[WIP] Configure IdP and SP with configuration object #183
Conversation
|
Makes sense I think. Can much of the same be accomplished without the config? Might be good to document. Would definitely say this is a change of API to the point that it might be good to place this in a new major version - in which case if we wanted to make a lot of breaking changes, might be good to figure out if we want a branch for vnext and maintain master for bugs until vnext is ready or how to go about managing the branches there. |
…or this reason dropping SP metadata logic. Because IdP project can decide how to provide metadata.
Zogoo
changed the title
Zogoo
changed the title
Zogoo
force-pushed
the
feature/simplify_gem
branch
from
7e85449 to
43a9b2d
Compare
Zogoo
force-pushed
the
feature/simplify_gem
branch
from
f4dc78e to
5021c34
Compare
Zogoo
force-pushed
the
feature/simplify_gem
branch
4 times, most recently
from
d8ca283 to
220ba26
Compare
Zogoo
force-pushed
the
feature/simplify_gem
branch
from
220ba26 to
5fa6eba
Compare
Zogoo
changed the title
Zogoo
force-pushed
the
feature/simplify_gem
branch
2 times, most recently
from
c0a54c0 to
d4b376d
Compare
Zogoo
force-pushed
the
feature/simplify_gem
branch
from
d4b376d to
0ed50c6
Compare
|
@jphenow, @mjobin-mdsol I have almost finished the required code changes and started working on test cases. Could you guys please do a quick review to confirm the changes are okay? The main change is that the
|
| This was originally setup by @lawrencepit to test SAML Clients. I took it closer to a real SAML IDP implementation. | ||
| Forked from <https://github.com/lawrencepit/ruby-saml-idp> |
There was a problem hiding this comment.
| This was originally setup by @lawrencepit to test SAML Clients. I took it closer to a real SAML IDP implementation. | |
| Forked from <https://github.com/lawrencepit/ruby-saml-idp> | |
| This was originally a fork of @lawrencepit's project <https://github.com/lawrencepit/ruby-saml-idp> which was for testing SAML Clients. | |
| This project implements an actual SAML IdP. |
|
|
||
| Be sure to load a file like this during your app initialization: | ||
| 2. SP data such |
There was a problem hiding this comment.
| 2. SP data such | |
| 2. ServiceProvider configuration |
| config.signed_assertion = false # Default: true which means signed assertions on the SAML Response | ||
| config.compress = true # Default: false which means the SAML Response is not being compressed | ||
|
|
||
| Principal (e.g. User) is passed in when you `encode_response` |
There was a problem hiding this comment.
| Principal (e.g. User) is passed in when you `encode_response` | |
| # Principal (e.g. User) is passed in when you `encode_response` |
| If you have a method called `asserted_attributes` in your Principal class, | ||
| there is no need to define it here in the config. |
There was a problem hiding this comment.
| If you have a method called `asserted_attributes` in your Principal class, | |
| there is no need to define it here in the config. | |
| # If you have a method called `asserted_attributes` in your Principal class, | |
| # there is no need to define it here in the config. |
| If you have a method called `asserted_attributes` in your Principal class, | ||
| there is no need to define it here in the config. | ||
|
|
||
| config.saml_attributes => |
There was a problem hiding this comment.
is this showing what saml_attributes returns? I'm confused by the => here
There was a problem hiding this comment.
Oh, I forgot to mention that I haven't work documents yet. Once I finish code, I will update all documents.
| # persistent: -> (p) { p.id }, | ||
| # }, | ||
| # } | ||
| configure_sp do |config| |
There was a problem hiding this comment.
maybe spell out service_provider instead of sp? Abbreviations get confusing IMO.
There was a problem hiding this comment.
where is this defined? I'm having trouble following how this gets configured/used.
| @@ -229,13 +202,13 @@ The second parameter is optional and default to your configuration `SamlIdp.conf | |||
| To act as a Service Provider which generates SAML Requests and can react to SAML Responses use the | |||
| excellent [ruby-saml](https://github.com/onelogin/ruby-saml) gem. | |||
|
|
|||
| ## Author | |||
| # Author | |||
There was a problem hiding this comment.
Let's just remove the author section.
|
This was too big PR for the current gem, I will create small PRs that allow transfer slowly to v2 |
The idea of this PR is that Gem should not care about how to store metadata. Because too much involving developer decisions makes this gem harder to maintain.
#71
Let's drop persistance of metadata and how to refresh it because those implementation could be done with another gem (top of this gem) for different web frameworks. Or even it could be done by developers If we just accept "SamlIdp::IncomingMetadata" (IMO this should be also renamed) for all configuration of IdP.