Class: Akami::WSSE::Signature

Inherits:
Object
  • Object
show all
Includes:
C14nHelper, XPathHelper
Defined in:
lib/akami/wsse/signature.rb

Defined Under Namespace

Classes: MissingCertificate

Constant Summary collapse

ExclusiveXMLCanonicalizationAlgorithm =
'http://www.w3.org/2001/10/xml-exc-c14n#'.freeze
RSASHA1SignatureAlgorithm =
'http://www.w3.org/2000/09/xmldsig#rsa-sha1'.freeze
SHA1DigestAlgorithm =
'http://www.w3.org/2000/09/xmldsig#sha1'.freeze
X509v3ValueType =
'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3'.freeze
Base64EncodingType =
'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary'.freeze
SignatureNamespace =
'http://www.w3.org/2000/09/xmldsig#'.freeze

Instance Attribute Summary collapse

Instance Method Summary collapse

Methods included from C14nHelper

#canonicalize

Methods included from XPathHelper

#at_xpath, #local_name_xpath, #xpath

Constructor Details

#initialize(certs = Certs.new) ⇒ Signature

Returns a new instance of Signature.



35
36
37
# File 'lib/akami/wsse/signature.rb', line 35

def initialize(certs = Certs.new)
  @certs = certs
end

Instance Attribute Details

#certsObject

For a Savon::WSSE::Certs object. To hold the certs we need to sign.



13
14
15
# File 'lib/akami/wsse/signature.rb', line 13

def certs
  @certs
end

Instance Method Details

#body_attributesObject



57
58
59
60
61
62
# File 'lib/akami/wsse/signature.rb', line 57

def body_attributes
  {
    "xmlns:wsu" => Akami::WSSE::WSU_NAMESPACE,
    "wsu:Id" => body_id,
  }
end

#body_idObject



49
50
51
# File 'lib/akami/wsse/signature.rb', line 49

def body_id
  @body_id ||= "Body-#{uid}".freeze
end

#documentObject

Without a document, the document cannot be signed. Generate the document once, and then set document and recall #to_token



17
18
19
20
# File 'lib/akami/wsse/signature.rb', line 17

def document
  return nil if @document.nil?
  @document.to_xml(save_with: Nokogiri::XML::Node::SaveOptions::AS_XML)
end

#document=(document) ⇒ Object



22
23
24
# File 'lib/akami/wsse/signature.rb', line 22

def document=(document)
  @document = Nokogiri::XML(document)
end

#have_document?Boolean

Returns:

  • (Boolean)


39
40
41
# File 'lib/akami/wsse/signature.rb', line 39

def have_document?
  !!document
end

#nowObject

Cache “now” so that digests match… TODO: figure out how we might want to expire this cache…



45
46
47
# File 'lib/akami/wsse/signature.rb', line 45

def now
  @now ||= Time.now
end

#security_token_idObject



53
54
55
# File 'lib/akami/wsse/signature.rb', line 53

def security_token_id
  @security_token_id ||= "SecurityToken-#{uid}".freeze
end

#to_tokenObject



64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
# File 'lib/akami/wsse/signature.rb', line 64

def to_token
  return {} unless have_document?

  sig = signed_info.merge(key_info).merge(signature_value)
  sig.merge! :order! => []
  [ "SignedInfo", "SignatureValue", "KeyInfo" ].each do |key|
    sig[:order!] << key if sig[key]
  end

  token = {
    "Signature" => sig,
    :attributes! => { "Signature" => { "xmlns" => SignatureNamespace } },
  }

  Akami::HashHelper.deep_merge!(token, binary_security_token) if certs.cert

  token.merge! :order! => []
  [ "wsse:BinarySecurityToken", "Signature" ].each do |key|
    token[:order!] << key if token[key]
  end

  token
end