Class: Saml::Kit::AuthenticationRequest
- Includes:
- Requestable
- Defined in:
- lib/saml/kit/authentication_request.rb
Overview
This class can be used to parse a SAML AuthnRequest or generate one.
To generate an AuthnRequest use the builder API.
request = AuthenticationRequest.build do |builder|
builder.name_id_format = [Saml::Kit::Namespaces::EMAIL_ADDRESS]
end
<?xml version="1.0" encoding="UTF-8"?>
<samlp:AuthnRequest
xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
ID="_ca3a0e72-9530-41f1-9518-c53716de88b2"
Version="2.0"
IssueInstant="2017-12-19T16:27:44Z"
Destination="http://hartmann.info"
AssertionConsumerServiceURL="https://carroll.com/acs">
<saml:Issuer>Day of the Dangerous Cousins</saml:Issuer>
<samlp:NameIDPolicy
Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"/>
</samlp:AuthnRequest>
Example:
Constant Summary
Constants inherited from Document
Document::CONSTRUCTORS, Document::XPATH
Constants included from XsdValidatable
XsdValidatable::METADATA_XSD, XsdValidatable::PROTOCOL_XSD
Constants included from XmlParseable
Instance Attribute Summary
Attributes inherited from Document
Instance Method Summary collapse
-
#assertion_consumer_service_url ⇒ Object
Extract the AssertionConsumerServiceURL from the AuthnRequest <samlp:AuthnRequest AssertionConsumerServiceURL=“carroll.com/acs”> </samlp:AuthnRequest>.
-
#force_authn ⇒ Object
Returns the ForceAuthn attribute as a boolean.
-
#initialize(xml, configuration: Saml::Kit.configuration) ⇒ AuthenticationRequest
constructor
Create an instance of an AuthnRequest document.
- #name_id_format ⇒ Object
-
#name_id_policy ⇒ Object
Extract the NameIDPolicy from the AuthnRequest <samlp:AuthnRequest> <samlp:NameIDPolicy Format=“urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress”/> </samlp:AuthnRequest>.
-
#response_for(user, binding:, relay_state: nil, configuration: Saml::Kit.configuration) ⇒ Object
Generate a Response for a specific user.
Methods inherited from Document
#destination, #id, #issue_instant, #issuer, to_saml_document, #version
Methods included from XmlParseable
#present?, #to_h, #to_s, #to_xhtml, #to_xml
Methods included from Trustable
Constructor Details
#initialize(xml, configuration: Saml::Kit.configuration) ⇒ AuthenticationRequest
Create an instance of an AuthnRequest document.
configuration.
38 39 40 |
# File 'lib/saml/kit/authentication_request.rb', line 38 def initialize(xml, configuration: Saml::Kit.configuration) super(xml, name: 'AuthnRequest', configuration: configuration) end |
Instance Method Details
#assertion_consumer_service_url ⇒ Object
Extract the AssertionConsumerServiceURL from the AuthnRequest
<samlp:AuthnRequest
AssertionConsumerServiceURL="https://carroll.com/acs">
</samlp:AuthnRequest>
46 47 48 |
# File 'lib/saml/kit/authentication_request.rb', line 46 def assertion_consumer_service_url at_xpath('./*/@AssertionConsumerServiceURL').try(:value) end |
#force_authn ⇒ Object
Returns the ForceAuthn attribute as a boolean.
51 52 53 |
# File 'lib/saml/kit/authentication_request.rb', line 51 def force_authn at_xpath('./*/@ForceAuthn').try(:value) == 'true' end |
#name_id_format ⇒ Object
55 56 57 |
# File 'lib/saml/kit/authentication_request.rb', line 55 def name_id_format name_id_policy end |
#name_id_policy ⇒ Object
Extract the NameIDPolicy from the AuthnRequest
<samlp:AuthnRequest>
<samlp:NameIDPolicy
Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"/>
</samlp:AuthnRequest>
64 65 66 |
# File 'lib/saml/kit/authentication_request.rb', line 64 def name_id_policy at_xpath('./*/samlp:NameIDPolicy/@Format').try(:value) end |
#response_for(user, binding:, relay_state: nil, configuration: Saml::Kit.configuration) ⇒ Object
Generate a Response for a specific user. generating a nameid and assertion attributes. ‘:http_post` or `:http_redirect`. use to build the response.
75 76 77 78 79 80 81 82 83 84 85 86 |
# File 'lib/saml/kit/authentication_request.rb', line 75 def response_for( user, binding:, relay_state: nil, configuration: Saml::Kit.configuration ) response = Response.builder(user, self, configuration: configuration) do |x| x. = provider.want_assertions_signed yield x if block_given? end provider .assertion_consumer_service_for(binding: binding) .serialize(response, relay_state: relay_state) end |