class Samlr::Assertion

Constants

DEFAULT_LOCATION

Attributes

document[R]
options[R]

Public Class Methods

new(document, options) click to toggle source
# File lib/samlr/assertion.rb, line 6
def initialize(document, options)
  @document = document
  @options  = options
end

Public Instance Methods

attributes() click to toggle source
# File lib/samlr/assertion.rb, line 31
def attributes
  @attributes ||= {}.tap do |attrs|
    assertion.xpath("./saml:AttributeStatement/saml:Attribute", NS_MAP).each do |statement|
      name   = statement["Name"]
      values = statement.xpath("./saml:AttributeValue", NS_MAP)

      if values.size == 0
        value = nil
      elsif values.size == 1
        value = values.first.text
      else
        value = values.map { |value| value.text }
      end

      attrs[name] = value
    end
  end
end
conditions() click to toggle source
# File lib/samlr/assertion.rb, line 62
def conditions
  @conditions ||= Condition.new(assertion.at("./saml:Conditions", NS_MAP), options)
end
location() click to toggle source
# File lib/samlr/assertion.rb, line 18
def location
  @location ||= if !signature.missing?
    verify_signature!
    "//saml:Assertion[@ID='#{signature.references.first.uri}']"
  else
    DEFAULT_LOCATION
  end
end
name_id() click to toggle source
# File lib/samlr/assertion.rb, line 50
def name_id
  if !name_id_node
    raise Samlr::FormatError.new("Invalid SAML response: name_id missing")
  else
    @name_id ||= name_id_node.text
  end
end
name_id_options() click to toggle source
# File lib/samlr/assertion.rb, line 58
def name_id_options
  @name_id_options ||= Hash[name_id_node.attributes.map{|k,v| [k, v.value]}]
end
signature() click to toggle source
# File lib/samlr/assertion.rb, line 27
def signature
  @signature ||= Samlr::Signature.new(document, DEFAULT_LOCATION, options)
end
verify!() click to toggle source
# File lib/samlr/assertion.rb, line 11
def verify!
  verify_signature!
  verify_conditions! unless skip_conditions?

  true
end

Private Instance Methods

assertion() click to toggle source
# File lib/samlr/assertion.rb, line 72
def assertion
  @assertion ||= document.at(location, NS_MAP)
end
name_id_node() click to toggle source
# File lib/samlr/assertion.rb, line 68
def name_id_node
  @name_id_node ||= assertion.at("./saml:Subject/saml:NameID", NS_MAP)
end
skip_conditions?() click to toggle source
# File lib/samlr/assertion.rb, line 83
def skip_conditions?
  !!options[:skip_conditions]
end
verify_assertion!() click to toggle source
# File lib/samlr/assertion.rb, line 91
def verify_assertion!
  assertion_count = document.xpath("//saml:Assertion", NS_MAP).size

  if assertion_count == 0
    raise Samlr::FormatError.new("Invalid SAML response: assertion missing")
  elsif assertion_count != 1
    raise Samlr::FormatError.new("Invalid SAML response: unexpected number of assertions")
  end

  true
end
verify_conditions!() click to toggle source
# File lib/samlr/assertion.rb, line 87
def verify_conditions!
  conditions.verify!
end
verify_signature!() click to toggle source
# File lib/samlr/assertion.rb, line 76
def verify_signature!
  verify_assertion!
  signature.verify! unless signature.missing?

  true
end