Class: Samlurai::LogOutRequest

Inherits:

Object

• Object
• Samlurai::LogOutRequest

Defined in:

lib/samlurai/log_out_request.rb

Instance Attribute Summary

• #forward_url ⇒ Object readonly

  Returns the value of attribute forward_url.

• #id ⇒ Object readonly

  Returns the value of attribute id.

• #request_xml ⇒ Object readonly

  Returns the value of attribute request_xml.

• #settings ⇒ Object readonly

  Returns the value of attribute settings.

Class Method Summary

• .create(settings, session) ⇒ Object

Instance Method Summary

• #_generate_signature(string, private_key) ⇒ Object
• #generate_request ⇒ Object
• #initialize(settings, session) ⇒ LogOutRequest constructor

  A new instance of LogOutRequest.

Constructor Details

#initialize(settings, session) ⇒ LogOutRequest

Returns a new instance of LogOutRequest.

# File 'lib/samlurai/log_out_request.rb', line 5

def initialize(settings, session)
  @settings = settings
  @session = session
end

Instance Attribute Details

#forward_url ⇒ Object (readonly)

Returns the value of attribute forward_url.

# File 'lib/samlurai/log_out_request.rb', line 3

def forward_url
  @forward_url
end

#id ⇒ Object (readonly)

Returns the value of attribute id.

# File 'lib/samlurai/log_out_request.rb', line 3

def id
  @id
end

#request_xml ⇒ Object (readonly)

Returns the value of attribute request_xml.

# File 'lib/samlurai/log_out_request.rb', line 3

def request_xml
  @request_xml
end

#settings ⇒ Object (readonly)

Returns the value of attribute settings.

# File 'lib/samlurai/log_out_request.rb', line 3

def settings
  @settings
end

Class Method Details

.create(settings, session) ⇒ Object

# File 'lib/samlurai/log_out_request.rb', line 10

def self.create(settings, session)
  ar = LogOutRequest.new(settings, session)
  ar.generate_request
end

Instance Method Details

#_generate_signature(string, private_key) ⇒ Object

# File 'lib/samlurai/log_out_request.rb', line 46

def _generate_signature(string, private_key)
  pkey = OpenSSL::PKey::RSA.new(File.read(private_key))
  sign = pkey.sign(OpenSSL::Digest::SHA1.new, string)
  Base64.encode64(sign).gsub(/\s/, '')
end

#generate_request ⇒ Object

# File 'lib/samlurai/log_out_request.rb', line 15

def generate_request
  @id = Samlurai::AuthRequest.generate_unique_id(42)
  issue_instant = Samlurai::AuthRequest.get_timestamp
  
  @request_xml = "<samlp:LogoutRequest xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\" ID=\"#{@id}\" Version=\"2.0\" IssueInstant=\"#{issue_instant}\" Destination=\"#{@settings.idp_slo_target_url}\">" +
      "<saml:Issuer xmlns:saml=\"urn:oasis:names:tc:SAML:2.0:assertion\">#{@settings.issuer}</saml:Issuer>" +
      "<saml:NameID xmlns:saml=\"urn:oasis:names:tc:SAML:2.0:assertion\" NameQualifier=\"#{@session[:name_qualifier]}\" SPNameQualifier=\"#{@settings.issuer}\" Format=\"urn:oasis:names:tc:SAML:2.0:nameid-format:transient\">#{@session[:name_id]}</saml:NameID>" + 
      "<samlp:SessionIndex xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\">#{@session[:session_index]}</samlp:SessionIndex>" +
      "</samlp:LogoutRequest>"

  if settings.sign?
    @request_xml = XMLSecurity.sign(@request_xml, @settings.xmlsec_privatekey)
  end

  deflated_logout_request = Zlib::Deflate.deflate(@request_xml, 9)[2..-5]
  base64_logout_request = Base64.encode64(deflated_logout_request)
  encoded_logout_request = CGI.escape(base64_logout_request)

  query_string = "SAMLRequest=" + encoded_logout_request

  if settings.sign?
    query_string += '&SigAlg=' + CGI.escape('http://www.w3.org/2000/09/xmldsig#rsa-sha1')
    signature = _generate_signature(query_string, @settings.xmlsec_privatekey)
    query_string += "&Signature=#{CGI.escape(signature)}"
  end

  @forward_url = @settings.idp_slo_target_url + (@settings.idp_slo_target_url.include?("?") ? "&" : "?") + query_string
  
  @forward_url
end