|
10 | 10 | module RubySaml |
11 | 11 | # SAML2 Message |
12 | 12 | class SamlMessage |
13 | | - BASE64_FORMAT = %r{\A([A-Za-z0-9+/]{4})*([A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)?\Z} |
14 | 13 |
|
15 | 14 | # @return [Nokogiri::XML::Schema] Gets the schema object of the SAML 2.0 Protocol schema |
16 | 15 | # |
@@ -75,91 +74,6 @@ def valid_saml?(document, soft = true, check_malformed_doc: true) |
75 | 74 |
|
76 | 75 | private |
77 | 76 |
|
78 | | - # Base64 decode and try also to inflate a SAML Message |
79 | | - # @param saml [String] The deflated and encoded SAML Message |
80 | | - # @param settings [RubySaml::Settings|nil] Toolkit settings |
81 | | - # @return [String] The plain SAML Message |
82 | | - # |
83 | | - def decode_raw_saml(saml, settings = nil) |
84 | | - return saml unless base64_encoded?(saml) |
85 | | - |
86 | | - settings ||= RubySaml::Settings.new |
87 | | - if saml.bytesize > settings.message_max_bytesize |
88 | | - raise ValidationError.new("Encoded SAML Message exceeds #{settings.message_max_bytesize} bytes, so was rejected") |
89 | | - end |
90 | | - |
91 | | - decoded = decode(saml) |
92 | | - message = begin |
93 | | - inflate(decoded) |
94 | | - rescue StandardError |
95 | | - decoded |
96 | | - end |
97 | | - |
98 | | - if message.bytesize > settings.message_max_bytesize |
99 | | - raise ValidationError.new("SAML Message exceeds #{settings.message_max_bytesize} bytes, so was rejected") |
100 | | - end |
101 | | - |
102 | | - message |
103 | | - end |
104 | | - |
105 | | - # Deflate, base64 encode and url-encode a SAML Message (To be used in the HTTP-redirect binding) |
106 | | - # @param saml [String] The plain SAML Message |
107 | | - # @param settings_or_compress [true|false|RubySaml::Settings|nil] Whether or not the SAML should be deflated. |
108 | | - # The usage of RubySaml::Settings here is deprecated. |
109 | | - # @return [String] The deflated and encoded SAML Message (encoded if the compression is requested) |
110 | | - def encode_raw_saml(saml, settings_or_compress = false) |
111 | | - if settings_or_compress.is_a?(TrueClass) |
112 | | - saml = deflate(saml) |
113 | | - elsif settings_or_compress.respond_to?(:compress_request) |
114 | | - Logging.deprecate('Please change the second argument of `encode_raw_saml_message` to a boolean ' \ |
115 | | - 'indicating whether or not to use compression. Using a boolean will be required ' \ |
116 | | - 'in RubySaml 2.1.0.') |
117 | | - saml = deflate(saml) if settings_or_compress.compress_request |
118 | | - end |
119 | | - |
120 | | - CGI.escape(encode(saml)) |
121 | | - end |
122 | | - |
123 | | - # Base 64 decode method |
124 | | - # @param string [String] The string message |
125 | | - # @return [String] The decoded string |
126 | | - # |
127 | | - def decode(string) |
128 | | - Base64.decode64(string) |
129 | | - end |
130 | | - |
131 | | - # Base 64 encode method |
132 | | - # @param string [String] The string |
133 | | - # @return [String] The encoded string |
134 | | - # |
135 | | - def encode(string) |
136 | | - Base64.strict_encode64(string) |
137 | | - end |
138 | | - |
139 | | - # Check if a string is base64 encoded |
140 | | - # @param string [String] string to check the encoding of |
141 | | - # @return [true, false] whether or not the string is base64 encoded |
142 | | - # |
143 | | - def base64_encoded?(string) |
144 | | - !!string.gsub(/[\r\n]|\\r|\\n|\s/, "").match(BASE64_FORMAT) |
145 | | - end |
146 | | - |
147 | | - # Inflate method |
148 | | - # @param deflated [String] The string |
149 | | - # @return [String] The inflated string |
150 | | - # |
151 | | - def inflate(deflated) |
152 | | - Zlib::Inflate.new(-Zlib::MAX_WBITS).inflate(deflated) |
153 | | - end |
154 | | - |
155 | | - # Deflate method |
156 | | - # @param inflated [String] The string |
157 | | - # @return [String] The deflated string |
158 | | - # |
159 | | - def deflate(inflated) |
160 | | - Zlib::Deflate.deflate(inflated, Zlib::BEST_COMPRESSION)[2..-5] |
161 | | - end |
162 | | - |
163 | 77 | def check_malformed_doc?(settings) |
164 | 78 | default_value = RubySaml::Settings::DEFAULTS[:check_malformed_doc] |
165 | 79 |
|
|
0 commit comments