class Maestrano::Auth::SamlController
Public Instance Methods
consume()
click to toggle source
POST '/maestrano/auth/saml/consume/:tenant'¶ ↑
Final phase of the Single Sign-On handshake. Find or create the required resources (user and group) and sign the user in This action is left to you to customize based on your application requirements. Below is presented a potential way of writing the action. Assuming you have enabled maestrano on a user model called 'User' and a group model called 'Organization' the action could be written the following way
# File lib/generators/maestrano/templates/saml_controller.rb, line 15 def consume ### 1)Find or create the user and the group ### -- ### The class method 'find_or_create_for_maestrano' is provided ### by the maestrano-rails gem on the model you have maestrano-ized. ### The method uses the mapping defined in the model 'maestrano_*_via' ### block to create the resource if it does not exist ### The 'user_auth_hash' and 'group_auth_hash' methods are provided ### by the controller. ### -- # user = User.find_or_create_for_maestrano(user_auth_hash) # organization = Organization.find_or_create_for_maestrano(group_auth_hash) # # user.tenant = params[:tenant] # user.save # organization.tenant = params[:tenant] # organization.save # # ### 2) Add the user to the group if not already a member ### -- ### The 'user_group_rel_hash' method is provided by the controller. ### The role attribute provided by maestrano is one of the following: ### 'Member', 'Power User', 'Admin', 'Super Admin' ### The 'member_of?' and 'add_member' methods are not provided by ### maestrano and are left to you to implement on your models ### -- # unless user.member_of?(organization) # organization.add_member(user,role: user_group_rel_hash[:role]) # end # # ### Sign the user in and redirect to application root ### -- ### The 'sign_in' method is not provided by maestrano but should already ### be there if you are using an authentication framework like Devise ### -- # sign_in(user) # redirect_to root_path raise NotImplemented.new("The consume action should be customized to fit your application needs") end