Class: Onelogin::Saml::Response

Inherits:
Object
  • Object
show all
Defined in:
lib/onelogin/ruby-saml/response.rb

Constant Summary collapse

ASSERTION = 
"urn:oasis:names:tc:SAML:2.0:assertion"
PROTOCOL = 
"urn:oasis:names:tc:SAML:2.0:protocol"
DSIG = 
"http://www.w3.org/2000/09/xmldsig#"

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(response, options = {}) ⇒ Response

Returns a new instance of Response.

Raises:

  • (ArgumentError) 


17
18
19
20
21
22
23
 
# File 'lib/onelogin/ruby-saml/response.rb', line 17

def initialize(response, options = {})
  raise ArgumentError.new("Response cannot be nil") if response.nil?
  self.options  = options
  @raw_response = response

  parse_response!
end

Instance Attribute Details

#documentObject

Returns the value of attribute document.



14
15
16
 
# File 'lib/onelogin/ruby-saml/response.rb', line 14

def document
  @document
end

#optionsObject

Returns the value of attribute options.



14
15
16
 
# File 'lib/onelogin/ruby-saml/response.rb', line 14

def options
  @options
end

#raw_responseObject (readonly)

Returns the value of attribute raw_response.



15
16
17
 
# File 'lib/onelogin/ruby-saml/response.rb', line 15

def raw_response
  @raw_response
end

#responseObject

Returns the value of attribute response.



14
15
16
 
# File 'lib/onelogin/ruby-saml/response.rb', line 14

def response
  @response
end

#settingsObject

Returns the value of attribute settings.



14
15
16
 
# File 'lib/onelogin/ruby-saml/response.rb', line 14

def settings
  @settings
end

Instance Method Details

#attributesObject

A hash of alle the attributes with the response. Assuming there is only one value for each key



65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
 
# File 'lib/onelogin/ruby-saml/response.rb', line 65

def attributes
  @attr_statements ||= begin
    result = {}

    stmt_element = REXML::XPath.first(document, "/p:Response/a:Assertion/a:AttributeStatement", { "p" => PROTOCOL, "a" => ASSERTION })
    return {} if stmt_element.nil?

    stmt_element.elements.each do |attr_element|
      name  = attr_element.attributes["Name"]
      value = attr_element.elements.first.text

      result[name] = value
    end

    result.keys.each do |key|
      result[key.intern] = result[key]
    end

    result
  end
end

#conditionsObject

Conditions (if any) for the assertion to run



104
105
106
107
108
 
# File 'lib/onelogin/ruby-saml/response.rb', line 104

def conditions
  @conditions ||= begin
    REXML::XPath.first(document, "/p:Response/a:Assertion[@ID='#{document.signed_element_id}']/a:Conditions", { "p" => PROTOCOL, "a" => ASSERTION })
  end
end

#is_valid?Boolean

Returns:

  • (Boolean) 


39
40
41
 
# File 'lib/onelogin/ruby-saml/response.rb', line 39

def is_valid?
  validate
end

#issuerObject 



110
111
112
113
114
115
116
 
# File 'lib/onelogin/ruby-saml/response.rb', line 110

def issuer
  @issuer ||= begin
    node = REXML::XPath.first(document, "/p:Response/a:Issuer", { "p" => PROTOCOL, "a" => ASSERTION })
    node ||= REXML::XPath.first(document, "/p:Response/a:Assertion/a:Issuer", { "p" => PROTOCOL, "a" => ASSERTION })
    node.nil? ? nil : node.text
  end
end

#name_idObject

The value of the user identifier as designated by the initialization request response



48
49
50
51
52
53
54
 
# File 'lib/onelogin/ruby-saml/response.rb', line 48

def name_id
  @name_id ||= begin
    node = REXML::XPath.first(document, "/p:Response/a:Assertion[@ID='#{document.signed_element_id}']/a:Subject/a:NameID", { "p" => PROTOCOL, "a" => ASSERTION })
    node ||=  REXML::XPath.first(document, "/p:Response[@ID='#{document.signed_element_id}']/a:Assertion/a:Subject/a:NameID", { "p" => PROTOCOL, "a" => ASSERTION })
    node.nil? ? nil : node.text
  end
end

#parse_response!Object 



25
26
27
28
29
30
31
32
33
34
35
36
37
 
# File 'lib/onelogin/ruby-saml/response.rb', line 25

def parse_response!
  @response = if @raw_response =~ /^</
                @raw_response
              else
                Base64.decode64(@raw_response)
              end

  begin
    self.document = XMLSecurity::SignedDocument.new(@response)
  rescue REXML::ParseException => e
    raise e
  end
end

#session_expires_atObject

When this user session should expire at latest



88
89
90
91
92
93
 
# File 'lib/onelogin/ruby-saml/response.rb', line 88

def session_expires_at
  @expires_at ||= begin
    node = REXML::XPath.first(document, "/p:Response/a:Assertion/a:AuthnStatement", { "p" => PROTOCOL, "a" => ASSERTION })
    parse_time(node, "SessionNotOnOrAfter")
  end
end

#sessionindexObject 



56
57
58
59
60
61
62
 
# File 'lib/onelogin/ruby-saml/response.rb', line 56

def sessionindex
  @sessionindex ||= begin
    node = REXML::XPath.first(document, "/p:Response/a:Assertion[@ID='#{document.signed_element_id}']/a:AuthnStatement", { "p" => PROTOCOL, "a" => ASSERTION })
    node ||=  REXML::XPath.first(document, "/p:Response[@ID='#{document.signed_element_id}']/a:Assertion/a:AuthnStatement", { "p" => PROTOCOL, "a" => ASSERTION })
    node.nil? ? nil : node.attributes['SessionIndex']
  end
end

#success?Boolean

Checks the status of the response for a “Success” code

Returns:

  • (Boolean) 


96
97
98
99
100
101
 
# File 'lib/onelogin/ruby-saml/response.rb', line 96

def success?
  @status_code ||= begin
    node = REXML::XPath.first(document, "/p:Response/p:Status/p:StatusCode", { "p" => PROTOCOL, "a" => ASSERTION })
    node.attributes["Value"] == "urn:oasis:names:tc:SAML:2.0:status:Success"
  end
end

#validate!Object 



43
44
45
 
# File 'lib/onelogin/ruby-saml/response.rb', line 43

def validate!
  validate(false)
end