Commit 1ef60db

mo <mo.khan@gmail.com>
2018-02-16 17:47:17
extract values from Signature
main
1 parent d70e284
Changed files (2)
lib
saml
kit
signature.rb
spec
saml
signature_spec.rb
lib/saml/kit/signature.rb
@@ -12,7 +12,7 @@ module Saml
       def initialize(item)
         @name = "Signature"
         @node = item
-        @xml_hash = @node ? Hash.from_xml(@node.to_s)["Signature"] : {}
+        @xml_hash = @node ? Hash.from_xml(to_xml)["Signature"] : {}
       end
 
       # Returns the embedded X509 Certificate
@@ -28,17 +28,43 @@ module Saml
         metadata.matches?(certificate.fingerprint, use: :signing)
       end
 
+      def digest_value
+        at_xpath("./ds:SignedInfo/ds:Reference/ds:DigestValue").try(:text)
+      end
+
+      def digest_method
+        at_xpath("./ds:SignedInfo/ds:Reference/ds:DigestMethod/@Algorithm").try(:value)
+      end
+
+      def signature_value
+        at_xpath("./ds:SignatureValue").try(:text)
+      end
+
+      def signature_method
+        at_xpath("./ds:SignedInfo/ds:SignatureMethod/@Algorithm").try(:value)
+      end
+
+      def canonicalization_method
+        at_xpath("./ds:SignedInfo/ds:CanonicalizationMethod/@Algorithm").try(:value)
+      end
+
       # Returns the XML Hash.
       def to_h
         @xml_hash
       end
 
       def present?
-        @node
+        node
+      end
+
+      def to_xml
+        node.to_s
       end
 
       private
 
+      attr_reader :node
+
       def validate_signature
         return errors[:base].push(error_message(:empty)) if certificate.nil?
 
@@ -58,6 +84,10 @@ module Saml
           ))
         end
       end
+
+      def at_xpath(xpath)
+        node.at_xpath(xpath, Saml::Kit::Document::NAMESPACES)
+      end
     end
   end
 end
spec/saml/signature_spec.rb
@@ -5,8 +5,15 @@ RSpec.describe Saml::Kit::Signature do
       x.sign_with(key_pair)
     end
   end
+  let(:xml_hash) { Hash.from_xml(subject.to_xml) }
   subject { described_class.new(signed_document.at_xpath('//ds:Signature')) }
 
+  specify { expect(subject.digest_value).to eql(xml_hash['Signature']['SignedInfo']['Reference']['DigestValue']) }
+  specify { expect(subject.digest_method).to eql(xml_hash['Signature']['SignedInfo']['Reference']['DigestMethod']['Algorithm']) }
+  specify { expect(subject.signature_value).to eql(xml_hash['Signature']['SignatureValue']) }
+  specify { expect(subject.signature_method).to eql(xml_hash['Signature']['SignedInfo']['SignatureMethod']['Algorithm']) }
+  specify { expect(subject.canonicalization_method).to eql(xml_hash['Signature']['SignedInfo']['CanonicalizationMethod']['Algorithm']) }
+
   describe "#valid?" do
     it 'returns true when the signature is valid' do
       expect(subject).to be_valid