Class: OneLogin::RubySaml::Settings

Inherits:

Object

• Object
• OneLogin::RubySaml::Settings

Defined in:

lib/onelogin/ruby-saml/settings.rb

Overview

SAML2 Toolkit Settings

Instance Attribute Summary

• #assertion_consumer_logout_service_binding ⇒ Object

  Returns the value of attribute assertion_consumer_logout_service_binding.

• #assertion_consumer_logout_service_url ⇒ Object

  Compability.

• #assertion_consumer_service_binding ⇒ Object

  Returns the value of attribute assertion_consumer_service_binding.

• #assertion_consumer_service_url ⇒ Object

  Returns the value of attribute assertion_consumer_service_url.

• #attribute_consuming_service ⇒ Object readonly

  Returns the value of attribute attribute_consuming_service.

• #attributes_index ⇒ Object

  Returns the value of attribute attributes_index.

• #authn_context ⇒ Object

  Returns the value of attribute authn_context.

• #authn_context_comparison ⇒ Object

  Returns the value of attribute authn_context_comparison.

• #authn_context_decl_ref ⇒ Object

  Returns the value of attribute authn_context_decl_ref.

• #certificate ⇒ Object

  Returns the value of attribute certificate.

• #certificate_new ⇒ Object

  Returns the value of attribute certificate_new.

• #compress_request ⇒ Object

  Returns the value of attribute compress_request.

• #compress_response ⇒ Object

  Returns the value of attribute compress_response.

• #double_quote_xml_attribute_values ⇒ Object

  Returns the value of attribute double_quote_xml_attribute_values.

• #force_authn ⇒ Object

  Returns the value of attribute force_authn.

• #idp_attribute_names ⇒ Object

  Returns the value of attribute idp_attribute_names.

• #idp_cert ⇒ Object

  Returns the value of attribute idp_cert.

• #idp_cert_fingerprint ⇒ Object

  Returns the value of attribute idp_cert_fingerprint.

• #idp_cert_fingerprint_algorithm ⇒ Object

  Returns the value of attribute idp_cert_fingerprint_algorithm.

• #idp_cert_multi ⇒ Object

  Returns the value of attribute idp_cert_multi.

• #idp_entity_id ⇒ Object

  IdP Data.

• #idp_name_qualifier ⇒ Object

  Returns the value of attribute idp_name_qualifier.

• #idp_slo_target_url ⇒ Object

  Returns the value of attribute idp_slo_target_url.

• #idp_sso_target_url ⇒ Object

  Returns the value of attribute idp_sso_target_url.

• #issuer ⇒ Object

  SP Data.

• #name_identifier_format ⇒ Object

  Returns the value of attribute name_identifier_format.

• #name_identifier_value ⇒ Object

  Returns the value of attribute name_identifier_value.

• #passive ⇒ Object

  Returns the value of attribute passive.

• #private_key ⇒ Object

  Returns the value of attribute private_key.

• #protocol_binding ⇒ Object

  Returns the value of attribute protocol_binding.

• #security ⇒ Object

  Work-flow.

• #sessionindex ⇒ Object

  Returns the value of attribute sessionindex.

• #soft ⇒ Object

  Returns the value of attribute soft.

• #sp_name_qualifier ⇒ Object

  Returns the value of attribute sp_name_qualifier.

Instance Method Summary

• #get_fingerprint ⇒ String

  Calculates the fingerprint of the IdP x509 certificate.

• #get_idp_cert ⇒ OpenSSL::X509::Certificate|nil

  Build the IdP certificate from the settings (previously format it).

• #get_idp_cert_multi ⇒ Hash with 2 arrays of OpenSSL::X509::Certificate

  Build multiple IdP certificates from the settings.

• #get_sp_cert ⇒ OpenSSL::X509::Certificate|nil

  Build the SP certificate from the settings (previously format it).

• #get_sp_cert_new ⇒ OpenSSL::X509::Certificate|nil

  Build the New SP certificate from the settings (previously format it).

• #get_sp_key ⇒ OpenSSL::PKey::RSA

  Build the SP private from the settings (previously format it).

• #initialize(overrides = {}, keep_security_attributes = false) ⇒ Settings constructor

  A new instance of Settings.

• #single_logout_service_binding ⇒ String

  Single Logout Service Binding.

• #single_logout_service_binding=(url) ⇒ Object

  Setter for Single Logout Service Binding.

• #single_logout_service_url ⇒ String

  Single Logout Service URL.

• #single_logout_service_url=(url) ⇒ Object

  Setter for the Single Logout Service URL.

