saml2 3.1.2 → 3.1.4

data/lib/saml2/localized_name.rb

@@ -1,20 +1,21 @@
 # frozen_string_literal: true
 
-require 'saml2/base'
-require 'saml2/namespaces'
+require "saml2/base"
+require "saml2/namespaces"
 
 module SAML2
   class LocalizedName < Hash
     attr_reader :element
 
     def initialize(element, name = nil)
+      super()
       @element = element
-      unless name.nil?
-        if name.is_a?(Hash)
-          replace(name)
-        else
-          self[nil] = name
-        end
+      return if name.nil?
+
+      if name.is_a?(Hash)
+        replace(name)
+      else
+        self[nil] = name
       end
     end
 
@@ -42,14 +43,14 @@ module SAML2
     def from_xml(nodes)
       clear
       nodes.each do |node|
-        self[node['xml:lang'].to_sym] = node.content && node.content.strip
+        self[node["xml:lang"].to_sym] = node.content && node.content.strip
       end
       self
     end
 
     def build(builder)
       each do |lang, value|
-        builder['md'].__send__(element, value, 'xml:lang' => lang)
+        builder["md"].__send__(element, value, "xml:lang" => lang)
       end
     end
   end

data/lib/saml2/logout_request.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
-require 'saml2/name_id'
-require 'saml2/request'
+require "saml2/name_id"
+require "saml2/request"
 
 module SAML2
   class LogoutRequest < Request
@@ -24,27 +24,27 @@ module SAML2
 
     # @return [NameID]
     def name_id
-      @name_id ||= (NameID.from_xml(xml.at_xpath('saml:NameID', Namespaces::ALL)) if xml)
+      @name_id ||= (NameID.from_xml(xml.at_xpath("saml:NameID", Namespaces::ALL)) if xml)
     end
 
     # @return [String, Array<String>]
     def session_index
-      @session_index ||= (load_string_array(xml,'samlp:SessionIndex') if xml)
+      @session_index ||= (load_string_array(xml, "samlp:SessionIndex") if xml)
     end
 
     private
 
     def build(builder)
-      builder['samlp'].LogoutRequest(
-          'xmlns:samlp' => Namespaces::SAMLP,
-          'xmlns:saml' => Namespaces::SAML
+      builder["samlp"].LogoutRequest(
+        "xmlns:samlp" => Namespaces::SAMLP,
+        "xmlns:saml" => Namespaces::SAML
       ) do |logout_request|
         super(logout_request)
 
         name_id.build(logout_request)
 
         Array(session_index).each do |session_index_instance|
-          logout_request['samlp'].SessionIndex(session_index_instance)
+          logout_request["samlp"].SessionIndex(session_index_instance)
         end
       end
     end

data/lib/saml2/logout_response.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-require 'saml2/status_response'
+require "saml2/status_response"
 
 module SAML2
   class LogoutResponse < StatusResponse
@@ -21,9 +21,9 @@ module SAML2
     private
 
     def build(builder)
-      builder['samlp'].LogoutResponse(
-                          'xmlns:samlp' => Namespaces::SAMLP,
-                          'xmlns:saml' => Namespaces::SAML
+      builder["samlp"].LogoutResponse(
+        "xmlns:samlp" => Namespaces::SAMLP,
+        "xmlns:saml" => Namespaces::SAML
       ) do |logout_response|
         super(logout_response)
       end

data/lib/saml2/message.rb

@@ -1,10 +1,10 @@
 # frozen_string_literal: true
 
-require 'securerandom'
-require 'time'
+require "securerandom"
+require "time"
 
-require 'saml2/base'
-require 'saml2/signable'
+require "saml2/base"
+require "saml2/signable"
 
 module SAML2
   class InvalidMessage < RuntimeError
@@ -59,8 +59,10 @@ module SAML2
       #   SAML message type.
       def from_xml(node)
         return super unless self == Message
+
         klass = Message.known_messages[node.name]
-        raise UnknownMessage.new("Unknown message #{node.name}") unless klass
+        raise UnknownMessage, "Unknown message #{node.name}" unless klass
+
         klass.from_xml(node)
       end
 
