class Samlsso::IdpMetadataParser
Constants
- DSIG
- METADATA
Attributes
document[R]
Public Instance Methods
parse(idp_metadata)
click to toggle source
# File lib/samlsso/idp_metadata_parser.rb, line 23 def parse(idp_metadata) @document = REXML::Document.new(idp_metadata) Samlsso::Settings.new.tap do |settings| settings.idp_sso_target_url = single_signon_service_url settings.idp_slo_target_url = single_logout_service_url settings.idp_cert_fingerprint = fingerprint end end
parse_remote(url, validate_cert = true)
click to toggle source
# File lib/samlsso/idp_metadata_parser.rb, line 18 def parse_remote(url, validate_cert = true) idp_metadata = get_idp_metadata(url, validate_cert) parse(idp_metadata) end
Private Instance Methods
certificate()
click to toggle source
# File lib/samlsso/idp_metadata_parser.rb, line 69 def certificate @certificate ||= begin node = REXML::XPath.first(document, "/md:EntityDescriptor/md:IDPSSODescriptor/md:KeyDescriptor[@use='signing']/ds:KeyInfo/ds:X509Data/ds:X509Certificate", { "md" => METADATA, "ds" => DSIG }) Base64.decode64(node.text) if node end end
fingerprint()
click to toggle source
# File lib/samlsso/idp_metadata_parser.rb, line 76 def fingerprint @fingerprint ||= begin if certificate cert = OpenSSL::X509::Certificate.new(certificate) Digest::SHA1.hexdigest(cert.to_der).upcase.scan(/../).join(":") end end end
get_idp_metadata(url, validate_cert)
click to toggle source
Retrieve the remote IdP metadata from the URL or a cached copy # returns a REXML document of the metadata
# File lib/samlsso/idp_metadata_parser.rb, line 38 def get_idp_metadata(url, validate_cert) uri = URI.parse(url) if uri.scheme == "http" response = Net::HTTP.get_response(uri) meta_text = response.body elsif uri.scheme == "https" http = Net::HTTP.new(uri.host, uri.port) http.use_ssl = true # Most IdPs will probably use self signed certs if validate_cert http.verify_mode = OpenSSL::SSL::VERIFY_PEER else http.verify_mode = OpenSSL::SSL::VERIFY_NONE end get = Net::HTTP::Get.new(uri.request_uri) response = http.request(get) meta_text = response.body end meta_text end
single_logout_service_url()
click to toggle source
# File lib/samlsso/idp_metadata_parser.rb, line 64 def single_logout_service_url node = REXML::XPath.first(document, "/md:EntityDescriptor/md:IDPSSODescriptor/md:SingleLogoutService/@Location", { "md" => METADATA }) node.value if node end
single_signon_service_url()
click to toggle source
# File lib/samlsso/idp_metadata_parser.rb, line 59 def single_signon_service_url node = REXML::XPath.first(document, "/md:EntityDescriptor/md:IDPSSODescriptor/md:SingleSignOnService/@Location", { "md" => METADATA }) node.value if node end