lib/saml/kit/signature.rb in saml-kit-0.2.2 vs lib/saml/kit/signature.rb in saml-kit-0.2.3

@@ -1,78 +1,36 @@
 module Saml
   module Kit
     class Signature
-      SIGNATURE_METHODS = {
-        SHA1: "http://www.w3.org/2000/09/xmldsig#rsa-sha1",
-        SHA224: "http://www.w3.org/2001/04/xmldsig-more#rsa-sha224",
-        SHA256: "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256",
-        SHA384: "http://www.w3.org/2001/04/xmldsig-more#rsa-sha384",
-        SHA512: "http://www.w3.org/2001/04/xmldsig-more#rsa-sha512",
-      }.freeze
-      DIGEST_METHODS = {
-        SHA1: "http://www.w3.org/2000/09/xmldsig#SHA1",
-        SHA224: "http://www.w3.org/2001/04/xmldsig-more#sha224",
-        SHA256: "http://www.w3.org/2001/04/xmlenc#sha256",
-        SHA384: "http://www.w3.org/2001/04/xmldsig-more#sha384",
-        SHA512: "http://www.w3.org/2001/04/xmlenc#sha512",
-      }.freeze
+      attr_reader :sign, :xml
+      attr_reader :configuration
 
-      attr_reader :configuration, :sign, :xml
-
       def initialize(xml, configuration:, sign: true)
-        @xml = xml
         @configuration = configuration
         @sign = sign
-        @reference_ids = []
+        @xml = xml
       end
 
       def template(reference_id)
         return unless sign
-        return if reference_id.blank?
-        @reference_ids << reference_id
-
-        xml.Signature "xmlns" => Namespaces::XMLDSIG do
-          xml.SignedInfo do
-            xml.CanonicalizationMethod Algorithm: "http://www.w3.org/2001/10/xml-exc-c14n#"
-            xml.SignatureMethod Algorithm: SIGNATURE_METHODS[configuration.signature_method]
-            xml.Reference URI: "##{reference_id}" do
-              xml.Transforms do
-                xml.Transform Algorithm: "http://www.w3.org/2000/09/xmldsig#enveloped-signature"
-                xml.Transform Algorithm: "http://www.w3.org/2001/10/xml-exc-c14n#"
-              end
-              xml.DigestMethod Algorithm: DIGEST_METHODS[configuration.digest_method]
-              xml.DigestValue ""
-            end
-          end
-          xml.SignatureValue ""
-          xml.KeyInfo do
-            xml.X509Data do
-              xml.X509Certificate configuration.stripped_signing_certificate
-            end
-          end
-        end
+        signature = signatures.build(reference_id)
+        Template.new(signature).to_xml(xml: xml)
       end
 
       def finalize
-        return xml.target! unless sign
-
-        raw_xml = xml.target!
-        @reference_ids.each do |reference_id|
-          raw_xml = Xmldsig::SignedDocument.new(raw_xml).sign(private_key)
-        end
-        raw_xml
+        signatures.complete(xml.target!)
       end
 
       def self.sign(sign: true, xml: ::Builder::XmlMarkup.new, configuration: Saml::Kit.configuration)
         signature = new(xml, sign: sign, configuration: configuration)
         yield xml, signature
         signature.finalize
       end
 
       private
 
-      def private_key
-        configuration.signing_private_key
+      def signatures
+        @signatures ||= Saml::Kit::Signatures.new(configuration: configuration, sign: sign)
       end
     end
   end
 end