Class: OneLogin::KlRubySaml::Logoutresponse

Inherits:
SamlMessage
  • Object
show all
Defined in:
lib/onelogin/kl-ruby-saml/logoutresponse.rb

Overview

SAML2 Logout Response (SLO IdP initiated, Parser)

Constant Summary

Constants inherited from SamlMessage

SamlMessage::ASSERTION, SamlMessage::BASE64_FORMAT, SamlMessage::PROTOCOL

Instance Attribute Summary collapse

Instance Method Summary collapse

Methods inherited from SamlMessage

#id, schema, #valid_saml?, #validation_error, #version

Constructor Details

#initialize(response, settings = nil, options = {}) ⇒ Logoutresponse

Constructs the Logout Response. A Logout Response Object that is an extension of the SamlMessage class.

Parameters:

  • response (String)

    A UUEncoded logout response from the IdP.

  • settings (OneLogin::KlRubySaml::Settings|nil) (defaults to: nil)

    Toolkit settings

  • options (Hash) (defaults to: {})

    Extra parameters. :matches_request_id It will validate that the logout response matches the ID of the request. :get_params GET Parameters, including the SAMLResponse

Raises:

  • (ArgumentError)

    if response is nil



34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
# File 'lib/onelogin/kl-ruby-saml/logoutresponse.rb', line 34

def initialize(response, settings = nil, options = {})
  @errors = []
  raise ArgumentError.new("Logoutresponse cannot be nil") if response.nil?
  @settings = settings

  if settings.nil? || settings.soft.nil?
    @soft = true
  else
    @soft = settings.soft
  end

  @options = options
  @response = decode_raw_saml(response)
  @document = XMLSecurity::SignedDocument.new(@response)
end

Instance Attribute Details

#documentObject (readonly)

Returns the value of attribute document.



20
21
22
# File 'lib/onelogin/kl-ruby-saml/logoutresponse.rb', line 20

def document
  @document
end

#errorsObject

Array with the causes



18
19
20
# File 'lib/onelogin/kl-ruby-saml/logoutresponse.rb', line 18

def errors
  @errors
end

#optionsObject (readonly)

Returns the value of attribute options.



22
23
24
# File 'lib/onelogin/kl-ruby-saml/logoutresponse.rb', line 22

def options
  @options
end

#responseObject (readonly)

Returns the value of attribute response.



21
22
23
# File 'lib/onelogin/kl-ruby-saml/logoutresponse.rb', line 21

def response
  @response
end

#settingsObject

OneLogin::KlRubySaml::Settings Toolkit settings



15
16
17
# File 'lib/onelogin/kl-ruby-saml/logoutresponse.rb', line 15

def settings
  @settings
end

#softObject

Returns the value of attribute soft.



24
25
26
# File 'lib/onelogin/kl-ruby-saml/logoutresponse.rb', line 24

def soft
  @soft
end

Instance Method Details

#append_error(error_msg) ⇒ Object

Append the cause to the errors array, and based on the value of soft, return false or raise an exception



52
53
54
55
# File 'lib/onelogin/kl-ruby-saml/logoutresponse.rb', line 52

def append_error(error_msg)
  @errors << error_msg
  return soft ? false : validation_error(error_msg)
end

#in_response_toString|nil

Returns Gets the InResponseTo attribute from the Logout Response if exists.

Returns:

  • (String|nil)

    Gets the InResponseTo attribute from the Logout Response if exists.



75
76
77
78
79
80
81
82
83
84
# File 'lib/onelogin/kl-ruby-saml/logoutresponse.rb', line 75

def in_response_to
  @in_response_to ||= begin
    node = REXML::XPath.first(
      document,
      "/p:LogoutResponse",
      { "p" => PROTOCOL, "a" => ASSERTION }
    )
    node.nil? ? nil : node.attributes['InResponseTo']
  end
end

#issuerString

Returns Gets the Issuer from the Logout Response.

Returns:

  • (String)

    Gets the Issuer from the Logout Response.



88
89
90
91
92
93
94
95
96
97
# File 'lib/onelogin/kl-ruby-saml/logoutresponse.rb', line 88

def issuer
  @issuer ||= begin
    node = REXML::XPath.first(
      document,
      "/p:LogoutResponse/a:Issuer",
      { "p" => PROTOCOL, "a" => ASSERTION }
    )
    node.nil? ? nil : node.text
  end
end

#reset_errors!Object

Reset the errors array



58
59
60
# File 'lib/onelogin/kl-ruby-saml/logoutresponse.rb', line 58

def reset_errors!
  @errors = []
end

#status_codeString

Returns Gets the StatusCode from a Logout Response.

Returns:

  • (String)

    Gets the StatusCode from a Logout Response.



101
102
103
104
105
106
# File 'lib/onelogin/kl-ruby-saml/logoutresponse.rb', line 101

def status_code
  @status_code ||= begin
    node = REXML::XPath.first(document, "/p:LogoutResponse/p:Status/p:StatusCode", { "p" => PROTOCOL, "a" => ASSERTION })
    node.nil? ? nil : node.attributes["Value"]
  end
end

#status_messageObject



108
109
110
111
112
113
114
115
116
117
# File 'lib/onelogin/kl-ruby-saml/logoutresponse.rb', line 108

def status_message
  @status_message ||= begin
    node = REXML::XPath.first(
      document,
      "/p:LogoutResponse/p:Status/p:StatusMessage",
      { "p" => PROTOCOL, "a" => ASSERTION }
    )
    node.text if node
  end
end

#success?Boolean

Checks if the Status has the “Success” code

Returns:

  • (Boolean)

    True if the StatusCode is Sucess

Raises:



66
67
68
69
70
71
# File 'lib/onelogin/kl-ruby-saml/logoutresponse.rb', line 66

def success?
  unless status_code == "urn:oasis:names:tc:SAML:2.0:status:Success"
    return append_error("Bad status code. Expected <urn:oasis:names:tc:SAML:2.0:status:Success>, but was: <#@status_code>")
  end
  true
end

#validateBoolean

Aux function to validate the Logout Response

Returns:

  • (Boolean)

    TRUE if the SAML Response is valid

Raises:



123
124
125
126
127
128
129
130
131
132
# File 'lib/onelogin/kl-ruby-saml/logoutresponse.rb', line 123

def validate
  reset_errors!

  valid_state? &&
  validate_success_status &&
  validate_structure &&
  valid_in_response_to? &&
  valid_issuer? &&
  validate_signature
end