Constructor Details

#initialize(overrides = {}, keep_security_attributes = false) ⇒ Settings

Returns a new instance of Settings.

# File 'lib/onelogin/ruby-saml/settings.rb', line 12

def initialize(overrides = {}, keep_security_attributes = false)
  if keep_security_attributes
    security_attributes = overrides.delete(:security) || {}
    config = DEFAULTS.merge(overrides)
    config[:security] = DEFAULTS[:security].merge(security_attributes)
  else
    config = DEFAULTS.merge(overrides)
  end

  config.each do |k,v|
    acc = "#{k.to_s}=".to_sym
    if respond_to? acc
      value = v.is_a?(Hash) ? v.dup : v
      send(acc, value)
    end
  end
  @attribute_consuming_service = AttributeService.new
end

Instance Attribute Details

#assertion_consumer_logout_service_binding ⇒ Object

Returns the value of attribute assertion_consumer_logout_service_binding.

# File 'lib/onelogin/ruby-saml/settings.rb', line 68

def assertion_consumer_logout_service_binding
  @assertion_consumer_logout_service_binding
end

#assertion_consumer_logout_service_url ⇒ Object

Compability

# File 'lib/onelogin/ruby-saml/settings.rb', line 67

def assertion_consumer_logout_service_url
  @assertion_consumer_logout_service_url
end

#assertion_consumer_service_binding ⇒ Object

Returns the value of attribute assertion_consumer_service_binding.

# File 'lib/onelogin/ruby-saml/settings.rb', line 44

def assertion_consumer_service_binding
  @assertion_consumer_service_binding
end

#assertion_consumer_service_url ⇒ Object

Returns the value of attribute assertion_consumer_service_url.

# File 'lib/onelogin/ruby-saml/settings.rb', line 43

def assertion_consumer_service_url
  @assertion_consumer_service_url
end

#attribute_consuming_service ⇒ Object (readonly)

Returns the value of attribute attribute_consuming_service.

# File 'lib/onelogin/ruby-saml/settings.rb', line 62

def attribute_consuming_service
  @attribute_consuming_service
end

#attributes_index ⇒ Object

Returns the value of attribute attributes_index.

# File 'lib/onelogin/ruby-saml/settings.rb', line 54

def attributes_index
  @attributes_index
end

#authn_context ⇒ Object

Returns the value of attribute authn_context.

# File 'lib/onelogin/ruby-saml/settings.rb', line 59

def authn_context
  @authn_context
end

#authn_context_comparison ⇒ Object

Returns the value of attribute authn_context_comparison.

# File 'lib/onelogin/ruby-saml/settings.rb', line 60

def authn_context_comparison
  @authn_context_comparison
end

#authn_context_decl_ref ⇒ Object

Returns the value of attribute authn_context_decl_ref.

# File 'lib/onelogin/ruby-saml/settings.rb', line 61

def authn_context_decl_ref
  @authn_context_decl_ref
end

#certificate ⇒ Object

Returns the value of attribute certificate.

# File 'lib/onelogin/ruby-saml/settings.rb', line 56

def certificate
  @certificate
end

#certificate_new ⇒ Object

Returns the value of attribute certificate_new.

# File 'lib/onelogin/ruby-saml/settings.rb', line 57

def certificate_new
  @certificate_new
end

#compress_request ⇒ Object

Returns the value of attribute compress_request.

# File 'lib/onelogin/ruby-saml/settings.rb', line 49

def compress_request
  @compress_request
end

#compress_response ⇒ Object

Returns the value of attribute compress_response.

# File 'lib/onelogin/ruby-saml/settings.rb', line 50

def compress_response
  @compress_response
end

#double_quote_xml_attribute_values ⇒ Object

Returns the value of attribute double_quote_xml_attribute_values.

# File 'lib/onelogin/ruby-saml/settings.rb', line 51

def double_quote_xml_attribute_values
  @double_quote_xml_attribute_values
end

#force_authn ⇒ Object

Returns the value of attribute force_authn.

# File 'lib/onelogin/ruby-saml/settings.rb', line 55

def force_authn
  @force_authn
end

#idp_attribute_names ⇒ Object

Returns the value of attribute idp_attribute_names.

# File 'lib/onelogin/ruby-saml/settings.rb', line 39

def idp_attribute_names
  @idp_attribute_names
end

#idp_cert ⇒ Object

Returns the value of attribute idp_cert.

# File 'lib/onelogin/ruby-saml/settings.rb', line 35

def idp_cert
  @idp_cert
end

#idp_cert_fingerprint ⇒ Object

Returns the value of attribute idp_cert_fingerprint.

