Class: Onelogin::Saml::Logoutresponse

Inherits:

Object

• Object
• Onelogin::Saml::Logoutresponse

Defined in:

lib/onelogin/ruby-saml/logoutresponse.rb

Constant Summary

ASSERTION =

"urn:oasis:names:tc:SAML:2.0:assertion"

PROTOCOL =

"urn:oasis:names:tc:SAML:2.0:protocol"

Instance Attribute Summary

• #document ⇒ Object readonly

  Returns the value of attribute document.

• #options ⇒ Object readonly

  Returns the value of attribute options.

• #response ⇒ Object readonly

  Returns the value of attribute response.

• #settings ⇒ Object

  For API compability, this is mutable.

Instance Method Summary

• #in_response_to ⇒ Object
• #initialize(response, settings = nil, options = {}) ⇒ Logoutresponse constructor

  In order to validate that the response matches a given request, append the option: :matches_request_id => REQUEST_ID.

• #issuer ⇒ Object
• #status_code ⇒ Object
• #success?(soft = true) ⇒ Boolean
• #validate(soft = true) ⇒ Object
• #validate! ⇒ Object

Constructor Details

#initialize(response, settings = nil, options = {}) ⇒ Logoutresponse

In order to validate that the response matches a given request, append the option:

:matches_request_id => REQUEST_ID

It will validate that the logout response matches the ID of the request. You can also do this yourself through the in_response_to accessor.

Raises:

• (ArgumentError)

# File 'lib/onelogin/ruby-saml/logoutresponse.rb', line 29

def initialize(response, settings = nil, options = {})
  raise ArgumentError.new("Logoutresponse cannot be nil") if response.nil?
  self.settings = settings

  @options = options
  @response = decode_raw_response(response)
  @document = XMLSecurity::SignedDocument.new(response)
end

Instance Attribute Details

#document ⇒ Object (readonly)

Returns the value of attribute document.

# File 'lib/onelogin/ruby-saml/logoutresponse.rb', line 17

def document
  @document
end

#options ⇒ Object (readonly)

Returns the value of attribute options.

# File 'lib/onelogin/ruby-saml/logoutresponse.rb', line 19

def options
  @options
end

#response ⇒ Object (readonly)

Returns the value of attribute response.

# File 'lib/onelogin/ruby-saml/logoutresponse.rb', line 18

def response
  @response
end

#settings ⇒ Object

For API compability, this is mutable.

# File 'lib/onelogin/ruby-saml/logoutresponse.rb', line 15

def settings
  @settings
end

Instance Method Details

#in_response_to ⇒ Object

# File 'lib/onelogin/ruby-saml/logoutresponse.rb', line 55

def in_response_to
  @in_response_to ||= begin
    node = REXML::XPath.first(document, "/p:LogoutResponse", { "p" => PROTOCOL, "a" => ASSERTION })
    node.nil? ? nil : node.attributes['InResponseTo']
  end
end

#issuer ⇒ Object

# File 'lib/onelogin/ruby-saml/logoutresponse.rb', line 62

def issuer
  @issuer ||= begin
    node = REXML::XPath.first(document, "/p:LogoutResponse/a:Issuer", { "p" => PROTOCOL, "a" => ASSERTION })
    node ||= REXML::XPath.first(document, "/p:LogoutResponse/a:Assertion/a:Issuer", { "p" => PROTOCOL, "a" => ASSERTION })
    node.nil? ? nil : node.text
  end
end

#status_code ⇒ Object

# File 'lib/onelogin/ruby-saml/logoutresponse.rb', line 70

def status_code
  @status_code ||= begin
    node = REXML::XPath.first(document, "/p:LogoutResponse/p:Status/p:StatusCode", { "p" => PROTOCOL, "a" => ASSERTION })
    node.nil? ? nil : node.attributes["Value"]
  end
end

#success?(soft = true) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/onelogin/ruby-saml/logoutresponse.rb', line 48

def success?(soft = true)
  unless status_code == "urn:oasis:names:tc:SAML:2.0:status:Success"
    return soft ? false : validation_error("Bad status code. Expected <urn:oasis:names:tc:SAML:2.0:status:Success>, but was: <#@status_code> ")
  end
  true
end

#validate(soft = true) ⇒ Object

# File 'lib/onelogin/ruby-saml/logoutresponse.rb', line 42

def validate(soft = true)
  return false unless valid_saml?(soft) && valid_state?(soft)

  valid_in_response_to?(soft) && valid_issuer?(soft) && success?(soft)
end

#validate! ⇒ Object

# File 'lib/onelogin/ruby-saml/logoutresponse.rb', line 38

def validate!
  validate(false)
end