adminbruno
/
docuseal
mirror of https://github.com/docusealco/docuseal
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'f2f1745526'
${ noResults }
docuseal/app/services/saml_config_service.rb

53 lines
2.0 KiB
Raw Blame History

# frozen_string_literal: true
class SamlConfigService
def self.load_config(account = nil)
# Try to load from database first
if account
config_record = EncryptedConfig.find_by(account: account, key: 'saml_configs')
if config_record&.value.present?
return JSON.parse(config_record.value).with_indifferent_access
end
end
# Fall back to environment variables
{
idp_sso_service_url: ENV['SAML_IDP_SSO_SERVICE_URL'],
idp_cert_fingerprint: ENV['SAML_IDP_CERT_FINGERPRINT'],
sp_entity_id: ENV.fetch('SAML_SP_ENTITY_ID', 'docuseal'),
name_identifier_format: 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress',
email_attribute: 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress',
first_name_attribute: 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname',
last_name_attribute: 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname',
name_attribute: 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name'
}.with_indifferent_access
rescue => e
Rails.logger.warn "Could not load SAML config: #{e.message}"
{}
end
def self.configured?(account = nil)
config = load_config(account)
config[:idp_sso_service_url].present? && config[:idp_cert_fingerprint].present?
end
def self.omniauth_config(account = nil)
config = load_config(account)
return nil unless configured?(account)
{
assertion_consumer_service_url: "#{ENV.fetch('APP_URL', 'http://localhost:3000')}/auth/saml/callback",
sp_entity_id: config[:sp_entity_id],
idp_sso_service_url: config[:idp_sso_service_url],
idp_cert_fingerprint: config[:idp_cert_fingerprint],
name_identifier_format: config[:name_identifier_format],
attribute_statements: {
email: [config[:email_attribute]],
first_name: [config[:first_name_attribute]],
last_name: [config[:last_name_attribute]],
name: [config[:name_attribute]]
}
}
end
end
Reference in new issue View Git Blame Copy Permalink