Refactor to use SignedDocumentInfo. Remove REXML entirely in favor of Nokogiri.

Author: johnnyshields

lib/ruby_saml/idp_metadata_parser.rb

@@ -161,7 +161,7 @@ def parse_to_array(idp_metadata, options = {})
     end
 
     def parse_to_idp_metadata_array(idp_metadata, options = {})
-      @document = Nokogiri::XML(idp_metadata)
+      @document = Nokogiri::XML(idp_metadata) # TODO: RubySaml::XML.safe_load_nokogiri
       @options = options
 
       idpsso_descriptors = self.class.get_idps(@document, options[:entity_id])
@@ -348,14 +348,14 @@ def certificates
           unless signing_nodes.empty?
             certs['signing'] = []
             signing_nodes.each do |cert_node|
-              certs['signing'] << cert_node.content
+              certs['signing'] << cert_node.text
             end
           end
 
           unless encryption_nodes.empty?
             certs['encryption'] = []
             encryption_nodes.each do |cert_node|
-              certs['encryption'] << cert_node.content
+              certs['encryption'] << cert_node.text
             end
           end
           certs

lib/ruby_saml/logoutresponse.rb

@@ -41,7 +41,7 @@ def initialize(response, settings = nil, options = {})
 
       @options = options
       @response = RubySaml::XML::Decoder.decode_message(response, @settings&.message_max_bytesize)
-      @document = RubySaml::XML::SignedDocument.new(@response)
+      @document = RubySaml::XML.safe_load_nokogiri(@response)
       super()
     end
 
@@ -60,47 +60,35 @@ def success?
     # @return [String|nil] Gets the InResponseTo attribute from the Logout Response if exists.
     #
     def in_response_to
-      @in_response_to ||= begin
-        node = REXML::XPath.first(
-          document,
-          "/p:LogoutResponse",
-          { "p" => RubySaml::XML::NS_PROTOCOL }
-        )
-        node.nil? ? nil : node.attributes['InResponseTo']
-      end
+      @in_response_to ||= document.at_xpath(
+        "/p:LogoutResponse",
+        { "p" => RubySaml::XML::NS_PROTOCOL }
+      )&.[]('InResponseTo')
     end
 
     # @return [String] Gets the Issuer from the Logout Response.
     #
     def issuer
-      @issuer ||= begin
-        node = REXML::XPath.first(
-          document,
-          "/p:LogoutResponse/a:Issuer",
-          { "p" => RubySaml::XML::NS_PROTOCOL, "a" => RubySaml::XML::NS_ASSERTION }
-        )
-        Utils.element_text(node)
-      end
+      @issuer ||= document.at_xpath(
+        "/p:LogoutResponse/a:Issuer",
+        { "p" => RubySaml::XML::NS_PROTOCOL, "a" => RubySaml::XML::NS_ASSERTION }
+      )&.text
     end
 
     # @return [String] Gets the StatusCode from a Logout Response.
     #
     def status_code
-      @status_code ||= begin
-        node = REXML::XPath.first(document, "/p:LogoutResponse/p:Status/p:StatusCode", { "p" => RubySaml::XML::NS_PROTOCOL })
-        node.nil? ? nil : node.attributes["Value"]
-      end
+      @status_code ||= document.at_xpath(
+        "/p:LogoutResponse/p:Status/p:StatusCode",
+        { "p" => RubySaml::XML::NS_PROTOCOL }
+      )&.[]('Value')
     end
 
     def status_message
-      @status_message ||= begin
-        node = REXML::XPath.first(
-          document,
-          "/p:LogoutResponse/p:Status/p:StatusMessage",
-          { "p" => RubySaml::XML::NS_PROTOCOL }
-        )
-        Utils.element_text(node)
-      end
+      @status_message ||= document.at_xpath(
+        "/p:LogoutResponse/p:Status/p:StatusMessage",
+        { "p" => RubySaml::XML::NS_PROTOCOL }
+      )&.text
     end
 
     # Aux function to validate the Logout Response

lib/ruby_saml/memoizable.rb

@@ -0,0 +1,66 @@
+# frozen_string_literal: true
+
+module RubySaml
+  # Mixin for memoizing methods
+  module Memoizable
+    # Creates a memoized method
+    #
+    # @param method_name [Symbol] the name of the method to memoize
+    # @param original_method [Symbol, nil] the original method to memoize (defaults to method_name)
+    def self.included(base)
+      base.extend(ClassMethods)
+    end
+
+    private
+
+    # Memoizes the result of a block using the given name as the cache key
+    #
+    # @param cache_key [Symbol, String] the name to use as the cache key
+    # @yield the block whose result will be cached
+    # @return [Object] the cached result or the result of the block
+    def memoize(cache_key)
+      cache_key = "@#{cache_key.to_s.delete_prefix('@')}"
+      return instance_variable_get(cache_key) if instance_variable_defined?(cache_key)
+
+      instance_variable_set(cache_key, yield)
+    end
+
+    # Class methods for memoization
+    module ClassMethods
+      # Defines multiple memoized methods
+      #
+      # @param method_names [Array<Symbol>] the names of the methods to memoize
+      # @raise [ArgumentError] if any method has an arity greater than 0
+      def memoize_method(*method_names)
+        method_names.each do |method_name|
+          method_obj = instance_method(method_name)
+
+          # Check method arity
+          if method_obj.arity > 0 # rubocop:disable Style/IfUnlessModifier
+            raise ArgumentError.new("Cannot memoize method '#{method_name}' with arity > 0")
+          end
+
+          # Store the original method
+          original_method_name = "#{method_name}_without_memoization"
+          alias_method original_method_name, method_name
+          private original_method_name
+
+          # Define the memoized version
+          define_method(method_name) do |&block|
+            cache_key = "@memoized_#{method_name}"
+            memoize(cache_key) do
+              send(original_method_name, &block)
+            end
+          end
+
+          # Preserve method visibility
+          if private_method_defined?(original_method_name)
+            private method_name
+          elsif protected_method_defined?(original_method_name)
+            protected method_name
+          end
+        end
+      end
+    end
+  end
+end