Class: IntegrationPal::SamlController

Inherits:
ApplicationController show all
Defined in:
app/controllers/integration_pal/saml_controller.rb

Defined Under Namespace

Classes: ERBContext

Class Method Summary collapse

Instance Method Summary collapse

Methods inherited from ApplicationController

#authenticate!, #logged_in?

Class Method Details

.idp_metadataObject 



24
25
26
 
# File 'app/controllers/integration_pal/saml_controller.rb', line 24

def idp_metadata
  @idp_metadata ||= parse_meta_file(IntegrationPal.saml_idp_metadata)
end

.parse_meta_file(filename) ⇒ Object 



5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
 
# File 'app/controllers/integration_pal/saml_controller.rb', line 5

def parse_meta_file(filename)
  possible_names = ['.erb', ''].map { |ext| filename+ext }
  possible_paths = []

  ['config/saml', 'config'].each do |prefix|
    possible_names.each do |filename|
      possible_paths << Rails.root.join(prefix, filename)
    end
  end

  meta_path = possible_paths.find &:exist?

  meta_file = File.read(meta_path)
  if meta_path.extname == '.erb'
    meta_file = ERB.new(meta_file).result(ERBContext.new.get_binding)
  end
  SAML2::Entity.parse(meta_file)
end

.sp_metadataObject 



28
29
30
 
# File 'app/controllers/integration_pal/saml_controller.rb', line 28

def sp_metadata
  @sp_metadata ||= parse_meta_file(IntegrationPal.saml_sp_metadata)
end

Instance Method Details

#createObject 



60
61
62
63
64
65
66
67
68
69
70
71
72
 
# File 'app/controllers/integration_pal/saml_controller.rb', line 60

def create
  response, _relay_state = SAML2::Bindings::HTTP_POST.decode(request.request_parameters)
  unless self.class.sp_metadata.valid_response?(response, self.class.idp_metadata)
    logger.error("Failed to validate SAML response: #{response.errors}")
    raise ActionController::RoutingError.new('Not Found')
  end

  reset_session
  session[:saml_username] = response.assertions.first.subject.name_id.id
  logger.info("Logged in using SAML2 as #{session[:saml_username]}")

  redirect_to root_url
end

#logoutObject 



74
75
76
 
# File 'app/controllers/integration_pal/saml_controller.rb', line 74

def logout
  reset_session
end

#metadataObject 



78
79
80
 
# File 'app/controllers/integration_pal/saml_controller.rb', line 78

def metadata
  render xml: self.class.sp_metadata.to_xml
end

#newObject 



55
56
57
58
 
# File 'app/controllers/integration_pal/saml_controller.rb', line 55

def new
  authn_request = self.class.sp_metadata.initiate_authn_request(self.class.idp_metadata)
  redirect_to SAML2::Bindings::HTTPRedirect.encode(authn_request)
end