Class: SAML2::AuthnRequest
Instance Attribute Summary collapse
Attributes inherited from Message
#destination, #id, #issue_instant, #issuer
Attributes inherited from Base
#xml
Class Method Summary
collapse
Instance Method Summary
collapse
Methods inherited from Message
#from_xml, from_xml, inherited, #initialize, parse, #valid_schema?
Methods inherited from Base
from_xml, #from_xml, load_object_array, load_string_array, lookup_qname, #to_s, #to_xml
Constructor Details
This class inherits a constructor from SAML2::Message
Instance Attribute Details
#assertion_consumer_service ⇒ Object
Returns the value of attribute assertion_consumer_service.
90
91
92
|
# File 'lib/saml2/authn_request.rb', line 90
def assertion_consumer_service
@assertion_consumer_service
end
|
#assertion_consumer_service_index ⇒ Object
92
93
94
95
96
97
|
# File 'lib/saml2/authn_request.rb', line 92
def assertion_consumer_service_index
if xml && !instance_variable_defined?(:@assertion_consumer_service_index)
@assertion_consumer_service_index = xml['AssertionConsumerServiceIndex']&.to_i
end
@assertion_consumer_service_index
end
|
#assertion_consumer_service_url ⇒ Object
99
100
101
102
103
104
|
# File 'lib/saml2/authn_request.rb', line 99
def assertion_consumer_service_url
if xml && !instance_variable_defined?(:@assertion_consumer_service_url)
@assertion_consumer_service_url = xml['AssertionConsumerServiceURL']
end
@assertion_consumer_service_url
end
|
#attribute_consuming_service ⇒ Object
Returns the value of attribute attribute_consuming_service.
90
91
92
|
# File 'lib/saml2/authn_request.rb', line 90
def attribute_consuming_service
@attribute_consuming_service
end
|
#attribute_consuming_service_index ⇒ Object
106
107
108
109
110
111
|
# File 'lib/saml2/authn_request.rb', line 106
def attribute_consuming_service_index
if xml && !instance_variable_defined?(:@attribute_consuming_service_index)
@attribute_consuming_service_index = xml['AttributeConsumingServiceIndex']&.to_i
end
@attribute_consuming_service_index
end
|
#force_authn=(value) ⇒ Object
Sets the attribute force_authn
25
26
27
|
# File 'lib/saml2/authn_request.rb', line 25
def force_authn=(value)
@force_authn = value
end
|
#name_id_policy ⇒ Object
83
84
85
86
87
88
|
# File 'lib/saml2/authn_request.rb', line 83
def name_id_policy
if xml && !instance_variable_defined?(:@name_id_policy)
@name_id_policy = NameID::Policy.from_xml(xml.at_xpath('samlp:NameIDPolicy', Namespaces::ALL))
end
@name_id_policy
end
|
#passive=(value) ⇒ Object
Sets the attribute passive
25
26
27
|
# File 'lib/saml2/authn_request.rb', line 25
def passive=(value)
@passive = value
end
|
#protocol_binding ⇒ Object
127
128
129
130
131
132
|
# File 'lib/saml2/authn_request.rb', line 127
def protocol_binding
if xml && !instance_variable_defined?(:@protocol_binding)
@protocol_binding = xml['ProtocolBinding']
end
@protocol_binding
end
|
#requested_authn_context ⇒ Object
Returns the value of attribute requested_authn_context.
