Class: Saml::Kit::DefaultRegistry

Inherits:

Object

• Object
• Saml::Kit::DefaultRegistry

Includes:

Enumerable

Defined in:

lib/saml/kit/default_registry.rb

Overview

The default metadata registry is used to fetch the metadata associated with an issuer or entity id. The metadata associated with an issuer is used to verify trust for any SAML documents that are received.

You can replace the default registry with your own at startup.

Example:

class OnDemandRegistry
 def initialize(original)
   @original = original
 end

 def metadata_for(entity_id)
   found = @original.metadata_for(entity_id)
   return found if found

   @original.register_url(entity_id, verify_ssl: Rails.env.production?)
   @original.metadata_for(entity_id)
 end
end

Saml::Kit.configure do |configuration|
  configuration.entity_id = ENV['ENTITY_ID']
  configuration.registry = OnDemandRegistry.new(configuration.registry)
  configuration.logger = Rails.logger
end

Instance Method Summary

• #each ⇒ Object

  Yields each registered [Saml::Kit::Metadata] to the block.

• #initialize(items = {}) ⇒ DefaultRegistry constructor

  A new instance of DefaultRegistry.

• #metadata_for(entity_id) ⇒ Object

  Returns the metadata document associated with an issuer or entityID.

• #register(metadata) ⇒ Object

  Register a metadata document.

• #register_url(url, verify_ssl: true) ⇒ Object

  Register metadata via a remote URL.

Constructor Details

#initialize(items = {}) ⇒ DefaultRegistry

Returns a new instance of DefaultRegistry.

# File 'lib/saml/kit/default_registry.rb', line 38

def initialize(items = {})
  @items = items
end

Instance Method Details

#each ⇒ Object

Yields each registered [Saml::Kit::Metadata] to the block.

# File 'lib/saml/kit/default_registry.rb', line 73

def each
  @items.each_value do |value|
    yield value
  end
end

#metadata_for(entity_id) ⇒ Object

Returns the metadata document associated with an issuer or entityID.

metadata.

Parameters:

• entity_id (String) —

  unique entityID/Issuer associated with

# File 'lib/saml/kit/default_registry.rb', line 68

def metadata_for(entity_id)
  @items[entity_id]
end

#register(metadata) ⇒ Object

Register a metadata document

Parameters:

• metadata (Saml::Kit::Metadata) —

  the metadata to register.

# File 'lib/saml/kit/default_registry.rb', line 45

def register(metadata)
  ensure_valid_metadata(metadata)
  Saml::Kit.logger.debug(metadata.to_xml(pretty: true))
  @items[metadata.entity_id] = metadata
end

#register_url(url, verify_ssl: true) ⇒ Object

Register metadata via a remote URL. This will attempt to connect to the remove URL to download the metadata and register it in the registry.

Parameters:

• url (String) —

  the url to download the metadata from.

• verify_ssl (Boolean) (defaults to: true) —

  enable/disable SSL peer verification.

# File 'lib/saml/kit/default_registry.rb', line 57

def register_url(url, verify_ssl: true)
  headers = { 'User-Agent' => "saml/kit #{Saml::Kit::VERSION}" }
  verify_mode = verify_ssl ? nil : OpenSSL::SSL::VERIFY_NONE
  client = Net::Hippie::Client.new(headers: headers, verify_mode: verify_mode)
  register(Saml::Kit::Metadata.from(client.get(url).body))
end