Commit 8a8db84
Changed files (8)
lib/saml/kit/builders/templates/authn_request.builder → lib/saml/kit/builders/templates/authentication_request.builder
File renamed without changes
lib/saml/kit/builders/authentication_request.rb
@@ -5,7 +5,7 @@ module Saml
include Saml::Kit::Templatable
attr_accessor :id, :now, :issuer, :assertion_consumer_service_url, :name_id_format, :sign, :destination
attr_accessor :version
- attr_reader :template_name, :configuration
+ attr_reader :configuration
def initialize(configuration: Saml::Kit.configuration, sign: true)
@configuration = configuration
@@ -14,7 +14,6 @@ module Saml
@name_id_format = Namespaces::PERSISTENT
@now = Time.now.utc
@sign = sign
- @template_name = 'authn_request'
@version = "2.0"
end
lib/saml/kit/builders/identity_provider_metadata.rb
@@ -6,7 +6,7 @@ module Saml
attr_accessor :id, :organization_name, :organization_url, :contact_email, :entity_id, :attributes, :name_id_formats
attr_accessor :want_authn_requests_signed, :sign
attr_reader :logout_urls, :single_sign_on_urls
- attr_reader :template_name, :configuration
+ attr_reader :configuration
def initialize(configuration = Saml::Kit.configuration)
@attributes = []
@@ -17,7 +17,6 @@ module Saml
@name_id_formats = [Namespaces::PERSISTENT]
@sign = true
@single_sign_on_urls = []
- @template_name = 'identity_provider_metadata'
@want_authn_requests_signed = true
end
lib/saml/kit/builders/logout_request.rb
@@ -5,7 +5,7 @@ module Saml
include Saml::Kit::Templatable
attr_accessor :id, :destination, :issuer, :name_id_format, :now
attr_accessor :sign, :version
- attr_reader :user, :configuration, :template_name
+ attr_reader :user, :configuration
def initialize(user, configuration: Saml::Kit.configuration, sign: true)
@configuration = configuration
@@ -16,7 +16,6 @@ module Saml
@now = Time.now.utc
@version = "2.0"
@sign = sign
- @template_name = 'logout_request'
end
def build
lib/saml/kit/builders/logout_response.rb
@@ -5,7 +5,7 @@ module Saml
include Saml::Kit::Templatable
attr_accessor :id, :issuer, :version, :status_code, :sign, :now, :destination
attr_reader :request
- attr_reader :configuration, :template_name
+ attr_reader :configuration
def initialize(user, request, configuration: Saml::Kit.configuration, sign: true)
@configuration = configuration
@@ -15,7 +15,6 @@ module Saml
@request = request
@sign = sign
@status_code = Namespaces::SUCCESS
- @template_name = 'logout_response'
@user = user
@version = "2.0"
end
lib/saml/kit/builders/response.rb
@@ -38,7 +38,38 @@ module Saml
xml.Status do
xml.StatusCode Value: status_code
end
- assertion(xml, signature)
+ with_encryption(xml) do |xml|
+ xml.Assertion(assertion_options) do
+ xml.Issuer issuer
+ signature.template(reference_id) unless encrypt
+ xml.Subject do
+ xml.NameID user.name_id_for(request.name_id_format), Format: request.name_id_format
+ xml.SubjectConfirmation Method: Namespaces::BEARER do
+ xml.SubjectConfirmationData "", subject_confirmation_data_options
+ end
+ end
+ xml.Conditions conditions_options do
+ xml.AudienceRestriction do
+ xml.Audience request.issuer
+ end
+ end
+ xml.AuthnStatement authn_statement_options do
+ xml.AuthnContext do
+ xml.AuthnContextClassRef Namespaces::PASSWORD
+ end
+ end
+ assertion_attributes = user.assertion_attributes_for(request)
+ if assertion_attributes.any?
+ xml.AttributeStatement do
+ assertion_attributes.each do |key, value|
+ xml.Attribute Name: key, NameFormat: Namespaces::URI, FriendlyName: key do
+ xml.AttributeValue value.to_s
+ end
+ end
+ end
+ end
+ end
+ end
end
end
end
@@ -49,41 +80,6 @@ module Saml
private
- def assertion(xml, signature)
- with_encryption(xml) do |xml|
- xml.Assertion(assertion_options) do
- xml.Issuer issuer
- signature.template(reference_id) unless encrypt
- xml.Subject do
- xml.NameID user.name_id_for(request.name_id_format), Format: request.name_id_format
- xml.SubjectConfirmation Method: Namespaces::BEARER do
- xml.SubjectConfirmationData "", subject_confirmation_data_options
- end
- end
- xml.Conditions conditions_options do
- xml.AudienceRestriction do
- xml.Audience request.issuer
- end
- end
- xml.AuthnStatement authn_statement_options do
- xml.AuthnContext do
- xml.AuthnContextClassRef Namespaces::PASSWORD
- end
- end
- assertion_attributes = user.assertion_attributes_for(request)
- if assertion_attributes.any?
- xml.AttributeStatement do
- assertion_attributes.each do |key, value|
- xml.Attribute Name: key, NameFormat: Namespaces::URI, FriendlyName: key do
- xml.AttributeValue value.to_s
- end
- end
- end
- end
- end
- end
- end
-
def with_encryption(xml)
if encrypt
temp = ::Builder::XmlMarkup.new
@@ -99,9 +95,6 @@ module Saml
iv = cipher.random_iv
encrypted = cipher.update(raw_xml_to_encrypt) + cipher.final
- Saml::Kit.logger.debug ['+iv', iv].inspect
- Saml::Kit.logger.debug ['+key', key].inspect
-
xml.EncryptedAssertion xmlns: Namespaces::ASSERTION do
xml.EncryptedData xmlns: Namespaces::XMLENC do
xml.EncryptionMethod Algorithm: "http://www.w3.org/2001/04/xmlenc#aes256-cbc"
lib/saml/kit/builders/service_provider_metadata.rb
@@ -6,7 +6,7 @@ module Saml
attr_accessor :id, :entity_id, :acs_urls, :logout_urls, :name_id_formats, :sign
attr_accessor :organization_name, :organization_url, :contact_email
attr_accessor :want_assertions_signed
- attr_reader :configuration, :template_name
+ attr_reader :configuration
def initialize(configuration = Saml::Kit.configuration)
@acs_urls = []
@@ -16,7 +16,6 @@ module Saml
@logout_urls = []
@name_id_formats = [Namespaces::PERSISTENT]
@sign = true
- @template_name = 'service_provider_metadata'
@want_assertions_signed = true
end
lib/saml/kit/templatable.rb
@@ -1,8 +1,12 @@
module Saml
module Kit
module Templatable
+ def template_name
+ "#{self.class.name.split("::").last.underscore}.builder"
+ end
+
def template_path
- File.join(File.expand_path(File.dirname(__FILE__)), "builders/templates/#{template_name}.builder")
+ File.join(File.expand_path(File.dirname(__FILE__)), "builders/templates/#{template_name}")
end
def template