Last active
May 17, 2017 10:46
-
-
Save awendt/698769e64c15fa778311122e940f2df3 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| gem 'devise_saml_authenticatable' | |
| generate 'devise:install' | |
| initializer 'devise.rb', <<-CODE | |
| Devise.setup do |config| | |
| # ==> Configuration for :saml_authenticatable | |
| # You can support multiple IdPs by setting this value to a class that implements a #settings method which takes | |
| # an IdP entity id as an argument and returns a hash of idp settings for the corresponding IdP. | |
| config.idp_settings_adapter = nil | |
| # You provide you own method to find the idp_entity_id in a SAML message in the case of multiple IdPs | |
| # by setting this to a custom reader class, or use the default. | |
| # config.idp_entity_id_reader = DeviseSamlAuthenticatable::DefaultIdpEntityIdReader | |
| # You can set a handler object that takes the response for a failed SAML request and the strategy, | |
| # and implements a #handle method. This method can then redirect the user, return error messages, etc. | |
| # config.saml_failed_callback = nil | |
| # Configure with your SAML settings (see [ruby-saml][] for more information). | |
| config.saml_configure do |settings| | |
| settings.assertion_consumer_service_url = 'http://localhost:3000/users/saml/auth' | |
| settings.assertion_consumer_service_binding = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" | |
| settings.name_identifier_format = "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified" | |
| settings.idp_cert = "#{File.read(File.expand_path('~/tmp/cert.pem')).chomp}" | |
| settings.idp_cert_fingerprint_algorithm = "https://www.w3.org/2001/04/xmldsig-more#rsa-sha256" | |
| settings.idp_slo_target_url = "#{File.read(File.expand_path('~/tmp/slo_target.url')).chomp}" | |
| settings.idp_sso_target_url = "#{File.read(File.expand_path('~/tmp/sso_target.url')).chomp}" | |
| settings.issuer = "#{File.read(File.expand_path('~/tmp/issuer.url')).chomp}" | |
| settings.protocol_binding = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" | |
| end | |
| require 'devise/orm/active_record' | |
| end | |
| CODE | |
| file 'app/models/user.rb', <<-CODE | |
| class User < ActiveRecord::Base | |
| devise :saml_authenticatable | |
| end | |
| CODE | |
| route "devise_for :users" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment