Class: SamlCamel::Transaction

Inherits:

Object

• Object
• SamlCamel::Transaction

Defined in:

app/models/saml_camel/transaction.rb

Constant Summary

SP_SETTINGS =

JSON.parse(File.read("saml/#{Rails.env}/settings.json"))

Class Method Summary

• .map_attributes(attrs) ⇒ Object
• .saml_settings ⇒ Object

Class Method Details

.map_attributes(attrs) ⇒ Object

# File 'app/models/saml_camel/transaction.rb', line 39

def self.map_attributes(attrs)
  attr_map = SP_SETTINGS["attribute_map"]
  mapped_attributes = {}

  attrs.each do |attr,value|
    mapped_name = attr_map[attr]
    if mapped_name.nil? #handles attributes not in map
      mapped_attributes[attr] = value
    else
      mapped_attributes[mapped_name] = value
    end
  end
  mapped_attributes
end

.saml_settings ⇒ Object

# File 'app/models/saml_camel/transaction.rb', line 5

def self.saml_settings
  sp_settings = SP_SETTINGS["settings"]
  settings = OneLogin::RubySaml::Settings.new
  settings.assertion_consumer_service_url = sp_settings["acs"]


  settings.issuer                         = sp_settings["entity_id"]
  settings.idp_sso_target_url             = sp_settings["sso_url"]


  # certificate to register with IDP and key to decrypt
  settings.certificate = File.read("saml/#{Rails.env}/saml_certificate.crt")

  # certificate to decrypt SAML response
  settings.private_key = File.read("saml/#{Rails.env}/saml_key.key")

  # certificate to verify IDP signature
  settings.idp_cert = File.read("saml/#{Rails.env}/idp_certificate.crt")


  #TODO test by modding relying party duke-coi-smart example
  settings.security[:digest_method]    = XMLSecurity::Document::SHA256
  settings.security[:signature_method] = XMLSecurity::Document::RSA_SHA256

  # Optional for most SAML IdPs
  settings.authn_context = "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport"
  settings.attribute_consuming_service.configure do
    service_name "Service"
    service_index 5
    add_attribute :redirect_path => "root_path"
  end
  settings
end