demarches-normaliennes/config/initializers/saml_idp.rb
2022-08-23 15:05:20 +02:00

31 lines
994 B
Ruby

# The certificate and secret key are not fetched from secrets.yml because there is a problem to set a secret key from a multiline env var"
# So we fetch env var directly here
if ENV['SAML_IDP_ENABLED'] == 'enabled'
SamlIdp.configure do |config|
config.base_saml_location = "https://#{ENV['APP_HOST']}/saml/metadata"
config.x509_certificate = ENV.fetch("SAML_IDP_CERTIFICATE")
config.secret_key = ENV.fetch("SAML_IDP_SECRET_KEY")
config.name_id.formats = {
"1.1" => {
email_address: -> (principal) { principal.email }
},
"2.0" => {
transient: -> (principal) { principal.email },
persistent: -> (p) { p.id }
}
}
service_providers = {
"https://#{ENV.fetch('SAML_DOLIST_HOST')}" => {
response_hosts: [ENV.fetch('SAML_DOLIST_HOST')],
cert: ENV.fetch("SAML_DOLIST_CERTIFICATE")
}
}
config.service_provider.finder = -> (entity_id) do
service_providers[entity_id]
end
end
end