

def document
  @document
end

#logger ⇒ Object

Returns the value of attribute logger.

# File 'lib/onelogin/saml/response.rb', line 6

def logger
  @logger
end

#response ⇒ Object

Returns the value of attribute response.

# File 'lib/onelogin/saml/response.rb', line 6

def response
  @response
end

#settings ⇒ Object

Returns the value of attribute settings.

# File 'lib/onelogin/saml/response.rb', line 6

def settings
  @settings
end

Instance Method Details

#attributes ⇒ Object

A hash of alle the attributes with the response. Assuming there is onlye one value for each key

# File 'lib/onelogin/saml/response.rb', line 28

def attributes
  saml_attribute_statements = document.elements["/samlp:Response/saml:Assertion/saml:AttributeStatement"].elements
  statements = saml_attribute_statements.map do |child|
    child.attributes.map do |key, attribute|
      [attribute, child.elements.first.text]
    end
  end

  hash = Hash[statements.flatten(1)]
  @attributes ||= make_hash_access_indiferent(hash)
end

#is_valid? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/onelogin/saml/response.rb', line 14

def is_valid?
  return false if response.empty?
  return false if settings.nil?
  return false if settings.idp_cert_fingerprint.nil?

  document.validate(settings.idp_cert_fingerprint, logger)
end

#name_id ⇒ Object

The value of the user identifier as designated by the initialization request response

# File 'lib/onelogin/saml/response.rb', line 23

def name_id
  @name_id ||= document.elements["/samlp:Response/saml:Assertion/saml:Subject/saml:NameID"].text
end

#session_expires_at ⇒ Object

When this user session should expire at latest

# File 'lib/onelogin/saml/response.rb', line 41

def session_expires_at
  @expires_at ||= Time.parse(document.elements["/samlp:Response/saml:Assertion/saml:AuthnStatement"].attributes["SessionNotOnOrAfter"])
end