Class: Onelogin::Saml::Response

Inherits:
Object
  • Object
show all
Includes:
Codeing
Defined in:
lib/onelogin/saml/response.rb

Instance Attribute Summary collapse

Instance Method Summary collapse

Methods included from Codeing

#decode, #deflate, #encode, #escape, #inflate, #unescape

Constructor Details

#initialize(response) ⇒ Response

Returns a new instance of Response.

Raises:

  • (ArgumentError)


9
10
11
12
13
# File 'lib/onelogin/saml/response.rb', line 9

def initialize(response)
  raise ArgumentError.new("Response cannot be nil") if response.nil?
  self.response = response
  self.document = XMLSecurity::SignedDocument.new(decode(response))
end

Instance Attribute Details

#documentObject

Returns the value of attribute document.



7
8
9
# File 'lib/onelogin/saml/response.rb', line 7

def document
  @document
end

#loggerObject

Returns the value of attribute logger.



7
8
9
# File 'lib/onelogin/saml/response.rb', line 7

def logger
  @logger
end

#responseObject

Returns the value of attribute response.



7
8
9
# File 'lib/onelogin/saml/response.rb', line 7

def response
  @response
end

#settingsObject

Returns the value of attribute settings.



7
8
9
# File 'lib/onelogin/saml/response.rb', line 7

def settings
  @settings
end

Instance Method Details

#attributesObject

A hash of alle the attributes with the response. Assuming there is onlye one value for each key



29
30
31
32
33
34
35
36
37
38
39
# File 'lib/onelogin/saml/response.rb', line 29

def attributes
  saml_attribute_statements = document.elements["/samlp:Response/saml:Assertion/saml:AttributeStatement"].elements
  statements = saml_attribute_statements.map do |child|
    child.attributes.map do |key, attribute|
      [attribute, child.elements.first.text]
    end
  end

  hash = Hash[statements.flatten(1)]
  @attributes ||= make_hash_access_indiferent(hash)
end

#is_valid?Boolean

Returns:

  • (Boolean)


15
16
17
18
19
20
21
# File 'lib/onelogin/saml/response.rb', line 15

def is_valid?
  return false if response.empty?
  return false if settings.nil?
  return false if settings.idp_cert_fingerprint.nil?

  document.validate(settings.idp_cert_fingerprint, logger)
end

#name_idObject

The value of the user identifier as designated by the initialization request response



24
25
26
# File 'lib/onelogin/saml/response.rb', line 24

def name_id
  @name_id ||= document.elements["/samlp:Response/saml:Assertion/saml:Subject/saml:NameID"].text
end

#session_expires_atObject

When this user session should expire at latest



42
43
44
# File 'lib/onelogin/saml/response.rb', line 42

def session_expires_at
  @expires_at ||= Time.parse(document.elements["/samlp:Response/saml:Assertion/saml:AuthnStatement"].attributes["SessionNotOnOrAfter"])
end

#sessionindexObject



46
47
48
# File 'lib/onelogin/saml/response.rb', line 46

def sessionindex
  document.elements["/samlp:Response/saml:Assertion/saml:AuthnStatement"].attributes["SessionIndex"]
end