29 lines
1.1 KiB
Ruby
29 lines
1.1 KiB
Ruby
|
class SamlIdpController < ActionController::Base
|
||
|
include SamlIdp::Controller
|
||
|
|
||
|
before_action :validate_saml_request
|
||
|
|
||
|
def new
|
||
|
if super_admin_signed_in?
|
||
|
@saml_response = encode_SAMLResponse(current_super_admin.email, saml_attributes)
|
||
|
render :template => "saml_idp/idp/saml_post", :layout => false
|
||
|
else
|
||
|
redirect_to root_path, alert: t("errors.messages.saml_not_authorized")
|
||
|
end
|
||
|
end
|
||
|
|
||
|
def metadata
|
||
|
render layout: false, content_type: "application/xml", formats: :xml
|
||
|
end
|
||
|
|
||
|
private
|
||
|
|
||
|
def saml_attributes
|
||
|
admin_attributes = %[<saml:AttributeStatement><saml:Attribute Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"><saml:AttributeValue>#{current_super_admin.email}</saml:AttributeValue></saml:Attribute><saml:Attribute Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"><saml:AttributeValue>ds|#{current_super_admin.id}</saml:AttributeValue></saml:Attribute></saml:AttributeStatement>]
|
||
|
{
|
||
|
issuer_uri: saml_auth_url,
|
||
|
attributes_provider: admin_attributes
|
||
|
}
|
||
|
end
|
||
|
end
|