demarches-normaliennes/app/controllers/saml_idp_controller.rb

41 lines
882 B
Ruby
Raw Normal View History

# frozen_string_literal: true
2020-11-12 16:09:21 +01:00
class SamlIdpController < ActionController::Base
include SamlIdp::Controller
def new
if validate_saml_request
render template: 'saml_idp/new'
2020-11-12 16:09:21 +01:00
else
head :forbidden
2020-11-12 16:09:21 +01:00
end
end
def show
render xml: SamlIdp.metadata.signed
end
def create
if validate_saml_request
if super_admin_signed_in?
@saml_response = idp_make_saml_response(current_super_admin)
render template: 'saml_idp/saml_post', layout: false
else
redirect_to root_path, alert: t("errors.messages.saml_not_authorized")
end
else
head :forbidden
end
2020-11-12 16:09:21 +01:00
end
private
def idp_make_saml_response(super_admin)
encode_response super_admin, encryption: {
cert: saml_request.service_provider.cert,
block_encryption: 'aes256-cbc',
key_transport: 'rsa-oaep-mgf1p'
2020-11-12 16:09:21 +01:00
}
end
end