class OmniAuth::Strategies::WSFed::AuthCallbackValidator

Constants

AUDIENCE_MISMATCH
ISSUER_MISMATCH
NO_CLAIMS
NO_USER_IDENTIFIER
TOKEN_EXPIRED

Attributes

auth_callback[RW]
wsfed_settings[RW]

Public Class Methods

new(auth_callback, wsfed_settings) click to toggle source
# File lib/omniauth/strategies/wsfed/auth_callback_validator.rb, line 15
def initialize(auth_callback, wsfed_settings)
  self.auth_callback  = auth_callback
  self.wsfed_settings = wsfed_settings
end

Public Instance Methods

validate!() click to toggle source
# File lib/omniauth/strategies/wsfed/auth_callback_validator.rb, line 20
def validate!
  validate_issuer!
  validate_audience!
  validate_token_expiration!
  validate_claims!
  validate_uid!

  true
end
validate_audience!() click to toggle source
# File lib/omniauth/strategies/wsfed/auth_callback_validator.rb, line 35
def validate_audience!
  raise OmniAuth::Strategies::WSFed::ValidationError.new(AUDIENCE_MISMATCH) unless
      auth_callback.audience == wsfed_settings[:realm]
end
validate_claims!() click to toggle source
# File lib/omniauth/strategies/wsfed/auth_callback_validator.rb, line 45
def validate_claims!
  if auth_callback.claims.nil? || auth_callback.claims.empty?
    raise OmniAuth::Strategies::WSFed::ValidationError.new(NO_CLAIMS)
  end
end
validate_issuer!() click to toggle source
# File lib/omniauth/strategies/wsfed/auth_callback_validator.rb, line 30
def validate_issuer!
  raise OmniAuth::Strategies::WSFed::ValidationError.new(ISSUER_MISMATCH) unless
      auth_callback.issuer == wsfed_settings[:issuer_name]
end
validate_token_expiration!() click to toggle source
# File lib/omniauth/strategies/wsfed/auth_callback_validator.rb, line 40
def validate_token_expiration!
  raise OmniAuth::Strategies::WSFed::ValidationError.new(TOKEN_EXPIRED) unless
      auth_callback.expires_at > Time.now.utc
end
validate_uid!() click to toggle source
# File lib/omniauth/strategies/wsfed/auth_callback_validator.rb, line 51
def validate_uid!
  if auth_callback.name_id.nil? || auth_callback.name_id.empty?
    raise OmniAuth::Strategies::WSFed::ValidationError.new(NO_USER_IDENTIFIER)
  end
end