class OpenID::PAPE::Response
A Provider Authentication Policy response, sent from a provider to a relying party
Attributes
auth_policies[RW]
auth_time[RW]
nist_auth_level[RW]
ns_alias[RW]
Public Class Methods
from_success_response(success_response)
click to toggle source
Create a Response object from an OpenID::Consumer::SuccessResponse
# File lib/openid/extensions/pape.rb, line 105 def self.from_success_response(success_response) args = success_response.get_signed_ns(NS_URI) return nil if args.nil? pape_resp = new pape_resp.parse_extension_args(args) return pape_resp end
new(auth_policies=[], auth_time=nil, nist_auth_level=nil)
click to toggle source
# File lib/openid/extensions/pape.rb, line 90 def initialize(auth_policies=[], auth_time=nil, nist_auth_level=nil) @ns_alias = 'pape' @ns_uri = NS_URI @auth_policies = auth_policies @auth_time = auth_time @nist_auth_level = nist_auth_level end
Public Instance Methods
add_policy_uri(policy_uri)
click to toggle source
Add a policy URI to the response see openid.net/specs/openid-provider-authentication-policy-extension-1_0-01.html#auth_policies
# File lib/openid/extensions/pape.rb, line 100 def add_policy_uri(policy_uri) @auth_policies << policy_uri unless @auth_policies.member?(policy_uri) end
get_extension_args()
click to toggle source
# File lib/openid/extensions/pape.rb, line 153 def get_extension_args ns_args = {} if @auth_policies.empty? ns_args['auth_policies'] = 'none' else ns_args['auth_policies'] = @auth_policies.join(' ') end if @nist_auth_level unless (0..4).member? @nist_auth_level raise ArgumentError, "nist_auth_level must be an integer 0 through 4, not #{@nist_auth_level.inspect}" end ns_args['nist_auth_level'] = @nist_auth_level.to_s end if @auth_time unless @auth_time =~ TIME_VALIDATOR raise ArgumentError, "auth_time must be in RFC3339 format" end ns_args['auth_time'] = @auth_time end return ns_args end
parse_extension_args(args, strict=false)
click to toggle source
parse the provider authentication policy arguments into the internal state of this object if strict is specified, raise an exception when bad data is encountered
# File lib/openid/extensions/pape.rb, line 117 def parse_extension_args(args, strict=false) policies_str = args['auth_policies'] if policies_str and policies_str != 'none' @auth_policies = policies_str.split(' ') end nist_level_str = args['nist_auth_level'] if nist_level_str # special handling of zero to handle to_i behavior if nist_level_str.strip == '0' nist_level = 0 else nist_level = nist_level_str.to_i # if it's zero here we have a bad value if nist_level == 0 nist_level = nil end end if nist_level and nist_level >= 0 and nist_level < 5 @nist_auth_level = nist_level elsif strict raise ArgumentError, "nist_auth_level must be an integer 0 through 4, not #{nist_level_str.inspect}" end end auth_time_str = args['auth_time'] if auth_time_str # validate time string if auth_time_str =~ TIME_VALIDATOR @auth_time = auth_time_str elsif strict raise ArgumentError, "auth_time must be in RFC3339 format" end end end