sp-rails-saml 1.0.0 → 1.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 47dc360ca65fe21ed77f78d87118ce668aecbed7485c34d6067a009e1d262a48
4
- data.tar.gz: 62504e95ea6daada42ade266a216f5063a141d5ee65f6507fdadac63fa9c6ff2
3
+ metadata.gz: 374e185b6d4b9e22ecef4416b1a055aa654909183f30200f9f279975a092931f
4
+ data.tar.gz: c51814db83d99ed6df955fb96f3fb1ea8e028648670ef9ad98887c8ed07c900c
5
5
  SHA512:
6
- metadata.gz: '091893c3419f9dc935bb4554f2979d68233335e27cb093cf135e3d37a8ae33dd961f27d8c31d9e5e1f088a38a811d0dc71a1c75fe64b5749d4380968c9b7acbe'
7
- data.tar.gz: b862ab4596e83e61267db0245c3b18abb306c1c831f89a804822ade015f8485f5c8a2d381e7487c246189a9893410836548ba75d7976d33a90f56344b8a2ad06
6
+ metadata.gz: 1627970cfb7b3627f29ac4b1939093bad85a1bd46169416066d054fec078f82dafdb75763dfdb48d8bfc2b132cd4a3757d5e01f75be48b3dfae1b3bb26092679
7
+ data.tar.gz: 6ef81eece0dbf54117a22838f132007610a4d3a7f82dd41f76c57db6dd3754921f3d271de1029dfba55308d434a7218fcfeb1655173957c679d88abfbea46113
data/README.md CHANGED
@@ -1,12 +1,24 @@
1
- # SpRailsSaml
1
+ <h1 align="center">
2
+ <br>
3
+ <img width=60% src="https://github.com/metaps/sp-rails-saml/blob/feature/Update_readme/media/logo.png"></p>
4
+ </h1>
2
5
 
3
- Welcome to your new gem! In this directory, you'll find the files you need to be able to package up your Ruby library into a gem. Put your Ruby code in the file `lib/sp-rails-saml`. To experiment with that code, run `bin/console` for an interactive prompt.
6
+ <p align="center">
7
+ <br>
8
+ <img alt="Gem version" src="https://img.shields.io/gem/v/sp-rails-saml">
9
+ <img alt="Dependencies" src="https://img.shields.io/badge/dependencies-up%20to%20date-brightgreen.svg">
10
+ <img alt="Contributions welcome" src="https://img.shields.io/badge/contributions-welcome-orange.svg">
11
+ <img alt="License" src="https://img.shields.io/badge/license-MIT-blue.svg">
12
+ </p>
4
13
 
5
- TODO: Delete this and the text above, and describe your gem
14
+ ## :bulb: Introduction
6
15
 
7
- ## Installation
16
+ sp-rails-saml is to be make onelogin ruby-saml easier to use in Ruby on Rails.
8
17
 
9
- Add this line to your application's Gemfile:
18
+ ## :arrow_down: Installation
19
+
20
+ sp-rails-saml works with Rails 6.1 onwards.
21
+ Add the following line to your Gemfile:
10
22
 
11
23
  ```ruby
12
24
  gem 'sp-rails-saml'
@@ -14,32 +26,107 @@ gem 'sp-rails-saml'
14
26
 
15
27
  And then execute:
16
28
 
17
- $ bundle install
29
+ ```
30
+ $ bundle install
31
+ ```
18
32
 
19
33
  Or install it yourself as:
20
34
 
21
- $ gem install sp-rails-saml
35
+ ```
36
+ $ gem install sp-rails-saml
37
+ ```
22
38
 
23
- ## Usage
39
+ ## :wrench: Getting started
24
40
 
25
- TODO: Write usage instructions here
26
41
 
27
- ## Development
42
+ ### 1. Generate saml templates
28
43
 
29
- After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
44
+ You need to run the generator:
30
45
 
31
- To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
46
+ ```
47
+ $ rails g sp_rails_saml:install {reference_table_name}
48
+ ```
32
49
 
33
- ## Contributing
50
+ At this point, you need to write your account table name in `reference_table_name`.
