Class: SAML2::AuthnRequest
Instance Attribute Summary collapse
Attributes inherited from Message
#destination, #id, #issue_instant, #issuer
Attributes inherited from Base
#xml
Class Method Summary
collapse
Instance Method Summary
collapse
Methods inherited from Message
#from_xml, from_xml, inherited, #initialize, parse, #valid_schema?
Methods inherited from Base
from_xml, #from_xml, load_object_array, load_string_array, lookup_qname, #to_s, #to_xml
Constructor Details
This class inherits a constructor from SAML2::Message
Instance Attribute Details
#assertion_consumer_service ⇒ Object
Returns the value of attribute assertion_consumer_service.
75
76
77
|
# File 'lib/saml2/authn_request.rb', line 75
def assertion_consumer_service
@assertion_consumer_service
end
|
#assertion_consumer_service_index ⇒ Object
77
78
79
80
81
82
|
# File 'lib/saml2/authn_request.rb', line 77
def assertion_consumer_service_index
if xml && !instance_variable_defined?(:@assertion_consumer_service_index)
@assertion_consumer_service_index = xml['AssertionConsumerServiceIndex']&.to_i
end
@assertion_consumer_service_index
end
|
#assertion_consumer_service_url ⇒ Object
84
85
86
87
88
89
|
# File 'lib/saml2/authn_request.rb', line 84
def assertion_consumer_service_url
if xml && !instance_variable_defined?(:@assertion_consumer_service_url)
@assertion_consumer_service_url = xml['AssertionConsumerServiceURL']
end
@assertion_consumer_service_url
end
|
#attribute_consuming_service ⇒ Object
Returns the value of attribute attribute_consuming_service.
75
76
77
|
# File 'lib/saml2/authn_request.rb', line 75
def attribute_consuming_service
@attribute_consuming_service
end
|
#attribute_consuming_service_index ⇒ Object
91
92
93
94
95
96
|
# File 'lib/saml2/authn_request.rb', line 91
def attribute_consuming_service_index
if xml && !instance_variable_defined?(:@attribute_consuming_service_index)
@attribute_consuming_service_index = xml['AttributeConsumingServiceIndex']&.to_i
end
@attribute_consuming_service_index
end
|
#force_authn=(value) ⇒ Object
Sets the attribute force_authn
25
26
27
|
# File 'lib/saml2/authn_request.rb', line 25
def force_authn=(value)
@force_authn = value
end
|
#name_id_policy ⇒ Object
68
69
70
71
72
73
|
# File 'lib/saml2/authn_request.rb', line 68
def name_id_policy
if xml && !instance_variable_defined?(:@name_id_policy)
@name_id_policy = NameID::Policy.from_xml(xml.at_xpath('samlp:NameIDPolicy', Namespaces::ALL))
end
@name_id_policy
end
|
#passive=(value) ⇒ Object
Sets the attribute passive
25
26
27
|
# File 'lib/saml2/authn_request.rb', line 25
def passive=(value)
@passive = value
end
|
#protocol_binding ⇒ Object
112
113
114
115
116
117
|
# File 'lib/saml2/authn_request.rb', line 112
def protocol_binding
if xml && !instance_variable_defined?(:@protocol_binding)
@protocol_binding = xml['ProtocolBinding']
end
@protocol_binding
end
|
#requested_authn_context ⇒ Object
Returns the value of attribute requested_authn_context.
32
33
34
|
# File 'lib/saml2/authn_request.rb', line 32
def requested_authn_context
@requested_authn_context
end
|
Class Method Details
.decode(authnrequest) ⇒ Object
deprecated; takes just the SAMLRequest parameter’s value
Instance Method Details
#build(builder) ⇒ Object
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
|
# File 'lib/saml2/authn_request.rb', line 126
def build(builder)
builder['samlp'].AuthnRequest(
'xmlns:samlp' => Namespaces::SAMLP,
'xmlns:saml' => Namespaces::SAML
) do |authn_request|
super(authn_request)
authn_request.parent['AssertionConsumerServiceIndex'] = assertion_consumer_service_index if assertion_consumer_service_index
authn_request.parent['AssertionConsumerServiceURL'] = assertion_consumer_service_url if assertion_consumer_service_url
authn_request.parent['AttributeConsumingServiceIndex'] = attribute_consuming_service_index if attribute_consuming_service_index
authn_request.parent['ForceAuthn'] = force_authn? unless force_authn?.nil?
authn_request.parent['IsPassive'] = passive? unless passive?.nil?
authn_request.parent['ProtocolBinding'] = protocol_binding if protocol_binding
subject.build(authn_request) if subject
name_id_policy.build(authn_request) if name_id_policy
requested_authn_context.build(authn_request) if requested_authn_context
end
end
|
#force_authn? ⇒ Boolean
98
99
100
101
102
103
|
# File 'lib/saml2/authn_request.rb', line 98
def force_authn?
if xml && !instance_variable_defined?(:@force_authn)
@force_authn = xml['ForceAuthn']&.== 'true'
end
@force_authn
end
|
#passive? ⇒ Boolean
105
106
107
108
109
110
|
# File 'lib/saml2/authn_request.rb', line 105
def passive?
if xml && !instance_variable_defined?(:@passive)
@passive = xml['IsPassive']&.== 'true'
end
@passive
end
|
#resolve(service_provider) ⇒ Object
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
|
# File 'lib/saml2/authn_request.rb', line 52
def resolve(service_provider)
if assertion_consumer_service_url
@assertion_consumer_service = service_provider.assertion_consumer_services.find { |acs| acs.location == assertion_consumer_service_url }
else
@assertion_consumer_service = service_provider.assertion_consumer_services.resolve(assertion_consumer_service_index)
end
@attribute_consuming_service = service_provider.attribute_consuming_services.resolve(attribute_consuming_service_index)
return false unless @assertion_consumer_service
return false if attribute_consuming_service_index && !@attribute_consuming_service
true
end
|
#subject ⇒ Object
119
120
121
122
123
124
|
# File 'lib/saml2/authn_request.rb', line 119
def subject
if xml && !instance_variable_defined?(:@subject)
@subject = Subject.from_xml(xml.at_xpath('saml:Subject', Namespaces::ALL))
end
@subject
end
|
#valid_interoperable_profile? ⇒ Boolean
41
42
43
44
45
46
47
48
49
50
|
# File 'lib/saml2/authn_request.rb', line 41
def valid_interoperable_profile?
return false unless valid_web_browser_sso_profile?
return false unless assertion_consumer_service_url
return false if protocol_binding && protocol_binding != Endpoint::Bindings::HTTP_POST
return false if subject
true
end
|
#valid_web_browser_sso_profile? ⇒ Boolean
34
35
36
37
38
39
|
# File 'lib/saml2/authn_request.rb', line 34
def valid_web_browser_sso_profile?
return false unless issuer
return false if issuer.format && issuer.format != NameID::Format::ENTITY
true
end
|