Class: Devise::Strategies::SamlAuthenticatable

Inherits:

Authenticatable

• Object
• Authenticatable
• Devise::Strategies::SamlAuthenticatable

Includes:

DeviseSamlAuthenticatable::SamlConfig

Defined in:

lib/devise_saml_authenticatable/strategy.rb

Instance Method Summary

• #authenticate! ⇒ Object
• #store? ⇒ Boolean

  This method should turn off storage whenever CSRF cannot be verified.

• #valid? ⇒ Boolean

Methods included from DeviseSamlAuthenticatable::SamlConfig

#get_saml_config

Instance Method Details

#authenticate! ⇒ Object

# File 'lib/devise_saml_authenticatable/strategy.rb', line 15

def authenticate!
  @response = OneLogin::RubySaml::Response.new(params[:SAMLResponse])
  @response.settings = get_saml_config
  resource = mapping.to.authenticate_with_saml(@response)
  if @response.is_valid?
    resource.after_saml_authentication(@response.sessionindex)
    success!(resource)
  else
    fail!(:invalid)
  end
end

#store? ⇒ Boolean

This method should turn off storage whenever CSRF cannot be verified. Any known way on how to let the IdP send the CSRF token along with the SAMLResponse ? Please let me know!

Returns:

• (Boolean)

# File 'lib/devise_saml_authenticatable/strategy.rb', line 30

def store?
  true
end

#valid? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/devise_saml_authenticatable/strategy.rb', line 6

def valid?
  if params[:SAMLResponse]
    response = OneLogin::RubySaml::Logoutresponse.new(params[:SAMLResponse], get_saml_config)
    !(response.response.include? 'LogoutResponse')
  else
    false
  end
end