Class: SamlIdp::IncomingMetadata

Inherits:

Object

• Object
• SamlIdp::IncomingMetadata

Includes:

Hashable

Defined in:

lib/saml_idp/incoming_metadata.rb

Instance Attribute Summary

• #raw ⇒ Object

  Returns the value of attribute raw.

Instance Method Summary

• #assertion_consumer_services ⇒ Object
• #company ⇒ Object
• #contact_person ⇒ Object
• #contact_person_document ⇒ Object
• #display_name ⇒ Object
• #document ⇒ Object
• #email_address ⇒ Object
• #encryption_certificate ⇒ Object
• #entity_id ⇒ Object
• #given_name ⇒ Object
• #idp_descriptor_document ⇒ Object
• #initialize(raw = "") ⇒ IncomingMetadata constructor

  A new instance of IncomingMetadata.

• #name_id_formats ⇒ Object
• #role_descriptor_document ⇒ Object
• #service_provider_descriptor_document ⇒ Object
• #sign_assertions ⇒ Object
• #sign_authn_request ⇒ Object
• #signing_certificate ⇒ Object
• #single_logout_services ⇒ Object
• #surname ⇒ Object
• #telephone_number ⇒ Object
• #unspecified_certificate ⇒ Object

Methods included from Hashable

#hashables, #to_h

Constructor Details

#initialize(raw = "") ⇒ IncomingMetadata

Returns a new instance of IncomingMetadata.

# File 'lib/saml_idp/incoming_metadata.rb', line 11

def initialize(raw = "")
  self.raw = raw
end

Instance Attribute Details

#raw ⇒ Object

Returns the value of attribute raw.

# File 'lib/saml_idp/incoming_metadata.rb', line 6

def raw
  @raw
end

Instance Method Details

#assertion_consumer_services ⇒ Object

# File 'lib/saml_idp/incoming_metadata.rb', line 116

def assertion_consumer_services
  xpath(
    "//md:SPSSODescriptor/md:AssertionConsumerService",
    md: metadata_namespace
  ).sort_by { |el| el["index"].to_i }.reduce([]) do |array, el|
    props = el["Binding"].to_s.match /urn:oasis:names:tc:SAML:(?<version>\S+):bindings:(?<name>\S+)/
    array << { binding: props[:name], location: el["Location"], default: !!el["isDefault"] }
    array
  end
end

#company ⇒ Object

# File 'lib/saml_idp/incoming_metadata.rb', line 136

def company
  contact_person_document.xpath("//md:Company", md: metadata_namespace).first.try(:content).to_s
end

#contact_person ⇒ Object

# File 'lib/saml_idp/incoming_metadata.rb', line 55

def contact_person
  {
    given_name: given_name,
    surname: surname,
    company: company,
    telephone_number: telephone_number,
    email_address: email_address
  }
end

#contact_person_document ⇒ Object

# File 'lib/saml_idp/incoming_metadata.rb', line 160

def contact_person_document
  @contact_person_document ||= (xpath("//md:ContactPerson", md: metadata_namespace).first || Saml::XML::Document.new)
end

#display_name ⇒ Object

# File 'lib/saml_idp/incoming_metadata.rb', line 50

def display_name
  role_descriptor_document.present? ? role_descriptor_document["ServiceDisplayName"] : ""
end

#document ⇒ Object

# File 'lib/saml_idp/incoming_metadata.rb', line 15

def document
  @document ||= Saml::XML::Document.parse raw
end

#email_address ⇒ Object

# File 'lib/saml_idp/incoming_metadata.rb', line 144

def email_address
  contact_person_document.xpath("//md:EmailAddress", md: metadata_namespace).first.try(:content).to_s.gsub("mailto:", "")
end

#encryption_certificate ⇒ Object

# File 'lib/saml_idp/incoming_metadata.rb', line 84

def encryption_certificate
  xpath(
    "//md:SPSSODescriptor/md:KeyDescriptor[@use='encryption']/ds:KeyInfo/ds:X509Data/ds:X509Certificate",
    ds: signature_namespace,
    md: metadata_namespace
  ).first.try(:content).to_s
end

