Merge pull request #175 from phlipper/thread-safety

Lordnibbler · Lordnibbler · commit c8deef880b76 · 2015-02-10T16:54:57.000-08:00
Introduce thread safety to SAML schema validation
diff --git a/lib/onelogin/ruby-saml/response.rb b/lib/onelogin/ruby-saml/response.rb
@@ -151,19 +151,18 @@ def validate_success_status(soft = true)
       end
 
       def validate_structure(soft = true)
-        Dir.chdir(File.expand_path(File.join(File.dirname(__FILE__), '..', '..', 'schemas'))) do
-          @schema = Nokogiri::XML::Schema(IO.read('saml-schema-protocol-2.0.xsd'))
-          @xml = Nokogiri::XML(self.document.to_s)
-        end
-        if soft
-          @schema.validate(@xml).map{
-            @errors << "Schema validation failed";
-            return false
-          }
-        else
-          @schema.validate(@xml).map{ |error| @errors << "#{error.message}\n\n#{@xml.to_s}";
-            validation_error("#{error.message}\n\n#{@xml.to_s}")
-          }
+        xml = Nokogiri::XML(self.document.to_s)
+
+        SamlMessage.schema.validate(xml).map do |error|
+          if soft
+            @errors << "Schema validation failed"
+            break false
+          else
+            error_message = [error.message, xml.to_s].join("\n\n")
+
+            @errors << error_message
+            validation_error(error_message)
+          end
         end
       end
 
diff --git a/lib/onelogin/ruby-saml/saml_message.rb b/lib/onelogin/ruby-saml/saml_message.rb
@@ -1,8 +1,10 @@
 require 'cgi'
 require 'zlib'
 require 'base64'
+require "nokogiri"
 require "rexml/document"
 require "rexml/xpath"
+require "thread"
 
 module OneLogin
   module RubySaml
@@ -12,15 +14,20 @@ class SamlMessage
       ASSERTION = "urn:oasis:names:tc:SAML:2.0:assertion"
       PROTOCOL  = "urn:oasis:names:tc:SAML:2.0:protocol"
 
-      def valid_saml?(document, soft = true)
-        Dir.chdir(File.expand_path(File.join(File.dirname(__FILE__), '..', '..', 'schemas'))) do
-          @schema = Nokogiri::XML::Schema(IO.read('saml-schema-protocol-2.0.xsd'))
-          @xml = Nokogiri::XML(document.to_s)
+      def self.schema
+        @schema ||= Mutex.new.synchronize do
+          Dir.chdir(File.expand_path("../../../schemas", __FILE__)) do
+            ::Nokogiri::XML::Schema(File.read("saml-schema-protocol-2.0.xsd"))
+          end
         end
-        if soft
-          @schema.validate(@xml).map{ return false }
-        else
-          @schema.validate(@xml).map{ |error| validation_error("#{error.message}\n\n#{@xml.to_s}") }
+      end
+
+      def valid_saml?(document, soft = true)
+        xml = Nokogiri::XML(document.to_s)
+
+        SamlMessage.schema.validate(xml).map do |error|
+          break false if soft
+          validation_error("#{error.message}\n\n#{xml.to_s}")
         end
       end
 
