Commit dc778f9
Changed files (4)
lib
saml
spec
saml
lib/saml/kit/document.rb
@@ -13,8 +13,6 @@ module Saml
validate :must_be_expected_type
validate :must_be_valid_version
- attr_reader :content, :name, :configuration
-
def initialize(xml, name:, configuration: Saml::Kit.configuration)
@configuration = configuration
@content = xml
@@ -22,39 +20,45 @@ module Saml
@xml_hash = Hash.from_xml(xml) || {}
end
+ # Returns the ID for the SAML document.
def id
to_h.fetch(name, {}).fetch('ID', nil)
end
+ # Returns the Issuer for the SAML document.
def issuer
to_h.fetch(name, {}).fetch('Issuer', nil)
end
+ # Returns the Version of the SAML document.
def version
to_h.fetch(name, {}).fetch('Version', {})
end
+ # Returns the Destination of the SAML document.
def destination
to_h.fetch(name, {}).fetch('Destination', nil)
end
+ # Returns the Destination of the SAML document.
def issue_instant
- to_h[name]['IssueInstant']
- end
-
- def expected_type?
- return false if to_xml.blank?
- to_h[name].present?
+ Time.parse(to_h[name]['IssueInstant'])
end
+ # Returns the SAML document returned as a Hash.
def to_h
@xml_hash
end
+ # Returns the SAML document as an XML string.
+ #
+ # @param pretty [Boolean] formats the xml or returns the raw xml.
def to_xml(pretty: false)
pretty ? Nokogiri::XML(content).to_xml(indent: 2) : content
end
+ # Returns the SAML document as an XHTML string.
+ # This is useful for rendering in a web page.
def to_xhtml
Nokogiri::XML(content, &:noblanks).to_xhtml
end
@@ -64,6 +68,10 @@ module Saml
end
class << self
+ # Returns the raw xml as a Saml::Kit SAML document.
+ #
+ # @param xml [String] the raw xml string.
+ # @param configuration [Saml::Kit::Configuration] the configuration to use for unpacking the document.
def to_saml_document(xml, configuration: Saml::Kit.configuration)
hash = Hash.from_xml(xml)
if hash['Response'].present?
@@ -80,7 +88,8 @@ module Saml
InvalidDocument.new(xml)
end
- def builder_class
+ # @!visibility private
+ def builder_class # :nodoc:
case name
when Saml::Kit::Response.to_s
Saml::Kit::Builders::Response
@@ -98,6 +107,8 @@ module Saml
private
+ attr_reader :content, :name, :configuration
+
def must_match_xsd
matches_xsd?(PROTOCOL_XSD)
end
@@ -108,6 +119,11 @@ module Saml
errors[:base] << error_message(:invalid) unless expected_type?
end
+ def expected_type?
+ return false if to_xml.blank?
+ to_h[name].present?
+ end
+
def must_be_valid_version
return unless expected_type?
return if "2.0" == version
lib/saml/kit/fingerprint.rb
@@ -1,12 +1,18 @@
module Saml
module Kit
+ # This generates a fingerprint for an X509 Certificate.
class Fingerprint
+ # The OpenSSL::X509::Certificate
attr_reader :x509
def initialize(raw_certificate)
@x509 = Certificate.to_x509(raw_certificate)
end
+ # Generates a formatted fingerprint using the specified hash algorithm.
+ #
+ # @param algorithm [OpenSSL::Digest] the openssl algorithm to use `OpenSSL::Digest::SHA256`, `OpenSSL::Digest::SHA1`.
+ # @return [String] in the format of `"BF:ED:C5:F1:6C:AB:F5:B2:15:1F:BF:BD:7D:68:1A:F9:A5:4E:4C:19:30:BC:6D:25:B1:8E:98:D4:23:FD:B4:09"`
def algorithm(algorithm)
pretty_fingerprint(algorithm.new.hexdigest(x509.to_der))
end
spec/saml/builders/logout_response_spec.rb
@@ -15,7 +15,7 @@ RSpec.describe Saml::Kit::Builders::LogoutResponse do
subject.destination = destination
result = subject.build
expect(result.id).to be_present
- expect(result.issue_instant).to eql(Time.now.utc.iso8601)
+ expect(result.issue_instant).to eql(Time.now.utc)
expect(result.version).to eql("2.0")
expect(result.issuer).to eql(issuer)
expect(result.status_code).to eql(Saml::Kit::Namespaces::SUCCESS)
spec/saml/logout_request_spec.rb
@@ -23,7 +23,7 @@ RSpec.describe Saml::Kit::LogoutRequest do
it 'parses the issue instant' do
travel_to 1.second.from_now
- expect(subject.issue_instant).to eql(Time.now.utc.iso8601)
+ expect(subject.issue_instant).to eql(Time.now.utc)
end
it 'parses the version' do