Class: Saml::Kit::Signature
- Inherits:
-
Object
- Object
- Saml::Kit::Signature
- Includes:
- Translatable, Validatable
- Defined in:
- lib/saml/kit/signature.rb
Overview
This class is responsible for validating an xml digital signature in an xml document.
Instance Attribute Summary collapse
-
#name ⇒ Object
readonly
Returns the value of attribute name.
Instance Method Summary collapse
- #canonicalization_method ⇒ Object
-
#certificate ⇒ Object
Returns the embedded X509 Certificate.
- #digest_method ⇒ Object
- #digest_value ⇒ Object
- #expected_digest_value ⇒ Object
-
#initialize(node) ⇒ Signature
constructor
A new instance of Signature.
- #present? ⇒ Boolean
- #signature_method ⇒ Object
- #signature_value ⇒ Object
-
#to_h ⇒ Object
Returns the XML Hash.
- #to_s ⇒ Object
- #to_xml(pretty: nil) ⇒ Object
- #transforms ⇒ Object
-
#trusted?(metadata) ⇒ Boolean
Returns true when the fingerprint of the certificate matches one of the certificates registered in the metadata.
Methods included from Validatable
Constructor Details
#initialize(node) ⇒ Signature
Returns a new instance of Signature.
17 18 19 20 |
# File 'lib/saml/kit/signature.rb', line 17 def initialize(node) @name = 'Signature' @node = node end |
Instance Attribute Details
#name ⇒ Object (readonly)
Returns the value of attribute name.
15 16 17 |
# File 'lib/saml/kit/signature.rb', line 15 def name @name end |
Instance Method Details
#canonicalization_method ⇒ Object
63 64 65 66 |
# File 'lib/saml/kit/signature.rb', line 63 def canonicalization_method xpath = './ds:SignedInfo/ds:CanonicalizationMethod/@Algorithm' at_xpath(xpath).try(:value) end |
#certificate ⇒ Object
Returns the embedded X509 Certificate
23 24 25 26 27 28 29 |
# File 'lib/saml/kit/signature.rb', line 23 def certificate xpath = './ds:KeyInfo/ds:X509Data/ds:X509Certificate' value = at_xpath(xpath).try(:text) return if value.nil? ::Xml::Kit::Certificate.new(value, use: :signing) end |
#digest_method ⇒ Object
50 51 52 53 |
# File 'lib/saml/kit/signature.rb', line 50 def digest_method xpath = './ds:SignedInfo/ds:Reference/ds:DigestMethod/@Algorithm' at_xpath(xpath).try(:value) end |
#digest_value ⇒ Object
39 40 41 |
# File 'lib/saml/kit/signature.rb', line 39 def digest_value at_xpath('./ds:SignedInfo/ds:Reference/ds:DigestValue').try(:text) end |
#expected_digest_value ⇒ Object
43 44 45 46 47 48 |
# File 'lib/saml/kit/signature.rb', line 43 def expected_digest_value digests = dsignature.references.map do |xxx| Base64.encode64(xxx.calculate_digest_value).chomp end digests.count > 1 ? digests : digests[0] end |
#present? ⇒ Boolean
85 86 87 |
# File 'lib/saml/kit/signature.rb', line 85 def present? node.present? end |
#signature_method ⇒ Object
59 60 61 |
# File 'lib/saml/kit/signature.rb', line 59 def signature_method at_xpath('./ds:SignedInfo/ds:SignatureMethod/@Algorithm').try(:value) end |
#signature_value ⇒ Object
55 56 57 |
# File 'lib/saml/kit/signature.rb', line 55 def signature_value at_xpath('./ds:SignatureValue').try(:text) end |
#to_h ⇒ Object
Returns the XML Hash.
81 82 83 |
# File 'lib/saml/kit/signature.rb', line 81 def to_h @to_h ||= present? ? Hash.from_xml(to_xml)['Signature'] : {} end |
#to_s ⇒ Object
93 94 95 |
# File 'lib/saml/kit/signature.rb', line 93 def to_s node.to_s end |
#to_xml(pretty: nil) ⇒ Object
89 90 91 |
# File 'lib/saml/kit/signature.rb', line 89 def to_xml(pretty: nil) pretty ? node.to_xml(indent: 2) : to_s end |
#transforms ⇒ Object
68 69 70 71 72 73 74 75 76 77 78 |
# File 'lib/saml/kit/signature.rb', line 68 def transforms xpath = xpath_for([ '.', 'ds:SignedInfo', 'ds:Reference', 'ds:Transforms', 'ds:Transform', '@Algorithm', ]) node.search(xpath, Saml::Kit::Document::NAMESPACES).try(:map, &:value) end |
#trusted?(metadata) ⇒ Boolean
Returns true when the fingerprint of the certificate matches one of the certificates registered in the metadata.
33 34 35 36 37 |
# File 'lib/saml/kit/signature.rb', line 33 def trusted?() return false if .nil? .matches?(certificate.fingerprint, use: :signing).present? end |