51
+ This will generate the saml templates for controller, view, model, initializer, etc.
34
52
 
35
- Bug reports and pull requests are welcome on GitHub at https://github.com/[USERNAME]/sp-rails-saml. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [code of conduct](https://github.com/[USERNAME]/sp-rails-saml/blob/master/CODE_OF_CONDUCT.md).
53
+ **Controller**
54
+ - [app/controllers/saml/sessions_controller.rb](https://github.com/metaps/sp-rails-saml/blob/develop/lib/generators/sp-rails-saml/templates/controllers/sessions_controller.rb)
55
+ - [app/controllers/saml/ssos_controller.rb](https://github.com/metaps/sp-rails-saml/blob/develop/lib/generators/sp-rails-saml/templates/controllers/sessions_controller.rb)
56
+ - [app/controllers/saml/saml_settings_controller.rb](https://github.com/metaps/sp-rails-saml/blob/develop/lib/generators/sp-rails-saml/templates/controllers/saml_settings_controller.rb)
36
57
 
58
+ **View**
59
+ - [app/views/saml/sessions/new.html.erb](https://github.com/metaps/sp-rails-saml/blob/develop/lib/generators/sp-rails-saml/templates/views/sessions/new.html.erb)
60
+ - [app/views/saml/saml_settings/show.html.erb](https://github.com/metaps/sp-rails-saml/blob/develop/lib/generators/sp-rails-saml/templates/views/saml/show.html.erb)
61
+ - [app/views/saml/saml_settings/edit.html.erb](https://github.com/metaps/sp-rails-saml/blob/develop/lib/generators/sp-rails-saml/templates/views/saml/edit.html.erb)
37
62
 
38
- ## License
63
+ **Model**
64
+ - [app/models/saml_setting.rb](https://github.com/metaps/sp-rails-saml/blob/develop/spec/fixtures/models/saml_setting.rb)
39
65
 
40
- The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).
66
+ **Migration**
67
+ - [db/migrate/create_saml_settings](https://github.com/metaps/sp-rails-saml/blob/develop/lib/generators/sp-rails-saml/templates/migrations/create_saml_settings.rb)
68
+
69
+ ### 2. Add routing
41
70
 
42
- ## Code of Conduct
71
+ To configure routings for above templates, just add the following line to your `config/routes.rb`:
43
72
 
44
- Everyone interacting in the Sp::Rails::Saml project's codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/[USERNAME]/sp-rails-saml/blob/master/CODE_OF_CONDUCT.md).
73
+ ```ruby
74
+ sp_rails_saml_routes
75
+ ```
76
+
77
+ This routing method encompasses the following endpoints:
78
+
79
+ ```
80
+ GET /saml/metadata/:id
81
+ POST /saml/sso/:id
82
+
83
+ GET /saml/sign_in
84
+ POST /saml/sign_in
85
+
86
+ GET /saml/saml_settings
87
+ GET /saml/saml_settings/edit
88
+ PATCH /saml/saml_settings
89
+ ```
90
+
91
+ ### 3. Setting model associations
92
+
93
+ If you associate the reference table and the saml model, you need to add the follwing line to your reference model file:
94
+
95
+ ```ruby
96
+ has_one :saml_setting, dependent: :destroy
97
+ ```
98
+
99
+ ### 4. Migrate
100
+
101
+ You need to run migration command.
102
+
103
+ ```
104
+ $ rails db:migrate
105
+ ```
106
+
107
+ ### 5. Add before action
108
+ You need to add the following line to your `SsosController` and `SessionController`:
109
+
110
+ ```ruby
111
+ skip_before_action :authenticate_user!
112
+ ```
113
+
114
+ ### 6. Add SSO method to ApplicationController
115
+
116
+ You need to add the follwing line to your `ApplicationController`:
117
+
118
+ ```ruby
119
+ def sign_in_with_saml(user)
120
+ sign_in(:user, user)
121
+ redirect_to root_path
122
+ end
123
+ ```
124
+
125
+ ### 7. Edit your saml credentials
126
+
127
+ Once the above process is complete, you can edit your saml credentials in `/saml/saml_settings/edit`.
