Add multi-tenancy support for SAML

config/initializers/devise.rb

@@ -294,7 +294,7 @@ Devise.setup do |config|
     saml_settings[:sp_entity_id] = Rails.application.secrets.saml_sp_entity_id
     saml_settings[:allowed_clock_drift] = 1.minute
   end
-  config.omniauth :saml, saml_settings
+  config.omniauth :saml, saml_settings.merge(setup: ->(env) { OmniauthTenantSetup.saml(env) })
 
   # ==> Warden configuration
   # If you want to use other strategies, that are not supported by Devise, or

config/secrets.yml.example

@@ -81,7 +81,7 @@ staging:
     #   secret_key: my_secret_value
     #
     # Currently you can overwrite SMTP, SMS, manager, microsoft API,
-    # HTTP basic, twitter, facebook, google, wordpress and security settings.
+    # HTTP basic, twitter, facebook, google, wordpress, SAML and security settings.
   twitter_key: ""
   twitter_secret: ""
   facebook_key: ""
@@ -140,7 +140,7 @@ preproduction:
     #   secret_key: my_secret_value
     #
     # Currently you can overwrite SMTP, SMS, manager, microsoft API,
-    # HTTP basic, twitter, facebook, google, wordpress and security settings.
+    # HTTP basic, twitter, facebook, google, wordpress, SAML and security settings.
   twitter_key: ""
   twitter_secret: ""
   facebook_key: ""
@@ -198,7 +198,7 @@ production:
     #   secret_key: my_secret_value
     #
     # Currently you can overwrite SMTP, SMS, manager, microsoft API,
-    # HTTP basic, twitter, facebook, google, wordpress and security settings.
+    # HTTP basic, twitter, facebook, google, wordpress, SAML and security settings.
   twitter_key: ""
   twitter_secret: ""
   facebook_key: ""