Class: Devise::Strategies::SamlAuthenticatable

Inherits:

Authenticatable

• Object
• Authenticatable
• Devise::Strategies::SamlAuthenticatable

Includes:

DeviseSamlAuthenticatable::SamlConfig

Defined in:

lib/devise_saml_authenticatable/strategy.rb

Instance Method Summary

• #authenticate! ⇒ Object
• #store? ⇒ Boolean

  This method should turn off storage whenever CSRF cannot be verified.

• #valid? ⇒ Boolean

Methods included from DeviseSamlAuthenticatable::SamlConfig

#saml_config

Instance Method Details

#authenticate! ⇒ Object

# File 'lib/devise_saml_authenticatable/strategy.rb', line 18

def authenticate!
  parse_saml_response
  retrieve_resource unless self.halted?
  unless self.halted?
    if Devise.saml_session_index_key
      request.session[Devise.saml_session_index_key] = @response.sessionindex
    end
    success!(@resource)
  end
end

#store? ⇒ Boolean

This method should turn off storage whenever CSRF cannot be verified. Any known way on how to let the IdP send the CSRF token along with the SAMLResponse ? Please let me know!

Returns:

• (Boolean)

# File 'lib/devise_saml_authenticatable/strategy.rb', line 32

def store?
  !mapping.to.skip_session_storage.include?(:saml_auth)
end

#valid? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/devise_saml_authenticatable/strategy.rb', line 7

def valid?
  if params[:SAMLResponse]
    OneLogin::RubySaml::Response.new(
      params[:SAMLResponse],
      response_options,
    )
  else
    false
  end
end