class SAML2::Entity

def self.parse(xml)

Returns:
  • (Entity, Group, nil) -

Parameters:
  • xml (String, IO) -- Anything that can be passed to +Nokogiri::XML+ 
def self.parse(xml)
  document = Nokogiri::XML(xml)
  # Root can be an array (EntitiesDescriptor), or a single Entity (EntityDescriptor)
  entities = document.at_xpath("/md:EntitiesDescriptor", Namespaces::ALL)
  entity = document.at_xpath("/md:EntityDescriptor", Namespaces::ALL)
  if entities
    Group.from_xml(entities)
  elsif entity
    from_xml(entity)
  else
    nil
  end
end

def build(builder)

(see Base#build) 
def build(builder)
  builder['md'].EntityDescriptor('entityID' => entity_id,
                                 'xmlns:md' => Namespaces::METADATA,
                                 'xmlns:dsig' => Namespaces::DSIG,
                                 'xmlns:xenc' => Namespaces::XENC) do |entity_descriptor|
    entity_descriptor.parent['ID'] = id if id
    roles.each do |role|
      role.build(entity_descriptor)
    end
    super
  end
end

def entity_id

Returns:
  • (String) - 
def entity_id
  @entity_id || xml && xml['entityID']
end

def from_xml(node)

(see Base#from_xml) 
def from_xml(node)
  super
  @id = nil
  remove_instance_variable(:@valid_until)
  @roles = nil
end

def id

(see Message#id) 
def id
  @id ||= xml['ID']
end

def identity_providers

Returns:
  • (Array) - 
def identity_providers
  roles.select { |r| r.is_a?(IdentityProvider) }
end

def initialize(entity_id = nil)

Parameters:
  • id (String) -- The Entity ID 
def initialize(entity_id = nil)
  super()
  @valid_until = nil
  @entity_id = entity_id
  @roles = []
  @id = "_#{SecureRandom.uuid}"
end

def initiate_authn_request(identity_provider)

Parameters:
  • identity_provider (Entity) -- The metadata of the IdP to send the message to. 
def initiate_authn_request(identity_provider)
  AuthnRequest.initiate(SAML2::NameID.new(entity_id),
                        identity_provider.identity_providers.first,
                        service_provider: service_providers.first)
end

def roles

Returns:
  • (Array) - 
def roles
  @roles ||= load_object_array(xml, 'md:IDPSSODescriptor', IdentityProvider) +
      load_object_array(xml, 'md:SPSSODescriptor', ServiceProvider)
end

def service_providers

Returns:
  • (Array) - 
def service_providers
  roles.select { |r| r.is_a?(ServiceProvider) }
end

def valid_response?(message,

Parameters:
  • identity_provider (Entity) --
  • message (Message) -- 
def valid_response?(message,
                    identity_provider,
                    verification_time: Time.now.utc,
                    allow_expired_certificate: false)
  unless message.is_a?(Response)
    message.errors << "not a Response object"
    return false
  end
  message.validate(service_provider: self,
                   identity_provider: identity_provider,
                   verification_time: verification_time,
                   allow_expired_certificate: allow_expired_certificate).empty?
end

def valid_schema?

(see Message#valid_schema?) 
def valid_schema?
  Schemas.federation.valid?(xml.document)
end

def valid_until

Returns:
  • (Time, nil) - 
def valid_until
  unless instance_variable_defined?(:@valid_until)
    @valid_until = xml['validUntil'] && Time.parse(xml['validUntil'])
  end
  @valid_until
end