Sha256: 7e4f66e371e465aea8056437a4461e7266166a2db51989f6bca6ec226e471aeb
Contents?: true
Size: 1.73 KB
Versions: 3
Compression:
Stored size: 1.73 KB
Contents
# frozen_string_literal: true module Saml module Kit module Trustable extend ActiveSupport::Concern included do validate :must_have_valid_signature, unless: :signature_manually_verified validate :must_be_registered validate :must_be_trusted end # Returns true when the document has an embedded XML Signature or has been verified externally. def signed? signature_manually_verified || signature.present? end # @!visibility private def signature @signature ||= Signature.new(at_xpath("/samlp:#{name}/ds:Signature")) end # Returns true when documents is signed and the signing certificate belongs to a known service entity. def trusted? return true if signature_manually_verified return false unless signed? signature.trusted?(provider) end # @!visibility private def provider registry.metadata_for(issuer) end # @!visibility private def signature_verified! @signature_manually_verified = true end private attr_reader :signature_manually_verified def must_have_valid_signature return if to_xml.blank? return unless signature.present? signature.valid? signature.errors.each do |attribute, error| errors[attribute] << error end end def must_be_registered return unless expected_type? return if provider.present? errors[:provider] << error_message(:unregistered) end def must_be_trusted return if trusted? return if provider.present? && !signed? errors[:fingerprint] << error_message(:invalid_fingerprint) end end end end
Version data entries
3 entries across 3 versions & 1 rubygems
Version | Path |
---|---|
saml-kit-1.0.14 | lib/saml/kit/trustable.rb |
saml-kit-1.0.13 | lib/saml/kit/trustable.rb |
saml-kit-1.0.12 | lib/saml/kit/trustable.rb |