class ADAL::WSTrustRequest

A request to a WS-Trust endpoint of an ADFS server. Used to obtain a SAML token that can be exchanged for an access token at a token endpoint.

Constants

ACTION_TO_RST_TEMPLATE
DEFAULT_APPLIES_TO

Public Class Methods

new( endpoint, action = WSTRUST_13, applies_to = DEFAULT_APPLIES_TO) click to toggle source

Constructs a new WSTrustRequest.

@param String|URI endpoint @param String action @param String applies_to

# File lib/adal/wstrust_request.rb, line 54
def initialize(
  endpoint, action = WSTRUST_13, applies_to = DEFAULT_APPLIES_TO)
  @applies_to = applies_to
  @endpoint = URI.parse(endpoint.to_s)
  @action = action
  @render = ERB.new(File.read(ACTION_TO_RST_TEMPLATE[action]))
end

Public Instance Methods

execute(username, password) click to toggle source

Performs a WS-Trust RequestSecurityToken request with a username and password to obtain a federated token.

@param String username @param String password @return WSTrustResponse

# File lib/adal/wstrust_request.rb, line 69
def execute(username, password)
  logger.verbose("Making a WSTrust request with action #{@action}.")
  request = Net::HTTP::Get.new(@endpoint.path)
  add_headers(request)
  request.body = rst(username, password)
  response = http(@endpoint).request(request)
  if response.code == '200'
    WSTrustResponse.parse(response.body)
  else
    fail WSTrustResponse::WSTrustError, "Failed request: code #{response.code}."
  end
end

Private Instance Methods

add_headers(request) click to toggle source

@param Net::HTTP::Get request

# File lib/adal/wstrust_request.rb, line 85
def add_headers(request)
  request.add_field('Content-Type', 'application/soap+xml; charset=utf-8')
  request.add_field('SOAPAction', @action)
end
rst(username, password, message_id = SecureRandom.uuid) click to toggle source

@param String username @param String password @param String message_id @return String

# File lib/adal/wstrust_request.rb, line 94
def rst(username, password, message_id = SecureRandom.uuid)
  created = Time.now
  expires = created + 10 * 60   # 10 minute expiration
  @render.result(binding)
end