Class: RSAML::Conditions

Inherits:
Object
  • Object
show all
Defined in:
lib/rsaml/conditions.rb

Overview

Constraints on the acceptable use of SAML assertions.

Instance Attribute Summary collapse

Instance Method Summary collapse

Instance Attribute Details

#not_beforeObject

Specifies the earliest time instant at which the assertion is valid. The time value is encoded in UTC.



5
6
7
 
# File 'lib/rsaml/conditions.rb', line 5

def not_before
  @not_before
end

#not_on_or_afterObject

Specifies the time instant at which the assertion has expired. The time value is encoded in UTC.



8
9
10
 
# File 'lib/rsaml/conditions.rb', line 8

def not_on_or_after
  @not_on_or_after
end

#one_time_useObject

Specifies that the assertion SHOULD be used immediately and MUST NOT be retained for future use.



12
13
14
 
# File 'lib/rsaml/conditions.rb', line 12

def one_time_use
  @one_time_use
end

#proxy_restrictionObject

Specifies limitations that the asserting party imposes on relying parties that wish to subsequently act as asserting parties themselves and issue assertions of their own on the basis of the information contained in the original assertion.



17
18
19
 
# File 'lib/rsaml/conditions.rb', line 17

def proxy_restriction
  @proxy_restriction
end

Instance Method Details

#<<(condition) ⇒ Object

Append a condition to the conditions



30
31
32
 
# File 'lib/rsaml/conditions.rb', line 30

def <<(condition)
  conditions << condition
end

#[]Object

Alias to access the embedded conditions array.



25
26
27
 
# File 'lib/rsaml/conditions.rb', line 25

def []
  conditions
end

#assertObject

Assert the conditions



53
54
55
56
 
# File 'lib/rsaml/conditions.rb', line 53

def assert
  assert_time_limits
  assert_elements
end

#audience_restrictionsObject

Specifies that the assertion is addressed to a particular audience. Audiences are represented as A URI reference that identifies an intended audience. A URI may reference a document that describes the terms of service for audience membership.



48
49
50
 
# File 'lib/rsaml/conditions.rb', line 48

def audience_restrictions
  @audience_restrictions ||= []
end

#cache?Boolean

Return true if the condition allows caching of the assertion

Returns:

  • (Boolean) 


66
67
68
 
# File 'lib/rsaml/conditions.rb', line 66

def cache?
  one_time_use.nil?
end

#conditionsObject

The conditions



20
21
22
 
# File 'lib/rsaml/conditions.rb', line 20

def conditions
  @conditions ||= []
end

#empty?Boolean

Return true if the conditions collection is empty

Returns:

  • (Boolean) 


40
41
42
 
# File 'lib/rsaml/conditions.rb', line 40

def empty?
  conditions.length == 0 && audience_restrictions.empty?
end

#lengthObject

The number of conditions



35
36
37
 
# File 'lib/rsaml/conditions.rb', line 35

def length
  conditions.length
end

#to_xml(xml = Builder::XmlMarkup.new) ⇒ Object

Construct an XML fragment representing the conditions collection



71
72
73
74
75
76
77
78
79
80
81
82
83
 
# File 'lib/rsaml/conditions.rb', line 71

def to_xml(xml=Builder::XmlMarkup.new)
  attributes = {}
  attributes['NotBefore'] = not_before.xmlschema unless not_before.nil?
  attributes['NotOnOrAfter'] = not_on_or_after.xmlschema unless not_on_or_after.nil?
  xml.tag!('saml:Conditions', attributes) {
    conditions.each { |condition| xml << condition.to_xml }
    audience_restrictions.each do |audience|
      xml.tag!('saml:AudienceRestriction') { xml << audience.to_xml }
    end
    xml.tag!('OneTimeUse') if one_time_use
    xml << proxy_restriction.to_xml unless proxy_restriction.nil?
  }
end

#validateObject

Validate the structure of the conditions model



59
60
61
62
63
 
# File 'lib/rsaml/conditions.rb', line 59

def validate
  if not_before && not_on_or_after && not_before >= not_on_or_after
    raise ValidationError, "NotBefore after NotOnOrAfter"
  end
end