Class: Samlr::Signature

Inherits:

Object

• Object
• Samlr::Signature

Defined in:

lib/samlr/signature.rb

Overview

A SAML specific implementation en.wikipedia.org/wiki/XML_Signature

Instance Attribute Summary

• #document ⇒ Object readonly

  Returns the value of attribute document.

• #fingerprint ⇒ Object readonly

  Returns the value of attribute fingerprint.

• #options ⇒ Object readonly

  Returns the value of attribute options.

• #original ⇒ Object readonly

  Returns the value of attribute original.

• #prefix ⇒ Object readonly

  Returns the value of attribute prefix.

• #signature ⇒ Object readonly

  Returns the value of attribute signature.

Instance Method Summary

• #initialize(original, prefix, options) ⇒ Signature constructor

  Is initialized with the source document and a path to the element embedding the signature.

• #missing? ⇒ Boolean
• #present? ⇒ Boolean
• #references ⇒ Object
• #verify! ⇒ Object

Constructor Details

#initialize(original, prefix, options) ⇒ Signature

Is initialized with the source document and a path to the element embedding the signature

# File 'lib/samlr/signature.rb', line 12

def initialize(original, prefix, options)
  # Signature validations require document alterations
  @original = original
  @document = original.dup
  @prefix   = prefix
  @options  = options

  if @signature = document.at("#{prefix}/ds:Signature", NS_MAP)
    @signature.remove # enveloped signatures only
  end

  @fingerprint = if options[:fingerprint]
    Fingerprint.from_string(options[:fingerprint])
  elsif options[:certificate]
    Certificate.new(options[:certificate]).fingerprint
  end
end

Instance Attribute Details

#document ⇒ Object (readonly)

Returns the value of attribute document.

# File 'lib/samlr/signature.rb', line 9

def document
  @document
end

#fingerprint ⇒ Object (readonly)

Returns the value of attribute fingerprint.

# File 'lib/samlr/signature.rb', line 9

def fingerprint
  @fingerprint
end

#options ⇒ Object (readonly)

Returns the value of attribute options.

# File 'lib/samlr/signature.rb', line 9

def options
  @options
end

#original ⇒ Object (readonly)

Returns the value of attribute original.

# File 'lib/samlr/signature.rb', line 9

def original
  @original
end

#prefix ⇒ Object (readonly)

Returns the value of attribute prefix.

# File 'lib/samlr/signature.rb', line 9

def prefix
  @prefix
end

#signature ⇒ Object (readonly)

Returns the value of attribute signature.

# File 'lib/samlr/signature.rb', line 9

def signature
  @signature
end

Instance Method Details

#missing? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/samlr/signature.rb', line 34

def missing?
  signature.nil? || certificate.nil?
end

#present? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/samlr/signature.rb', line 30

def present?
  !missing?
end

#references ⇒ Object

# File 'lib/samlr/signature.rb', line 48

def references
  @references ||= [].tap do |refs|
    original.xpath("#{prefix}/ds:Signature/ds:SignedInfo/ds:Reference[@URI]", NS_MAP).each do |ref|
      refs << Samlr::Reference.new(ref)
    end
  end
end

#verify! ⇒ Object

Raises:

• (SignatureError)

# File 'lib/samlr/signature.rb', line 38

def verify!
  raise SignatureError.new("No signature at #{prefix}/ds:Signature") unless present?

  verify_fingerprint! unless options[:skip_fingerprint]
  verify_digests!
  verify_signature!

  true
end