Class: OmniAuth::Strategies::WSFed::AuthCallback

Inherits:

Object

Object
OmniAuth::Strategies::WSFed::AuthCallback

Defined in:: lib/omniauth/strategies/wsfed/auth_callback.rb

Constant Summary collapse

WS_TRUST =

'http://schemas.xmlsoap.org/ws/2005/02/trust'

WS_UTILITY =

'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd'

WS_POLICY =

'http://schemas.xmlsoap.org/ws/2004/09/policy'

Instance Attribute Summary collapse

#options ⇒ Object

Returns the value of attribute options.
#raw_callback ⇒ Object

Returns the value of attribute raw_callback.
#settings ⇒ Object

Returns the value of attribute settings.

Instance Method Summary collapse

#audience ⇒ Object

WS-Trust Envelope and WS* Element Values.
#claims ⇒ Object (also: #attributes)
#created_at ⇒ Object
#document ⇒ Object

TODO: remove reference to SignedDocument (document) and move it to validation use response variable instead…
#expires_at ⇒ Object
#initialize(raw_callback, settings, options = {}) ⇒ AuthCallback constructor

A new instance of AuthCallback.
#issuer ⇒ Object

SAML 2.0 Assertion [Token] Values Note: If/When future development warrants additional token types, these items should be refactored into a token abstraction…
#name_id ⇒ Object

The value of the user identifier as defined by the id_claim configuration setting…

Constructor Details

#initialize(raw_callback, settings, options = {}) ⇒ `AuthCallback`

Returns a new instance of AuthCallback.

Raises:

(ArgumentError)

# File 'lib/omniauth/strategies/wsfed/auth_callback.rb', line 17

def initialize(raw_callback, settings, options = {})
  raise ArgumentError.new('Response cannot be nil.') if raw_callback.nil?
  raise ArgumentError.new('WSFed settings cannot be nil.') if settings.nil?

  self.options      = options
  self.raw_callback = raw_callback
  self.settings     = settings
end

Instance Attribute Details

#options ⇒ `Object`

Returns the value of attribute options.



15
16
17

# File 'lib/omniauth/strategies/wsfed/auth_callback.rb', line 15

def options
  @options
end

#raw_callback ⇒ `Object`

Returns the value of attribute raw_callback.



15
16
17

# File 'lib/omniauth/strategies/wsfed/auth_callback.rb', line 15

def raw_callback
  @raw_callback
end

#settings ⇒ `Object`

Returns the value of attribute settings.



15
16
17

# File 'lib/omniauth/strategies/wsfed/auth_callback.rb', line 15

def settings
  @settings
end

Instance Method Details

#audience ⇒ `Object`

WS-Trust Envelope and WS* Element Values

# File 'lib/omniauth/strategies/wsfed/auth_callback.rb', line 36

def audience
  @audience ||= begin
    applies_to = REXML::XPath.first(document, '//t:RequestSecurityTokenResponse/wsp:AppliesTo', { 't' => WS_TRUST, 'wsp' => WS_POLICY })
    REXML::XPath.first(applies_to, '//EndpointReference/Address').text
  end
end

#claims ⇒ `Object` Also known as: attributes

# File 'lib/omniauth/strategies/wsfed/auth_callback.rb', line 62

def claims
  @attr_statements ||= begin
    stmt_element = REXML::XPath.first(document, '//Assertion/AttributeStatement')
    return {} if stmt_element.nil?

    {}.tap do |result|
      stmt_element.elements.each do |attr_element|
        name  = attr_element.attributes['Name']

        if attr_element.elements.count > 1
          value = []
          attr_element.elements.each { |element| value << element.text }
        else
          value = attr_element.elements.first.text.lstrip.rstrip
        end

        result[name] = value
      end
    end
  end
end

#created_at ⇒ `Object`



43
44
45

# File 'lib/omniauth/strategies/wsfed/auth_callback.rb', line 43

def created_at
  Time.parse(REXML::XPath.first(wstrust_lifetime, '//wsu:Created', { 'wsu' => WS_UTILITY }).text)
end

#document ⇒ `Object`

TODO: remove reference to SignedDocument (document) and move it to validation use response variable instead…



29
30
31

# File 'lib/omniauth/strategies/wsfed/auth_callback.rb', line 29

def document
  @document ||= OmniAuth::Strategies::WSFed::XMLSecurity::SignedDocument.new(raw_callback)
end

#expires_at ⇒ `Object`



47
48
49

# File 'lib/omniauth/strategies/wsfed/auth_callback.rb', line 47

def expires_at
  Time.parse(REXML::XPath.first(wstrust_lifetime, '//wsu:Expires', { 'wsu' => WS_UTILITY }).text)
end

#issuer ⇒ `Object`

SAML 2.0 Assertion [Token] Values Note: If/When future development warrants additional token types, these items should be refactored into a token abstraction…

# File 'lib/omniauth/strategies/wsfed/auth_callback.rb', line 56

def issuer
  @issuer ||= begin
    REXML::XPath.first(document, '//Assertion/Issuer').text
  end
end

#name_id ⇒ `Object`

The value of the user identifier as defined by the id_claim configuration setting…

# File 'lib/omniauth/strategies/wsfed/auth_callback.rb', line 86

def name_id
  @name_id ||= begin
    claims.has_key?(settings[:id_claim]) ? claims.fetch(settings[:id_claim]) : nil
  end
end

Class: OmniAuth::Strategies::WSFed::AuthCallback

Constant Summary collapse

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(raw_callback, settings, options = {}) ⇒ AuthCallback

Instance Attribute Details

#options ⇒ Object

#raw_callback ⇒ Object

#settings ⇒ Object

Instance Method Details

#audience ⇒ Object

#claims ⇒ Object Also known as: attributes

#created_at ⇒ Object

#document ⇒ Object

#expires_at ⇒ Object

#issuer ⇒ Object

#name_id ⇒ Object