Module: Spid::Saml::Request
- Included in:
- LogoutRequest, LogoutResponse
- Defined in:
- lib/spid/ruby-saml/request.rb
Constant Summary collapse
- HTTP_POST =
a few symbols for SAML class names
"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"- HTTP_GET =
"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
Instance Method Summary collapse
-
#binding_select(service) ⇒ Object
get the IdP metadata, and select the appropriate SSO binding that we can support.
-
#content_get ⇒ Object
construct the the parameter list on the URL and return.
-
#content_post ⇒ Object
construct an HTML form (POST) and return the content.
Instance Method Details
#binding_select(service) ⇒ Object
get the IdP metadata, and select the appropriate SSO binding that we can support. Currently this is HTTP-Redirect and HTTP-POST but more could be added in the future
14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 |
# File 'lib/spid/ruby-saml/request.rb', line 14 def binding_select(service) # first check if we're still using the old hard coded method for # backwards compatability if @settings. == nil && @settings.idp_sso_target_url != nil @URL = @settings.idp_sso_target_url return "GET", content_get end # grab the metadata = Metadata::new = .(@settings) # first try POST sso_element = REXML::XPath.first(, "/EntityDescriptor/IDPSSODescriptor/#{service}[@Binding='#{HTTP_POST}']") if sso_element @URL = sso_element.attributes["Location"] #Logging.debug "binding_select: POST to #{@URL}" return "POST", content_post end # next try GET sso_element = REXML::XPath.first(, "/EntityDescriptor/IDPSSODescriptor/#{service}[@Binding='#{HTTP_GET}']") if sso_element @URL = sso_element.attributes["Location"] Logging.debug "binding_select: GET from #{@URL}" return "GET", content_get end # other types we might want to add in the future: SOAP, Artifact end |
#content_get ⇒ Object
construct the the parameter list on the URL and return
46 47 48 49 50 51 52 53 54 55 56 57 58 59 |
# File 'lib/spid/ruby-saml/request.rb', line 46 def content_get # compress GET requests to try and stay under that 8KB request limit deflated_request = Zlib::Deflate.deflate(@request, 9)[2..-5] # strict_encode64() isn't available? sub out the newlines @request_params["SAMLRequest"] = Base64.encode64(deflated_request).gsub(/\n/, "") Logging.debug "SAMLRequest=#{@request_params["SAMLRequest"]}" uri = Addressable::URI.parse(@URL) uri.query_values = @request_params url = uri.to_s #url = @URL + "?SAMLRequest=" + @request_params["SAMLRequest"] Logging.debug "Sending to URL #{url}" return url end |
#content_post ⇒ Object
construct an HTML form (POST) and return the content
61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 |
# File 'lib/spid/ruby-saml/request.rb', line 61 def content_post # POST requests seem to bomb out when they're deflated # and they probably don't need to be compressed anyway @request_params["SAMLRequest"] = Base64.encode64(@request).gsub(/\n/, "") #Logging.debug "SAMLRequest=#{@request_params["SAMLRequest"]}" # kind of a cheesy method of building an HTML, form since we can't rely on Rails too much, # and REXML doesn't work well with quote characters str = "<html><body onLoad=\"document.getElementById('form').submit();\">\n" str += "<form id='form' name='form' method='POST' action=\"#{@URL}\">\n" # we could change this in the future to associate a temp auth session ID str += "<input name='RelayState' value='ruby-saml' type='hidden' />\n" @request_params.each_pair do |key, value| str += "<input name=\"#{key}\" value=\"#{value}\" type='hidden' />\n" end str += "</form></body></html>\n" #Logging.debug "Created form:\n#{str}" return str end |