class Samlr::Response

This is the object interface to the XML response object.

Attributes

document[R]
options[R]

Public Class Methods

new(data, options) click to toggle source
# File lib/samlr/response.rb, line 13
def initialize(data, options)
  @options  = options
  @document = Response.parse(data)
end
parse(data) click to toggle source
# File lib/samlr/response.rb, line 48
def self.parse(data)
  Samlr::Tools.parse(data)
end

Public Instance Methods

assertion() click to toggle source

Returns the assertion element. Only supports a single assertion.

# File lib/samlr/response.rb, line 44
def assertion
  @assertion ||= Samlr::Assertion.new(document, options)
end
location() click to toggle source
# File lib/samlr/response.rb, line 35
def location
  "/samlp:Response"
end
signature() click to toggle source
# File lib/samlr/response.rb, line 39
def signature
  @signature ||= Samlr::Signature.new(document, location, options)
end
verify!() click to toggle source

The verification process assumes that all signatures are enveloped. Since this process is destructive the document needs to verify itself first, and then any signed assertions

# File lib/samlr/response.rb, line 20
def verify!
  if signature.missing? && assertion.signature.missing?
    raise Samlr::SignatureError.new("Neither response nor assertion signed with a certificate")
  end

  if document.xpath("//samlp:Response", Samlr::NS_MAP).size > 1
    raise Samlr::FormatError.new("multiple responses")
  end

  signature.verify! unless signature.missing?
  assertion.verify!

  true
end