class CredSummoner::SAMLAssertion
Attributes
response[R]
Public Class Methods
new(response)
click to toggle source
# File lib/credsummoner/saml_assertion.rb, line 8 def initialize(response) @response = response end
Public Instance Methods
principal_arn_map()
click to toggle source
Role->Principal mapping
# File lib/credsummoner/saml_assertion.rb, line 17 def principal_arn_map @principal_arn_map ||= begin # The SAML document has the principal ARNs and role ARNs in # "principal,role" pairs. So, we generate a mapping from role # to principal for lookup later when we talk to AWS STS to # create a session. saml_xpath = "//saml2:Attribute[@Name='https://aws.amazon.com/SAML/Attributes/Role']/saml2:AttributeValue" saml_namespace = 'urn:oasis:names:tc:SAML:2.0:assertion' xml_tree.xpath(saml_xpath, saml2: saml_namespace).map do |node| node.text.split(',').reverse end.to_h end end
xml_tree()
click to toggle source
# File lib/credsummoner/saml_assertion.rb, line 12 def xml_tree @xml_tree ||= Nokogiri::XML(Base64.decode64(response)) end