128
+
129
+ ## :page_facing_up: License
130
+
131
+ The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).
45
132
 
@@ -1,22 +1,25 @@
1
1
  module Saml
2
2
  # Controller to register saml by SP
3
3
  class SamlSettingsBaseController < SamlBaseController
4
- # GET /saml/SpRailsSaml::Settings.account_class.to_s.downcase/:#{SpRailsSaml::Settings.account_class.to_s.downcase}_id/saml_settings
4
+ # GET /saml/account_class/:#{account_class}_#{account_find_key}/saml_settings
5
5
  def show
6
- account = SpRailsSaml::Settings.account_class.find_by(id: params["#{SpRailsSaml::Settings.account_class.to_s.downcase}_id"])
7
- @saml_setting = SamlSetting.find_or_initialize_by("#{SpRailsSaml::Settings.account_class.to_s.downcase}_id" => account.id)
6
+ setting = SpRailsSaml::Settings.instance
7
+ account = setting.account_class.find_by!(setting.account_find_key => params["#{setting.account_class.to_s.downcase}_#{setting.account_find_key}"])
8
+ @saml_setting = account.saml_setting.present? ? account.saml_setting : account.build_smal_setting
8
9
  end
9
10
 
10
- # GET /saml/SpRailsSaml::Settings.account_class.to_s.downcase/:#{SpRailsSaml::Settings.account_class.to_s.downcase}_id/saml_settings/edit
11
+ # GET /saml/account_class/:#{account_class}_#{account_find_key}/saml_settings/edit
11
12
  def edit
12
- account = SpRailsSaml::Settings.account_class.find_by(id: params["#{SpRailsSaml::Settings.account_class.to_s.downcase}_id"])
13
- @saml_setting = SamlSetting.find_or_initialize_by("#{SpRailsSaml::Settings.account_class.to_s.downcase}_id" => account.id)
13
+ setting = SpRailsSaml::Settings.instance
14
+ account = setting.account_class.find_by!(setting.account_find_key => params["#{setting.account_class.to_s.downcase}_#{setting.account_find_key}"])
15
+ @saml_setting = account.saml_setting.present? ? account.saml_setting : account.build_smal_setting
14
16
  end
15
17
 
16
- # PATCH /saml/SpRailsSaml::Settings.account_class.to_s.downcase/:#{SpRailsSaml::Settings.account_class.to_s.downcase}_id/saml_settings
18
+ # PATCH /saml/account_class/:#{account_class}_#{account_find_key}/saml_settings
17
19
  def update
18
- account = SpRailsSaml::Settings.account_class.find_by(id: params["#{SpRailsSaml::Settings.account_class.to_s.downcase}_id"])
19
- @saml_setting = SamlSetting.find_or_initialize_by("#{SpRailsSaml::Settings.account_class.to_s.downcase}_id" => account.id)
20
+ setting = SpRailsSaml::Settings.instance
21
+ account = setting.account_class.find_by!(setting.account_find_key => params["#{setting.account_class.to_s.downcase}_#{setting.account_find_key}"])
22
+ @saml_setting = account.saml_setting.present? ? account.saml_setting : account.build_smal_setting
20
23
 
21
24
  @saml_setting.assign_attributes(saml_setting_params)
22
25
 
@@ -1,17 +1,17 @@
1
1
  module Saml
2
2
  # Controller to register saml by SP
3
3
  class SamlSettingsController < SamlSettingsBaseController
4
- # GET /saml/SpRailsSaml::Settings.account_class.to_s.downcase/:#{SpRailsSaml::Settings.account_class.to_s.downcase}_id/saml_settings
4
+ # GET /saml/account_class/:#{account_class}_#{account_find_key}/saml_settings