32
33
34
|
# File 'lib/saml2/authn_request.rb', line 32
def requested_authn_context
@requested_authn_context
end
|
Class Method Details
.decode(authnrequest) ⇒ Object
deprecated; takes just the SAMLRequest parameter’s value
.initiate(issuer, identity_provider = nil, assertion_consumer_service: nil, service_provider: nil) ⇒ Object
34
35
36
37
38
39
40
41
42
43
44
45
46
47
|
# File 'lib/saml2/authn_request.rb', line 34
def self.initiate(issuer, identity_provider = nil,
assertion_consumer_service: nil,
service_provider: nil)
authn_request = new
authn_request.issuer = issuer
authn_request.destination = identity_provider.single_sign_on_services.first.location if identity_provider
authn_request.name_id_policy = NameID::Policy.new(true, NameID::Format::UNSPECIFIED)
assertion_consumer_service ||= service_provider.assertion_consumer_services.default if service_provider
if assertion_consumer_service
authn_request.protocol_binding = assertion_consumer_service.binding
authn_request.assertion_consumer_service_url = assertion_consumer_service.location
end
authn_request
end
|
Instance Method Details
#build(builder) ⇒ Object
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
|
# File 'lib/saml2/authn_request.rb', line 141
def build(builder)
builder['samlp'].AuthnRequest(
'xmlns:samlp' => Namespaces::SAMLP,
'xmlns:saml' => Namespaces::SAML
) do |authn_request|
super(authn_request)
authn_request.parent['AssertionConsumerServiceIndex'] = assertion_consumer_service_index if assertion_consumer_service_index
authn_request.parent['AssertionConsumerServiceURL'] = assertion_consumer_service_url if assertion_consumer_service_url
authn_request.parent['AttributeConsumingServiceIndex'] = attribute_consuming_service_index if attribute_consuming_service_index
authn_request.parent['ForceAuthn'] = force_authn? unless force_authn?.nil?
authn_request.parent['IsPassive'] = passive? unless passive?.nil?
authn_request.parent['ProtocolBinding'] = protocol_binding if protocol_binding
subject.build(authn_request) if subject
name_id_policy.build(authn_request) if name_id_policy
requested_authn_context.build(authn_request) if requested_authn_context
end
end
|
#force_authn? ⇒ Boolean
113
114
115
116
117
118
|
# File 'lib/saml2/authn_request.rb', line 113
def force_authn?
if xml && !instance_variable_defined?(:@force_authn)
@force_authn = xml['ForceAuthn']&.== 'true'
end
@force_authn
end
|
#passive? ⇒ Boolean
120
121
122
123
124
125
|
# File 'lib/saml2/authn_request.rb', line 120
def passive?
if xml && !instance_variable_defined?(:@passive)
@passive = xml['IsPassive']&.== 'true'
end
@passive
end
|
#resolve(service_provider) ⇒ Object
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
|
# File 'lib/saml2/authn_request.rb', line 67
def resolve(service_provider)
if assertion_consumer_service_url
@assertion_consumer_service = service_provider.assertion_consumer_services.find { |acs| acs.location == assertion_consumer_service_url }
else
@assertion_consumer_service = service_provider.assertion_consumer_services.resolve(assertion_consumer_service_index)
end
@attribute_consuming_service = service_provider.attribute_consuming_services.resolve(attribute_consuming_service_index)
return false unless @assertion_consumer_service
return false if attribute_consuming_service_index && !@attribute_consuming_service
true
end
|
#subject ⇒ Object
134
135
136
137
138
139
|
# File 'lib/saml2/authn_request.rb', line 134
def subject
if xml && !instance_variable_defined?(:@subject)
@subject = Subject.from_xml(xml.at_xpath('saml:Subject', Namespaces::ALL))
end
@subject
end
|
#valid_interoperable_profile? ⇒ Boolean
56
57
58
59
60
61
62
63
64
65
|
# File 'lib/saml2/authn_request.rb', line 56
def valid_interoperable_profile?
return false unless valid_web_browser_sso_profile?
return false unless assertion_consumer_service_url
return false if protocol_binding && protocol_binding != Endpoint::Bindings::HTTP_POST
return false if subject
true
end
|
#valid_web_browser_sso_profile? ⇒ Boolean
49
50
51
52
53
54
|
# File 'lib/saml2/authn_request.rb', line 49
def valid_web_browser_sso_profile?
return false unless issuer
return false if issuer.format && issuer.format != NameID::Format::ENTITY
true
end
|