class ADAL::WSTrustRequest
A request to a WS-Trust endpoint of an ADFS server. Used to obtain a SAML token that can be exchanged for an access token at a token endpoint.
Constants
- ACTION_TO_RST_TEMPLATE
- DEFAULT_APPLIES_TO
Public Class Methods
new( endpoint, action = WSTRUST_13, applies_to = DEFAULT_APPLIES_TO)
click to toggle source
Constructs a new WSTrustRequest
.
@param String|URI endpoint @param String action @param String applies_to
# File lib/adal/wstrust_request.rb, line 54 def initialize( endpoint, action = WSTRUST_13, applies_to = DEFAULT_APPLIES_TO) @applies_to = applies_to @endpoint = URI.parse(endpoint.to_s) @action = action @render = ERB.new(File.read(ACTION_TO_RST_TEMPLATE[action])) end
Public Instance Methods
execute(username, password)
click to toggle source
Performs a WS-Trust RequestSecurityToken request with a username and password to obtain a federated token.
@param String username @param String password @return WSTrustResponse
# File lib/adal/wstrust_request.rb, line 69 def execute(username, password) logger.verbose("Making a WSTrust request with action #{@action}.") request = Net::HTTP::Get.new(@endpoint.path) add_headers(request) request.body = rst(username, password) response = http(@endpoint).request(request) if response.code == '200' WSTrustResponse.parse(response.body) else fail WSTrustResponse::WSTrustError, "Failed request: code #{response.code}." end end
Private Instance Methods
add_headers(request)
click to toggle source
@param Net::HTTP::Get request
# File lib/adal/wstrust_request.rb, line 85 def add_headers(request) request.add_field('Content-Type', 'application/soap+xml; charset=utf-8') request.add_field('SOAPAction', @action) end
rst(username, password, message_id = SecureRandom.uuid)
click to toggle source
@param String username @param String password @param String message_id @return String
# File lib/adal/wstrust_request.rb, line 94 def rst(username, password, message_id = SecureRandom.uuid) created = Time.now expires = created + 10 * 60 # 10 minute expiration @render.result(binding) end