Method: XMLSecurity::SignedDocument#validate

Defined in:: lib/xml_security.rb

#validate(idp_cert_fingerprint, soft = true) ⇒ `Object`

# File 'lib/xml_security.rb', line 47

def validate(idp_cert_fingerprint, soft = true)
  # get cert from response
  cert_element = REXML::XPath.first(self, "//ds:X509Certificate", { "ds"=>DSIG })
  base64_cert  = cert_element.text
  cert_text    = Base64.decode64(base64_cert)
  cert         = OpenSSL::X509::Certificate.new(cert_text)

  # check cert matches registered idp cert
  fingerprint = Digest::SHA1.hexdigest(cert.to_der)

  if fingerprint != idp_cert_fingerprint.gsub(/[^a-zA-Z0-9]/,"").downcase
    return soft ? false : (raise FederazioneTrentina::Saml::ValidationError.new("Fingerprint mismatch"))
  end

  validate_doc(base64_cert, soft)
end

Method: XMLSecurity::SignedDocument#validate

#validate(idp_cert_fingerprint, soft = true) ⇒ Object

#validate(idp_cert_fingerprint, soft = true) ⇒ `Object`