Class: Saml::Bindings::SOAP

Inherits:
Object
  • Object
show all
Includes:
Notification
Defined in:
lib/saml/bindings/soap.rb

Constant Summary collapse

SOAP_ACTION = 
'http://www.oasis-open.org/committees/security'

Class Method Summary collapse

Methods included from Notification

#notify

Class Method Details

.create_response_xml(response) ⇒ Object 



10
11
12
 
# File 'lib/saml/bindings/soap.rb', line 10

def create_response_xml(response)
  notify('create_response', Saml::Util.sign_xml(response, :soap))
end

.post_message(message, response_type) ⇒ Object 



14
15
16
17
18
19
20
21
22
23
24
25
 
# File 'lib/saml/bindings/soap.rb', line 14

def post_message(message, response_type)
  signed_message = notify('create_post', Saml::Util.sign_xml(message, :soap))

  http_response = Saml::Util.post(message.destination, signed_message, { 'SOAPAction' => SOAP_ACTION } )

  if http_response.code == "200"
    response = notify('receive_response', Saml.parse_message(http_response.body, response_type))
    Saml::Util.verify_xml(response, http_response.body)
  else
    nil
  end
end

.receive_message(request, type) ⇒ Object 



27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
 
# File 'lib/saml/bindings/soap.rb', line 27

def receive_message(request, type)
  raw_xml = request.body.dup.read
  notify('receive_message', raw_xml)
  message = Saml.parse_message(raw_xml, type)

  skip_signature_verification = (
    message.is_a?(Saml::AuthnRequest) &&
    !message.provider.authn_requests_signed?
  )

  if skip_signature_verification
    message
  else
    Saml::Util.verify_xml(message, raw_xml)
  end
end