#entity_id ⇒ Object

# File 'lib/saml_idp/incoming_metadata.rb', line 19

def entity_id
  xpath('//md:EntityDescriptor/@entityID', md: metadata_namespace).first.try(:content).to_s
end

#given_name ⇒ Object

# File 'lib/saml_idp/incoming_metadata.rb', line 128

def given_name
  contact_person_document.xpath("//md:GivenName", md: metadata_namespace).first.try(:content).to_s
end

#idp_descriptor_document ⇒ Object

# File 'lib/saml_idp/incoming_metadata.rb', line 156

def idp_descriptor_document
  @idp_descriptor ||= xpath("//md:IDPSSODescriptor", md: metadata_namespace).first
end

#name_id_formats ⇒ Object

# File 'lib/saml_idp/incoming_metadata.rb', line 104

def name_id_formats
  xpath(
    "//md:SPSSODescriptor/md:NameIDFormat",
    md: metadata_namespace
  ).reduce(Set.new) do |set, el|
    props = el.content.to_s.match /urn:oasis:names:tc:SAML:(?<version>\S+):nameid-format:(?<name>\S+)/
    set << props[:name].to_s.underscore if props[:name].present?
    set
  end
end

#role_descriptor_document ⇒ Object

# File 'lib/saml_idp/incoming_metadata.rb', line 148

def role_descriptor_document
  @role_descriptor ||= xpath("//md:RoleDescriptor", md: metadata_namespace).first
end

#service_provider_descriptor_document ⇒ Object

# File 'lib/saml_idp/incoming_metadata.rb', line 152

def service_provider_descriptor_document
  @service_provider_descriptor ||= xpath("//md:SPSSODescriptor", md: metadata_namespace).first
end

#sign_assertions ⇒ Object

# File 'lib/saml_idp/incoming_metadata.rb', line 24

def sign_assertions
  doc = xpath(
    "//md:SPSSODescriptor",
    ds: signature_namespace,
    md: metadata_namespace
  ).first
  if (doc && !doc['WantAssertionsSigned'].nil?)
    return doc['WantAssertionsSigned'].strip.downcase == 'true'
  end
  return false
end

#sign_authn_request ⇒ Object

# File 'lib/saml_idp/incoming_metadata.rb', line 37

def sign_authn_request
  doc = xpath(
    "//md:SPSSODescriptor",
    ds: signature_namespace,
    md: metadata_namespace
  ).first
  if (doc && !doc['AuthnRequestsSigned'].nil?)
    return doc['AuthnRequestsSigned'].strip.downcase == 'true'
  end
  return false
end

#signing_certificate ⇒ Object

# File 'lib/saml_idp/incoming_metadata.rb', line 75

def signing_certificate
  xpath(
    "//md:SPSSODescriptor/md:KeyDescriptor[@use='signing']/ds:KeyInfo/ds:X509Data/ds:X509Certificate",
    ds: signature_namespace,
    md: metadata_namespace
  ).first.try(:content).to_s
end

#single_logout_services ⇒ Object

# File 'lib/saml_idp/incoming_metadata.rb', line 93

def single_logout_services
  xpath(
    "//md:SPSSODescriptor/md:SingleLogoutService",
    md: metadata_namespace
  ).reduce({}) do |hash, el|
    hash[el["Binding"].to_s.split(":").last] = el["Location"]
    hash
  end
end

#surname ⇒ Object

# File 'lib/saml_idp/incoming_metadata.rb', line 132

def surname
  contact_person_document.xpath("//md:SurName", md: metadata_namespace).first.try(:content).to_s
end

#telephone_number ⇒ Object

# File 'lib/saml_idp/incoming_metadata.rb', line 140

def telephone_number
  contact_person_document.xpath("//md:TelephoneNumber", md: metadata_namespace).first.try(:content).to_s
end

#unspecified_certificate ⇒ Object

# File 'lib/saml_idp/incoming_metadata.rb', line 66

def unspecified_certificate
  xpath(
    "//md:SPSSODescriptor/md:KeyDescriptor[not(@use)]/ds:KeyInfo/ds:X509Data/ds:X509Certificate",
    ds: signature_namespace,
    md: metadata_namespace
  ).first.try(:content).to_s
end