Commit 0057b4c
Changed files (6)
lib/saml/kit/authentication_request.rb
@@ -2,7 +2,7 @@ module Saml
module Kit
class AuthenticationRequest < Document
include Requestable
- validates_presence_of :acs_url, if: :login?
+ validates_presence_of :acs_url, if: :expected_type?
validate :must_be_registered
def initialize(xml)
@@ -34,7 +34,7 @@ module Saml
end
def must_be_registered
- return unless login?
+ return unless expected_type?
if provider.nil?
errors[:service_provider] << error_message(:unregistered)
return
@@ -43,10 +43,6 @@ module Saml
errors[:fingerprint] << error_message(:invalid_fingerprint)
end
- def login?
- request?
- end
-
class Builder
attr_accessor :id, :now, :issuer, :acs_url, :name_id_format, :sign, :destination
attr_accessor :version
lib/saml/kit/document.rb
@@ -7,6 +7,7 @@ module Saml
include Trustable
validates_presence_of :content
validate :must_match_xsd
+ validate :must_be_expected_type
attr_reader :content, :name
@@ -32,6 +33,11 @@ module Saml
to_h.fetch(name, {}).fetch('Destination', nil)
end
+ def expected_type?
+ return false if to_xml.blank?
+ to_h[name].present?
+ end
+
def to_h
@xml_hash
end
@@ -67,6 +73,12 @@ module Saml
def must_match_xsd
matches_xsd?(PROTOCOL_XSD)
end
+
+ def must_be_expected_type
+ return if to_h.nil?
+
+ errors[:base] << error_message(:invalid) unless expected_type?
+ end
end
end
end
lib/saml/kit/logout_request.rb
@@ -2,7 +2,7 @@ module Saml
module Kit
class LogoutRequest < Document
include Requestable
- validates_presence_of :single_logout_service, if: :logout?
+ validates_presence_of :single_logout_service, if: :expected_type?
validate :must_be_registered
def initialize(xml)
@@ -30,7 +30,7 @@ module Saml
private
def must_be_registered
- return unless logout?
+ return unless expected_type?
if provider.nil?
errors[:provider] << error_message(:unregistered)
return
@@ -39,9 +39,6 @@ module Saml
errors[:fingerprint] << error_message(:invalid_fingerprint)
end
- def logout?
- request?
- end
class Builder
attr_accessor :id, :destination, :issuer, :name_id_format, :now
lib/saml/kit/requestable.rb
@@ -4,23 +4,11 @@ module Saml
extend ActiveSupport::Concern
included do
- validate :must_be_request
end
def query_string_parameter
'SAMLRequest'
end
-
- def must_be_request
- return if to_h.nil?
-
- errors[:base] << error_message(:invalid) unless request?
- end
-
- def request?
- return false if to_xml.blank?
- to_h[name].present?
- end
end
end
end
lib/saml/kit/respondable.rb
@@ -4,7 +4,6 @@ module Saml
extend ActiveSupport::Concern
included do
- validate :must_be_response
end
def query_string_parameter
@@ -18,17 +17,6 @@ module Saml
def in_response_to
to_h.fetch(name, {}).fetch('InResponseTo', nil)
end
-
- def must_be_response
- return if to_xml.blank?
-
- errors[:base] << error_message(:invalid) unless response?
- end
-
- def response?
- return false if to_xml.blank?
- to_h[name].present?
- end
end
end
end
lib/saml/kit/response.rb
@@ -52,14 +52,14 @@ module Saml
private
def must_be_registered
- return unless login?
+ return unless expected_type?
return if trusted?
errors[:base] << error_message(:unregistered)
end
def must_be_valid_version
- return unless login?
+ return unless expected_type?
return if "2.0" == version
errors[:version] << error_message(:invalid_version)
end
@@ -73,12 +73,12 @@ module Saml
end
def must_be_active_session
- return unless login?
+ return unless expected_type?
errors[:base] << error_message(:expired) unless active?
end
def must_match_issuer
- return unless login?
+ return unless expected_type?
unless audiences.include?(Saml::Kit.configuration.issuer)
errors[:audience] << error_message(:must_match_issuer)
@@ -92,10 +92,6 @@ module Saml
[]
end
- def login?
- response?
- end
-
def parse_date(value)
DateTime.parse(value)
rescue => error