libsaml 2.0.5

data/lib/saml/elements/requested_authn_context.rb

@@ -0,0 +1,28 @@
+module Saml
+  module Elements
+    class RequestedAuthnContext
+
+      module ComparisonTypes
+        EXACT   = 'exact'
+        MINIMUM = 'minimum'
+        MAXIMUM = 'maximum'
+        BETTER  = 'better'
+        ALL     = [EXACT, MINIMUM, MAXIMUM, BETTER, nil]
+      end
+
+      include Saml::ClassRefs
+
+      include Saml::Base
+
+      tag 'RequestedAuthnContext'
+      namespace 'samlp'
+
+      attribute :comparison, String, :tag => "Comparison"
+
+      element :authn_context_class_ref, String, :namespace => 'saml', :tag => "AuthnContextClassRef"
+
+      validates :authn_context_class_ref, :presence => true, :inclusion => ALL_CLASS_REFS
+      validates :comparison, :inclusion => ComparisonTypes::ALL
+    end
+  end
+end

data/lib/saml/elements/signature.rb

@@ -0,0 +1,33 @@
+require 'saml/elements/signature/inclusive_namespaces'
+require 'saml/elements/signature/transform'
+require 'saml/elements/signature/transforms'
+require 'saml/elements/signature/digest_method'
+require 'saml/elements/signature/reference'
+require 'saml/elements/signature/signature_method'
+require 'saml/elements/signature/canonicalization_method'
+require 'saml/elements/signature/signed_info'
+require 'saml/elements/signature/key_info'
+
+module Saml
+  module Elements
+    class Signature
+      include Saml::Base
+
+      tag "Signature"
+      register_namespace 'ds', Saml::XML_DSIG_NAMESPACE
+      namespace 'ds'
+
+      has_one :signed_info, SignedInfo
+      element :signature_value, String, :tag => "SignatureValue", :state_when_nil => true
+      has_one :key_info, KeyInfo
+
+
+      def initialize(*args)
+        super(*args)
+        options       = args.extract_options!
+        @signed_info  ||= SignedInfo.new(:uri => options.delete(:uri), :digest_value => options.delete(:digest_value))
+        @key_info     ||= KeyInfo.new
+      end
+    end
+  end
+end

data/lib/saml/elements/signature/canonicalization_method.rb

@@ -0,0 +1,19 @@
+module Saml
+  module Elements
+    class Signature
+      class CanonicalizationMethod
+        include Saml::Base
+
+        tag "CanonicalizationMethod"
+        namespace 'ds'
+
+        attribute :algorithm, String, :tag => "Algorithm"
+
+        def initialize(*args)
+          @algorithm = "http://www.w3.org/2001/10/xml-exc-c14n#"
+          super(*args)
+        end
+      end
+    end
+  end
+end

data/lib/saml/elements/signature/digest_method.rb

@@ -0,0 +1,19 @@
+module Saml
+  module Elements
+    class Signature
+      class DigestMethod
+        include Saml::Base
+
+        tag "DigestMethod"
+        namespace 'ds'
+
+        attribute :algorithm, String, :tag => "Algorithm"
+
+        def initialize(*args)
+          @algorithm = "http://www.w3.org/2001/04/xmlenc#sha256"
+          super(*args)
+        end
+      end
+    end
+  end
+end

data/lib/saml/elements/signature/inclusive_namespaces.rb

@@ -0,0 +1,20 @@
+module Saml
+  module Elements
+    class Signature
+      class InclusiveNamespaces
+        include Saml::Base
+
+        register_namespace 'ec', "http://www.w3.org/2001/10/xml-exc-c14n#"
+        namespace 'ec'
+        tag 'InclusiveNamespaces'
+
+        attribute :prefix_list, String, :tag => "PrefixList"
+
+        def initialize(*args)
+          @prefix_list = "ds saml samlp xs"
+          super(*args)
+        end
+      end
+    end
+  end
+end

data/lib/saml/elements/signature/key_info.rb

@@ -0,0 +1,14 @@
+module Saml
+  module Elements
+    class Signature
+      class KeyInfo
+        include Saml::Base
+
+        tag "KeyInfo"
+        namespace 'ds'
+
+        element :key_name, String, :namespace => 'ds', :tag => "KeyName"
+      end
+    end
+  end
+end

