class Osso::SamlHandler
Attributes
attributes[RW]
provider[RW]
session[RW]
Public Class Methods
new(auth_hash:, provider_id:, session:)
click to toggle source
# File lib/osso/lib/saml_handler.rb, line 11 def initialize(auth_hash:, provider_id:, session:) find_provider(provider_id) @attributes = auth_hash&.extra&.response_object&.attributes @session = session end
perform(**attrs)
click to toggle source
# File lib/osso/lib/saml_handler.rb, line 7 def self.perform(**attrs) new(attrs).perform end
Public Instance Methods
perform()
click to toggle source
# File lib/osso/lib/saml_handler.rb, line 17 def perform validate_attributes provider.active! redirect_uri end
Private Instance Methods
email_attribute()
click to toggle source
# File lib/osso/lib/saml_handler.rb, line 40 def email_attribute attributes[:email] end
find_provider(id)
click to toggle source
# File lib/osso/lib/saml_handler.rb, line 25 def find_provider(id) @provider ||= Models::IdentityProvider.find(id) rescue ActiveRecord::RecordNotFound raise Osso::Error::InvalidACSURLError end
id_attribute()
click to toggle source
# File lib/osso/lib/saml_handler.rb, line 36 def id_attribute @id_attribute ||= attributes[:id] || attributes[:idp_id] end
provider_state()
click to toggle source
# File lib/osso/lib/saml_handler.rb, line 76 def provider_state return 'IDP_INITIATED' if valid_idp_initiated_flow session.delete(:osso_oauth_state) end
redirect_uri()
click to toggle source
# File lib/osso/lib/saml_handler.rb, line 62 def redirect_uri redirect_uri_base + redirect_uri_querystring end
redirect_uri_base()
click to toggle source
# File lib/osso/lib/saml_handler.rb, line 66 def redirect_uri_base return provider.oauth_client.primary_redirect_uri.uri if valid_idp_initiated_flow session[:osso_oauth_redirect_uri] end
redirect_uri_querystring()
click to toggle source
# File lib/osso/lib/saml_handler.rb, line 72 def redirect_uri_querystring "?code=#{CGI.escape(authorization_code.token)}&state=#{provider_state}" end
requested_param()
click to toggle source
# File lib/osso/lib/saml_handler.rb, line 86 def requested_param @session.delete(:osso_oauth_requested) end
user()
click to toggle source
# File lib/osso/lib/saml_handler.rb, line 44 def user @user ||= Models::User.where( email: email_attribute, idp_id: id_attribute, ).first_or_create! do |new_user| new_user.enterprise_account_id = provider.enterprise_account_id new_user.identity_provider_id = provider.id end end
valid_idp_initiated_flow()
click to toggle source
# File lib/osso/lib/saml_handler.rb, line 82 def valid_idp_initiated_flow !session[:osso_oauth_redirect_uri] && !session[:osso_oauth_state] end
validate_attributes()
click to toggle source
# File lib/osso/lib/saml_handler.rb, line 31 def validate_attributes raise Osso::Error::MissingSamlIdAttributeError unless id_attribute raise Osso::Error::MissingSamlEmailAttributeError unless email_attribute end