# File 'lib/onelogin/ruby-saml/settings.rb', line 36

def idp_cert_fingerprint
  @idp_cert_fingerprint
end

#idp_cert_fingerprint_algorithm ⇒ Object

Returns the value of attribute idp_cert_fingerprint_algorithm.

# File 'lib/onelogin/ruby-saml/settings.rb', line 37

def idp_cert_fingerprint_algorithm
  @idp_cert_fingerprint_algorithm
end

#idp_cert_multi ⇒ Object

Returns the value of attribute idp_cert_multi.

# File 'lib/onelogin/ruby-saml/settings.rb', line 38

def idp_cert_multi
  @idp_cert_multi
end

#idp_entity_id ⇒ Object

IdP Data

# File 'lib/onelogin/ruby-saml/settings.rb', line 32

def idp_entity_id
  @idp_entity_id
end

#idp_name_qualifier ⇒ Object

Returns the value of attribute idp_name_qualifier.

# File 'lib/onelogin/ruby-saml/settings.rb', line 40

def idp_name_qualifier
  @idp_name_qualifier
end

#idp_slo_target_url ⇒ Object

Returns the value of attribute idp_slo_target_url.

# File 'lib/onelogin/ruby-saml/settings.rb', line 34

def idp_slo_target_url
  @idp_slo_target_url
end

#idp_sso_target_url ⇒ Object

Returns the value of attribute idp_sso_target_url.

# File 'lib/onelogin/ruby-saml/settings.rb', line 33

def idp_sso_target_url
  @idp_sso_target_url
end

#issuer ⇒ Object

SP Data

# File 'lib/onelogin/ruby-saml/settings.rb', line 42

def issuer
  @issuer
end

#name_identifier_format ⇒ Object

Returns the value of attribute name_identifier_format.

# File 'lib/onelogin/ruby-saml/settings.rb', line 46

def name_identifier_format
  @name_identifier_format
end

#name_identifier_value ⇒ Object

Returns the value of attribute name_identifier_value.

# File 'lib/onelogin/ruby-saml/settings.rb', line 47

def name_identifier_value
  @name_identifier_value
end

#passive ⇒ Object

Returns the value of attribute passive.

# File 'lib/onelogin/ruby-saml/settings.rb', line 52

def passive
  @passive
end

#private_key ⇒ Object

Returns the value of attribute private_key.

# File 'lib/onelogin/ruby-saml/settings.rb', line 58

def private_key
  @private_key
end

#protocol_binding ⇒ Object

Returns the value of attribute protocol_binding.

# File 'lib/onelogin/ruby-saml/settings.rb', line 53

def protocol_binding
  @protocol_binding
end

#security ⇒ Object

Work-flow

# File 'lib/onelogin/ruby-saml/settings.rb', line 64

def security
  @security
end

#sessionindex ⇒ Object

Returns the value of attribute sessionindex.

# File 'lib/onelogin/ruby-saml/settings.rb', line 48

def sessionindex
  @sessionindex
end

#soft ⇒ Object

Returns the value of attribute soft.

# File 'lib/onelogin/ruby-saml/settings.rb', line 65

def soft
  @soft
end

#sp_name_qualifier ⇒ Object

Returns the value of attribute sp_name_qualifier.

# File 'lib/onelogin/ruby-saml/settings.rb', line 45

def sp_name_qualifier
  @sp_name_qualifier
end

Instance Method Details

#get_fingerprint ⇒ String

Calculates the fingerprint of the IdP x509 certificate.

Returns:

• (String) —

  The fingerprint

# File 'lib/onelogin/ruby-saml/settings.rb', line 117

def get_fingerprint
  idp_cert_fingerprint || begin
    idp_cert = get_idp_cert
    if idp_cert
      fingerprint_alg = XMLSecurity::BaseDocument.new.algorithm(idp_cert_fingerprint_algorithm).new
      fingerprint_alg.hexdigest(idp_cert.to_der).upcase.scan(/../).join(":")
    end
  end
end

#get_idp_cert ⇒ OpenSSL::X509::Certificate|nil

Returns Build the IdP certificate from the settings (previously format it).

Returns:

• (OpenSSL::X509::Certificate|nil) —

  Build the IdP certificate from the settings (previously format it)

# File 'lib/onelogin/ruby-saml/settings.rb', line 129

def get_idp_cert
  return nil if idp_cert.nil? || idp_cert.empty?

  formatted_cert = OneLogin::RubySaml::Utils.format_cert(idp_cert)
  OpenSSL::X509::Certificate.new(formatted_cert)
end

#get_idp_cert_multi ⇒ Hash with 2 arrays of OpenSSL::X509::Certificate

Returns Build multiple IdP certificates from the settings.