5
5
  # def show
6
6
  # super
7
7
  # end
8
8
 
9
- # GET /saml/SpRailsSaml::Settings.account_class.to_s.downcase/:#{SpRailsSaml::Settings.account_class.to_s.downcase}_id/saml_settings/edit
9
+ # GET /saml/account_class/:#{account_class}_#{account_find_key}/saml_settings/edit
10
10
  # def edit
11
11
  # super
12
12
  # end
13
13
 
14
- # PATCH /saml/SpRailsSaml::Settings.account_class.to_s.downcase/:#{SpRailsSaml::Settings.account_class.to_s.downcase}_id/saml_settings
14
+ # PATCH /saml/account_class/:#{account_class}_#{account_find_key}/saml_settings
15
15
  # def update
16
16
  # super
17
17
  # end
@@ -7,8 +7,9 @@ module Saml
7
7
 
8
8
  # POST /saml/sign_in
9
9
  def create
10
- user = SpRailsSaml::Settings.user_class.find_by(email: params[:email])
11
- account = user.send(SpRailsSaml::Settings.account_class.to_s.downcase.to_sym)
10
+ setting = SpRailsSaml::Settings.instance
11
+ user = setting.user_class.find_by!(setting.user_find_key => params[:email])
12
+ account = user.send(setting.account_class.to_s.downcase.to_sym)
12
13
 
13
14
  raise SpRailsSaml::SamlLoginForbidden if account.saml_setting.password_only?
14
15
 
@@ -6,26 +6,27 @@ module Saml
6
6
 
7
7
  # POST /saml/metadata/:id
8
8
  def consume
9
- account = SpRailsSaml::Settings.account_class.find(params[:id])
9
+ setting = SpRailsSaml::Settings.instance
10
+ account = setting.account_class.find_by!(setting.account_find_key => params[setting.account_find_key])
10
11
 
11
12
  raise SpRailsSaml::SamlLoginForbidden if account.saml_setting.password_only?
12
13
 
13
14
  saml_setting = account.saml_setting
14
15
  saml_response = SpRailsSaml::SamlResponse.new(params[:SAMLResponse], saml_setting)
15
16
 
16
- if saml_response.valid?
17
- user = SpRailsSaml::Settings.user_class.find_by(email: saml_response.name_id)
18
- raise LoginUserNotFound if user.blank?
17
+ raise SpRailsSaml::SamlResponseInvalid, saml_response.errors unless saml_response.valid?
19
18
 
20
- sign_in_with_saml(user)
21
- else
22
- redirect_to saml_sign_in_path, alert: 'failed to login'
23
- end
19
+ user = setting.user_class.find_by(setting.saml_response_user_find_key => saml_response.name_id)
20
+
21
+ raise SpRailsSaml::LoginUserNotFound if user.blank?
22
+
23
+ sign_in_with_saml(user)
24
24
  end
25
25
 
26
26
  # GET /saml/metadata/:id
27
27
  def metadata
28
- account = SpRailsSaml::Settings.account_class.find(params[:id])
28
+ setting = SpRailsSaml::Settings.instance
29
+ account = setting.account_class.find_by!(setting.account_find_key => params[setting.account_find_key])
29
30
  metadata = SpRailsSaml::Metadata.new(account: account)
30
31
  render xml: metadata.generate
31
32
  end
@@ -14,12 +14,14 @@ module SpRailsSaml
14
14
 
15
15
  def default_initializer
16
16
  <<~RUBY
17
- SpRailsSaml::Settings.setup do |config|
18
- config.name_identifier_format = 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress'
19
- config.authn_context = 'urn:oasis:names:tc:SAML:2.0:ac:classes:X509'
20
- config.authn_context_comparison = 'exact'
21
- config.user_class = User
22
