Class: Cie::Saml::LogoutResponse

Inherits:
Object
  • Object
show all
Includes:
Coding, Request
Defined in:
lib/cie/ruby-saml/logout_response.rb

Constant Summary collapse

ASSERTION = 
"urn:oasis:names:tc:SAML:2.0:assertion"
PROTOCOL = 
"urn:oasis:names:tc:SAML:2.0:protocol"
DSIG = 
"http://www.w3.org/2000/09/xmldsig#"

Constants included from Request

Request::HTTP_GET, Request::HTTP_POST

Instance Method Summary collapse

Methods included from Request

#binding_select, #content_get, #content_post

Methods included from Coding

#decode, #deflate, #encode, #escape, #inflate, #unescape

Constructor Details

#initialize(options = { }) ⇒ LogoutResponse

Returns a new instance of LogoutResponse.



14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
 
# File 'lib/cie/ruby-saml/logout_response.rb', line 14

def initialize( options = { } )
      opt = { :response => nil, :settings => nil }.merge(options)
      # We've recieved a LogoutResponse from the IdP 
      if opt[:response]
        begin
          @response = Cie::XMLSecurity::SignedDocument.new(decode( opt[:response] ))
          # Check to see if we have a root tag using the "protocol" namespace.
          # If not, it means this is deflated text and we need to raise to 
          # the rescue below
raise if @response.nil?
raise if @response.root.nil?
raise if @response.root.namespace != PROTOCOL
          document
        rescue
          @response = Cie::XMLSecurity::SignedDocument.new( inflate(decode( opt[:response] ) ) )
        end
      end
      # We plan to create() a new LogoutResponse
      if opt[:settings]
        @settings = opt[:settings]
      end
end

Instance Method Details

#create(options) ⇒ Object

Create a LogoutResponse to to the IdP’s LogoutRequest

(For IdP initiated SLO)



39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
 
# File 'lib/cie/ruby-saml/logout_response.rb', line 39

def create( options )
  opt = { :transaction_id => nil, 
    :in_response_to => nil,
    :status => "urn:oasis:names:tc:SAML:2.0:status:Success", 
    :extra_parameters => nil }.merge(options)
  return nil if opt[:transaction_id].nil?
  @response = REXML::Document.new
  @response.context[:attribute_quote] = :quote
  uuid = "_" + UUID.new.generate
  time = Time.now.utc.strftime("%Y-%m-%dT%H:%M:%SZ")
  root = @response.add_element "saml2p:LogoutResponse", { "xmlns:saml2p" => PROTOCOL }
  root.attributes['ID'] = uuid
  root.attributes['IssueInstant'] = time
  root.attributes['Version'] = "2.0"
  # Just convenient naming to accept both names as InResponseTo
  if opt[:transaction_id] 
    root.attributes['InResponseTo'] = opt[:transaction_id]
  elsif opt[:in_response_to]
    root.attributes['InResponseTo'] = opt[:in_response_to]
  end
  if opt[:status]
    status = root.add_element "saml2p:Status"
    status_code = status.add_element "saml2p:StatusCode", {
        "Value" => opt[:status]
    }
  end
  if @settings && @settings.issuer
    issuer = root.add_element "saml:Issuer", {
      "xmlns:saml" => "urn:oasis:names:tc:SAML:2.0:assertion"
    }
    issuer.text = @settings.issuer
  end
  meta = Metadata.new( @settings )
  Logging.debug "Created LogoutResponse:\n#{@response}"
  return meta.create_slo_response( to_s, opt[:extra_parameters] )
  
  #root.attributes['Destination'] = action
  
end

#in_response_toObject 



95
96
97
98
99
100
 
# File 'lib/cie/ruby-saml/logout_response.rb', line 95

def in_response_to
      element = REXML::XPath.first(@response, "/p:LogoutResponse", {
"p" => PROTOCOL })
      return nil if element.nil?
  element.attributes["InResponseTo"]
end

#is_valid?Boolean

Returns:

  • (Boolean) 


109
110
111
 
# File 'lib/cie/ruby-saml/logout_response.rb', line 109

def is_valid?
  validate(soft = true)
end

#issuerObject 



88
89
90
91
92
93
 
# File 'lib/cie/ruby-saml/logout_response.rb', line 88

def issuer
      element = REXML::XPath.first(@response, "/p:LogoutResponse/a:Issuer", { 
"p" => PROTOCOL, "a" => ASSERTION} )
      return nil if element.nil?
      element.text
end

#success?Boolean

Returns:

  • (Boolean) 


102
103
104
105
106
107
108
 
# File 'lib/cie/ruby-saml/logout_response.rb', line 102

def success?
      element = REXML::XPath.first(@response, "/p:LogoutResponse/p:Status/p:StatusCode", {
          "p" => PROTOCOL })
      return false if element.nil?
  element.attributes["Value"] == "urn:oasis:names:tc:SAML:2.0:status:Success"
  
end

#to_sObject 



84
85
86
 
# File 'lib/cie/ruby-saml/logout_response.rb', line 84

def to_s
  @response.to_s
end

#to_xmlObject

function to return the created request as an XML document



79
80
81
82
83
 
# File 'lib/cie/ruby-saml/logout_response.rb', line 79

def to_xml
  text = ""
  @response.write(text, 1)
  return text
end

#validate(soft = true) ⇒ Object 



116
117
118
119
120
121
122
123
124
 
# File 'lib/cie/ruby-saml/logout_response.rb', line 116

def validate( soft = true )
  return false if @response.nil?
  # Skip validation with a failed response if we don't have settings
  return false if @settings.nil?
  return false if @response.validate(@settings, soft) == false
  
  return true
  
end

#validate!Object 



113
114
115
 
# File 'lib/cie/ruby-saml/logout_response.rb', line 113

def validate!
  validate( soft = false )
end