Class: OmniAuth::Strategies::Latvija::Response

Inherits:

Object

• Object
• OmniAuth::Strategies::Latvija::Response

Defined in:

lib/omniauth/strategies/latvija/response.rb

Constant Summary

ASSERTION =

'urn:oasis:names:tc:SAML:1.0:assertion'.freeze

Instance Attribute Summary

• #options ⇒ Object

  Returns the value of attribute options.

• #response ⇒ Object

  Returns the value of attribute response.

Instance Method Summary

• #attributes ⇒ Object

  A hash of all the attributes with the response.

• #authentication_method ⇒ Object
• #initialize(response, **options) ⇒ Response constructor

  A new instance of Response.

• #name_identifier ⇒ Object
• #validate! ⇒ Object
• #xml ⇒ Object

Constructor Details

#initialize(response, **options) ⇒ Response

Returns a new instance of Response.

Raises:

• (ArgumentError)

# File 'lib/omniauth/strategies/latvija/response.rb', line 8

def initialize(response, **options)
  raise ArgumentError, 'Response cannot be nil' if response.nil?
  @options  = options
  @response = response
  @document = OmniAuth::Strategies::Latvija::SignedDocument.new(response, private_key: options[:private_key])
end

Instance Attribute Details

#options ⇒ Object

Returns the value of attribute options.

# File 'lib/omniauth/strategies/latvija/response.rb', line 6

def options
  @options
end

#response ⇒ Object

Returns the value of attribute response.

# File 'lib/omniauth/strategies/latvija/response.rb', line 6

def response
  @response
end

Instance Method Details

#attributes ⇒ Object

A hash of all the attributes with the response. Assuming there is only one value for each key

# File 'lib/omniauth/strategies/latvija/response.rb', line 37

def attributes
  @attributes ||= begin
    attrs = {
      'not_valid_before' => not_valid_before,
      'not_valid_on_or_after' => not_valid_on_or_after,
      'historical_privatepersonalidentifier' => []
    }

    stmt_elements = xml.xpath('//saml:Attribute', saml: ASSERTION)

    return attrs if stmt_elements.nil?

    identifiers = stmt_elements.xpath("//saml:Attribute[@AttributeName='privatepersonalidentifier']", saml: ASSERTION)

    stmt_elements.each_with_object(attrs) do |element, result|
      name = element.attribute('AttributeName').value
      value = element.text

      case name
      when 'privatepersonalidentifier' # person can change their identifier, service will return all the versions
        if identifiers.length == 1 || element.attribute('OriginalIssuer') # this is the primary identifier, as returned by third party auth service
          result[name] = value
        else
          result['historical_privatepersonalidentifier'] << value
        end
      else
        result[name] = value
      end
    end
  end
end

#authentication_method ⇒ Object

# File 'lib/omniauth/strategies/latvija/response.rb', line 23

def authentication_method
  @authentication_method ||= begin
    xml.xpath('//saml:AuthenticationStatement', saml: ASSERTION).attribute('AuthenticationMethod')
  end
end

#name_identifier ⇒ Object

# File 'lib/omniauth/strategies/latvija/response.rb', line 29

def name_identifier
  @name_identifier ||= begin
    xml.xpath('//saml:AuthenticationStatement/saml:Subject/saml:NameIdentifier', saml: ASSERTION).text()
  end
end

#validate! ⇒ Object

# File 'lib/omniauth/strategies/latvija/response.rb', line 15

def validate!
  @document.validate!(fingerprint) && validate_conditions!
end

#xml ⇒ Object

# File 'lib/omniauth/strategies/latvija/response.rb', line 19

def xml
  @document.nokogiri_xml
end