@@ -72,8 +74,12 @@ module SAML2
       #   If called on a subclass, will raise if the parsed message does not
       #   match the class is was called on.
       def parse(xml)
-        result = Message.from_xml(Nokogiri::XML(xml) { |config| config.strict }.root)
-        raise UnexpectedMessage.new("Expected a #{self.name}, but got a #{result.class.name}") unless self == Message || result.class == self
+        result = Message.from_xml(Nokogiri::XML(xml, &:strict).root)
+        unless self == Message || result.instance_of?(self)
+          raise UnexpectedMessage,
+                "Expected a #{name}, but got a #{result.class.name}"
+        end
+
         result
       rescue Nokogiri::XML::SyntaxError
         raise CorruptMessage
@@ -86,10 +92,10 @@ module SAML2
       end
 
       def inherited(klass)
+        super
         # explicitly keep track of all messages in this base class
-        Message.known_messages[klass.name.sub(/^SAML2::/, '')] = klass
+        Message.known_messages[klass.name.sub(/^SAML2::/, "")] = klass
       end
-
     end
 
     def initialize
@@ -133,37 +139,35 @@ module SAML2
 
     # @return [String]
     def id
-      @id ||= xml['ID']
+      @id ||= xml["ID"]
     end
 
     # @return [Time]
     def issue_instant
-      @issue_instant ||= Time.parse(xml['IssueInstant'])
+      @issue_instant ||= Time.parse(xml["IssueInstant"])
     end
 
     # @return [String, nil]
     def destination
-      if xml && !instance_variable_defined?(:@destination)
-        @destination = xml['Destination']
-      end
+      @destination = xml["Destination"] if xml && !instance_variable_defined?(:@destination)
       @destination
     end
 
     # @return [NameID, nil]
     def issuer
-      @issuer ||= NameID.from_xml(xml.at_xpath('saml:Issuer', Namespaces::ALL))
+      @issuer ||= NameID.from_xml(xml.at_xpath("saml:Issuer", Namespaces::ALL))
     end
 
     protected
 
     # should be called from inside the specific request element
     def build(message)
-      message.parent['ID'] = id
-      message.parent['Version'] = '2.0'
-      message.parent['IssueInstant'] = issue_instant.iso8601
-      message.parent['Destination'] = destination if destination
+      message.parent["ID"] = id
+      message.parent["Version"] = "2.0"
+      message.parent["IssueInstant"] = issue_instant.iso8601
+      message.parent["Destination"] = destination if destination
 
-      issuer.build(message, element: 'Issuer') if issuer
+      issuer&.build(message, element: "Issuer")
     end
   end
 end

data/lib/saml2/name_id.rb

@@ -1,19 +1,25 @@
 # frozen_string_literal: true
 
-require 'saml2/base'
-require 'saml2/namespaces'
+require "saml2/base"
+require "saml2/namespaces"
 
 module SAML2
   class NameID < Base
     module Format
-      EMAIL_ADDRESS                 = "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
-      ENTITY                        = "urn:oasis:names:tc:SAML:2.0:nameid-format:entity"
-      KERBEROS                      = "urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos" # name[/instance]@REALM
-      PERSISTENT                    = "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" # opaque, pseudo-random, unique per SP-IdP pair
-      TRANSIENT                     = "urn:oasis:names:tc:SAML:2.0:nameid-format:transient" # opaque, will likely change
-      UNSPECIFIED                   = "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"
-      WINDOWS_DOMAIN_QUALIFIED_NAME = "urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName" # [DomainName\]UserName
-      X509_SUBJECT_NAME             = "urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName"
+      EMAIL_ADDRESS = "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
+      ENTITY =
+        "urn:oasis:names:tc:SAML:2.0:nameid-format:entity"
+      KERBEROS =
+        "urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos" # name[/instance]@REALM
+      PERSISTENT =
+        "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" # opaque, pseudo-random, unique per SP-IdP pair
+      TRANSIENT =
+        "urn:oasis:names:tc:SAML:2.0:nameid-format:transient" # opaque, will likely change
+      UNSPECIFIED =
+        "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"
+      WINDOWS_DOMAIN_QUALIFIED_NAME =
+        "urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName" # [DomainName\]UserName
+      X509_SUBJECT_NAME = "urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName"
     end
 
     class Policy < Base
@@ -25,6 +31,7 @@ module SAML2
       # @param format optional [String]
       # @param sp_name_qualifier optional [String]
       def initialize(allow_create = nil, format = nil, sp_name_qualifier = nil)
+        super()
         @allow_create = allow_create if allow_create
         @format = format if format
         @sp_name_qualifier = sp_name_qualifier if sp_name_qualifier
@@ -32,43 +39,37 @@ module SAML2
 
