Class: OneLogin::RubySaml::Settings
- Inherits:
-
Object
- Object
- OneLogin::RubySaml::Settings
- Defined in:
- lib/onelogin/ruby-saml/settings.rb
Overview
SAML2 Toolkit Settings
Instance Attribute Summary collapse
-
#assertion_consumer_logout_service_binding ⇒ Object
Returns the value of attribute assertion_consumer_logout_service_binding.
-
#assertion_consumer_logout_service_url ⇒ Object
Compability.
-
#assertion_consumer_service_binding ⇒ Object
Returns the value of attribute assertion_consumer_service_binding.
-
#assertion_consumer_service_url ⇒ Object
SP Data.
-
#attribute_consuming_service ⇒ Object
readonly
Returns the value of attribute attribute_consuming_service.
-
#attributes_index ⇒ Object
Returns the value of attribute attributes_index.
-
#authn_context ⇒ Object
Returns the value of attribute authn_context.
-
#authn_context_comparison ⇒ Object
Returns the value of attribute authn_context_comparison.
-
#authn_context_decl_ref ⇒ Object
Returns the value of attribute authn_context_decl_ref.
-
#certificate ⇒ Object
Returns the value of attribute certificate.
-
#certificate_new ⇒ Object
Returns the value of attribute certificate_new.
-
#compress_request ⇒ Object
Returns the value of attribute compress_request.
-
#compress_response ⇒ Object
Returns the value of attribute compress_response.
-
#double_quote_xml_attribute_values ⇒ Object
Returns the value of attribute double_quote_xml_attribute_values.
-
#force_authn ⇒ Object
Returns the value of attribute force_authn.
-
#idp_attribute_names ⇒ Object
Returns the value of attribute idp_attribute_names.
-
#idp_cert ⇒ Object
Returns the value of attribute idp_cert.
-
#idp_cert_fingerprint ⇒ Object
Returns the value of attribute idp_cert_fingerprint.
-
#idp_cert_fingerprint_algorithm ⇒ Object
Returns the value of attribute idp_cert_fingerprint_algorithm.
-
#idp_cert_multi ⇒ Object
Returns the value of attribute idp_cert_multi.
-
#idp_entity_id ⇒ Object
IdP Data.
-
#idp_name_qualifier ⇒ Object
Returns the value of attribute idp_name_qualifier.
-
#idp_slo_response_service_url ⇒ Object
Returns the value of attribute idp_slo_response_service_url.
-
#idp_slo_service_url ⇒ String
IdP Single Logout Service URL.
-
#idp_slo_target_url ⇒ Object
Returns the value of attribute idp_slo_target_url.
-
#idp_sso_service_url ⇒ String
IdP Single Sign On Service URL.
-
#idp_sso_target_url ⇒ Object
Returns the value of attribute idp_sso_target_url.
-
#issuer ⇒ Object
Returns the value of attribute issuer.
-
#name_identifier_format ⇒ Object
Returns the value of attribute name_identifier_format.
-
#name_identifier_value ⇒ Object
Returns the value of attribute name_identifier_value.
-
#name_identifier_value_requested ⇒ Object
Returns the value of attribute name_identifier_value_requested.
-
#passive ⇒ Object
Returns the value of attribute passive.
-
#private_key ⇒ Object
Returns the value of attribute private_key.
-
#protocol_binding ⇒ Object
Returns the value of attribute protocol_binding.
-
#security ⇒ Object
Work-flow.
-
#sessionindex ⇒ Object
Returns the value of attribute sessionindex.
-
#soft ⇒ Object
Returns the value of attribute soft.
-
#sp_name_qualifier ⇒ Object
Returns the value of attribute sp_name_qualifier.
-
#valid_until ⇒ Object
Returns the value of attribute valid_until.
Instance Method Summary collapse
-
#get_fingerprint ⇒ String
Calculates the fingerprint of the IdP x509 certificate.
-
#get_idp_cert ⇒ OpenSSL::X509::Certificate|nil
Build the IdP certificate from the settings (previously format it).
-
#get_idp_cert_multi ⇒ Hash with 2 arrays of OpenSSL::X509::Certificate
Build multiple IdP certificates from the settings.
-
#get_sp_cert ⇒ OpenSSL::X509::Certificate|nil
Build the SP certificate from the settings (previously format it).
