class OneLogin::RubySaml::SamlMessage

SAML2 Message

Constants

ASSERTION
BASE64_FORMAT
PROTOCOL

Public Class Methods

schema() click to toggle source

@return [Nokogiri::XML::Schema] Gets the schema object of the SAML 2.0 Protocol schema

# File lib/onelogin/ruby-saml/saml_message.rb, line 26
def self.schema
  Mutex.new.synchronize do
    Dir.chdir(File.expand_path("../../../schemas", __FILE__)) do
      ::Nokogiri::XML::Schema(File.read("saml-schema-protocol-2.0.xsd"))
    end
  end
end

Public Instance Methods

id(document) click to toggle source

@return [String|nil] Gets the ID attribute from the SAML Message if exists.

# File lib/onelogin/ruby-saml/saml_message.rb, line 49
def id(document)
  @id ||= begin
    node = REXML::XPath.first(
      document,
      "/p:AuthnRequest | /p:Response | /p:LogoutResponse | /p:LogoutRequest",
      { "p" => PROTOCOL }
    )
    node.nil? ? nil : node.attributes['ID']
  end
end
valid_saml?(document, soft = true) click to toggle source

Validates the SAML Message against the specified schema. @param document [REXML::Document] The message that will be validated @param soft [Boolean] soft Enable or Disable the soft mode (In order to raise exceptions when the message is invalid or not) @return [Boolean] True if the XML is valid, otherwise False, if soft=True @raise [ValidationError] if soft == false and validation fails

# File lib/onelogin/ruby-saml/saml_message.rb, line 66
def valid_saml?(document, soft = true)
  begin
    xml = Nokogiri::XML(document.to_s) do |config|
      config.options = XMLSecurity::BaseDocument::NOKOGIRI_OPTIONS
    end
  rescue Exception => error
    return false if soft
    raise ValidationError.new("XML load failed: #{error.message}")
  end

  SamlMessage.schema.validate(xml).map do |error|
    return false if soft
    raise ValidationError.new("#{error.message}\n\n#{xml.to_s}")
  end
end
version(document) click to toggle source

@return [String|nil] Gets the Version attribute from the SAML Message if exists.

# File lib/onelogin/ruby-saml/saml_message.rb, line 36
def version(document)
  @version ||= begin
    node = REXML::XPath.first(
      document,
      "/p:AuthnRequest | /p:Response | /p:LogoutResponse | /p:LogoutRequest",
      { "p" => PROTOCOL }
    )
    node.nil? ? nil : node.attributes['Version']
  end
end

Private Instance Methods

base64_encoded?(string) click to toggle source

Check if a string is base64 encoded @param string [String] string to check the encoding of @return [true, false] whether or not the string is base64 encoded

# File lib/onelogin/ruby-saml/saml_message.rb, line 130
def base64_encoded?(string)
  !!string.gsub(/[\r\n]|\r|\n/, "").match(BASE64_FORMAT)
end
decode(string) click to toggle source

Base 64 decode method @param string [String] The string message @return [String] The decoded string

# File lib/onelogin/ruby-saml/saml_message.rb, line 114
def decode(string)
  Base64.decode64(string)
end
decode_raw_saml(saml) click to toggle source

Base64 decode and try also to inflate a SAML Message @param saml [String] The deflated and encoded SAML Message @return [String] The plain SAML Message

# File lib/onelogin/ruby-saml/saml_message.rb, line 88
def decode_raw_saml(saml)
  return saml unless base64_encoded?(saml)

  decoded = decode(saml)
  begin
    inflate(decoded)
  rescue
    decoded
  end
end
deflate(inflated) click to toggle source

Deflate method @param inflated [String] The string @return [String] The deflated string

# File lib/onelogin/ruby-saml/saml_message.rb, line 146
def deflate(inflated)
  Zlib::Deflate.deflate(inflated, 9)[2..-5]
end
encode(string) click to toggle source

Base 64 encode method @param string [String] The string @return [String] The encoded string

# File lib/onelogin/ruby-saml/saml_message.rb, line 122
def encode(string)
  Base64.encode64(string).gsub(/\n/, "")
end
encode_raw_saml(saml, settings) click to toggle source

Deflate, base64 encode and url-encode a SAML Message (To be used in the HTTP-redirect binding) @param saml [String] The plain SAML Message @param settings [OneLogin::RubySaml::Settings|nil] Toolkit settings @return [String] The deflated and encoded SAML Message (encoded if the compression is requested)

# File lib/onelogin/ruby-saml/saml_message.rb, line 104
def encode_raw_saml(saml, settings)
  saml = deflate(saml) if settings.compress_request

  CGI.escape(Base64.encode64(saml))
end
inflate(deflated) click to toggle source

Inflate method @param deflated [String] The string @return [String] The inflated string

# File lib/onelogin/ruby-saml/saml_message.rb, line 138
def inflate(deflated)
  Zlib::Inflate.new(-Zlib::MAX_WBITS).inflate(deflated)
end