Class: Saml::Kit::Signature

Inherits:

Object

• Object
• Saml::Kit::Signature

Includes:

ActiveModel::Validations, Translatable

Defined in:

lib/saml/kit/signature.rb

Instance Attribute Summary

• #name ⇒ Object readonly

  Returns the value of attribute name.

Instance Method Summary

• #canonicalization_method ⇒ Object
• #certificate ⇒ Object

  Returns the embedded X509 Certificate.

• #digest_method ⇒ Object
• #digest_value ⇒ Object
• #expected_digest_value ⇒ Object
• #initialize(node) ⇒ Signature constructor

  A new instance of Signature.

• #present? ⇒ Boolean
• #signature_method ⇒ Object
• #signature_value ⇒ Object
• #to_h ⇒ Object

  Returns the XML Hash.

• #to_xml(pretty: false) ⇒ Object
• #transforms ⇒ Object
• #trusted?(metadata) ⇒ Boolean

  Returns true when the fingerprint of the certificate matches one of the certificates registered in the metadata.

Constructor Details

#initialize(node) ⇒ Signature

Returns a new instance of Signature.

# File 'lib/saml/kit/signature.rb', line 14

def initialize(node)
  @name = 'Signature'
  @node = node
end

Instance Attribute Details

#name ⇒ Object (readonly)

Returns the value of attribute name.

# File 'lib/saml/kit/signature.rb', line 12

def name
  @name
end

Instance Method Details

#canonicalization_method ⇒ Object

# File 'lib/saml/kit/signature.rb', line 55

def canonicalization_method
  at_xpath('./ds:SignedInfo/ds:CanonicalizationMethod/@Algorithm').try(:value)
end

#certificate ⇒ Object

Returns the embedded X509 Certificate

# File 'lib/saml/kit/signature.rb', line 20

def certificate
  value = at_xpath('./ds:KeyInfo/ds:X509Data/ds:X509Certificate').try(:text)
  return if value.nil?
  ::Xml::Kit::Certificate.new(value, use: :signing)
end

#digest_method ⇒ Object

# File 'lib/saml/kit/signature.rb', line 43

def digest_method
  at_xpath('./ds:SignedInfo/ds:Reference/ds:DigestMethod/@Algorithm').try(:value)
end

#digest_value ⇒ Object

# File 'lib/saml/kit/signature.rb', line 32

def digest_value
  at_xpath('./ds:SignedInfo/ds:Reference/ds:DigestValue').try(:text)
end

#expected_digest_value ⇒ Object

# File 'lib/saml/kit/signature.rb', line 36

def expected_digest_value
  digests = dsignature.references.map do |x|
    Base64.encode64(x.calculate_digest_value).chomp
  end
  digests.count > 1 ? digests : digests[0]
end

#present? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/saml/kit/signature.rb', line 68

def present?
  node
end

#signature_method ⇒ Object

# File 'lib/saml/kit/signature.rb', line 51

def signature_method
  at_xpath('./ds:SignedInfo/ds:SignatureMethod/@Algorithm').try(:value)
end

#signature_value ⇒ Object

# File 'lib/saml/kit/signature.rb', line 47

def signature_value
  at_xpath('./ds:SignatureValue').try(:text)
end

#to_h ⇒ Object

Returns the XML Hash.

# File 'lib/saml/kit/signature.rb', line 64

def to_h
  @xml_hash ||= present? ? Hash.from_xml(to_xml)['Signature'] : {}
end

#to_xml(pretty: false) ⇒ Object

# File 'lib/saml/kit/signature.rb', line 72

def to_xml(pretty: false)
  pretty ? node.to_xml(indent: 2) : node.to_s
end

#transforms ⇒ Object

# File 'lib/saml/kit/signature.rb', line 59

def transforms
  node.search('./ds:SignedInfo/ds:Reference/ds:Transforms/ds:Transform/@Algorithm', Saml::Kit::Document::NAMESPACES).try(:map, &:value)
end

#trusted?(metadata) ⇒ Boolean

Returns true when the fingerprint of the certificate matches one of the certificates registered in the metadata.

Returns:

• (Boolean)

# File 'lib/saml/kit/signature.rb', line 27

def trusted?(metadata)
  return false if metadata.nil?
  metadata.matches?(certificate.fingerprint, use: :signing)
end