Alternative to support multiple x509 Certificates via procs

[pelted]

What this PR does

• allows for looking up x509 certificates with a proc in the SamlIdp config
• calls the proc or falls back to the original behavior where appropriate
• adds short example in the REDME documentation

Why

This is an alternative approach to supporting multiple x509 certificates, secret keys, and password. This uses procs in the SamlIdp configuration as an alternative to #186 and #209.

I have been using this approach for some time now using a service object as a finder for the appropriate cert and secret key.

Some examples for looking these up:

config.x509_certificate = -> { File.read("cert.pem") }
config.secret_key = -> { SecretKeyFinder.key_for(id: 1) }
config.password = -> { Rails.application.credentials.dig(:saml_idp, :password ) }

[pelted]

Not sure if that's a flaky test in CI, still trying to reproduce the issue locally to resolve.

[Zogoo]

@pelted in here also, I think you have valid points, let us properly look at it and merge it after you fix the tests.

[Zogoo]

Not sure if that's a flaky test in CI, still trying to reproduce the issue locally to resolve.

You are right it seems like failing everywhere, let me look at it.

[atishedcast]

any progress on this?
I am looking for a similar solution.

[pelted]

@Zogoo I believe my latest commit should resolve the failing test if we could kick off the CI workflow and verify.

[Zogoo]

This is a valuable change in that the application can set the certificates on the fly.

[Zogoo]

@jphenow I think this is an alternative way to support configuring SamlIdP on the fly.

[Zogoo]

@pelted can you update again with the latest master branch?