Module: Saml::Provider
- Extended by:
- ActiveSupport::Concern
- Included in:
- BasicProvider, NullProvider
- Defined in:
- lib/saml/provider.rb
Instance Method Summary collapse
- #artifact_resolution_service_url(index = nil, type = :descriptor) ⇒ Object
- #assertion_consumer_service(index = nil) ⇒ Object
- #assertion_consumer_service_indices ⇒ Object
- #assertion_consumer_service_url(index = nil) ⇒ Object
- #attribute_consuming_service(index = nil) ⇒ Object
- #attribute_service_url(binding) ⇒ Object
- #authn_requests_signed? ⇒ Boolean
- #certificate(key_name = nil, use = "signing", type = :descriptor) ⇒ Object
- #encryption_key ⇒ Object
- #entity_descriptor ⇒ Object
- #entity_id ⇒ Object
- #find_key_descriptor(key_name = nil, use = "signing", type = :descriptor) ⇒ Object
- #private_key ⇒ Object
- #sign(signature_algorithm, data) ⇒ Object
- #signing_key ⇒ Object
- #single_logout_service_url(binding, type = :descriptor) ⇒ Object
- #single_sign_on_service_url(binding) ⇒ Object
- #type ⇒ Object
- #verify(signature_algorithm, signature, data, key_name = nil) ⇒ Object
Instance Method Details
#artifact_resolution_service_url(index = nil, type = :descriptor) ⇒ Object
10 11 12 |
# File 'lib/saml/provider.rb', line 10 def artifact_resolution_service_url(index = nil, type = :descriptor) find_indexed_service_url(descriptor(type).artifact_resolution_services, index) end |
#assertion_consumer_service(index = nil) ⇒ Object
18 19 20 |
# File 'lib/saml/provider.rb', line 18 def assertion_consumer_service(index = nil) find_indexed_service(sp_descriptor.assertion_consumer_services, index) end |
#assertion_consumer_service_indices ⇒ Object
22 23 24 25 26 27 28 |
# File 'lib/saml/provider.rb', line 22 def assertion_consumer_service_indices if sp_descriptor.assertion_consumer_services.present? sp_descriptor.assertion_consumer_services.map(&:index) else [] end end |
#assertion_consumer_service_url(index = nil) ⇒ Object
5 6 7 |
# File 'lib/saml/provider.rb', line 5 def assertion_consumer_service_url(index = nil) find_indexed_service_url(sp_descriptor.assertion_consumer_services, index) end |
#attribute_consuming_service(index = nil) ⇒ Object
14 15 16 |
# File 'lib/saml/provider.rb', line 14 def attribute_consuming_service(index = nil) find_indexed_service(sp_descriptor.attribute_consuming_services, index) end |
#attribute_service_url(binding) ⇒ Object
75 76 77 |
# File 'lib/saml/provider.rb', line 75 def attribute_service_url(binding) find_binding_service(aa_descriptor.attribute_service, binding) end |
#authn_requests_signed? ⇒ Boolean
100 101 102 |
# File 'lib/saml/provider.rb', line 100 def authn_requests_signed? sp_descriptor(false).try(:authn_requests_signed) end |
#certificate(key_name = nil, use = "signing", type = :descriptor) ⇒ Object
39 40 41 42 |
# File 'lib/saml/provider.rb', line 39 def certificate(key_name = nil, use = "signing", type = :descriptor) key_descriptor = find_key_descriptor(key_name, use, type) key_descriptor.certificate if key_descriptor end |
#encryption_key ⇒ Object
58 59 60 |
# File 'lib/saml/provider.rb', line 58 def encryption_key @encryption_key end |
#entity_descriptor ⇒ Object
30 31 32 |
# File 'lib/saml/provider.rb', line 30 def entity_descriptor @entity_descriptor end |
#entity_id ⇒ Object
34 35 36 |
# File 'lib/saml/provider.rb', line 34 def entity_id entity_descriptor.entity_id end |
#find_key_descriptor(key_name = nil, use = "signing", type = :descriptor) ⇒ Object
45 46 47 |
# File 'lib/saml/provider.rb', line 45 def find_key_descriptor(key_name = nil, use = "signing", type = :descriptor) descriptor(type).find_key_descriptor(key_name, use) end |
#private_key ⇒ Object
49 50 51 52 |
# File 'lib/saml/provider.rb', line 49 def private_key warn '[DEPRECATED] `private_key` please use signing_key or encryption_key' encryption_key end |
#sign(signature_algorithm, data) ⇒ Object
62 63 64 |
# File 'lib/saml/provider.rb', line 62 def sign(signature_algorithm, data) signing_key.sign(digest_method(signature_algorithm).new, data) end |
#signing_key ⇒ Object
54 55 56 |
# File 'lib/saml/provider.rb', line 54 def signing_key @signing_key || encryption_key end |
#single_logout_service_url(binding, type = :descriptor) ⇒ Object
71 72 73 |
# File 'lib/saml/provider.rb', line 71 def single_logout_service_url(binding, type = :descriptor) find_binding_service(descriptor(type).single_logout_services, binding) end |
#single_sign_on_service_url(binding) ⇒ Object
66 67 68 |
# File 'lib/saml/provider.rb', line 66 def single_sign_on_service_url(binding) find_binding_service(idp_descriptor.single_sign_on_services, binding) end |
#type ⇒ Object
79 80 81 82 83 84 85 86 87 88 89 |
# File 'lib/saml/provider.rb', line 79 def type if idp_descriptor(false) if sp_descriptor(false) "identity_and_service_provider" else "identity_provider" end else "service_provider" end end |
#verify(signature_algorithm, signature, data, key_name = nil) ⇒ Object
91 92 93 94 95 96 97 98 |
# File 'lib/saml/provider.rb', line 91 def verify(signature_algorithm, signature, data, key_name = nil) valid = certificate(key_name).public_key.verify(digest_method(signature_algorithm).new, signature, data) rescue nil # Clear OpenSSL error queue if verification fails - https://bugs.ruby-lang.org/issues/7215 OpenSSL.errors if !valid valid end |