- config.account_class = Account
17
+ Rails.configuration.to_prepare do
18
+ SpRailsSaml::Settings.setup do |config|
19
+ config.name_identifier_format = 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress'
20
+ config.authn_context = 'urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport'
21
+ config.authn_context_comparison = 'exact'
22
+ config.user_class = User
23
+ config.account_class = Account
24
+ end
23
25
  end
24
26
  RUBY
25
27
  end
@@ -22,12 +22,14 @@ module SpRailsSaml
22
22
 
23
23
  def default_initializer
24
24
  <<~RUBY
25
- SpRailsSaml::Settings.setup do |config|
26
- config.name_identifier_format = 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress'
27
- config.authn_context = 'urn:oasis:names:tc:SAML:2.0:ac:classes:X509'
28
- config.authn_context_comparison = 'exact'
29
- config.user_class = User
30
- config.account_class = Account
25
+ Rails.configuration.to_prepare do
26
+ SpRailsSaml::Settings.setup do |config|
27
+ config.name_identifier_format = 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress'
28
+ config.authn_context = 'urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport'
29
+ config.authn_context_comparison = 'exact'
30
+ config.user_class = User
31
+ config.account_class = Account
32
+ end
31
33
  end
32
34
  RUBY
33
35
  end
@@ -1,18 +1,17 @@
1
1
  module Saml
2
2
  # Controller to register saml by SP
3
- #
4
3
  class SamlSettingsController < SamlSettingsBaseController
5
- # GET /saml/SpRailsSaml::Settings.account_class.to_s.downcase/:#{SpRailsSaml::Settings.account_class.to_s.downcase}_id/saml_settings
4
+ # GET /saml/account_class/:#{account_class}_#{account_find_key}/saml_settings
6
5
  # def show
7
6
  # super
8
7
  # end
9
8
 
10
- # GET /saml/SpRailsSaml::Settings.account_class.to_s.downcase/:#{SpRailsSaml::Settings.account_class.to_s.downcase}_id/saml_settings/edit
9
+ # GET /saml/account_class/:#{account_class}_#{account_find_key}/saml_settings/edit
11
10
  # def edit
12
11
  # super
13
12
  # end
14
13
 
15
- # PATCH /saml/SpRailsSaml::Settings.account_class.to_s.downcase/:#{SpRailsSaml::Settings.account_class.to_s.downcase}_id/saml_settings
14
+ # PATCH /saml/account_class/:#{account_class}_#{account_find_key}/saml_settings
16
15
  # def update
17
16
  # super
18
17
  # end
data/lib/sp-rails-saml.rb CHANGED
@@ -14,10 +14,12 @@ module SpRailsSaml
14
14
 
15
15
  class SettingValidationError < Error; end
16
16
 
17
- class MultiSetupError < Error; end
18
-
19
17
  class SamlLoginForbidden < Error; end
20
18
 
19
+ class LoginUserNotFound < Error; end
20
+
21
+ class SamlResponseInvalid < Error; end
22
+
21
23
  autoload :Authnrequest, File.expand_path('./sp-rails-saml/authnrequest', __dir__)
22
24
  autoload :SamlResponse, File.expand_path('./sp-rails-saml/saml_response', __dir__)
23
25
  autoload :Metadata, File.expand_path('./sp-rails-saml/metadata', __dir__)
@@ -26,8 +26,12 @@ module SpRailsSaml
26
26
 
27
27
  sp_rails_saml_setting = SpRailsSaml::Settings.instance
28
28
 
29
- settings.assertion_consumer_service_url = saml_sso_url(id: @saml_setting.send(sp_rails_saml_setting.account_class.to_s.downcase.to_sym).id)
