From fcbace069e51fdb1befb3c6844d63f196dc068b1 Mon Sep 17 00:00:00 2001 From: taitus Date: Wed, 12 Apr 2023 12:47:25 +0200 Subject: [PATCH] Only load saml settings when we have related secrets Without this change the IdpMetaParser would give an error in the Devise initializer when starting the application. I found it annoying to have to connect to the VPN so I decided to add this condition. Reviewer, feel free to consider this commit unnecessary and ask to revert it. --- config/initializers/devise.rb | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb index 0a3fd7762..40b0cbba0 100644 --- a/config/initializers/devise.rb +++ b/config/initializers/devise.rb @@ -286,11 +286,14 @@ Devise.setup do |config| Rails.application.secrets.wordpress_oauth2_secret, client_options: { site: Rails.application.secrets.wordpress_oauth2_site }, setup: ->(env) { OmniauthTenantSetup.wordpress_oauth2(env) } - idp_metadata_parser = OneLogin::RubySaml::IdpMetadataParser.new - saml_settings = idp_metadata_parser.parse_remote_to_hash(Rails.application.secrets.saml_idp_metadata_url) - saml_settings[:idp_sso_service_url] = Rails.application.secrets.saml_idp_sso_service_url - saml_settings[:sp_entity_id] = Rails.application.secrets.saml_sp_entity_id - saml_settings[:allowed_clock_drift] = 1.minute + saml_settings = {} + if Rails.application.secrets.saml_idp_metadata_url.present? + idp_metadata_parser = OneLogin::RubySaml::IdpMetadataParser.new + saml_settings = idp_metadata_parser.parse_remote_to_hash(Rails.application.secrets.saml_idp_metadata_url) + saml_settings[:idp_sso_service_url] = Rails.application.secrets.saml_idp_sso_service_url + saml_settings[:sp_entity_id] = Rails.application.secrets.saml_sp_entity_id + saml_settings[:allowed_clock_drift] = 1.minute + end config.omniauth :saml, saml_settings # ==> Warden configuration