Module: Saml::Provider
- Extended by:
- ActiveSupport::Concern
- Included in:
- BasicProvider, NullProvider
- Defined in:
- lib/saml/provider.rb
Instance Method Summary collapse
- #artifact_resolution_service_url(index = nil, type = :descriptor) ⇒ Object
- #assertion_consumer_service(index = nil) ⇒ Object
- #assertion_consumer_service_indices ⇒ Object
- #assertion_consumer_service_url(index = nil) ⇒ Object
- #attribute_consuming_service(index = nil) ⇒ Object
- #attribute_service_url(binding) ⇒ Object
- #authn_requests_signed? ⇒ Boolean
- #certificate(key_name = nil, use = "signing", type = :descriptor) ⇒ Object
- #encryption_key ⇒ Object
- #entity_descriptor ⇒ Object
- #entity_id ⇒ Object
- #find_key_descriptor(key_name = nil, use = "signing", type = :descriptor) ⇒ Object
- #find_key_descriptors_by_use(use, type = :descriptor) ⇒ Object
- #sign(signature_algorithm, data) ⇒ Object
- #signing_key ⇒ Object
- #single_logout_service_url(binding, type = :descriptor) ⇒ Object
- #single_sign_on_service_url(binding) ⇒ Object
- #type ⇒ Object
- #verify(signature_algorithm, signature, data, key_name = nil) ⇒ Object
Instance Method Details
#artifact_resolution_service_url(index = nil, type = :descriptor) ⇒ Object
10 11 12 |
# File 'lib/saml/provider.rb', line 10 def artifact_resolution_service_url(index = nil, type = :descriptor) find_indexed_service_url(descriptor(type).artifact_resolution_services, index) end |
#assertion_consumer_service(index = nil) ⇒ Object
18 19 20 |
# File 'lib/saml/provider.rb', line 18 def assertion_consumer_service(index = nil) find_indexed_service(sp_descriptor.assertion_consumer_services, index) end |
#assertion_consumer_service_indices ⇒ Object
22 23 24 25 26 27 28 |
# File 'lib/saml/provider.rb', line 22 def assertion_consumer_service_indices if sp_descriptor.assertion_consumer_services.present? sp_descriptor.assertion_consumer_services.map(&:index) else [] end end |
#assertion_consumer_service_url(index = nil) ⇒ Object
5 6 7 |
# File 'lib/saml/provider.rb', line 5 def assertion_consumer_service_url(index = nil) find_indexed_service_url(sp_descriptor.assertion_consumer_services, index) end |
#attribute_consuming_service(index = nil) ⇒ Object
14 15 16 |
# File 'lib/saml/provider.rb', line 14 def attribute_consuming_service(index = nil) find_indexed_service(sp_descriptor.attribute_consuming_services, index) end |
#attribute_service_url(binding) ⇒ Object
74 75 76 |
# File 'lib/saml/provider.rb', line 74 def attribute_service_url(binding) find_binding_service(aa_descriptor.attribute_service, binding) end |
#authn_requests_signed? ⇒ Boolean
99 100 101 |
# File 'lib/saml/provider.rb', line 99 def authn_requests_signed? sp_descriptor(false).try(:authn_requests_signed) end |
#certificate(key_name = nil, use = "signing", type = :descriptor) ⇒ Object
39 40 41 42 |
# File 'lib/saml/provider.rb', line 39 def certificate(key_name = nil, use = "signing", type = :descriptor) key_descriptor = find_key_descriptor(key_name, use, type) key_descriptor.certificate if key_descriptor end |
#encryption_key ⇒ Object
57 58 59 |
# File 'lib/saml/provider.rb', line 57 def encryption_key @encryption_key end |
#entity_descriptor ⇒ Object
30 31 32 |
# File 'lib/saml/provider.rb', line 30 def entity_descriptor @entity_descriptor end |
#entity_id ⇒ Object
34 35 36 |
# File 'lib/saml/provider.rb', line 34 def entity_id entity_descriptor.entity_id end |
#find_key_descriptor(key_name = nil, use = "signing", type = :descriptor) ⇒ Object
45 46 47 |
# File 'lib/saml/provider.rb', line 45 def find_key_descriptor(key_name = nil, use = "signing", type = :descriptor) descriptor(type).find_key_descriptor(key_name, use) end |
#find_key_descriptors_by_use(use, type = :descriptor) ⇒ Object
49 50 51 |
# File 'lib/saml/provider.rb', line 49 def find_key_descriptors_by_use(use, type = :descriptor) descriptor(type).find_key_descriptors_by_use(use) end |
#sign(signature_algorithm, data) ⇒ Object
61 62 63 |
# File 'lib/saml/provider.rb', line 61 def sign(signature_algorithm, data) signing_key.sign(digest_method(signature_algorithm).new, data) end |
#signing_key ⇒ Object
53 54 55 |
# File 'lib/saml/provider.rb', line 53 def signing_key @signing_key || encryption_key end |
#single_logout_service_url(binding, type = :descriptor) ⇒ Object
70 71 72 |
# File 'lib/saml/provider.rb', line 70 def single_logout_service_url(binding, type = :descriptor) find_binding_service(descriptor(type).single_logout_services, binding) end |
#single_sign_on_service_url(binding) ⇒ Object
65 66 67 |
# File 'lib/saml/provider.rb', line 65 def single_sign_on_service_url(binding) find_binding_service(idp_descriptor.single_sign_on_services, binding) end |
#type ⇒ Object
78 79 80 81 82 83 84 85 86 87 88 |
# File 'lib/saml/provider.rb', line 78 def type if idp_descriptor(false) if sp_descriptor(false) "identity_and_service_provider" else "identity_provider" end else "service_provider" end end |
#verify(signature_algorithm, signature, data, key_name = nil) ⇒ Object
90 91 92 93 94 95 96 97 |
# File 'lib/saml/provider.rb', line 90 def verify(signature_algorithm, signature, data, key_name = nil) valid = certificate(key_name).public_key.verify(digest_method(signature_algorithm).new, signature, data) rescue nil # Clear OpenSSL error queue if verification fails - https://bugs.ruby-lang.org/issues/7215 OpenSSL.errors if !valid valid end |