30
- settings.sp_entity_id = saml_metadata_url(id: @saml_setting.send(sp_rails_saml_setting.account_class.to_s.downcase.to_sym).id)
29
+ settings.assertion_consumer_service_url = saml_sp_consume_url(
30
+ @saml_setting.send(sp_rails_saml_setting.account_class.to_s.downcase.to_sym).send(sp_rails_saml_setting.account_find_key)
31
+ )
32
+ settings.sp_entity_id = saml_sp_metadata_url(
33
+ @saml_setting.send(sp_rails_saml_setting.account_class.to_s.downcase.to_sym).send(sp_rails_saml_setting.account_find_key)
34
+ )
31
35
  settings.name_identifier_format = sp_rails_saml_setting.name_identifier_format
32
36
  settings.authn_context = sp_rails_saml_setting.authn_context
33
37
  settings.authn_context_comparison = sp_rails_saml_setting.authn_context_comparison
@@ -30,8 +30,8 @@ module SpRailsSaml
30
30
 
31
31
  sp_rails_saml_setting = SpRailsSaml::Settings.instance
32
32
 
33
- settings.assertion_consumer_service_url = saml_sso_url(@account.id)
34
- settings.sp_entity_id = saml_metadata_url(@account.id)
33
+ settings.assertion_consumer_service_url = saml_sp_consume_url(@account.send(sp_rails_saml_setting.account_find_key))
34
+ settings.sp_entity_id = saml_sp_metadata_url(@account.send(sp_rails_saml_setting.account_find_key))
35
35
  settings.name_identifier_format = sp_rails_saml_setting.name_identifier_format
36
36
  settings.security[:want_assertions_signed] =
37
37
  SpRailsSaml::Settings::RUBY_SAML_DEFAULT_SETTINGS[:want_assertions_signed]
@@ -5,12 +5,12 @@ namespace :saml do
5
5
 
6
6
  unless @sso_only
7
7
  # Saml settings for SP
8
- resources SpRailsSaml::Settings.account_class.to_s.downcase.to_sym, only: [] do
8
+ resources SpRailsSaml::Settings.instance.account_class.to_s.downcase.to_sym, only: [], param: SpRailsSaml::Settings.instance.account_find_key do
9
9
  resource :saml_settings, only: %i[show edit update]
10
10
  end
11
11
  end
12
12
 
13
13
  # SSO
14
- post 'sso/:id', to: 'ssos#consume', as: :sso
15
- get 'metadata/:id', to: 'ssos#metadata', as: :metadata
14
+ post "sp/consume/:#{SpRailsSaml::Settings.instance.account_find_key}", to: 'ssos#consume', as: :sp_consume
15
+ get "sp/metadata/:#{SpRailsSaml::Settings.instance.account_find_key}", to: 'ssos#metadata', as: :sp_metadata
16
16
  end
@@ -22,7 +22,8 @@ module SpRailsSaml
22
22
  @saml_response,
23
23
  settings: ruby_saml_settings,
24
24
  skip_subject_confirmation: SpRailsSaml::Settings::RUBY_SAML_DEFAULT_SETTINGS[:skip_subject_confirmation],
25
- skip_conditions: SpRailsSaml::Settings::RUBY_SAML_DEFAULT_SETTINGS[:skip_conditions]
25
+ skip_conditions: SpRailsSaml::Settings::RUBY_SAML_DEFAULT_SETTINGS[:skip_conditions],
26
+ skip_destination: SpRailsSaml::Settings::RUBY_SAML_DEFAULT_SETTINGS[:skip_destination]
26
27
  )
27
28
  end
28
29
 
@@ -45,7 +46,8 @@ module SpRailsSaml
45
46
  private
46
47
 
47
48
  def required_value_is_set?
48
- @saml_setting.idp_cert.present?
49
+ # ruby-samlの仕様上、idp_entity_idが空だとissuer = idp_entity_idの検証が行われないため、idp_entity_idがblankの検証は必須
50
+ @saml_setting.idp_cert.present? && @saml_setting.idp_entity_id.present?
