Class: Spid::Saml2::AuthnRequest

Inherits:

Object

• Object
• Spid::Saml2::AuthnRequest

Defined in:

lib/spid/saml2/authn_request.rb

Overview

:nodoc:

Instance Attribute Summary

• #document ⇒ Object readonly

  Returns the value of attribute document.

• #settings ⇒ Object readonly

  Returns the value of attribute settings.

Instance Method Summary

• #authn_context_class_ref ⇒ Object
• #authn_request ⇒ Object
• #authn_request_attributes ⇒ Object

  rubocop:disable Metrics/MethodLength.

• #initialize(uuid: nil, settings:) ⇒ AuthnRequest constructor

  A new instance of AuthnRequest.

• #issue_instant ⇒ Object
• #issuer ⇒ Object

  rubocop:enable Metrics/MethodLength.

• #name_id_policy ⇒ Object
• #requested_authn_context ⇒ Object
• #to_saml ⇒ Object
• #uuid ⇒ Object

Constructor Details

#initialize(uuid: nil, settings:) ⇒ AuthnRequest

Returns a new instance of AuthnRequest.

# File 'lib/spid/saml2/authn_request.rb', line 11

def initialize(uuid: nil, settings:)
  @document = REXML::Document.new
  @uuid = uuid
  @settings = settings
end

Instance Attribute Details

#document ⇒ Object (readonly)

Returns the value of attribute document.

# File 'lib/spid/saml2/authn_request.rb', line 8

def document
  @document
end

#settings ⇒ Object (readonly)

Returns the value of attribute settings.

# File 'lib/spid/saml2/authn_request.rb', line 9

def settings
  @settings
end

Instance Method Details

#authn_context_class_ref ⇒ Object

# File 'lib/spid/saml2/authn_request.rb', line 90

def authn_context_class_ref
  @authn_context_class_ref ||=
    begin
      element = REXML::Element.new("saml:AuthnContextClassRef")
      element.text = settings.authn_context
      element
    end
end

#authn_request ⇒ Object

# File 'lib/spid/saml2/authn_request.rb', line 22

def authn_request
  @authn_request ||=
    begin
      element = REXML::Element.new("samlp:AuthnRequest")
      element.add_attributes(authn_request_attributes)
      element.add_element(issuer)
      element.add_element(name_id_policy)
      element.add_element(requested_authn_context)
      element
    end
end

#authn_request_attributes ⇒ Object

rubocop:disable Metrics/MethodLength

# File 'lib/spid/saml2/authn_request.rb', line 35

def authn_request_attributes
  @authn_request_attributes ||=
    begin
      attributes = {
        "xmlns:samlp" => "urn:oasis:names:tc:SAML:2.0:protocol",
        "xmlns:saml" => "urn:oasis:names:tc:SAML:2.0:assertion",
        "ID" => uuid,
        "Version" => "2.0",
        "IssueInstant" => issue_instant,
        "Destination" => settings.idp_sso_target_url,
        "AssertionConsumerServiceIndex" => settings.acs_index,
        "AttributeConsumingServiceIndex" => settings.attribute_index
      }
      attributes["ForceAuthn"] = true if settings.force_authn?
      attributes
    end
end

#issue_instant ⇒ Object

# File 'lib/spid/saml2/authn_request.rb', line 99

def issue_instant
  @issue_instant ||= Time.now.utc.iso8601
end

#issuer ⇒ Object

rubocop:enable Metrics/MethodLength

# File 'lib/spid/saml2/authn_request.rb', line 54

def issuer
  @issuer ||=
    begin
      element = REXML::Element.new("saml:Issuer")
      element.add_attributes(
        "Format" => "urn:oasis:names:tc:SAML:2.0:nameid-format:entity",
        "NameQualifier" => settings.sp_entity_id
      )
      element.text = settings.sp_entity_id
      element
    end
end

#name_id_policy ⇒ Object

# File 'lib/spid/saml2/authn_request.rb', line 67

def name_id_policy
  @name_id_policy ||=
    begin
      element = REXML::Element.new("samlp:NameIDPolicy")
      element.add_attributes(
        "Format" => "urn:oasis:names:tc:SAML:2.0:nameid-format:transient"
      )
      element
    end
end

#requested_authn_context ⇒ Object

# File 'lib/spid/saml2/authn_request.rb', line 78

def requested_authn_context
  @requested_authn_context ||=
    begin
      element = REXML::Element.new("samlp:RequestedAuthnContext")
      element.add_attributes(
        "Comparison" => Spid::MINIMUM_COMPARISON
      )
      element.add_element(authn_context_class_ref)
      element
    end
end

#to_saml ⇒ Object

# File 'lib/spid/saml2/authn_request.rb', line 17

def to_saml
  document.add_element(authn_request)
  document.to_s
end

#uuid ⇒ Object

# File 'lib/spid/saml2/authn_request.rb', line 103

def uuid
  @uuid ||= "_#{SecureRandom.uuid}"
end