Class: OneLogin::KlRubySaml::SamlMessage

Inherits:

Object

• Object
• OneLogin::KlRubySaml::SamlMessage

Includes:

REXML

Defined in:

lib/onelogin/kl-ruby-saml/saml_message.rb

Overview

SAML2 Message

Direct Known Subclasses

Authrequest, Logoutrequest, Logoutresponse, Response, SloLogoutrequest, SloLogoutresponse

Constant Summary

ASSERTION =

"urn:oasis:names:tc:SAML:2.0:assertion"

PROTOCOL =

"urn:oasis:names:tc:SAML:2.0:protocol"

BASE64_FORMAT =

%r(\A[A-Za-z0-9+/]{4}*[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=?\Z)

Class Method Summary

• .schema ⇒ Nokogiri::XML::Schema

  Gets the schema object of the SAML 2.0 Protocol schema.

Instance Method Summary

• #id(document) ⇒ String|nil

  Gets the ID attribute from the SAML Message if exists.

• #valid_saml?(document, soft = true) ⇒ Boolean

  Validates the SAML Message against the specified schema.

• #validation_error(message) ⇒ Object

  Raise a ValidationError with the provided message.

• #version(document) ⇒ String|nil

  Gets the Version attribute from the SAML Message if exists.

Class Method Details

.schema ⇒ Nokogiri::XML::Schema

Returns Gets the schema object of the SAML 2.0 Protocol schema.

Returns:

• (Nokogiri::XML::Schema) —

  Gets the schema object of the SAML 2.0 Protocol schema

# File 'lib/onelogin/kl-ruby-saml/saml_message.rb', line 25

def self.schema
  @schema ||= Mutex.new.synchronize do
    Dir.chdir(File.expand_path("../../../schemas", __FILE__)) do
      ::Nokogiri::XML::Schema(File.read("saml-schema-protocol-2.0.xsd"))
    end
  end
end

Instance Method Details

#id(document) ⇒ String|nil

Returns Gets the ID attribute from the SAML Message if exists.

Returns:

• (String|nil) —

  Gets the ID attribute from the SAML Message if exists.

# File 'lib/onelogin/kl-ruby-saml/saml_message.rb', line 48

def id(document)
  @id ||= begin
    node = REXML::XPath.first(
      document,
      "/p:AuthnRequest | /p:Response | /p:LogoutResponse | /p:LogoutRequest",
      { "p" => PROTOCOL }
    )
    node.nil? ? nil : node.attributes['ID']
  end
end

#valid_saml?(document, soft = true) ⇒ Boolean

Validates the SAML Message against the specified schema.

Parameters:

• document (REXML::Document) —

  The message that will be validated

• soft (Boolean) (defaults to: true) —

  soft Enable or Disable the soft mode (In order to raise exceptions when the message is invalid or not)

Returns:

• (Boolean) —

  True if the XML is valid, otherwise False, if soft=True

Raises:

• (ValidationError) —

  if soft == false and validation fails

# File 'lib/onelogin/kl-ruby-saml/saml_message.rb', line 65

def valid_saml?(document, soft = true)
  begin
    xml = Nokogiri::XML(document.to_s) do |config|
      config.options = KlXMLSecurity::BaseDocument::NOKOGIRI_OPTIONS
    end
  rescue Exception => error
    return false if soft
    validation_error("XML load failed: #{error.message}")
  end

  SamlMessage.schema.validate(xml).map do |error|
    return false if soft
    validation_error("#{error.message}\n\n#{xml.to_s}")
  end
end

#validation_error(message) ⇒ Object

Raise a ValidationError with the provided message

Parameters:

• message (String) —

  Message of the exception

Raises:

• (ValidationError)

# File 'lib/onelogin/kl-ruby-saml/saml_message.rb', line 85

def validation_error(message)
  raise ValidationError.new(message)
end

#version(document) ⇒ String|nil

Returns Gets the Version attribute from the SAML Message if exists.

Returns:

• (String|nil) —

  Gets the Version attribute from the SAML Message if exists.

# File 'lib/onelogin/kl-ruby-saml/saml_message.rb', line 35

def version(document)
  @version ||= begin
    node = REXML::XPath.first(
      document,
      "/p:AuthnRequest | /p:Response | /p:LogoutResponse | /p:LogoutRequest",
      { "p" => PROTOCOL }
    )
    node.nil? ? nil : node.attributes['Version']
  end
end