49
51
  end
50
52
 
51
53
  def ruby_saml_settings
@@ -55,11 +57,17 @@ module SpRailsSaml
55
57
 
56
58
  sp_rails_saml_setting = SpRailsSaml::Settings.instance
57
59
 
58
- settings.assertion_consumer_service_url = saml_sso_url(id: @saml_setting.send(sp_rails_saml_setting.account_class.to_s.downcase.to_sym).id)
59
- settings.sp_entity_id = saml_metadata_url(id: @saml_setting.send(sp_rails_saml_setting.account_class.to_s.downcase.to_sym).id)
60
+ settings.assertion_consumer_service_url = saml_sp_consume_url(
61
+ @saml_setting.send(sp_rails_saml_setting.account_class.to_s.downcase.to_sym).send(sp_rails_saml_setting.account_find_key)
62
+ )
63
+ settings.sp_entity_id = saml_sp_metadata_url(
64
+ @saml_setting.send(sp_rails_saml_setting.account_class.to_s.downcase.to_sym).send(sp_rails_saml_setting.account_find_key)
65
+ )
60
66
  settings.idp_cert = @saml_setting.idp_cert
67
+ settings.idp_entity_id = @saml_setting.idp_entity_id
61
68
  settings.security[:want_assertions_signed] =
62
69
  SpRailsSaml::Settings::RUBY_SAML_DEFAULT_SETTINGS[:want_assertions_signed]
70
+
63
71
  settings
64
72
  end
65
73
  end
@@ -1,6 +1,5 @@
1
1
  require 'singleton'
2
2
 
3
- # rubocop:disable Style/ClassVars
4
3
  module SpRailsSaml
5
4
  # SAML2 settings for initializer.
6
5
  #
@@ -11,27 +10,33 @@ module SpRailsSaml
11
10
  compress_request: true,
12
11
  skip_subject_confirmation: true,
13
12
  skip_conditions: true,
14
- want_assertions_signed: true
13
+ skip_destination: false,
14
+ want_assertions_signed: true,
15
+ account_find_key: :id,
16
+ user_find_key: :email,
17
+ saml_response_user_find_key: :email
15
18
  }.freeze
16
19
 
17
20
  attr_reader :name_identifier_format,
18
21
  :authn_context,
19
22
  :authn_context_comparison,
20
23
  :user_class,
21
- :account_class
22
-
23
- @@setuped = false
24
+ :account_class,
25
+ :user_find_key,
26
+ :account_find_key,
27
+ :saml_response_user_find_key
24
28
 
25
29
  class << self
26
30
  attr_accessor :name_identifier_format,
27
31
  :authn_context,
28
32
  :authn_context_comparison,
29
33
  :user_class,
30
- :account_class
34
+ :account_class,
35
+ :user_find_key,
36
+ :account_find_key,
37
+ :saml_response_user_find_key
31
38
 
32
39
  def setup
33
- raise SpRailsSaml::MultiSetupError if @@setuped
34
-
35
40
  yield self
36
41
 
37
42
  setting = SpRailsSaml::Settings.instance
@@ -41,10 +46,11 @@ module SpRailsSaml
41
46
  setting.instance_variable_set(:@authn_context_comparison, SpRailsSaml::Settings.authn_context_comparison)
42
47
  setting.instance_variable_set(:@user_class, SpRailsSaml::Settings.user_class)
43
48
  setting.instance_variable_set(:@account_class, SpRailsSaml::Settings.account_class)
44
-
45
- @@setuped = true
49
+ setting.instance_variable_set(:@user_find_key, SpRailsSaml::Settings.user_find_key || RUBY_SAML_DEFAULT_SETTINGS[:user_find_key])
50
+ setting.instance_variable_set(:@account_find_key, SpRailsSaml::Settings.account_find_key || RUBY_SAML_DEFAULT_SETTINGS[:account_find_key])
51
+ setting.instance_variable_set(:@saml_response_user_find_key,
52
+ SpRailsSaml::Settings.saml_response_user_find_key || RUBY_SAML_DEFAULT_SETTINGS[:saml_response_user_find_key])
46
53
  end
47
54
  end
48
55
  end
49
56
  end
50
- # rubocop:enable Style/ClassVars
@@ -1,3 +1,3 @@
1
1
  module SpRailsSaml
2
- VERSION = '1.0.0'.freeze
2
+ VERSION = '1.0.1'.freeze
3
3
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: sp-rails-saml
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.0
4
+ version: 1.0.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - psyashes
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: exe
11
11
  cert_chain: []
12
- date: 2021-06-22 00:00:00.000000000 Z
12
+ date: 2021-07-06 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: ruby-saml