       # @return [Boolean, nil]
       def allow_create?
-        if xml && !instance_variable_defined?(:@allow_create)
-          @allow_create = xml['AllowCreate']&.== 'true'
-        end
+        @allow_create = xml["AllowCreate"]&.== "true" if xml && !instance_variable_defined?(:@allow_create)
         @allow_create
       end
 
       # @see Format
       # @return [String, nil]
       def format
-        if xml && !instance_variable_defined?(:@format)
-          @format = xml['Format']
-        end
+        @format = xml["Format"] if xml && !instance_variable_defined?(:@format)
         @format
       end
 
       # @return [String, nil]
       def sp_name_qualifier
-        if xml && !instance_variable_defined?(:@sp_name_qualifier)
-          @sp_name_qualifier = xml['SPNameQualifier']
-        end
+        @sp_name_qualifier = xml["SPNameQualifier"] if xml && !instance_variable_defined?(:@sp_name_qualifier)
         @sp_name_qualifier
       end
 
       # @param rhs [Policy]
       # @return [Boolean]
-      def ==(rhs)
-        allow_create? == rhs.allow_create? &&
-            format == rhs.format &&
-            sp_name_qualifier == rhs.sp_name_qualifier
+      def ==(other)
+        allow_create? == other.allow_create? &&
+          format == other.format &&
+          sp_name_qualifier == other.sp_name_qualifier
       end
 
       # (see Base#build)
       def build(builder)
-        builder['samlp'].NameIDPolicy do |name_id_policy|
-          name_id_policy.parent['Format'] = format if format
-          name_id_policy.parent['SPNameQualifier'] = sp_name_qualifier if sp_name_qualifier
-          name_id_policy.parent['AllowCreate'] = allow_create? unless allow_create?.nil?
+        builder["samlp"].NameIDPolicy do |name_id_policy|
+          name_id_policy.parent["Format"] = format if format
+          name_id_policy.parent["SPNameQualifier"] = sp_name_qualifier if sp_name_qualifier
+          name_id_policy.parent["AllowCreate"] = allow_create? unless allow_create?.nil?
         end
       end
     end
@@ -81,9 +82,9 @@ module SAML2
     # (see Base#from_xml)
     def from_xml(node)
       self.id = node.content.strip
-      self.format = node['Format']
-      self.name_qualifier = node['NameQualifier']
-      self.sp_name_qualifier = node['SPNameQualifier']
+      self.format = node["Format"]
+      self.name_qualifier = node["NameQualifier"]
+      self.sp_name_qualifier = node["SPNameQualifier"]
     end
 
     # @param id [String]
@@ -91,26 +92,29 @@ module SAML2
     # @param name_qualifier optional [String]
     # @param sp_name_qualifier optional [String]
     def initialize(id = nil, format = nil, name_qualifier: nil, sp_name_qualifier: nil)
-      @id, @format, @name_qualifier, @sp_name_qualifier =
-          id, format, name_qualifier, sp_name_qualifier
+      super()
+      @id = id
+      @format = format
+      @name_qualifier = name_qualifier
+      @sp_name_qualifier = sp_name_qualifier
     end
 
     # @param rhs [NameID]
     # @return [Boolean]
-    def ==(rhs)
-      id == rhs.id &&
-          format == rhs.format &&
-          name_qualifier == rhs.name_qualifier &&
-          sp_name_qualifier == rhs.sp_name_qualifier
+    def ==(other)
+      id == other.id &&
+        format == other.format &&
+        name_qualifier == other.name_qualifier &&
+        sp_name_qualifier == other.sp_name_qualifier
     end
 
     # (see Base#build)
     def build(builder, element: nil)
       args = {}
-      args['Format'] = format if format
-      args['NameQualifier'] = name_qualifier if name_qualifier
-      args['SPNameQualifier'] = sp_name_qualifier if sp_name_qualifier
-      builder['saml'].__send__(element || 'NameID', id, args)
+      args["Format"] = format if format
+      args["NameQualifier"] = name_qualifier if name_qualifier
+      args["SPNameQualifier"] = sp_name_qualifier if sp_name_qualifier
+      builder["saml"].__send__(element || "NameID", id, args)
     end
   end
 end

data/lib/saml2/namespaces.rb

@@ -12,14 +12,14 @@ module SAML2
     X500     = "urn:oasis:names:tc:SAML:2.0:profiles:attribute:X500"
 
