Class: SAML2::Conditions

Inherits:
Array
  • Object
show all
Defined in:
lib/saml2/conditions.rb

Defined Under Namespace

Classes: AudienceRestriction, Condition, OneTimeUse

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Instance Attribute Details

#not_beforeTime?

Returns:

  • (Time, nil) 


8
9
10
 
# File 'lib/saml2/conditions.rb', line 8

def not_before
  @not_before
end

#not_on_or_afterTime?

Returns:

  • (Time, nil) 


8
9
10
 
# File 'lib/saml2/conditions.rb', line 8

def not_on_or_after
  @not_on_or_after
end

#xmlNokogiri::XML::Element (readonly)

Returns:

  • (Nokogiri::XML::Element) 


10
11
12
 
# File 'lib/saml2/conditions.rb', line 10

def xml
  @xml
end

Class Method Details

.from_xml(node) ⇒ Base?

Create an appropriate object to represent the given XML element.

Parameters:

  • node (Nokogiri::XML::Element, nil)

Returns:



13
14
15
16
17
18
19
 
# File 'lib/saml2/conditions.rb', line 13

def self.from_xml(node)
  return nil unless node

  result = new
  result.from_xml(node)
  result
end

Instance Method Details

#build(builder) ⇒ void

This method returns an undefined value.

Serialize this object to XML, as part of a larger document

Parameters:

  • builder (Nokogiri::XML::Builder)

    The builder helper object to serialize to.



70
71
72
73
74
75
76
77
78
79
 
# File 'lib/saml2/conditions.rb', line 70

def build(builder)
  builder["saml"].Conditions do |conditions|
    conditions.parent["NotBefore"] = not_before.iso8601 if not_before
    conditions.parent["NotOnOrAfter"] = not_on_or_after.iso8601 if not_on_or_after

    each do |condition|
      condition.build(conditions)
    end
  end
end

#from_xml(node) ⇒ void

This method returns an undefined value.

Parse an XML element into this object.

Parameters:

  • node (Nokogiri::XML::Element) 


22
23
24
25
26
27
28
29
30
31
32
33
34
35
 
# File 'lib/saml2/conditions.rb', line 22

def from_xml(node)
  @xml = node
  @not_before = Time.parse(node["NotBefore"]) if node["NotBefore"]
  @not_on_or_after = Time.parse(node["NotOnOrAfter"]) if node["NotOnOrAfter"]

  replace(node.element_children.map do |restriction|
    klass = if self.class.const_defined?(restriction.name, false)
              self.class.const_get(restriction.name, false)
            else
              Condition
            end
    klass.from_xml(restriction)
  end)
end

#valid?(now: Time.now.utc, **options) ⇒ Boolean

Deprecated.

Use validate instead.

Returns:

  • (Boolean) 


65
66
67
 
# File 'lib/saml2/conditions.rb', line 65

def valid?(now: Time.now.utc, **options)
  validate(verification_time: now, **options).empty?
end

#validate(verification_time: Time.now.utc, **options) ⇒ Array<>

Evaluate these conditions.

Parameters:

  • verification_time (defaults to: Time.now.utc)

    optional [Time]

  • options

    Additional options to pass to specific Conditions

Returns:

  • (Array<>)

    It’s only valid if every sub-condition is completely valid. If any sub-condition is invalid, the whole statement is invalid. If the validity can’t be determined due to an unsupported condition, nil will be returned (which is false-ish)



47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
 
# File 'lib/saml2/conditions.rb', line 47

def validate(verification_time: Time.now.utc, **options)
  options[:verification_time] ||= verification_time
  errors = []
  if not_before && verification_time < not_before
    errors << "not_before #{not_before} is later than now (#{verification_time})"
  end
  if not_on_or_after && verification_time >= not_on_or_after
    errors << "not_on_or_after #{not_on_or_after} is earlier than now (#{verification_time})"
  end

  each do |condition|
    errors.concat(condition.validate(**options))
  end
  errors
end