Class: OneLogin::RubySaml::SamlMessage

Inherits:

Object

• Object
• OneLogin::RubySaml::SamlMessage

Includes:

REXML

Defined in:

lib/onelogin/ruby-saml/saml_message.rb

Overview

SAML2 Message

Direct Known Subclasses

Authrequest, Logoutrequest, Logoutresponse, Response, SloLogoutrequest, SloLogoutresponse

Constant Summary

ASSERTION =

"urn:oasis:names:tc:SAML:2.0:assertion".freeze

PROTOCOL =

"urn:oasis:names:tc:SAML:2.0:protocol".freeze

BASE64_FORMAT =

%r(\A([A-Za-z0-9+/]{4})*([A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)?\Z)

@@mutex =

Mutex.new

Class Method Summary

• .schema ⇒ Nokogiri::XML::Schema

  Gets the schema object of the SAML 2.0 Protocol schema.

Instance Method Summary

• #id(document) ⇒ String|nil

  Gets the ID attribute from the SAML Message if exists.

• #valid_saml?(document, soft = true) ⇒ Boolean

  Validates the SAML Message against the specified schema.

• #version(document) ⇒ String|nil

  Gets the Version attribute from the SAML Message if exists.

Class Method Details

.schema ⇒ Nokogiri::XML::Schema

Returns Gets the schema object of the SAML 2.0 Protocol schema.

Returns:

• (Nokogiri::XML::Schema) —

  Gets the schema object of the SAML 2.0 Protocol schema

# File 'lib/onelogin/ruby-saml/saml_message.rb', line 26

def self.schema
  @@mutex.synchronize do
    Dir.chdir(File.expand_path("../../../schemas", __FILE__)) do
      ::Nokogiri::XML::Schema(File.read("saml-schema-protocol-2.0.xsd"))
    end
  end
end

Instance Method Details

#id(document) ⇒ String|nil

Returns Gets the ID attribute from the SAML Message if exists.

Returns:

• (String|nil) —

  Gets the ID attribute from the SAML Message if exists.

# File 'lib/onelogin/ruby-saml/saml_message.rb', line 49

def id(document)
  @id ||= begin
    node = REXML::XPath.first(
      document,
      "/p:AuthnRequest | /p:Response | /p:LogoutResponse | /p:LogoutRequest",
      { "p" => PROTOCOL }
    )
    node.nil? ? nil : node.attributes['ID']
  end
end

#valid_saml?(document, soft = true) ⇒ Boolean

Validates the SAML Message against the specified schema.

Parameters:

• document (REXML::Document) —

  The message that will be validated

• soft (Boolean) (defaults to: true) —

  soft Enable or Disable the soft mode (In order to raise exceptions when the message is invalid or not)

Returns:

• (Boolean) —

  True if the XML is valid, otherwise False, if soft=True

Raises:

• (ValidationError) —

  if soft == false and validation fails

# File 'lib/onelogin/ruby-saml/saml_message.rb', line 66

def valid_saml?(document, soft = true)
  begin
    xml = Nokogiri::XML(document.to_s) do |config|
      config.options = XMLSecurity::BaseDocument::NOKOGIRI_OPTIONS
    end
  rescue StandardError => error
    return false if soft
    raise ValidationError.new("XML load failed: #{error.message}")
  end

  SamlMessage.schema.validate(xml).map do |schema_error|
    return false if soft
    raise ValidationError.new("#{schema_error.message}\n\n#{xml}")
  end
end

#version(document) ⇒ String|nil

Returns Gets the Version attribute from the SAML Message if exists.

Returns:

• (String|nil) —

  Gets the Version attribute from the SAML Message if exists.

# File 'lib/onelogin/ruby-saml/saml_message.rb', line 36

def version(document)
  @version ||= begin
    node = REXML::XPath.first(
      document,
      "/p:AuthnRequest | /p:Response | /p:LogoutResponse | /p:LogoutRequest",
      { "p" => PROTOCOL }
    )
    node.nil? ? nil : node.attributes['Version']
  end
end