module SamlCamel::Transaction

builds saml requests and decrypts saml responses

Constants

IDP_CERT
SP_CERT
SP_KEY

Public Class Methods

map_attributes(sp_attributes) click to toggle source
# File lib/saml_camel.rb, line 24
def self.map_attributes(sp_attributes)
  attr_map = SP_SETTINGS['attribute_map']
  mapped_attributes = {}

  sp_attributes.each do |sp_attribute, value|
    sp_attribute = attr_map[sp_attribute] || value
    mapped_attributes[sp_attribute] = value
  end
  mapped_attributes
end
saml_settings(raw_response: false) click to toggle source
# File lib/saml_camel.rb, line 35
def self.saml_settings(raw_response: false)
  sp_settings = SP_SETTINGS['settings']

  settings = OneLogin::RubySaml::Settings.new
  if raw_response
    settings.assertion_consumer_service_url = sp_settings['raw_response_acs']
    settings.force_authn = '1'
  else
    settings.assertion_consumer_service_url = sp_settings['acs']
  end
  settings.issuer                         = sp_settings['entity_id']
  settings.idp_sso_target_url             = sp_settings['sso_url']

  # certificate to register with IDP and key to decrypt
  settings.certificate = SP_CERT

  # certificate to decrypt SAML response
  settings.private_key = SP_KEY

  # certificate to verify IDP signature
  settings.idp_cert = IDP_CERT

  # inidcates SP wants assertions to be signed
  settings.security[:want_responses_signed] = true

  settings
end