-
#get_sp_cert_new ⇒ OpenSSL::X509::Certificate|nil
Build the New SP certificate from the settings (previously format it).
-
#get_sp_key ⇒ OpenSSL::PKey::RSA
Build the SP private from the settings (previously format it).
-
#initialize(overrides = {}, keep_security_attributes = false) ⇒ Settings
constructor
A new instance of Settings.
-
#single_logout_service_binding ⇒ String
Single Logout Service Binding.
-
#single_logout_service_binding=(url) ⇒ Object
Setter for Single Logout Service Binding.
-
#single_logout_service_url ⇒ String
Single Logout Service URL.
-
#single_logout_service_url=(url) ⇒ Object
Setter for the Single Logout Service URL.
-
#sp_entity_id ⇒ String
SP Entity ID.
-
#sp_entity_id=(val) ⇒ Object
Setter for SP Entity ID.
Constructor Details
#initialize(overrides = {}, keep_security_attributes = false) ⇒ Settings
Returns a new instance of Settings.
13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 13 def initialize(overrides = {}, keep_security_attributes = false) if keep_security_attributes security_attributes = overrides.delete(:security) || {} config = DEFAULTS.merge(overrides) config[:security] = DEFAULTS[:security].merge(security_attributes) else config = DEFAULTS.merge(overrides) end config.each do |k,v| acc = "#{k.to_s}=".to_sym if respond_to? acc value = v.is_a?(Hash) ? v.dup : v send(acc, value) end end @attribute_consuming_service = AttributeService.new end |
Instance Attribute Details
#assertion_consumer_logout_service_binding ⇒ Object
Returns the value of attribute assertion_consumer_logout_service_binding.
72 73 74 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 72 def assertion_consumer_logout_service_binding @assertion_consumer_logout_service_binding end |
#assertion_consumer_logout_service_url ⇒ Object
Compability
71 72 73 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 71 def assertion_consumer_logout_service_url @assertion_consumer_logout_service_url end |
#assertion_consumer_service_binding ⇒ Object
Returns the value of attribute assertion_consumer_service_binding.
47 48 49 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 47 def assertion_consumer_service_binding @assertion_consumer_service_binding end |
#assertion_consumer_service_url ⇒ Object
SP Data
46 47 48 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 46 def assertion_consumer_service_url @assertion_consumer_service_url end |
#attribute_consuming_service ⇒ Object (readonly)
Returns the value of attribute attribute_consuming_service.
66 67 68 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 66 def attribute_consuming_service @attribute_consuming_service end |
#attributes_index ⇒ Object
Returns the value of attribute attributes_index.
58 59 60 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 58 def attributes_index @attributes_index end |
#authn_context ⇒ Object
Returns the value of attribute authn_context.
63 64 65 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 63 def authn_context @authn_context end |
#authn_context_comparison ⇒ Object
Returns the value of attribute authn_context_comparison.
64 65 66 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 64 def authn_context_comparison @authn_context_comparison end |
#authn_context_decl_ref ⇒ Object
Returns the value of attribute authn_context_decl_ref.
65 66 67 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 65 def authn_context_decl_ref @authn_context_decl_ref end |
#certificate ⇒ Object
Returns the value of attribute certificate.
60 61 62 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 60 def certificate @certificate end |
#certificate_new ⇒ Object
Returns the value of attribute certificate_new.
61 62 63 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 61 def certificate_new @certificate_new end |
#compress_request ⇒ Object
Returns the value of attribute compress_request.
53 54 55 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 53 def compress_request @compress_request end |
#compress_response ⇒ Object
Returns the value of attribute compress_response.
54 55 56 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 54 def compress_response @compress_response end |
#double_quote_xml_attribute_values ⇒ Object
Returns the value of attribute double_quote_xml_attribute_values.
55 56 57 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 55 def double_quote_xml_attribute_values @double_quote_xml_attribute_values end |
#force_authn ⇒ Object
Returns the value of attribute force_authn.
59 60 61 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 59 def force_authn @force_authn end |
#idp_attribute_names ⇒ Object
Returns the value of attribute idp_attribute_names.
42 43 44 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 42 def idp_attribute_names @idp_attribute_names end |
#idp_cert ⇒ Object
Returns the value of attribute idp_cert.
38 39 40 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 38 def idp_cert @idp_cert end |
#idp_cert_fingerprint ⇒ Object
Returns the value of attribute idp_cert_fingerprint.
39 40 41 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 39 def idp_cert_fingerprint @idp_cert_fingerprint end |
#idp_cert_fingerprint_algorithm ⇒ Object
Returns the value of attribute idp_cert_fingerprint_algorithm.
40 41 42 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 40 def idp_cert_fingerprint_algorithm @idp_cert_fingerprint_algorithm end |
#idp_cert_multi ⇒ Object
Returns the value of attribute idp_cert_multi.
41 42 43 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 41 def idp_cert_multi @idp_cert_multi end |
#idp_entity_id ⇒ Object
IdP Data
33 34 35 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 33 def idp_entity_id @idp_entity_id end |
#idp_name_qualifier ⇒ Object
Returns the value of attribute idp_name_qualifier.
43 44 45 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 43 def idp_name_qualifier @idp_name_qualifier end |
#idp_slo_response_service_url ⇒ Object
Returns the value of attribute idp_slo_response_service_url.
37 38 39 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 37 def idp_slo_response_service_url @idp_slo_response_service_url end |
#idp_slo_service_url ⇒ String
Returns IdP Single Logout Service URL.
93 94 95 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 93 def idp_slo_service_url @idp_slo_service_url end |
#idp_slo_target_url ⇒ Object
Returns the value of attribute idp_slo_target_url.
75 76 77 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 75 def idp_slo_target_url @idp_slo_target_url end |
#idp_sso_service_url ⇒ String
Returns IdP Single Sign On Service URL.
79 80 81 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 79 def idp_sso_service_url @idp_sso_service_url end |
#idp_sso_target_url ⇒ Object
Returns the value of attribute idp_sso_target_url.
74 75 76 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 74 def idp_sso_target_url @idp_sso_target_url end |
#issuer ⇒ Object
Returns the value of attribute issuer.
73 74 75 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 73 def issuer @issuer end |
#name_identifier_format ⇒ Object
Returns the value of attribute name_identifier_format.
49 50 51 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 49 def name_identifier_format @name_identifier_format end |
#name_identifier_value ⇒ Object
Returns the value of attribute name_identifier_value.
50 51 52 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 50 def name_identifier_value @name_identifier_value end |
#name_identifier_value_requested ⇒ Object
Returns the value of attribute name_identifier_value_requested.
51 52 53 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 51 def name_identifier_value_requested @name_identifier_value_requested end |
#passive ⇒ Object
Returns the value of attribute passive.
56 57 58 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 56 def passive @passive end |
#private_key ⇒ Object
Returns the value of attribute private_key.
62 63 64 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 62 def private_key @private_key end |
#protocol_binding ⇒ Object
Returns the value of attribute protocol_binding.
57 58 59 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 57 def protocol_binding @protocol_binding end |
#security ⇒ Object
Work-flow
68 69 70 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 68 def security @security end |
#sessionindex ⇒ Object
Returns the value of attribute sessionindex.
52 53 54 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 52 def sessionindex @sessionindex end |
#soft ⇒ Object
Returns the value of attribute soft.
69 70 71 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 69 def soft @soft end |
#sp_name_qualifier ⇒ Object
Returns the value of attribute sp_name_qualifier.
48 49 50 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 48 def sp_name_qualifier @sp_name_qualifier end |
#valid_until ⇒ Object
Returns the value of attribute valid_until.
44 45 46 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 44 def valid_until @valid_until end |
Instance Method Details
#get_fingerprint ⇒ String
Calculates the fingerprint of the IdP x509 certificate.
173 174 175 176 177 178 179 180 181 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 173 def get_fingerprint idp_cert_fingerprint || begin idp_cert = get_idp_cert if idp_cert fingerprint_alg = XMLSecurity::BaseDocument.new.algorithm(idp_cert_fingerprint_algorithm).new fingerprint_alg.hexdigest(idp_cert.to_der).upcase.scan(/../).join(":") end end end |
#get_idp_cert ⇒ OpenSSL::X509::Certificate|nil
Returns Build the IdP certificate from the settings (previously format it).
185 186 187 188 189 190 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 185 def get_idp_cert return nil if idp_cert.nil? || idp_cert.empty? formatted_cert = OneLogin::RubySaml::Utils.format_cert(idp_cert) OpenSSL::X509::Certificate.new(formatted_cert) end |
#get_idp_cert_multi ⇒ Hash with 2 arrays of OpenSSL::X509::Certificate
Returns Build multiple IdP certificates from the settings.
194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 194 def get_idp_cert_multi return nil if idp_cert_multi.nil? || idp_cert_multi.empty? raise ArgumentError.new("Invalid value for idp_cert_multi") if not idp_cert_multi.is_a?(Hash) certs = {:signing => [], :encryption => [] } if idp_cert_multi.key?(:signing) and not idp_cert_multi[:signing].empty? idp_cert_multi[:signing].each do |idp_cert| formatted_cert = OneLogin::RubySaml::Utils.format_cert(idp_cert) certs[:signing].push(OpenSSL::X509::Certificate.new(formatted_cert)) end end if idp_cert_multi.key?(:encryption) and not idp_cert_multi[:encryption].empty? idp_cert_multi[:encryption].each do |idp_cert| formatted_cert = OneLogin::RubySaml::Utils.format_cert(idp_cert) certs[:encryption].push(OpenSSL::X509::Certificate.new(formatted_cert)) end end certs end |
#get_sp_cert ⇒ OpenSSL::X509::Certificate|nil
Returns Build the SP certificate from the settings (previously format it).
220 221 222 223 224 225 226 227 228 229 230 231 232 233 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 220 def get_sp_cert return nil if certificate.nil? || certificate.empty? formatted_cert = OneLogin::RubySaml::Utils.format_cert(certificate) cert = OpenSSL::X509::Certificate.new(formatted_cert) if security[:check_sp_cert_expiration] if OneLogin::RubySaml::Utils.is_cert_expired(cert) raise OneLogin::RubySaml::ValidationError.new("The SP certificate expired.") end end cert end |
#get_sp_cert_new ⇒ OpenSSL::X509::Certificate|nil
Returns Build the New SP certificate from the settings (previously format it).
237 238 239 240 241 242 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 237 def get_sp_cert_new return nil if certificate_new.nil? || certificate_new.empty? formatted_cert = OneLogin::RubySaml::Utils.format_cert(certificate_new) OpenSSL::X509::Certificate.new(formatted_cert) end |
#get_sp_key ⇒ OpenSSL::PKey::RSA
Returns Build the SP private from the settings (previously format it).
246 247 248 249 250 251 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 246 def get_sp_key return nil if private_key.nil? || private_key.empty? formatted_private_key = OneLogin::RubySaml::Utils.format_private_key(private_key) OpenSSL::PKey::RSA.new(formatted_private_key) end |
#single_logout_service_binding ⇒ String
Returns Single Logout Service Binding.
149 150 151 152 153 154 155 156 157 158 159 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 149 def single_logout_service_binding val = nil if @single_logout_service_binding.nil? if @assertion_consumer_logout_service_binding val = @assertion_consumer_logout_service_binding end else val = @single_logout_service_binding end val end |
#single_logout_service_binding=(url) ⇒ Object
Setter for Single Logout Service Binding.
(Currently we only support “urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect”)
166 167 168 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 166 def single_logout_service_binding=(url) @single_logout_service_binding = url end |
#single_logout_service_url ⇒ String
Returns Single Logout Service URL.
128 129 130 131 132 133 134 135 136 137 138 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 128 def single_logout_service_url val = nil if @single_logout_service_url.nil? if @assertion_consumer_logout_service_url val = @assertion_consumer_logout_service_url end else val = @single_logout_service_url end val end |
#single_logout_service_url=(url) ⇒ Object
Setter for the Single Logout Service URL.
143 144 145 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 143 def single_logout_service_url=(url) @single_logout_service_url = url end |
#sp_entity_id ⇒ String
Returns SP Entity ID.
107 108 109 110 111 112 113 114 115 116 117 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 107 def sp_entity_id val = nil if @sp_entity_id.nil? if @issuer val = @issuer end else val = @sp_entity_id end val end |
#sp_entity_id=(val) ⇒ Object
Setter for SP Entity ID.
122 123 124 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 122 def sp_entity_id=(val) @sp_entity_id = val end |