Returns:

• (Hash with 2 arrays of OpenSSL::X509::Certificate) —

  Build multiple IdP certificates from the settings.

Raises:

• (ArgumentError)

# File 'lib/onelogin/ruby-saml/settings.rb', line 138

def get_idp_cert_multi
  return nil if idp_cert_multi.nil? || idp_cert_multi.empty?

  raise ArgumentError.new("Invalid value for idp_cert_multi") if not idp_cert_multi.is_a?(Hash)

  certs = {:signing => [], :encryption => [] }

  if idp_cert_multi.key?(:signing) and not idp_cert_multi[:signing].empty?
    idp_cert_multi[:signing].each do |idp_cert|
      formatted_cert = OneLogin::RubySaml::Utils.format_cert(idp_cert)
      certs[:signing].push(OpenSSL::X509::Certificate.new(formatted_cert))
    end
  end

  if idp_cert_multi.key?(:encryption) and not idp_cert_multi[:encryption].empty?
    idp_cert_multi[:encryption].each do |idp_cert|
      formatted_cert = OneLogin::RubySaml::Utils.format_cert(idp_cert)
      certs[:encryption].push(OpenSSL::X509::Certificate.new(formatted_cert))
    end
  end

  certs
end

#get_sp_cert ⇒ OpenSSL::X509::Certificate|nil

Returns Build the SP certificate from the settings (previously format it).

Returns:

• (OpenSSL::X509::Certificate|nil) —

  Build the SP certificate from the settings (previously format it)

# File 'lib/onelogin/ruby-saml/settings.rb', line 164

def get_sp_cert
  return nil if certificate.nil? || certificate.empty?

  formatted_cert = OneLogin::RubySaml::Utils.format_cert(certificate)
  OpenSSL::X509::Certificate.new(formatted_cert)
end

#get_sp_cert_new ⇒ OpenSSL::X509::Certificate|nil

Returns Build the New SP certificate from the settings (previously format it).

Returns:

• (OpenSSL::X509::Certificate|nil) —

  Build the New SP certificate from the settings (previously format it)

# File 'lib/onelogin/ruby-saml/settings.rb', line 173

def get_sp_cert_new
  return nil if certificate_new.nil? || certificate_new.empty?

  formatted_cert = OneLogin::RubySaml::Utils.format_cert(certificate_new)
  OpenSSL::X509::Certificate.new(formatted_cert)
end

#get_sp_key ⇒ OpenSSL::PKey::RSA

Returns Build the SP private from the settings (previously format it).

Returns:

• (OpenSSL::PKey::RSA) —

  Build the SP private from the settings (previously format it)

# File 'lib/onelogin/ruby-saml/settings.rb', line 182

def get_sp_key
  return nil if private_key.nil? || private_key.empty?

  formatted_private_key = OneLogin::RubySaml::Utils.format_private_key(private_key)
  OpenSSL::PKey::RSA.new(formatted_private_key)
end

#single_logout_service_binding ⇒ String

Returns Single Logout Service Binding.

Returns:

• (String) —

  Single Logout Service Binding.

# File 'lib/onelogin/ruby-saml/settings.rb', line 93

def single_logout_service_binding
  val = nil
  if @single_logout_service_binding.nil?
    if @assertion_consumer_logout_service_binding
      val = @assertion_consumer_logout_service_binding
    end
  else
    val = @single_logout_service_binding
  end
  val
end

#single_logout_service_binding=(url) ⇒ Object

Setter for Single Logout Service Binding.

(Currently we only support “urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect”)

Parameters:

• url (String)

# File 'lib/onelogin/ruby-saml/settings.rb', line 110

def single_logout_service_binding=(url)
  @single_logout_service_binding = url
end

#single_logout_service_url ⇒ String

Returns Single Logout Service URL.

Returns:

• (String) —

  Single Logout Service URL.

# File 'lib/onelogin/ruby-saml/settings.rb', line 72

def single_logout_service_url
  val = nil
  if @single_logout_service_url.nil?
    if @assertion_consumer_logout_service_url
      val = @assertion_consumer_logout_service_url
    end
  else
    val = @single_logout_service_url
  end
  val
end

#single_logout_service_url=(url) ⇒ Object

Setter for the Single Logout Service URL.

Parameters:

• url (String) —

  .

# File 'lib/onelogin/ruby-saml/settings.rb', line 87

def single_logout_service_url=(url)
  @single_logout_service_url = url
end