     ALL = {
-        'xmlns:dsig'  => DSIG,
-        'xmlns:md'    => METADATA,
-        'xmlns:saml'  => SAML,
-        'xmlns:samlp' => SAMLP,
-        'xmlns:x500'  => X500,
-        'xmlns:xenc'  => XENC,
-        'xmlns:xs'    => XS,
-        'xmlns:xsi'   => XSI,
+      "xmlns:dsig" => DSIG,
+      "xmlns:md" => METADATA,
+      "xmlns:saml" => SAML,
+      "xmlns:samlp" => SAMLP,
+      "xmlns:x500" => X500,
+      "xmlns:xenc" => XENC,
+      "xmlns:xs" => XS,
+      "xmlns:xsi" => XSI
     }.freeze
   end
 end

data/lib/saml2/organization.rb

@@ -1,8 +1,8 @@
 # frozen_string_literal: true
 
-require 'saml2/base'
-require 'saml2/localized_name'
-require 'saml2/namespaces'
+require "saml2/base"
+require "saml2/localized_name"
+require "saml2/namespaces"
 
 module SAML2
   class Organization < Base
@@ -11,20 +11,21 @@ module SAML2
 
     # (see Base#from_xml)
     def from_xml(node)
-      name.from_xml(node.xpath('md:OrganizationName', Namespaces::ALL))
-      display_name.from_xml(node.xpath('md:OrganizationDisplayName', Namespaces::ALL))
-      url.from_xml(node.xpath('md:OrganizationURL', Namespaces::ALL))
+      name.from_xml(node.xpath("md:OrganizationName", Namespaces::ALL))
+      display_name.from_xml(node.xpath("md:OrganizationDisplayName", Namespaces::ALL))
+      url.from_xml(node.xpath("md:OrganizationURL", Namespaces::ALL))
     end
 
     def initialize(name = nil, display_name = nil, url = nil)
-      @name = LocalizedName.new('OrganizationName', name)
-      @display_name = LocalizedName.new('OrganizationDisplayName', display_name)
-      @url = LocalizedName.new('OrganizationURL', url)
+      super()
+      @name = LocalizedName.new("OrganizationName", name)
+      @display_name = LocalizedName.new("OrganizationDisplayName", display_name)
+      @url = LocalizedName.new("OrganizationURL", url)
     end
 
     # (see Base#build)
     def build(builder)
-      builder['md'].Organization do |organization|
+      builder["md"].Organization do |organization|
         @name.build(organization)
         @display_name.build(organization)
         @url.build(organization)

data/lib/saml2/organization_and_contacts.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
-require 'saml2/contact'
-require 'saml2/organization'
+require "saml2/contact"
+require "saml2/organization"
 
 module SAML2
   module OrganizationAndContacts
@@ -22,20 +22,20 @@ module SAML2
     # @return [Organization, nil]
     def organization
       unless instance_variable_defined?(:@organization)
-        @organization = Organization.from_xml(xml.at_xpath('md:Organization', Namespaces::ALL))
+        @organization = Organization.from_xml(xml.at_xpath("md:Organization", Namespaces::ALL))
       end
       @organization
     end
 
     # @return [Array<Contact>]
     def contacts
-      @contacts ||= load_object_array(xml, 'md:ContactPerson', Contact)
+      @contacts ||= load_object_array(xml, "md:ContactPerson", Contact)
     end
 
     protected
 
     def build(builder)
-      organization.build(builder) if organization
+      organization&.build(builder)
       contacts.each do |contact|
         contact.build(builder)
       end

data/lib/saml2/request.rb

@@ -1,8 +1,8 @@
 # frozen_string_literal: true
 
-require 'saml2/message'
-require 'saml2/name_id'
-require 'saml2/namespaces'
+require "saml2/message"
+require "saml2/name_id"
+require "saml2/namespaces"
 
 module SAML2
   # @abstract

data/lib/saml2/requested_authn_context.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-require 'saml2/base'
+require "saml2/base"
 
 module SAML2
   class RequestedAuthnContext < Base
@@ -11,10 +11,10 @@ module SAML2
 
     # (see Base#build)
     def build(builder)
-      builder['samlp'].RequestedAuthnContext do |requested_authn_context|
-        requested_authn_context.parent['Comparison'] = comparison.to_s if comparison
+      builder["samlp"].RequestedAuthnContext do |requested_authn_context|
+        requested_authn_context.parent["Comparison"] = comparison.to_s if comparison
         Array(class_ref).each do |individual_class_ref|
-          requested_authn_context['saml'].AuthnContextClassRef(individual_class_ref)
+          requested_authn_context["saml"].AuthnContextClassRef(individual_class_ref)
         end
       end
     end