demarches-normaliennes/app/controllers/saml_idp_controller.rb

29 lines
1.1 KiB
Ruby
Raw Normal View History

2020-11-12 16:09:21 +01:00
class SamlIdpController < ActionController::Base
include SamlIdp::Controller
before_action :validate_saml_request
def new
if super_admin_signed_in?
@saml_response = encode_SAMLResponse(current_super_admin.email, saml_attributes)
render :template => "saml_idp/idp/saml_post", :layout => false
else
redirect_to root_path, alert: t("errors.messages.saml_not_authorized")
end
end
def metadata
render layout: false, content_type: "application/xml", formats: :xml
end
private
def saml_attributes
admin_attributes = %[<saml:AttributeStatement><saml:Attribute Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"><saml:AttributeValue>#{current_super_admin.email}</saml:AttributeValue></saml:Attribute><saml:Attribute Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"><saml:AttributeValue>ds|#{current_super_admin.id}</saml:AttributeValue></saml:Attribute></saml:AttributeStatement>]
{
issuer_uri: saml_auth_url,
attributes_provider: admin_attributes
}
end
end