Class: SAML::UserAttributes::Base

Inherits:

Object

• Object
• SAML::UserAttributes::Base

Defined in:

lib/saml/user_attributes/base.rb

Constant Summary

REQUIRED_ATTRIBUTES =

%i[email uuid idme_uuid sec_id loa sign_in multifactor].freeze

Instance Attribute Summary

• #attributes ⇒ Object readonly

  Returns the value of attribute attributes.

• #authn_context ⇒ Object readonly

  Returns the value of attribute authn_context.

• #tracker_uuid ⇒ Object readonly

  Returns the value of attribute tracker_uuid.

• #warnings ⇒ Object readonly

  Returns the value of attribute warnings.

Instance Method Summary

• #account_type ⇒ Object private
• #common_name ⇒ Object
• #email ⇒ Object

  ID.me email address associated with the signed-in ‘wallet’.

• #existing_user_identity ⇒ Object private
• #existing_user_identity? ⇒ Boolean private
• #idme_loa ⇒ Object

  ID.me level of assurance, provided by all authn_contexts.

• #idme_uuid ⇒ Object
• #initialize(saml_attributes, authn_context, tracker_uuid) ⇒ Base constructor

  A new instance of Base.

• #loa ⇒ Object

  This field is derived from methods implemented on child classes.

• #multifactor ⇒ Object

  ID.me boolean value that specifies whether the signed-in ‘wallet’ has multifactor enabled or not.

• #sec_id ⇒ Object
• #sign_in ⇒ Object

  This includes service_name used to sign-in initially, and the account type that is associated with the sign in.

• #to_hash ⇒ Object
• #uuid ⇒ Object

  Common Attributes ID.me unique identifier.

• #validate! ⇒ Object

  Raise any fatal exceptions due to validation issues.

Constructor Details

#initialize(saml_attributes, authn_context, tracker_uuid) ⇒ Base

Returns a new instance of Base.

# File 'lib/saml/user_attributes/base.rb', line 10

def initialize(saml_attributes, authn_context, tracker_uuid)
  @attributes = saml_attributes # never default this to {}
  @authn_context = authn_context
  @tracker_uuid = tracker_uuid
  @warnings = []
end

Instance Attribute Details

#attributes ⇒ Object (readonly)

Returns the value of attribute attributes.

# File 'lib/saml/user_attributes/base.rb', line 8

def attributes
  @attributes
end

#authn_context ⇒ Object (readonly)

Returns the value of attribute authn_context.

# File 'lib/saml/user_attributes/base.rb', line 8

def authn_context
  @authn_context
end

#tracker_uuid ⇒ Object (readonly)

Returns the value of attribute tracker_uuid.

# File 'lib/saml/user_attributes/base.rb', line 8

def tracker_uuid
  @tracker_uuid
end

#warnings ⇒ Object (readonly)

Returns the value of attribute warnings.

# File 'lib/saml/user_attributes/base.rb', line 8

def warnings
  @warnings
end

Instance Method Details

#account_type ⇒ Object (private)

# File 'lib/saml/user_attributes/base.rb', line 73

def account_type
  existing_user_identity? ? existing_user_identity.sign_in[:account_type] : 'N/A'
end

#common_name ⇒ Object

# File 'lib/saml/user_attributes/base.rb', line 36

def common_name
  email
end

#email ⇒ Object

ID.me email address associated with the signed-in ‘wallet’

# File 'lib/saml/user_attributes/base.rb', line 32

def email
  attributes['email']
end

#existing_user_identity ⇒ Object (private)

# File 'lib/saml/user_attributes/base.rb', line 77

def existing_user_identity
  return @_existing_user_identity if defined?(@_existing_user_identity)

  @_existing_user_identity = UserIdentity.find(idme_uuid)
end

#existing_user_identity? ⇒ Boolean (private)

Returns:

• (Boolean)

# File 'lib/saml/user_attributes/base.rb', line 83

def existing_user_identity?
  existing_user_identity.present?
end

#idme_loa ⇒ Object

ID.me level of assurance, provided by all authn_contexts

# File 'lib/saml/user_attributes/base.rb', line 41

def idme_loa
  attributes['level_of_assurance']&.to_i
end

#idme_uuid ⇒ Object

# File 'lib/saml/user_attributes/base.rb', line 23

def idme_uuid
  attributes['uuid']
end

#loa ⇒ Object

This field is derived from methods implemented on child classes

# File 'lib/saml/user_attributes/base.rb', line 51

def loa
  { current: loa_current, highest: loa_highest }
end

#multifactor ⇒ Object

ID.me boolean value that specifies whether the signed-in ‘wallet’ has multifactor enabled or not

# File 'lib/saml/user_attributes/base.rb', line 46

def multifactor
  attributes['multifactor']
end

#sec_id ⇒ Object

# File 'lib/saml/user_attributes/base.rb', line 27

def sec_id
  nil
end

#sign_in ⇒ Object

This includes service_name used to sign-in initially, and the account type that is associated with the sign in.

# File 'lib/saml/user_attributes/base.rb', line 56

def sign_in
  SAML::User::AUTHN_CONTEXTS.fetch(authn_context)
                            .fetch(:sign_in)
                            .merge(account_type:)
rescue
  { service_name: 'unknown', account_type: 'N/A' }
end

#to_hash ⇒ Object

# File 'lib/saml/user_attributes/base.rb', line 64

def to_hash
  serializable_attributes.index_with { |k| send(k) }
end

#uuid ⇒ Object

Common Attributes ID.me unique identifier

# File 'lib/saml/user_attributes/base.rb', line 19

def uuid
  idme_uuid
end

#validate! ⇒ Object

Raise any fatal exceptions due to validation issues

# File 'lib/saml/user_attributes/base.rb', line 69

def validate!; end