demarches-normaliennes/config/initializers/saml_idp.rb

38 lines
1.2 KiB
Ruby
Raw Normal View History

# frozen_string_literal: true
2020-11-12 16:09:21 +01:00
# The certificate and secret key are not fetched from secrets.yml because there is a problem to set a secret key from a multiline env var"
# So we fetch env var directly here
if ENV['SAML_IDP_ENABLED'] == 'enabled'
2022-08-18 15:58:19 +02:00
SamlIdp.configure do |config|
config.base_saml_location = "https://#{ENV['APP_HOST']}/saml/metadata"
config.x509_certificate = ENV.fetch("SAML_IDP_CERTIFICATE")
config.secret_key = ENV.fetch("SAML_IDP_SECRET_KEY")
2022-10-03 12:30:54 +02:00
config.single_service_post_location = "https://#{ENV['APP_HOST']}/saml/auth"
config.single_service_redirect_location = "https://#{ENV['APP_HOST']}/saml/auth"
2022-08-18 15:58:19 +02:00
config.name_id.formats = {
"1.1" => {
email_address: -> (principal) { principal.email }
},
"2.0" => {
transient: -> (principal) { principal.email },
persistent: -> (p) { p.id }
}
}
2022-08-25 21:31:14 +02:00
service_providers = {}
if ENV['SAML_DOLIST_HOST'].present?
service_providers["https://#{ENV.fetch('SAML_DOLIST_HOST')}"] =
{
response_hosts: [ENV.fetch('SAML_DOLIST_HOST')],
cert: ENV.fetch("SAML_DOLIST_CERTIFICATE")
}
end
2022-08-18 15:58:19 +02:00
config.service_provider.finder = -> (entity_id) do
service_providers[entity_id]
end
end
2020-11-12 16:09:21 +01:00
end