Class: OneLogin::RubySaml::Logoutresponse

Inherits:
SamlMessage
  • Object
show all
Defined in:
lib/onelogin/ruby-saml/logoutresponse.rb

Constant Summary

Constants inherited from SamlMessage

SamlMessage::ASSERTION, SamlMessage::PROTOCOL

Instance Attribute Summary collapse

Instance Method Summary collapse

Methods inherited from SamlMessage

#valid_saml?, #validation_error

Constructor Details

#initialize(response, settings = nil, options = {}) ⇒ Logoutresponse

In order to validate that the response matches a given request, append the option:

:matches_request_id => REQUEST_ID

It will validate that the logout response matches the ID of the request. You can also do this yourself through the in_response_to accessor.

Raises:

  • (ArgumentError) 


22
23
24
25
26
27
28
29
 
# File 'lib/onelogin/ruby-saml/logoutresponse.rb', line 22

def initialize(response, settings = nil, options = {})
  raise ArgumentError.new("Logoutresponse cannot be nil") if response.nil?
  self.settings = settings

  @options = options
  @response = decode_raw_saml(response)
  @document = XMLSecurity::SignedDocument.new(@response)
end

Instance Attribute Details

#documentObject (readonly)

Returns the value of attribute document.



10
11
12
 
# File 'lib/onelogin/ruby-saml/logoutresponse.rb', line 10

def document
  @document
end

#optionsObject (readonly)

Returns the value of attribute options.



12
13
14
 
# File 'lib/onelogin/ruby-saml/logoutresponse.rb', line 12

def options
  @options
end

#responseObject (readonly)

Returns the value of attribute response.



11
12
13
 
# File 'lib/onelogin/ruby-saml/logoutresponse.rb', line 11

def response
  @response
end

#settingsObject

For API compability, this is mutable.



8
9
10
 
# File 'lib/onelogin/ruby-saml/logoutresponse.rb', line 8

def settings
  @settings
end

Instance Method Details

#in_response_toObject 



48
49
50
51
52
53
 
# File 'lib/onelogin/ruby-saml/logoutresponse.rb', line 48

def in_response_to
  @in_response_to ||= begin
    node = REXML::XPath.first(document, "/p:LogoutResponse", { "p" => PROTOCOL, "a" => ASSERTION })
    node.nil? ? nil : node.attributes['InResponseTo']
  end
end

#issuerObject 



55
56
57
58
59
60
61
 
# File 'lib/onelogin/ruby-saml/logoutresponse.rb', line 55

def issuer
  @issuer ||= begin
    node = REXML::XPath.first(document, "/p:LogoutResponse/a:Issuer", { "p" => PROTOCOL, "a" => ASSERTION })
    node ||= REXML::XPath.first(document, "/p:LogoutResponse/a:Assertion/a:Issuer", { "p" => PROTOCOL, "a" => ASSERTION })
    node.nil? ? nil : node.text
  end
end

#status_codeObject 



63
64
65
66
67
68
 
# File 'lib/onelogin/ruby-saml/logoutresponse.rb', line 63

def status_code
  @status_code ||= begin
    node = REXML::XPath.first(document, "/p:LogoutResponse/p:Status/p:StatusCode", { "p" => PROTOCOL, "a" => ASSERTION })
    node.nil? ? nil : node.attributes["Value"]
  end
end

#success?(soft = true) ⇒ Boolean

Returns:

  • (Boolean) 


41
42
43
44
45
46
 
# File 'lib/onelogin/ruby-saml/logoutresponse.rb', line 41

def success?(soft = true)
  unless status_code == "urn:oasis:names:tc:SAML:2.0:status:Success"
    return soft ? false : validation_error("Bad status code. Expected <urn:oasis:names:tc:SAML:2.0:status:Success>, but was: <#@status_code> ")
  end
  true
end

#validate(soft = true) ⇒ Object 



35
36
37
38
39
 
# File 'lib/onelogin/ruby-saml/logoutresponse.rb', line 35

def validate(soft = true)
  return false unless valid_saml?(document, soft) && valid_state?(soft)

  valid_in_response_to?(soft) && valid_issuer?(soft) && success?(soft)
end

#validate!Object 



31
32
33
 
# File 'lib/onelogin/ruby-saml/logoutresponse.rb', line 31

def validate!
  validate(false)
end