class Saml::Bindings::HTTPPost
Public Class Methods
create_form_attributes(message, options = {})
click to toggle source
# File lib/saml/bindings/http_post.rb, line 7 def create_form_attributes(message, options = {}) param = message.is_a?(Saml::ComplexTypes::StatusResponseType) ? "SAMLResponse" : "SAMLRequest" xml = if options[:skip_signature] message.to_xml else Saml::Util.sign_xml(message) end notify('create_message', xml) variables = {} variables[param] = Saml::Encoding.encode_64(xml) variables["RelayState"] = options[:relay_state] if options[:relay_state] { location: message.destination, variables: variables } end
receive_message(request, type)
click to toggle source
# File lib/saml/bindings/http_post.rb, line 27 def receive_message(request, type) receive_xml = request.params["SAMLRequest"] || request.params["SAMLResponse"] if receive_xml.nil? raise Saml::Errors::InvalidParams, 'require params `SAMLRequest` or `SAMLResponse`' end message = Saml::Encoding.decode_64(receive_xml) notify('receive_message', message) request_or_response = Saml.parse_message(message, type) skip_signature_verification = ( request_or_response.is_a?(Saml::AuthnRequest) && !request_or_response.provider.authn_requests_signed? ) verified_request_or_response = if skip_signature_verification request_or_response else Saml::Util.verify_xml(request_or_response, message) end verified_request_or_response.actual_destination = request.url verified_request_or_response end