data/lib/saml/elements/signature/reference.rb

@@ -0,0 +1,23 @@
+module Saml
+  module Elements
+    class Signature
+      class Reference
+        include Saml::Base
+
+        tag "Reference"
+        namespace 'ds'
+
+        attribute :uri, String, :tag => "URI"
+        element :transforms, Transforms
+        element :digest_method, DigestMethod
+        element :digest_value, String, :tag => "DigestValue", :state_when_nil => true
+
+        def initialize(*args)
+          @transforms    = Transforms.new
+          @digest_method = DigestMethod.new
+          super(*args)
+        end
+      end
+    end
+  end
+end

data/lib/saml/elements/signature/signature_method.rb

@@ -0,0 +1,19 @@
+module Saml
+  module Elements
+    class Signature
+      class SignatureMethod
+        include Saml::Base
+
+        tag "SignatureMethod"
+        namespace 'ds'
+
+        attribute :algorithm, String, :tag => "Algorithm"
+
+        def initialize(*args)
+          @algorithm = "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"
+          super(*args)
+        end
+      end
+    end
+  end
+end

data/lib/saml/elements/signature/signed_info.rb

@@ -0,0 +1,24 @@
+module Saml
+  module Elements
+    class Signature
+      class SignedInfo
+        include Saml::Base
+
+        tag "SignedInfo"
+        namespace 'ds'
+
+        element :canonicalization_method, CanonicalizationMethod
+        element :signature_method, SignatureMethod
+        element :reference, Reference
+
+        def initialize(*args)
+          @canonicalization_method = CanonicalizationMethod.new
+          @signature_method        = SignatureMethod.new
+          super(*args)
+          options    = args.extract_options!
+          @reference ||= Reference.new(:uri => options.delete(:uri), :digest_value => options.delete(:digest_value))
+        end
+      end
+    end
+  end
+end

data/lib/saml/elements/signature/transform.rb

@@ -0,0 +1,19 @@
+module Saml
+  module Elements
+    class Signature
+      class Transform
+        include Saml::Base
+
+        tag "Transform"
+        namespace 'ds'
+
+        attribute :algorithm, String, :tag => "Algorithm"
+        has_one :inclusive_namespaces, InclusiveNamespaces
+
+        def inclusive_namespaces
+          @inclusive_namespaces == [] ? nil : @inclusive_namespaces
+        end
+      end
+    end
+  end
+end

data/lib/saml/elements/signature/transforms.rb

@@ -0,0 +1,21 @@
+module Saml
+  module Elements
+    class Signature
+      class Transforms
+        include Saml::Base
+
+        tag "Transforms"
+        namespace 'ds'
+
+        has_many :transform, Transform, :tag => "Transform"
+
+        def initialize(*args)
+          @transform = [Transform.new(:algorithm => "http://www.w3.org/2000/09/xmldsig#enveloped-signature"),
+                        Transform.new(:algorithm            => "http://www.w3.org/2001/10/xml-exc-c14n#",
+                                      :inclusive_namespaces => InclusiveNamespaces.new)]
+          super(*args)
+        end
+      end
+    end
+  end
+end

data/lib/saml/elements/sp_sso_descriptor.rb

@@ -0,0 +1,27 @@
+module Saml
+  module Elements
+    class SPSSODescriptor
+      include Saml::ComplexTypes::SSODescriptorType
+
+      class AssertionConsumerService
+        include Saml::ComplexTypes::IndexedEndpointType
+        tag 'AssertionConsumerService'
+      end
+
+      tag 'SPSSODescriptor'
+
+      attribute :authn_requests_signed, Boolean, :tag => "AuthnRequestsSigned", :default => false
+      attribute :want_assertions_signed, Boolean, :tag => "WantAssertionsSigned", :default => false
+
+      has_many :assertion_consumer_services, AssertionConsumerService
+
+      validates :assertion_consumer_services, :presence => true
+
+      def initialize(*args)
+        super(*args)
+        self.assertion_consumer_services ||= []
+      end
+
+    end
+  end
+end

data/lib/saml/elements/status.rb

@@ -0,0 +1,15 @@
+module Saml
+  module Elements
+    class Status
+      include Saml::Base
+
+      tag "Status"
+      namespace 'samlp'
+
+      has_one :status_code, Saml::Elements::StatusCode
+
+      validates :status_code, :presence => true
+
+    end
+  end
+end

