Class: OmniAuth::Strategies::Islykill

Inherits:
Object
  • Object
show all
Includes:
OmniAuth::Strategy
Defined in:
lib/omniauth/strategies/islykill.rb,
lib/omniauth/strategies/islykill/validation_error.rb

Defined Under Namespace

Classes: ValidationError

Instance Method Summary collapse

Instance Method Details

#callback_phaseObject 



50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
 
# File 'lib/omniauth/strategies/islykill.rb', line 50

def callback_phase
  puts "   ___      _ _ _                _    "
  puts "  / __ __ _| | | |__   __ _  ___| | __"
  puts " / /  / _` | | | '_   / _` |/ __| |/ /"
  puts "/ /__| (_| | | | |_) | (_| | (__|   < "
  puts " ____/ __,_|_|_|_.__/  __,_| ___|_| _ "
  puts "                                      "

  unless request.params['token']
    raise OmniAuth::Strategies::Islykill::ValidationError.new("Islykill response missing")
  end

  read_attributes request.params['token']

 if @name_id.nil? || @name_id.empty?
    raise OmniAuth::Strategies::Islykill::ValidationError.new("SAML response missing 'name_id'")
  end

  super
rescue 
  fail!(:invalid_ticket, $!)
rescue OneLogin::RubySaml::ValidationError
  fail!(:invalid_ticket, $!)
end

#read_attributes(token_base64) ⇒ Object 



27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
 
# File 'lib/omniauth/strategies/islykill.rb', line 27

def read_attributes token_base64
    islykill_xml_saml_response = Base64.decode64(token_base64)
    signedDocument = SignedXml::Document(islykill_xml_saml_response)
    if !signedDocument.is_verified?
        raise OmniAuth::Strategies::Islykill::ValidationError.new("Islykill response not valid")
    end

    # response is valid so we extract the information using xpath
    xml_doc = REXML::Document.new(islykill_xml_saml_response)
    prefix='Response/Assertion/AttributeStatement/Attribute[@Name="'
    postfix='"]/AttributeValue'

    @attributes={
        name: REXML::XPath.first(xml_doc,"#{prefix}Name#{postfix}").text,
        kennitala: REXML::XPath.first(xml_doc,"#{prefix}UserSSN#{postfix}").text,
        provider: REXML::XPath.first(xml_doc,"#{prefix}Authentication#{postfix}").text
    }
    
    @name_id = REXML::XPath.first(xml_doc,"Response/Assertion/Subject/NameID/@NameQualifier").value()

end

#request_phaseObject 



12
13
14
15
16
17
18
19
20
21
22
23
24
25
 
# File 'lib/omniauth/strategies/islykill.rb', line 12

def request_phase
  options[:assertion_consumer_service_url] ||= callback_url
  runtime_request_parameters = options.delete(:idp_sso_target_url_runtime_params)

  additional_params = {}
  runtime_request_parameters.each_pair do |request_param_key, mapped_param_key|
    additional_params[mapped_param_key] = request.params[request_param_key.to_s] if request.params.has_key?(request_param_key.to_s)
  end if runtime_request_parameters

  authn_request = OneLogin::RubySaml::Authrequest.new
  settings = OneLogin::RubySaml::Settings.new(options)

  redirect(authn_request.create(settings, additional_params))
end