lib/saml/kit/response.rb in saml-kit-0.2.3 vs lib/saml/kit/response.rb in saml-kit-0.2.4

@@ -1,78 +1,39 @@
 module Saml
   module Kit
     class Response < Document
       include Respondable
+      extend Forwardable
 
+      def_delegators :assertion, :name_id, :[], :attributes, :started_at, :expired_at, :audiences
+
       validate :must_be_active_session
       validate :must_match_issuer
 
-      def initialize(xml, request_id: nil)
+      def initialize(xml, request_id: nil, configuration: Saml::Kit.configuration)
         @request_id = request_id
-        super(xml, name: "Response")
+        super(xml, name: "Response", configuration: configuration)
       end
 
-      def name_id
-        assertion.fetch('Subject', {}).fetch('NameID', nil)
-      end
-
-      def [](key)
-        attributes[key]
-      end
-
-      def attributes
-        @attributes ||=
-          begin
-            attrs = assertion.fetch('AttributeStatement', {}).fetch('Attribute', [])
-            items = if attrs.is_a? Hash
-              [[attrs["Name"], attrs["AttributeValue"]]]
-            else
-              attrs.map { |item| [item['Name'], item['AttributeValue']] }
-            end
-            Hash[items].with_indifferent_access
-          end
-      end
-
-      def started_at
-        parse_date(assertion.fetch('Conditions', {}).fetch('NotBefore', nil))
-      end
-
-      def expired_at
-        parse_date(assertion.fetch('Conditions', {}).fetch('NotOnOrAfter', nil))
-      end
-
       def expired?
         Time.current > expired_at
       end
 
       def active?
         Time.current > started_at && !expired?
       end
 
-      def encrypted?
-        to_h[name]['EncryptedAssertion'].present?
-      end
-
       def assertion
-        @assertion =
-          begin
-            if encrypted?
-              decrypted = XmlDecryption.new.decrypt(to_h.fetch(name, {}).fetch('EncryptedAssertion', {}))
-              Saml::Kit.logger.debug(decrypted)
-              Hash.from_xml(decrypted)['Assertion']
-            else
-              to_h.fetch(name, {}).fetch('Assertion', {})
-            end
-          end
+        @assertion = Saml::Kit::Assertion.new(to_h, configuration: @configuration)
       end
 
       def signed?
-        super || assertion.fetch('Signature', nil).present?
+        super || assertion.signed?
       end
 
       def certificate
-        super || assertion.fetch('Signature', {}).fetch('KeyInfo', {}).fetch('X509Data', {}).fetch('X509Certificate', nil)
+        super || assertion.certificate
       end
 
       private
 
       def must_be_active_session
@@ -83,26 +44,12 @@
 
       def must_match_issuer
         return unless expected_type?
         return unless success?
 
-        unless audiences.include?(Saml::Kit.configuration.issuer)
+        unless audiences.include?(configuration.issuer)
           errors[:audience] << error_message(:must_match_issuer)
         end
-      end
-
-      def audiences
-        Array(assertion['Conditions']['AudienceRestriction']['Audience'])
-      rescue => error
-        Saml::Kit.logger.error(error)
-        []
-      end
-
-      def parse_date(value)
-        DateTime.parse(value)
-      rescue => error
-        Saml::Kit.logger.error(error)
-        Time.at(0).to_datetime
       end
 
       Builder = ActiveSupport::Deprecation::DeprecatedConstantProxy.new('Saml::Kit::Response::Builder', 'Saml::Kit::Builders::Response')
     end
   end