data/lib/saml/elements/status_code.rb

@@ -0,0 +1,42 @@
+module Saml
+  module Elements
+    class StatusCode
+      include Saml::Base
+
+      tag "StatusCode"
+      namespace 'samlp'
+
+      attribute :value, String, :tag => "Value"
+
+      has_one :sub_status_code, Saml::Elements::SubStatusCode
+
+      validates :value, :presence => true, :inclusion => TopLevelCodes::ALL
+
+      def initialize(*args)
+        options          = args.extract_options!
+        @sub_status_code = Saml::Elements::SubStatusCode.new(:value => options.delete(:sub_status_value)) if options[:sub_status_value]
+        super(*(args << options))
+      end
+
+      def success?
+        value == TopLevelCodes::SUCCESS
+      end
+
+      def authn_failed?
+        sub_status_code.value == SubStatusCodes::AUTHN_FAILED
+      end
+
+      def request_denied?
+        sub_status_code.value == SubStatusCodes::REQUEST_DENIED
+      end
+
+      def no_authn_context?
+        sub_status_code.value == SubStatusCodes::NO_AUTHN_CONTEXT
+      end
+
+      def partial_logout?
+        sub_status_code.value == SubStatusCodes::PARTIAL_LOGOUT
+      end
+    end
+  end
+end

data/lib/saml/elements/sub_status_code.rb

@@ -0,0 +1,14 @@
+module Saml
+  module Elements
+    class SubStatusCode
+      include Saml::Base
+
+      tag "StatusCode"
+      namespace 'samlp'
+
+      attribute :value, String, :tag => "Value"
+
+      validates :value, :presence => true, :inclusion => SubStatusCodes::ALL
+    end
+  end
+end

data/lib/saml/elements/subject.rb

@@ -0,0 +1,38 @@
+module Saml
+  module Elements
+    class Subject
+      include Saml::Base
+
+      tag "Subject"
+      register_namespace 'saml', Saml::SAML_NAMESPACE
+      namespace 'saml'
+
+      element :_name_id, NameId, :tag => "NameID"
+
+      has_many :subject_confirmation, Saml::Elements::SubjectConfirmation
+
+      validates :name_id, :subject_confirmation, :presence => true
+
+      def initialize(*args)
+        options               = args.extract_options!
+        @_name_id             = Saml::Elements::NameId.new(format: options.delete(:name_id_format),
+                                                           value:  options.delete(:name_id))
+        @subject_confirmation = Saml::Elements::SubjectConfirmation.new(recipient:      options.delete(:recipient),
+                                                                        in_response_to: options.delete(:in_response_to))
+        super(*(args << options))
+      end
+
+      def name_id
+        @_name_id.value
+      end
+
+      def name_id=(value)
+        @_name_id.value = value
+      end
+
+      def name_id_format
+        @_name_id.format
+      end
+    end
+  end
+end

data/lib/saml/elements/subject_confirmation.rb

@@ -0,0 +1,30 @@
+module Saml
+  module Elements
+    class SubjectConfirmation
+      include Saml::Base
+
+      class Methods
+        BEARER = "urn:oasis:names:tc:SAML:2.0:cm:bearer"
+      end
+
+      tag "SubjectConfirmation"
+      register_namespace 'saml', Saml::SAML_NAMESPACE
+      namespace 'saml'
+
+      attribute :_method, String, :tag => 'Method'
+
+      has_many :subject_confirmation_data, Saml::Elements::SubjectConfirmationData
+
+      validates :_method, :presence => true
+
+
+      def initialize(*args)
+        options                    = args.extract_options!
+        @subject_confirmation_data = Saml::Elements::SubjectConfirmationData.new(:recipient      => options.delete(:recipient),
+                                                                                 :in_response_to => options.delete(:in_response_to))
+        super(*(args << options))
+        @_method ||= Methods::BEARER
+      end
+    end
+  end
+end

data/lib/saml/elements/subject_confirmation_data.rb

@@ -0,0 +1,23 @@
+module Saml
+  module Elements
+    class SubjectConfirmationData
+      include Saml::Base
+
+      tag "SubjectConfirmationData"
+      register_namespace 'saml', Saml::SAML_NAMESPACE
+      namespace 'saml'
+
+      attribute :not_on_or_after, Time, :tag => "NotOnOrAfter", :on_save => lambda { |val| val.utc.xmlschema }
+      attribute :recipient, String, :tag => "Recipient"
+      attribute :in_response_to, String, :tag => "InResponseTo"
+
+      validates :not_on_or_after, :in_response_to, :recipient, :presence => true
+
+      def initialize(*args)
+        options = args.extract_options!
+        super(*(args << options))
+        @not_on_or_after = Time.now + Saml::Config.max_issue_instant_offset.minutes
+      end
+    end
+  end
+end