Skip to content

Commit

Permalink
Single tenant support with Osso Mock IDP
Browse files Browse the repository at this point in the history
  • Loading branch information
@sbauch
sbauch committed Jan 23, 2021
1 parent 0a78597 commit f443f4a
Show file tree
Hide file tree
Showing 6 changed files with 47 additions and 3 deletions.
1 change: 1 addition & 0 deletions Gemfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@ gem 'jbuilder', '~> 2.7'
# gem 'bcrypt', '~> 3.1.7'

gem 'devise'
gem 'ruby-saml', '~> 1.11.0'

# Use Active Storage variant
# gem 'image_processing', '~> 1.2'
Expand Down
3 changes: 3 additions & 0 deletions Gemfile.lock
View file
Original file line number Diff line number Diff line change
Expand Up @@ -160,6 +160,8 @@ GEM
responders (3.0.1)
actionpack (>= 5.0)
railties (>= 5.0)
ruby-saml (1.11.0)
nokogiri (>= 1.5.10)
rubyzip (2.3.0)
sass-rails (6.0.0)
sassc-rails (~> 2.1, >= 2.1.1)
Expand Down Expand Up @@ -227,6 +229,7 @@ DEPENDENCIES
puma (~> 5.0)
rack-mini-profiler (~> 2.0)
rails (~> 6.1.1)
ruby-saml (~> 1.11.0)
sass-rails (>= 6)
selenium-webdriver
spring
Expand Down
41 changes: 39 additions & 2 deletions app/controllers/application_controller.rb
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,46 @@
class ApplicationController < ActionController::Base
before_action :authenticate_user!, except: :index

before_action :authenticate_user!, only: :logged_in
skip_before_action :verify_authenticity_token, only: :saml_callback

def index
end

def logged_in
end

def saml_login
request = OneLogin::RubySaml::Authrequest.new
redirect_to(request.create(saml_settings))
end

def saml_callback
response = OneLogin::RubySaml::Response.new(
params[:SAMLResponse],
:settings => saml_settings
)

if response.is_valid?
@user = User.create_or_find_by!(email: response.nameid)
sign_in(@user)
redirect_to(:logged_in)
else
raise response.errors.inspect
end
end

private

def saml_settings
settings = OneLogin::RubySaml::Settings.new

# You provide to IDP
settings.assertion_consumer_service_url = "http://#{request.host_with_port}/saml_callback"
settings.sp_entity_id = "my-single-tenant"

# IDP provides to you
settings.idp_sso_target_url = "https://idp.ossoapp.com/saml-login"
settings.idp_cert = Rails.application.credentials.idp_cert

