Class: SAML2::Entity

Inherits:

Base

• Object
• Base
• SAML2::Entity

Includes:

OrganizationAndContacts, Signable

Defined in:

lib/saml2/entity.rb

Defined Under Namespace

Classes: Group

Instance Attribute Summary

• #entity_id ⇒ String

Attributes included from OrganizationAndContacts

#contacts, #organization

Attributes inherited from Base

#xml

Class Method Summary

• .parse(xml) ⇒ Entity, ...

  Parse a metadata file, and return an appropriate object.

Instance Method Summary

• #build(builder) ⇒ void

  Serialize this object to XML, as part of a larger document.

• #from_xml(node) ⇒ void

  Parse an XML element into this object.

• #id ⇒ String
• #identity_providers ⇒ Array<IdentityProvider>
• #initialize(entity_id = nil) ⇒ Entity constructor

  A new instance of Entity.

• #initiate_authn_request(identity_provider) ⇒ Object

  Generates an AuthnRequest.

• #roles ⇒ Array<Role>
• #service_providers ⇒ Array<ServiceProvider>
• #valid_response?(message, identity_provider, **opts) ⇒ Boolean

  Validate a message is a valid response.

• #valid_schema? ⇒ Boolean

  If the XML is valid according to SAML XSDs.

• #valid_until ⇒ Time^?

Methods included from Signable

#sign, #signature, #signed?, #signing_key, #valid_signature?, #validate_signature

Methods inherited from Base

#decrypt, from_xml, #inspect, load_object_array, load_string_array, lookup_qname, #to_s, #to_xml

Constructor Details

#initialize(entity_id = nil) ⇒ Entity

Returns a new instance of Entity.

Parameters:

• id (String) —

  The Entity ID

# File 'lib/saml2/entity.rb', line 88

def initialize(entity_id = nil)
  super()
  @valid_until = nil
  @entity_id = entity_id
  @roles = []
  @id = "_#{SecureRandom.uuid}"
end

Instance Attribute Details

#entity_id ⇒ String

Returns:

• (String)

# File 'lib/saml2/entity.rb', line 110

def entity_id
  @entity_id || (xml && xml["entityID"])
end

Class Method Details

.parse(xml) ⇒ Entity, ...

Parse a metadata file, and return an appropriate object.

Parameters:

• xml (String, IO) —

  Anything that can be passed to Nokogiri::XML

Returns:

• (Entity, Group, nil)

# File 'lib/saml2/entity.rb', line 23

def self.parse(xml)
  document = Nokogiri::XML(xml)

  # Root can be an array (EntitiesDescriptor), or a single Entity (EntityDescriptor)
  entities = document.at_xpath("/md:EntitiesDescriptor", Namespaces::ALL)
  entity = document.at_xpath("/md:EntityDescriptor", Namespaces::ALL)
  if entities
    Group.from_xml(entities)
  elsif entity
    from_xml(entity)
  else
    nil
  end
end

Instance Method Details

#build(builder) ⇒ void

This method returns an undefined value.

Serialize this object to XML, as part of a larger document

Parameters:

• builder (Nokogiri::XML::Builder) —

  The builder helper object to serialize to.

# File 'lib/saml2/entity.rb', line 142

def build(builder)
  builder["md"].EntityDescriptor("entityID" => entity_id,
                                 "xmlns:md" => Namespaces::METADATA,
                                 "xmlns:dsig" => Namespaces::DSIG,
                                 "xmlns:xenc" => Namespaces::XENC) do |entity_descriptor|
    entity_descriptor.parent["ID"] = id if id

    roles.each do |role|
      role.build(entity_descriptor)
    end

    super
  end
end

#from_xml(node) ⇒ void

This method returns an undefined value.

Parse an XML element into this object.

Parameters:

• node (Nokogiri::XML::Element)

# File 'lib/saml2/entity.rb', line 97

def from_xml(node)
  super
  @id = nil
  remove_instance_variable(:@valid_until)
  @roles = nil
end

#id ⇒ String

Returns:

• (String)

# File 'lib/saml2/entity.rb', line 115

def id
  @id ||= xml["ID"]
end

#identity_providers ⇒ Array<IdentityProvider>

Returns:

• (Array<IdentityProvider>)

# File 'lib/saml2/entity.rb', line 126

def identity_providers
  roles.select { |r| r.is_a?(IdentityProvider) }
end

#initiate_authn_request(identity_provider) ⇒ Object

Generates an AuthnRequest

Parameters:

• identity_provider (Entity) —

  The metadata of the IdP to send the message to.

# File 'lib/saml2/entity.rb', line 159

def initiate_authn_request(identity_provider)
  AuthnRequest.initiate(SAML2::NameID.new(entity_id),
                        identity_provider.identity_providers.first,
                        service_provider: service_providers.first)
end

#roles ⇒ Array<Role>

Returns:

• (Array<Role>)

# File 'lib/saml2/entity.rb', line 136

def roles
  @roles ||= load_object_array(xml, "md:IDPSSODescriptor", IdentityProvider) +
             load_object_array(xml, "md:SPSSODescriptor", ServiceProvider)
end

#service_providers ⇒ Array<ServiceProvider>

Returns:

• (Array<ServiceProvider>)

# File 'lib/saml2/entity.rb', line 131

def service_providers
  roles.select { |r| r.is_a?(ServiceProvider) }
end

#valid_response?(message, identity_provider, **opts) ⇒ Boolean

Validate a message is a valid response.

Parameters:

• message (Message)
• identity_provider (Entity)

Returns:

• (Boolean)

# File 'lib/saml2/entity.rb', line 169

def valid_response?(message,
                    identity_provider,
                    **opts)
  unless message.is_a?(Response)
    message.errors << "not a Response object"
    return false
  end

  message.validate(service_provider: self,
                   identity_provider: identity_provider,
                   **opts).empty?
end

#valid_schema? ⇒ Boolean

If the XML is valid according to SAML XSDs.

Returns:

• (Boolean)

# File 'lib/saml2/entity.rb', line 105

def valid_schema?
  Schemas.metadata.valid?(xml.document)
end

#valid_until ⇒ Time^?

Returns:

• (Time, nil)

# File 'lib/saml2/entity.rb', line 120

def valid_until
  @valid_until = xml["validUntil"] && Time.parse(xml["validUntil"]) unless instance_variable_defined?(:@valid_until)
  @valid_until
end