Class: Saml::Kit::IdentityProviderMetadata
- Defined in:
- lib/saml/kit/identity_provider_metadata.rb
Overview
This class is used to parse the IDPSSODescriptor from a SAML metadata document.
raw_xml = <<-XML
<?xml version="1.0" encoding="UTF-8"?>
<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_cfa24e2f-0ec0-4ee3-abb8-b2fcfe394c1c" entityID="">
<IDPSSODescriptor WantAuthnRequestsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.example.com/logout"/>
<NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat>
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.example.com/login"/>
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://www.example.com/login"/>
<saml:Attribute Name="id"/>
</IDPSSODescriptor>
</EntityDescriptor>
XML
= Saml::Kit::IdentityProviderMetadata.new(raw_xml)
puts .entity_id
It can also be used to generate IDP metadata.
= Saml::Kit::IdentityProviderMetadata.build do |builder|
builder.entity_id = "my-entity-id"
end
puts .to_xml
For more details on generating metadata see Metadata.
Example:
Constant Summary collapse
- Builder =
Deprecated.
Use Builders::IdentityProviderMetadata instead of this.
ActiveSupport::Deprecation::DeprecatedConstantProxy.new('Saml::Kit::IdentityProviderMetadata::Builder', 'Saml::Kit::Builders::IdentityProviderMetadata')
Constants inherited from Metadata
Metadata::METADATA_XSD, Metadata::NAMESPACES
Instance Attribute Summary
Attributes inherited from Metadata
Instance Method Summary collapse
-
#attributes ⇒ Object
Returns each of the Attributes in the metadata.
-
#initialize(xml) ⇒ IdentityProviderMetadata
constructor
A new instance of IdentityProviderMetadata.
-
#login_request_for(binding:, relay_state: nil, configuration: Saml::Kit.configuration) ⇒ Array
Creates a AuthnRequest document for the specified binding.
-
#single_sign_on_service_for(binding:) ⇒ Object
Returns a SingleSignOnService elements with the specified binding.
-
#single_sign_on_services ⇒ Object
Returns each of the SingleSignOnService elements.
-
#want_authn_requests_signed ⇒ Object
Returns the IDPSSODescriptor/@WantAuthnRequestsSigned attribute.
Methods inherited from Metadata
#certificates, #contact_person_company, #encryption_certificates, #entity_id, from, #logout_request_for, #matches?, #name_id_formats, #organization_name, #organization_url, #service_for, #services, #signing_certificates, #single_logout_service_for, #single_logout_services, #to_h, #to_s, #to_xml, #verify
Constructor Details
#initialize(xml) ⇒ IdentityProviderMetadata
Returns a new instance of IdentityProviderMetadata.
34 35 36 |
# File 'lib/saml/kit/identity_provider_metadata.rb', line 34 def initialize(xml) super("IDPSSODescriptor", xml) end |
Instance Method Details
#attributes ⇒ Object
Returns each of the Attributes in the metadata.
59 60 61 62 63 64 65 66 |
# File 'lib/saml/kit/identity_provider_metadata.rb', line 59 def attributes document.find_all("/md:EntityDescriptor/md:#{name}/saml:Attribute").map do |item| { format: item.attribute("NameFormat").try(:value), name: item.attribute("Name").value, } end end |
#login_request_for(binding:, relay_state: nil, configuration: Saml::Kit.configuration) ⇒ Array
Creates a AuthnRequest document for the specified binding.
74 75 76 77 78 79 80 81 |
# File 'lib/saml/kit/identity_provider_metadata.rb', line 74 def login_request_for(binding:, relay_state: nil, configuration: Saml::Kit.configuration) # :yields builder builder = Saml::Kit::AuthenticationRequest.builder(configuration: configuration) do |x| x. = want_authn_requests_signed yield x if block_given? end request_binding = single_sign_on_service_for(binding: binding) request_binding.serialize(builder, relay_state: relay_state) end |
#single_sign_on_service_for(binding:) ⇒ Object
Returns a SingleSignOnService elements with the specified binding.
54 55 56 |
# File 'lib/saml/kit/identity_provider_metadata.rb', line 54 def single_sign_on_service_for(binding:) service_for(binding: binding, type: 'SingleSignOnService') end |
#single_sign_on_services ⇒ Object
Returns each of the SingleSignOnService elements.
47 48 49 |
# File 'lib/saml/kit/identity_provider_metadata.rb', line 47 def single_sign_on_services services('SingleSignOnService') end |
#want_authn_requests_signed ⇒ Object
Returns the IDPSSODescriptor/@WantAuthnRequestsSigned attribute.
39 40 41 42 43 44 |
# File 'lib/saml/kit/identity_provider_metadata.rb', line 39 def want_authn_requests_signed xpath = "/md:EntityDescriptor/md:#{name}" attribute = document.find_by(xpath).attribute("WantAuthnRequestsSigned") return true if attribute.nil? attribute.text.downcase == "true" end |