settings
end
end
1 change: 1 addition & 0 deletions app/views/application/index.html.erb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,5 +8,6 @@
</div>
<% end %>
<% end %>
<%= button_to 'Sign in with SAML SSO', action: :saml_login %>
</div>
</div>
2 changes: 1 addition & 1 deletion config/credentials.yml.enc
View file
Original file line number Diff line number Diff line change
@@ -1 +1 @@
LoBR8TSHJK0BeDFOdfU7tlvB4G3THK2eve5Dm9vs6n2T8c72co5FJl4htY4fe8ruCh4SDwy7SiQY5IxIRPKtVdrepfX8ngUi6dmvAeG9PCdL+ED10FLYgH85d8jX96aguFcd1aOMNMpSP2S0fynJRz/jN1LzkXdBamZLkXJRMTpboiQhQkjGT8XxcoHKuPUpUIU4eqLiZKU5gnEumiUOI1EGED6i96vb5dbZeLn/FFLGWydsPdaXQ1/ezLuQcBlDNNT6ktU9Vonh0htec4FjAeE0OgdMEp1j1wIUgXqczKKE62JgYG4wOHxdLQfD5xcAfgUz3tyYMx9c/8FmICU+BC/1+rwJEqUkRKpQ5Beth88qVr0mlVj+AKwuTPjx+ttDYpOxu3F3N8DUWZBHtxs7vNOHIucRiUE+aiNu--4BKS5tyJINb9izXo--cuhyNutIIr4Mk49ha/IlrA==
+m9jnjlYX6OtiMaMDZeoasxSCgwsFTclpn9iQB06meOa6vZTf7Ys1RfpwuafcBcB1zZLPHB7K50jw4Z67awKqknbTseSW9F6ECkgYKZtF5JhN1M00YO9TRGVRPf7FHS8czY3gabIoIy9YPlbgeOlHzHeKQzAnzp7voqx4JfdNixFkSEjUr4f98+NKSNdWiZkHqsl6bYBZ6QxcKb5Y9FaclkaodVZL3RCZo21dgZ+Pdt970JsbnfQqqJRetAz6inj5lffk/NpREtXx5Gh/upuiYXvyxSXnIGpu0oUfu9oR/Fdwfi83sIrhwmCHHLb1iDuPjRpFVtdgIE6nET8Sf8paujf9n+jd8jvnftPyPoys7r26V0BgwlR8b7Ydme08apIs+mXJh2L/GUazX1KX1r3ln/Nxy/BfhIvAjGNNX7ppzvdD4JICP7GbIoRHY0XZZf2gfWEkGSS7VHXnEigWiL2OK0wPaXT76IhuKrw5gcguGVLfaH/7AIr8h+kloWRQ4KasBJ4p4XB8v2gPuxGHXl3tIAVS2lv3iBOu+/qFESX0BQtboAP48F38IGgzvJtrsuAqQgCoAPqIUVbf704ySACpfmOEiZddptn092CPy6cJ4IQ6pSHfuc08uI29A8Ws2eOrm8T8FhjuTziYD5qcSKYJDpgNDVCgNCk6qjHGzqvlJtjvksjSxs9UGEycPksTro4ixaFvNbi1JsthILRxyA1JyHsmWhumhJFyFEy4QbzgfcSVGA5jggUPdMkpe6fCDlKh6uLsZq/8KT0/KwdQ7fZmHS1uwmYFYG28DVc6hLqwyL5Ga1WYx2PP9UzdtMYhqC44cUPyZUYSgC7veHdFfmUpyK7x1ny1+hN+yOjDaA23Z2EADYKCvlyRPhKLV1C/dAWDm7UARMmoXO3l2TiN82UVvUIcbVV13ZFqCf1Mu2fYQFLyO+cNBU5OLoQB5zOAJjC7xBIVKkVazFZEISB78/+URqrcZEfqx4QEbupBFWz3dr5xT4bAj5714BocVxvCRUPZsf7FVy4z+DxxT+D9RCj53ZzMeEwJZyqFAyhN7RrUePxI+OulX2UmVO1hHEsUrPzc2z/MH4cPAk9I01pxm1In5BYHOpDfD8GoEi3JFupXo00ms+RoAjMY1bPMIZ0pCT9KpFqK668hrOQy1Q1LxCAGe77S/SgOMxtNc6XvYYXy2MoN70uI7ggv6i+jltC4091ETjKwoWLRvcHeeZ8s+t4gyaLzEJqbK0aK0ZHKfLQltjxeZl2G4zRCvVYINW2/3Yrdd79D8wCSkqRAj1LSLPLLJ+od7ge9NXWmq/C8nqFqDiAPjR6uYqrxV+6rtfJ2jwUYlA7ms8Y95V25GGxKZwEXyHsMvvXIddz6wfUw3J0DLfQLrrrc0ttjIY0zY2zgHBSWzwkwFLCp+jTGQLCyap+Y0G4wy095hfCKclLR9Pw1Bh0dWvmH+XHJtqjmvyFDLw2ULEYxDxsU8A8kJawlU18iHmyOo3VrFpUeRhvtwHYpeEd2UPzPACCvXEvrKB52xbXEliBI/JVlK73Qab62H6WKpVr2111egGaKKR8XNoBQIkH1ZIiMv46vKvnaeGOg2ExAafP7Fg/H4dgX9r0njVw5QhdGYe+3xBPb7xsFwFQhJ3crHckFr7AEcG6qh+YW8bmFbgtm+sMoY51kp7htQlzaJTht5LxDDnA6Hny/313B+ZTsUK90A1/u/52buMafcEikI8XttmhBs/BPr1kietvmmDi6QieDMpJ4eM2nJaSdsveQFobED8vc9TOYo2XODPTylYcoskyVQsSOjP/AdgTjco4TpQAu1Nwrgng2E9zdVuf6hUll4zbApvJch2EdXQuhe+8Y7vQ/unsb/AvRt9M9HwEMkCbTdVr1hJ95A5DYZq74qBBQ5C3jbFGPegNAWj6/p6qQueyX9y00rXY2uJ4ySQAR2aLY715XUd9bTyV9jI2Gi8XLzYrAGSDi93qkZFSPMELIL+G02ngoE2uVkLwBxQ4iPpCtHHEIb2ObW+uOePk5agViwbT3VO7vJfPo/8lRqliFBA7eheZsDTt2a7pUmHjTVCQmNigJZ1vJtK44L1cI14D4Hs7yZ7VUQUBB6/N8Ind1W1SJ2g=--wdvUEmbANQOadESQ--tBIEkesbLGCOAs+TlNT6/A==
2 changes: 2 additions & 0 deletions config/routes.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,4 +3,6 @@
# For details on the DSL available within this file, see https://guides.rubyonrails.org/routing.html
root to: "application#index"
get 'logged_in', to: "application#logged_in"
post 'saml_login', to: "application#saml_login"
post 'saml_callback', to: "application#saml_callback"
end

0 comments on commit f443f4a

Please sign in to comment.