Class: OneLogin::RubySaml::Settings
- Inherits:
-
Object
- Object
- OneLogin::RubySaml::Settings
- Defined in:
- lib/onelogin/ruby-saml/settings.rb
Overview
SAML2 Toolkit Settings
Instance Attribute Summary collapse
-
#assertion_consumer_logout_service_binding ⇒ Object
Returns the value of attribute assertion_consumer_logout_service_binding.
-
#assertion_consumer_logout_service_url ⇒ Object
Deprecated.
-
#assertion_consumer_service_binding ⇒ Object
Returns the value of attribute assertion_consumer_service_binding.
-
#assertion_consumer_service_url ⇒ Object
Returns the value of attribute assertion_consumer_service_url.
-
#attribute_consuming_service ⇒ Object
readonly
Returns the value of attribute attribute_consuming_service.
-
#attributes_index ⇒ Object
Returns the value of attribute attributes_index.
-
#authn_context ⇒ Object
Returns the value of attribute authn_context.
-
#authn_context_comparison ⇒ Object
Returns the value of attribute authn_context_comparison.
-
#authn_context_decl_ref ⇒ Object
Returns the value of attribute authn_context_decl_ref.
-
#certificate ⇒ Object
Returns the value of attribute certificate.
-
#certificate_new ⇒ Object
Returns the value of attribute certificate_new.
-
#compress_request ⇒ Object
Returns the value of attribute compress_request.
-
#compress_response ⇒ Object
Returns the value of attribute compress_response.
-
#double_quote_xml_attribute_values ⇒ Object
Returns the value of attribute double_quote_xml_attribute_values.
-
#force_authn ⇒ Object
Returns the value of attribute force_authn.
-
#idp_attribute_names ⇒ Object
Returns the value of attribute idp_attribute_names.
-
#idp_cert ⇒ Object
Returns the value of attribute idp_cert.
-
#idp_cert_fingerprint ⇒ Object
Returns the value of attribute idp_cert_fingerprint.
-
#idp_cert_fingerprint_algorithm ⇒ Object
Returns the value of attribute idp_cert_fingerprint_algorithm.
-
#idp_cert_multi ⇒ Object
Returns the value of attribute idp_cert_multi.
-
#idp_entity_id ⇒ Object
IdP Data.
-
#idp_name_qualifier ⇒ Object
Returns the value of attribute idp_name_qualifier.
-
#idp_slo_response_service_url ⇒ Object
Returns the value of attribute idp_slo_response_service_url.
-
#idp_slo_service_url ⇒ String
IdP Single Logout Service URL.
-
#idp_slo_target_url ⇒ Object
Returns the value of attribute idp_slo_target_url.
-
#idp_sso_service_url ⇒ String
IdP Single Sign On Service URL.
-
#idp_sso_target_url ⇒ Object
Returns the value of attribute idp_sso_target_url.
-
#issuer ⇒ Object
Returns the value of attribute issuer.
-
#message_max_bytesize ⇒ Object
Returns the value of attribute message_max_bytesize.
-
#name_identifier_format ⇒ Object
Returns the value of attribute name_identifier_format.
-
#name_identifier_value ⇒ Object
Returns the value of attribute name_identifier_value.
-
#name_identifier_value_requested ⇒ Object
Returns the value of attribute name_identifier_value_requested.
-
#passive ⇒ Object
Returns the value of attribute passive.
-
#private_key ⇒ Object
Returns the value of attribute private_key.
-
#protocol_binding ⇒ Object
Returns the value of attribute protocol_binding.
-
#security ⇒ Object
Work-flow.
-
#sessionindex ⇒ Object
Returns the value of attribute sessionindex.
-
#single_logout_service_url ⇒ String
Single Logout Service URL.
-
#soft ⇒ Object
Returns the value of attribute soft.
-
#sp_entity_id ⇒ String
SP Entity ID.
-
#sp_name_qualifier ⇒ Object
Returns the value of attribute sp_name_qualifier.
-
#valid_until ⇒ Object
Returns the value of attribute valid_until.
Instance Method Summary collapse
-
#get_fingerprint ⇒ String
Calculates the fingerprint of the IdP x509 certificate.
-
#get_idp_cert ⇒ OpenSSL::X509::Certificate|nil
Build the IdP certificate from the settings (previously format it).
-
#get_idp_cert_multi ⇒ Hash with 2 arrays of OpenSSL::X509::Certificate
Build multiple IdP certificates from the settings.
-
#get_sp_cert ⇒ OpenSSL::X509::Certificate|nil
Build the SP certificate from the settings (previously format it).
-
#get_sp_cert_new ⇒ OpenSSL::X509::Certificate|nil
Build the New SP certificate from the settings (previously format it).
-
#get_sp_key ⇒ OpenSSL::PKey::RSA
Build the SP private from the settings (previously format it).
-
#idp_slo_service_binding ⇒ String
IdP Single Logout Service Binding.
-
#idp_slo_service_binding=(value) ⇒ Object
Setter for IdP Single Logout Service Binding.
-
#idp_sso_service_binding ⇒ String
IdP Single Sign On Service Binding.
-
#idp_sso_service_binding=(value) ⇒ Object
Setter for IdP Single Sign On Service Binding.
-
#initialize(overrides = {}, keep_security_attributes = false) ⇒ Settings
constructor
A new instance of Settings.
-
#single_logout_service_binding ⇒ String
Single Logout Service Binding.
-
#single_logout_service_binding=(value) ⇒ Object
Setter for Single Logout Service Binding.
Constructor Details
#initialize(overrides = {}, keep_security_attributes = false) ⇒ Settings
Returns a new instance of Settings.
13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 13 def initialize(overrides = {}, keep_security_attributes = false) if keep_security_attributes security_attributes = overrides.delete(:security) || {} config = DEFAULTS.merge(overrides) config[:security] = DEFAULTS[:security].merge(security_attributes) else config = DEFAULTS.merge(overrides) end config.each do |k,v| acc = "#{k.to_s}=".to_sym if respond_to? acc value = v.is_a?(Hash) ? v.dup : v send(acc, value) end end @attribute_consuming_service = AttributeService.new end |
Instance Attribute Details
#assertion_consumer_logout_service_binding ⇒ Object
Returns the value of attribute assertion_consumer_logout_service_binding.
74 75 76 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 74 def assertion_consumer_logout_service_binding @assertion_consumer_logout_service_binding end |
#assertion_consumer_logout_service_url ⇒ Object
Deprecated
73 74 75 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 73 def assertion_consumer_logout_service_url @assertion_consumer_logout_service_url end |
#assertion_consumer_service_binding ⇒ Object
Returns the value of attribute assertion_consumer_service_binding.
47 48 49 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 47 def assertion_consumer_service_binding @assertion_consumer_service_binding end |
#assertion_consumer_service_url ⇒ Object
Returns the value of attribute assertion_consumer_service_url.
46 47 48 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 46 def assertion_consumer_service_url @assertion_consumer_service_url end |
#attribute_consuming_service ⇒ Object (readonly)
Returns the value of attribute attribute_consuming_service.
68 69 70 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 68 def attribute_consuming_service @attribute_consuming_service end |
#attributes_index ⇒ Object
Returns the value of attribute attributes_index.
60 61 62 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 60 def attributes_index @attributes_index end |
#authn_context ⇒ Object
Returns the value of attribute authn_context.
65 66 67 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 65 def authn_context @authn_context end |
#authn_context_comparison ⇒ Object
Returns the value of attribute authn_context_comparison.
66 67 68 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 66 def authn_context_comparison @authn_context_comparison end |
#authn_context_decl_ref ⇒ Object
Returns the value of attribute authn_context_decl_ref.
67 68 69 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 67 def authn_context_decl_ref @authn_context_decl_ref end |
#certificate ⇒ Object
Returns the value of attribute certificate.
62 63 64 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 62 def certificate @certificate end |
#certificate_new ⇒ Object
Returns the value of attribute certificate_new.
63 64 65 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 63 def certificate_new @certificate_new end |
#compress_request ⇒ Object
Returns the value of attribute compress_request.
54 55 56 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 54 def compress_request @compress_request end |
#compress_response ⇒ Object
Returns the value of attribute compress_response.
55 56 57 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 55 def compress_response @compress_response end |
#double_quote_xml_attribute_values ⇒ Object
Returns the value of attribute double_quote_xml_attribute_values.
56 57 58 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 56 def double_quote_xml_attribute_values @double_quote_xml_attribute_values end |
#force_authn ⇒ Object
Returns the value of attribute force_authn.
61 62 63 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 61 def force_authn @force_authn end |
#idp_attribute_names ⇒ Object
Returns the value of attribute idp_attribute_names.
41 42 43 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 41 def idp_attribute_names @idp_attribute_names end |
#idp_cert ⇒ Object
Returns the value of attribute idp_cert.
37 38 39 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 37 def idp_cert @idp_cert end |
#idp_cert_fingerprint ⇒ Object
Returns the value of attribute idp_cert_fingerprint.
38 39 40 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 38 def idp_cert_fingerprint @idp_cert_fingerprint end |
#idp_cert_fingerprint_algorithm ⇒ Object
Returns the value of attribute idp_cert_fingerprint_algorithm.
39 40 41 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 39 def idp_cert_fingerprint_algorithm @idp_cert_fingerprint_algorithm end |
#idp_cert_multi ⇒ Object
Returns the value of attribute idp_cert_multi.
40 41 42 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 40 def idp_cert_multi @idp_cert_multi end |
#idp_entity_id ⇒ Object
IdP Data
33 34 35 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 33 def idp_entity_id @idp_entity_id end |
#idp_name_qualifier ⇒ Object
Returns the value of attribute idp_name_qualifier.
42 43 44 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 42 def idp_name_qualifier @idp_name_qualifier end |
#idp_slo_response_service_url ⇒ Object
Returns the value of attribute idp_slo_response_service_url.
36 37 38 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 36 def idp_slo_response_service_url @idp_slo_response_service_url end |
#idp_slo_service_url ⇒ String
Returns IdP Single Logout Service URL.
87 88 89 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 87 def idp_slo_service_url @idp_slo_service_url || @idp_slo_target_url end |
#idp_slo_target_url ⇒ Object
Returns the value of attribute idp_slo_target_url.
77 78 79 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 77 def idp_slo_target_url @idp_slo_target_url end |
#idp_sso_service_url ⇒ String
Returns IdP Single Sign On Service URL.
81 82 83 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 81 def idp_sso_service_url @idp_sso_service_url || @idp_sso_target_url end |
#idp_sso_target_url ⇒ Object
Returns the value of attribute idp_sso_target_url.
76 77 78 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 76 def idp_sso_target_url @idp_sso_target_url end |
#issuer ⇒ Object
Returns the value of attribute issuer.
75 76 77 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 75 def issuer @issuer end |
#message_max_bytesize ⇒ Object
Returns the value of attribute message_max_bytesize.
57 58 59 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 57 def @message_max_bytesize end |
#name_identifier_format ⇒ Object
Returns the value of attribute name_identifier_format.
50 51 52 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 50 def name_identifier_format @name_identifier_format end |
#name_identifier_value ⇒ Object
Returns the value of attribute name_identifier_value.
51 52 53 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 51 def name_identifier_value @name_identifier_value end |
#name_identifier_value_requested ⇒ Object
Returns the value of attribute name_identifier_value_requested.
52 53 54 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 52 def name_identifier_value_requested @name_identifier_value_requested end |
#passive ⇒ Object
Returns the value of attribute passive.
58 59 60 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 58 def passive @passive end |
#private_key ⇒ Object
Returns the value of attribute private_key.
64 65 66 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 64 def private_key @private_key end |
#protocol_binding ⇒ Object
Returns the value of attribute protocol_binding.
59 60 61 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 59 def protocol_binding @protocol_binding end |
#security ⇒ Object
Work-flow
70 71 72 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 70 def security @security end |
#sessionindex ⇒ Object
Returns the value of attribute sessionindex.
53 54 55 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 53 def sessionindex @sessionindex end |
#single_logout_service_url ⇒ String
Returns Single Logout Service URL.
139 140 141 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 139 def single_logout_service_url @single_logout_service_url || @assertion_consumer_logout_service_url end |
#soft ⇒ Object
Returns the value of attribute soft.
71 72 73 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 71 def soft @soft end |
#sp_entity_id ⇒ String
Returns SP Entity ID.
119 120 121 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 119 def sp_entity_id @sp_entity_id || @issuer end |
#sp_name_qualifier ⇒ Object
Returns the value of attribute sp_name_qualifier.
49 50 51 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 49 def sp_name_qualifier @sp_name_qualifier end |
#valid_until ⇒ Object
Returns the value of attribute valid_until.
43 44 45 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 43 def valid_until @valid_until end |
Instance Method Details
#get_fingerprint ⇒ String
Calculates the fingerprint of the IdP x509 certificate.
170 171 172 173 174 175 176 177 178 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 170 def get_fingerprint idp_cert_fingerprint || begin idp_cert = get_idp_cert if idp_cert fingerprint_alg = XMLSecurity::BaseDocument.new.algorithm(idp_cert_fingerprint_algorithm).new fingerprint_alg.hexdigest(idp_cert.to_der).upcase.scan(/../).join(":") end end end |
#get_idp_cert ⇒ OpenSSL::X509::Certificate|nil
Returns Build the IdP certificate from the settings (previously format it).
182 183 184 185 186 187 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 182 def get_idp_cert return nil if idp_cert.nil? || idp_cert.empty? formatted_cert = OneLogin::RubySaml::Utils.format_cert(idp_cert) OpenSSL::X509::Certificate.new(formatted_cert) end |
#get_idp_cert_multi ⇒ Hash with 2 arrays of OpenSSL::X509::Certificate
Returns Build multiple IdP certificates from the settings.
191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 191 def get_idp_cert_multi return nil if idp_cert_multi.nil? || idp_cert_multi.empty? raise ArgumentError.new("Invalid value for idp_cert_multi") if not idp_cert_multi.is_a?(Hash) certs = {:signing => [], :encryption => [] } if idp_cert_multi.key?(:signing) and not idp_cert_multi[:signing].empty? idp_cert_multi[:signing].each do |idp_cert| formatted_cert = OneLogin::RubySaml::Utils.format_cert(idp_cert) certs[:signing].push(OpenSSL::X509::Certificate.new(formatted_cert)) end end if idp_cert_multi.key?(:encryption) and not idp_cert_multi[:encryption].empty? idp_cert_multi[:encryption].each do |idp_cert| formatted_cert = OneLogin::RubySaml::Utils.format_cert(idp_cert) certs[:encryption].push(OpenSSL::X509::Certificate.new(formatted_cert)) end end certs end |
#get_sp_cert ⇒ OpenSSL::X509::Certificate|nil
Returns Build the SP certificate from the settings (previously format it).
217 218 219 220 221 222 223 224 225 226 227 228 229 230 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 217 def get_sp_cert return nil if certificate.nil? || certificate.empty? formatted_cert = OneLogin::RubySaml::Utils.format_cert(certificate) cert = OpenSSL::X509::Certificate.new(formatted_cert) if security[:check_sp_cert_expiration] if OneLogin::RubySaml::Utils.is_cert_expired(cert) raise OneLogin::RubySaml::ValidationError.new("The SP certificate expired.") end end cert end |
#get_sp_cert_new ⇒ OpenSSL::X509::Certificate|nil
Returns Build the New SP certificate from the settings (previously format it).
234 235 236 237 238 239 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 234 def get_sp_cert_new return nil if certificate_new.nil? || certificate_new.empty? formatted_cert = OneLogin::RubySaml::Utils.format_cert(certificate_new) OpenSSL::X509::Certificate.new(formatted_cert) end |
#get_sp_key ⇒ OpenSSL::PKey::RSA
Returns Build the SP private from the settings (previously format it).
243 244 245 246 247 248 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 243 def get_sp_key return nil if private_key.nil? || private_key.empty? formatted_private_key = OneLogin::RubySaml::Utils.format_private_key(private_key) OpenSSL::PKey::RSA.new(formatted_private_key) end |
#idp_slo_service_binding ⇒ String
Returns IdP Single Logout Service Binding.
106 107 108 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 106 def idp_slo_service_binding @idp_slo_service_binding || end |
#idp_slo_service_binding=(value) ⇒ Object
Setter for IdP Single Logout Service Binding
113 114 115 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 113 def idp_slo_service_binding=(value) @idp_slo_service_binding = get_binding(value) end |
#idp_sso_service_binding ⇒ String
Returns IdP Single Sign On Service Binding.
93 94 95 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 93 def idp_sso_service_binding @idp_sso_service_binding || end |
#idp_sso_service_binding=(value) ⇒ Object
Setter for IdP Single Sign On Service Binding
100 101 102 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 100 def idp_sso_service_binding=(value) @idp_sso_service_binding = get_binding(value) end |
#single_logout_service_binding ⇒ String
Returns Single Logout Service Binding.
145 146 147 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 145 def single_logout_service_binding @single_logout_service_binding || @assertion_consumer_logout_service_binding end |
#single_logout_service_binding=(value) ⇒ Object
Setter for Single Logout Service Binding.
(Currently we only support “urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect”)
154 155 156 |
# File 'lib/onelogin/ruby-saml/settings.rb', line 154 def single_logout_service_binding=(value) @single_logout_service_binding = get_binding(value) end |