Class: SAML2::Entity
- Includes:
- OrganizationAndContacts, Signable
- Defined in:
- lib/saml2/entity.rb
Defined Under Namespace
Classes: Group
Instance Attribute Summary collapse
Attributes included from OrganizationAndContacts
Attributes inherited from Base
Class Method Summary collapse
-
.parse(xml) ⇒ Entity, ...
Parse a metadata file, and return an appropriate object.
Instance Method Summary collapse
-
#build(builder) ⇒ void
Serialize this object to XML, as part of a larger document.
-
#from_xml(node) ⇒ void
Parse an XML element into this object.
- #id ⇒ String
- #identity_providers ⇒ Array<IdentityProvider>
-
#initialize(entity_id = nil) ⇒ Entity
constructor
A new instance of Entity.
-
#initiate_authn_request(identity_provider) ⇒ Object
Generates an AuthnRequest.
- #roles ⇒ Array<Role>
- #service_providers ⇒ Array<ServiceProvider>
-
#valid_response?(message, identity_provider, verification_time: Time.now.utc, allow_expired_certificate: false, verify_certificate: true) ⇒ Boolean
Validate a message is a valid response.
-
#valid_schema? ⇒ Boolean
If the XML is valid according to SAML XSDs.
- #valid_until ⇒ Time?
Methods included from Signable
#sign, #signature, #signed?, #signing_key, #valid_signature?, #validate_signature
Methods inherited from Base
#decrypt, from_xml, #inspect, load_object_array, load_string_array, lookup_qname, #to_s, #to_xml
Constructor Details
#initialize(entity_id = nil) ⇒ Entity
Returns a new instance of Entity.
86 87 88 89 90 91 92 |
# File 'lib/saml2/entity.rb', line 86 def initialize(entity_id = nil) super() @valid_until = nil @entity_id = entity_id @roles = [] @id = "_#{SecureRandom.uuid}" end |
Instance Attribute Details
#entity_id ⇒ String
108 109 110 |
# File 'lib/saml2/entity.rb', line 108 def entity_id @entity_id || xml && xml['entityID'] end |
Class Method Details
.parse(xml) ⇒ Entity, ...
Parse a metadata file, and return an appropriate object.
23 24 25 26 27 28 29 30 31 32 33 34 35 36 |
# File 'lib/saml2/entity.rb', line 23 def self.parse(xml) document = Nokogiri::XML(xml) # Root can be an array (EntitiesDescriptor), or a single Entity (EntityDescriptor) entities = document.at_xpath("/md:EntitiesDescriptor", Namespaces::ALL) entity = document.at_xpath("/md:EntityDescriptor", Namespaces::ALL) if entities Group.from_xml(entities) elsif entity from_xml(entity) else nil end end |
Instance Method Details
#build(builder) ⇒ void
This method returns an undefined value.
Serialize this object to XML, as part of a larger document
142 143 144 145 146 147 148 149 150 151 152 153 154 155 |
# File 'lib/saml2/entity.rb', line 142 def build(builder) builder['md'].EntityDescriptor('entityID' => entity_id, 'xmlns:md' => Namespaces::METADATA, 'xmlns:dsig' => Namespaces::DSIG, 'xmlns:xenc' => Namespaces::XENC) do |entity_descriptor| entity_descriptor.parent['ID'] = id if id roles.each do |role| role.build(entity_descriptor) end super end end |
#from_xml(node) ⇒ void
This method returns an undefined value.
Parse an XML element into this object.
95 96 97 98 99 100 |
# File 'lib/saml2/entity.rb', line 95 def from_xml(node) super @id = nil remove_instance_variable(:@valid_until) @roles = nil end |
#id ⇒ String
113 114 115 |
# File 'lib/saml2/entity.rb', line 113 def id @id ||= xml['ID'] end |
#identity_providers ⇒ Array<IdentityProvider>
126 127 128 |
# File 'lib/saml2/entity.rb', line 126 def identity_providers roles.select { |r| r.is_a?(IdentityProvider) } end |
#initiate_authn_request(identity_provider) ⇒ Object
Generates an AuthnRequest
159 160 161 162 163 |
# File 'lib/saml2/entity.rb', line 159 def initiate_authn_request(identity_provider) AuthnRequest.initiate(SAML2::NameID.new(entity_id), identity_provider.identity_providers.first, service_provider: service_providers.first) end |
#roles ⇒ Array<Role>
136 137 138 139 |
# File 'lib/saml2/entity.rb', line 136 def roles @roles ||= load_object_array(xml, 'md:IDPSSODescriptor', IdentityProvider) + load_object_array(xml, 'md:SPSSODescriptor', ServiceProvider) end |
#service_providers ⇒ Array<ServiceProvider>
131 132 133 |
# File 'lib/saml2/entity.rb', line 131 def service_providers roles.select { |r| r.is_a?(ServiceProvider) } end |
#valid_response?(message, identity_provider, verification_time: Time.now.utc, allow_expired_certificate: false, verify_certificate: true) ⇒ Boolean
Validate a message is a valid response.
169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 |
# File 'lib/saml2/entity.rb', line 169 def valid_response?(, identity_provider, verification_time: Time.now.utc, allow_expired_certificate: false, verify_certificate: true) unless .is_a?(Response) .errors << "not a Response object" return false end .validate(service_provider: self, identity_provider: identity_provider, verification_time: verification_time, allow_expired_certificate: allow_expired_certificate, verify_certificate: verify_certificate).empty? end |
#valid_schema? ⇒ Boolean
If the XML is valid according to SAML XSDs.
103 104 105 |
# File 'lib/saml2/entity.rb', line 103 def valid_schema? Schemas.federation.valid?(xml.document) end |
#valid_until ⇒ Time?
118 119 120 121 122 123 |
# File 'lib/saml2/entity.rb', line 118 def valid_until unless instance_variable_defined?(:@valid_until) @valid_until = xml['validUntil'] && Time.parse(xml['validUntil']) end @valid_until end |