Class: Identizer::Saml::ResponseBuilder

Inherits:

Object

Object
Identizer::Saml::ResponseBuilder

show all

Defined in:: lib/identizer/saml/response_builder.rb

Overview

Builds a SAML 2.0 Response containing a signed Assertion for a signed-in identity, ready to POST to the SP’s assertion consumer service.

Constant Summary collapse

PROTOCOL =

"urn:oasis:names:tc:SAML:2.0:protocol"

ASSERTION =

"urn:oasis:names:tc:SAML:2.0:assertion"

SUCCESS =

"urn:oasis:names:tc:SAML:2.0:status:Success"

BEARER =

"urn:oasis:names:tc:SAML:2.0:cm:bearer"

EMAIL_FORMAT =

"urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"

BASIC_FORMAT =

"urn:oasis:names:tc:SAML:2.0:attrname-format:basic"

URI_FORMAT =

"urn:oasis:names:tc:SAML:2.0:attrname-format:uri"

PASSWORD_CONTEXT =

"urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport"

VALIDITY =

Instance Method Summary collapse

#build(identity:, acs_url:, audience:, in_response_to: nil, now: Time.now) ⇒ Object

Returns the signed Response XML string.
#build_base64 ⇒ Object
#initialize(config, keypair) ⇒ ResponseBuilder constructor

A new instance of ResponseBuilder.

Constructor Details

#initialize(config, keypair) ⇒ `ResponseBuilder`

Returns a new instance of ResponseBuilder.

# File 'lib/identizer/saml/response_builder.rb', line 21

def initialize(config, keypair)
  @config = config
  @keypair = keypair
end

Instance Method Details

#build(identity:, acs_url:, audience:, in_response_to: nil, now: Time.now) ⇒ `Object`

Returns the signed Response XML string.

# File 'lib/identizer/saml/response_builder.rb', line 27

def build(identity:, acs_url:, audience:, in_response_to: nil, now: Time.now)
  document = document_for(identity, acs_url, audience, in_response_to, now)
  signer = Signer.new(@keypair)
  signer.sign!(document.at_xpath("//saml:Assertion", "saml" => ASSERTION))
  encrypt_assertion(document) if encrypt?
  signer.sign!(document.root) if @config.saml_sign_response # sign the Response too
  document.to_xml(save_with: Nokogiri::XML::Node::SaveOptions::AS_XML |
                             Nokogiri::XML::Node::SaveOptions::NO_DECLARATION)
end

#build_base64 ⇒ `Object`



37
38
39

# File 'lib/identizer/saml/response_builder.rb', line 37

def build_base64(**)
  Base64.strict_encode64(build(**))
end