Class: OneLogin::RubySaml::Response
- Inherits:
-
SamlMessage
- Object
- SamlMessage
- OneLogin::RubySaml::Response
- Defined in:
- lib/onelogin/ruby-saml/response.rb
Constant Summary collapse
- ASSERTION =
"urn:oasis:names:tc:SAML:2.0:assertion"
- PROTOCOL =
"urn:oasis:names:tc:SAML:2.0:protocol"
- DSIG =
"http://www.w3.org/2000/09/xmldsig#"
Instance Attribute Summary collapse
-
#document ⇒ Object
readonly
Returns the value of attribute document.
-
#errors ⇒ Object
Returns the value of attribute errors.
-
#options ⇒ Object
readonly
Returns the value of attribute options.
-
#response ⇒ Object
readonly
Returns the value of attribute response.
-
#settings ⇒ Object
TODO: This should probably be ctor initialized too…
Instance Method Summary collapse
-
#attributes ⇒ Object
Returns OneLogin::RubySaml::Attributes enumerable collection.
-
#conditions ⇒ Object
Conditions (if any) for the assertion to run.
-
#initialize(response, options = {}) ⇒ Response
constructor
A new instance of Response.
- #is_valid? ⇒ Boolean
- #issuer ⇒ Object
-
#name_id ⇒ Object
The value of the user identifier as designated by the initialization request response.
- #not_before ⇒ Object
- #not_on_or_after ⇒ Object
-
#session_expires_at ⇒ Object
When this user session should expire at latest.
- #sessionindex ⇒ Object
- #status_message ⇒ Object
-
#success? ⇒ Boolean
Checks the status of the response for a “Success” code.
- #validate! ⇒ Object
Methods inherited from SamlMessage
#valid_saml?, #validation_error
Constructor Details
#initialize(response, options = {}) ⇒ Response
Returns a new instance of Response.
22 23 24 25 26 27 28 |
# File 'lib/onelogin/ruby-saml/response.rb', line 22 def initialize(response, = {}) @errors = [] raise ArgumentError.new("Response cannot be nil") if response.nil? @options = @response = decode_raw_saml(response) @document = XMLSecurity::SignedDocument.new(@response, @errors) end |
Instance Attribute Details
#document ⇒ Object (readonly)
Returns the value of attribute document.
20 21 22 |
# File 'lib/onelogin/ruby-saml/response.rb', line 20 def document @document end |
#errors ⇒ Object
Returns the value of attribute errors.
16 17 18 |
# File 'lib/onelogin/ruby-saml/response.rb', line 16 def errors @errors end |
#options ⇒ Object (readonly)
Returns the value of attribute options.
18 19 20 |
# File 'lib/onelogin/ruby-saml/response.rb', line 18 def @options end |
#response ⇒ Object (readonly)
Returns the value of attribute response.
19 20 21 |
# File 'lib/onelogin/ruby-saml/response.rb', line 19 def response @response end |
#settings ⇒ Object
TODO: This should probably be ctor initialized too… WDYT?
15 16 17 |
# File 'lib/onelogin/ruby-saml/response.rb', line 15 def settings @settings end |
Instance Method Details
#attributes ⇒ Object
Returns OneLogin::RubySaml::Attributes enumerable collection. All attributes can be iterated over attributes.each
or returned as array by attributes.all
For backwards compatibility ruby-saml returns by default only the first value for a given attribute with
attributes['name']
To get all of the attributes, use:
attributes.multi('name')
Or turn off the compatibility:
OneLogin::RubySaml::Attributes.single_value_compatibility = false
Now this will return an array:
attributes['name']
68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 |
# File 'lib/onelogin/ruby-saml/response.rb', line 68 def attributes @attr_statements ||= begin attributes = Attributes.new stmt_element = xpath_first_from_signed_assertion('/a:AttributeStatement') return attributes if stmt_element.nil? stmt_element.elements.each do |attr_element| name = attr_element.attributes["Name"] values = attr_element.elements.collect{|e| # SAMLCore requires that nil AttributeValues MUST contain xsi:nil XML attribute set to "true" or "1" # otherwise the value is to be regarded as empty. ["true", "1"].include?(e.attributes['xsi:nil']) ? nil : e.text.to_s } attributes.add(name, values) end attributes end end |
#conditions ⇒ Object
Conditions (if any) for the assertion to run
114 115 116 |
# File 'lib/onelogin/ruby-saml/response.rb', line 114 def conditions @conditions ||= xpath_first_from_signed_assertion('/a:Conditions') end |
#is_valid? ⇒ Boolean
30 31 32 |
# File 'lib/onelogin/ruby-saml/response.rb', line 30 def is_valid? validate end |
#issuer ⇒ Object
126 127 128 129 130 131 132 |
# File 'lib/onelogin/ruby-saml/response.rb', line 126 def issuer @issuer ||= begin node = REXML::XPath.first(document, "/p:Response/a:Issuer", { "p" => PROTOCOL, "a" => ASSERTION }) node ||= xpath_first_from_signed_assertion('/a:Issuer') node.nil? ? nil : node.text end end |
#name_id ⇒ Object
The value of the user identifier as designated by the initialization request response
43 44 45 46 47 48 |
# File 'lib/onelogin/ruby-saml/response.rb', line 43 def name_id @name_id ||= begin node = xpath_first_from_signed_assertion('/a:Subject/a:NameID') node.nil? ? nil : node.text end end |
#not_before ⇒ Object
118 119 120 |
# File 'lib/onelogin/ruby-saml/response.rb', line 118 def not_before @not_before ||= parse_time(conditions, "NotBefore") end |
#not_on_or_after ⇒ Object
122 123 124 |
# File 'lib/onelogin/ruby-saml/response.rb', line 122 def not_on_or_after @not_on_or_after ||= parse_time(conditions, "NotOnOrAfter") end |
#session_expires_at ⇒ Object
When this user session should expire at latest
91 92 93 94 95 96 |
# File 'lib/onelogin/ruby-saml/response.rb', line 91 def session_expires_at @expires_at ||= begin node = xpath_first_from_signed_assertion('/a:AuthnStatement') parse_time(node, "SessionNotOnOrAfter") end end |
#sessionindex ⇒ Object
50 51 52 53 54 55 |
# File 'lib/onelogin/ruby-saml/response.rb', line 50 def sessionindex @sessionindex ||= begin node = xpath_first_from_signed_assertion('/a:AuthnStatement') node.nil? ? nil : node.attributes['SessionIndex'] end end |
#status_message ⇒ Object
106 107 108 109 110 111 |
# File 'lib/onelogin/ruby-saml/response.rb', line 106 def @status_message ||= begin node = REXML::XPath.first(document, "/p:Response/p:Status/p:StatusMessage", { "p" => PROTOCOL, "a" => ASSERTION }) node.text if node end end |
#success? ⇒ Boolean
Checks the status of the response for a “Success” code
99 100 101 102 103 104 |
# File 'lib/onelogin/ruby-saml/response.rb', line 99 def success? @status_code ||= begin node = REXML::XPath.first(document, "/p:Response/p:Status/p:StatusCode", { "p" => PROTOCOL, "a" => ASSERTION }) node.attributes["Value"] == "urn:oasis:names:tc:SAML:2.0:status:Success" end end |
#validate! ⇒ Object
34 35 36 |
# File 'lib/onelogin/ruby-saml/response.rb', line 34 def validate! validate(false) end |