consul/grecia
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Use IDPMetadataParse to set up the Idp SAML settings

Browse Source 
Co-authored-by: Anamika Aggarwal <anamikaagg18@gmail.com>
This commit is contained in:
Senén Rodero Rodríguez
2022-06-29 11:36:11 +02:00
committed by Javi Martín
parent 6190d808ba
commit 5cb5f19e4f
2 changed files with 9 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
config/initializers/devise.rb
View File

@@ -286,11 +286,12 @@ Devise.setup do |config|
Rails.application.secrets.wordpress_oauth2_secret, Rails.application.secrets.wordpress_oauth2_secret,
client_options: { site: Rails.application.secrets.wordpress_oauth2_site }, client_options: { site: Rails.application.secrets.wordpress_oauth2_site },
setup: ->(env) { OmniauthTenantSetup.wordpress_oauth2(env) } setup: ->(env) { OmniauthTenantSetup.wordpress_oauth2(env) }
config.omniauth :saml, idp_metadata_parser = OneLogin::RubySaml::IdpMetadataParser.new
sp_entity_id: Rails.application.secrets.saml_sp_entity_id, saml_settings = idp_metadata_parser.parse_remote_to_hash(Rails.application.secrets.saml_idp_metadata_url)
idp_cert: Rails.application.secrets.saml_idp_cert, saml_settings[:idp_sso_service_url] = Rails.application.secrets.saml_idp_sso_service_url
idp_sso_service_url: Rails.application.secrets.saml_idp_sso_service_url, saml_settings[:sp_entity_id] = Rails.application.secrets.saml_sp_entity_id
allowed_clock_drift: 1.minute saml_settings[:allowed_clock_drift] = 1.minute
config.omniauth :saml, saml_settings
# ==> Warden configuration # ==> Warden configuration
# If you want to use other strategies, that are not supported by Devise, or # If you want to use other strategies, that are not supported by Devise, or

6
config/secrets.yml.example
View File

@@ -92,7 +92,7 @@ staging:
wordpress_oauth2_secret: "" wordpress_oauth2_secret: ""
wordpress_oauth2_site: "" wordpress_oauth2_site: ""
saml_sp_entity_id: "" saml_sp_entity_id: ""
saml_idp_cert: "" saml_idp_metadata_url: ""
saml_idp_sso_service_url: "" saml_idp_sso_service_url: ""
<<: *maps <<: *maps
<<: *apis <<: *apis
@@ -151,7 +151,7 @@ preproduction:
wordpress_oauth2_secret: "" wordpress_oauth2_secret: ""
wordpress_oauth2_site: "" wordpress_oauth2_site: ""
saml_sp_entity_id: "" saml_sp_entity_id: ""
saml_idp_cert: "" saml_idp_metadata_url: ""
saml_idp_sso_service_url: "" saml_idp_sso_service_url: ""
<<: *maps <<: *maps
<<: *apis <<: *apis
@@ -209,7 +209,7 @@ production:
wordpress_oauth2_secret: "" wordpress_oauth2_secret: ""
wordpress_oauth2_site: "" wordpress_oauth2_site: ""
saml_sp_entity_id: "" saml_sp_entity_id: ""
saml_idp_cert: "" saml_idp_metadata_url: ""
saml_idp_sso_service_url: "" saml_idp_sso_service_url: ""
<<: *maps <<: *maps
<<: *apis <<: *apis