Class: OneLogin::RubySaml::SamlMessage

Inherits:
Object
  • Object
show all
Includes:
REXML
Defined in:
lib/onelogin/ruby-saml/saml_message.rb

Overview

SAML2 Message

Constant Summary collapse

ASSERTION =
"urn:oasis:names:tc:SAML:2.0:assertion".freeze
PROTOCOL =
"urn:oasis:names:tc:SAML:2.0:protocol".freeze
BASE64_FORMAT =
%r(\A([A-Za-z0-9+/]{4})*([A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)?\Z)
@@mutex =
Mutex.new

Class Method Summary collapse

Instance Method Summary collapse

Class Method Details

.schemaNokogiri::XML::Schema

Returns Gets the schema object of the SAML 2.0 Protocol schema.

Returns:

  • (Nokogiri::XML::Schema)

    Gets the schema object of the SAML 2.0 Protocol schema



26
27
28
29
30
31
32
# File 'lib/onelogin/ruby-saml/saml_message.rb', line 26

def self.schema
  @@mutex.synchronize do
    Dir.chdir(File.expand_path("../../../schemas", __FILE__)) do
      ::Nokogiri::XML::Schema(File.read("saml-schema-protocol-2.0.xsd"))
    end
  end
end

Instance Method Details

#id(document) ⇒ String|nil

Returns Gets the ID attribute from the SAML Message if exists.

Returns:

  • (String|nil)

    Gets the ID attribute from the SAML Message if exists.



49
50
51
52
53
54
55
56
57
58
# File 'lib/onelogin/ruby-saml/saml_message.rb', line 49

def id(document)
  @id ||= begin
    node = REXML::XPath.first(
      document,
      "/p:AuthnRequest | /p:Response | /p:LogoutResponse | /p:LogoutRequest",
      { "p" => PROTOCOL }
    )
    node.nil? ? nil : node.attributes['ID']
  end
end

#valid_saml?(document, soft = true) ⇒ Boolean

Validates the SAML Message against the specified schema.

Parameters:

  • document (REXML::Document)

    The message that will be validated

  • soft (Boolean) (defaults to: true)

    soft Enable or Disable the soft mode (In order to raise exceptions when the message is invalid or not)

Returns:

  • (Boolean)

    True if the XML is valid, otherwise False, if soft=True

Raises:



66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
# File 'lib/onelogin/ruby-saml/saml_message.rb', line 66

def valid_saml?(document, soft = true)
  begin
    xml = Nokogiri::XML(document.to_s) do |config|
      config.options = XMLSecurity::BaseDocument::NOKOGIRI_OPTIONS
    end
  rescue StandardError => error
    return false if soft
    raise ValidationError.new("XML load failed: #{error.message}")
  end

  SamlMessage.schema.validate(xml).map do |schema_error|
    return false if soft
    raise ValidationError.new("#{schema_error.message}\n\n#{xml}")
  end
end

#version(document) ⇒ String|nil

Returns Gets the Version attribute from the SAML Message if exists.

Returns:

  • (String|nil)

    Gets the Version attribute from the SAML Message if exists.



36
37
38
39
40
41
42
43
44
45
# File 'lib/onelogin/ruby-saml/saml_message.rb', line 36

def version(document)
  @version ||= begin
    node = REXML::XPath.first(
      document,
      "/p:AuthnRequest | /p:Response | /p:LogoutResponse | /p:LogoutRequest",
      { "p" => PROTOCOL }
    )
    node.nil? ? nil : node.attributes['Version']
  end
end