Class: IntegrationPal::SamlController

Inherits:

ApplicationController

• Object
• ActionController::Base
• ApplicationController
• IntegrationPal::SamlController

Defined in:

app/controllers/integration_pal/saml_controller.rb

Defined Under Namespace

Classes: ERBContext

Class Method Summary

• .idp_metadata ⇒ Object
• .parse_meta_file(filename) ⇒ Object
• .sp_metadata ⇒ Object

Instance Method Summary

• #create ⇒ Object
• #metadata ⇒ Object
• #new ⇒ Object
• #skip_authentication? ⇒ Boolean

Methods inherited from ApplicationController

#require_user

Class Method Details

.idp_metadata ⇒ Object

# File 'app/controllers/integration_pal/saml_controller.rb', line 23

def idp_metadata
  @idp_metadata ||= parse_meta_file(IntegrationPal.saml_idp_metadata)
end

.parse_meta_file(filename) ⇒ Object

# File 'app/controllers/integration_pal/saml_controller.rb', line 4

def parse_meta_file(filename)
  possible_names = ['.erb', ''].map { |ext| filename+ext }
  possible_paths = []

  ['config/saml', 'config'].each do |prefix|
    possible_names.each do |filename|
      possible_paths << Rails.root.join(prefix, filename)
    end
  end

  meta_path = possible_paths.find &:exist?

  meta_file = File.read(meta_path)
  if meta_path.extname == '.erb'
    meta_file = ERB.new(meta_file).result(ERBContext.new.get_binding)
  end
  SAML2::Entity.parse(meta_file)
end

.sp_metadata ⇒ Object

# File 'app/controllers/integration_pal/saml_controller.rb', line 27

def sp_metadata
  @sp_metadata ||= parse_meta_file(IntegrationPal.saml_sp_metadata)
end

Instance Method Details

#create ⇒ Object

# File 'app/controllers/integration_pal/saml_controller.rb', line 51

def create
  response, _relay_state = SAML2::Bindings::HTTP_POST.decode(request.request_parameters)
  unless self.class.sp_metadata.valid_response?(response, self.class.idp_metadata)
    logger.error("Failed to validate SAML response: #{response.errors}")
    raise ActionController::RoutingError.new('Not Found')
  end

  reset_session
  session[:saml_username] = response.assertions.first.subject.name_id.id
  logger.info("Logged in using SAML2 as #{session[:saml_username]}")

  redirect_to root_url
end

#metadata ⇒ Object

# File 'app/controllers/integration_pal/saml_controller.rb', line 65

def metadata
  render xml: self.class.sp_metadata.to_xml
end

#new ⇒ Object

# File 'app/controllers/integration_pal/saml_controller.rb', line 46

def new
  authn_request = self.class.sp_metadata.initiate_authn_request(self.class.idp_metadata)
  redirect_to SAML2::Bindings::HTTPRedirect.encode(authn_request)
end

#skip_authentication? ⇒ Boolean

Returns:

• (Boolean)

# File 'app/controllers/integration_pal/saml_controller.rb', line 42

def skip_authentication?
  true
end