Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Roadmap & doc #4

Open
keeguon opened this issue Sep 10, 2018 · 5 comments
Open

Roadmap & doc #4

keeguon opened this issue Sep 10, 2018 · 5 comments

Comments

@keeguon
Copy link
Contributor

keeguon commented Sep 10, 2018
edited
Loading

Hey, I've been playing around with the gem to create and IdP alongside with https://github.com/onelogin/ruby-saml for the SP side to test things out.

It's definitely a great gem we have here. However, I feel like the ruby-saml gem could be rendered useless (especially the SP metadata generation) with few improvements especially with the SP class :

  • possibility to add the optional options like "AuthnRequestsSigned" and "WantAssertionsSigned"
  • make "assertion_consumer_services" and "attribute_consuming_services" writable

Is there any plans towards such goals?

Also, I feel it lacks a good documentation regarding the fact that you can basically build your entities with the gem but you have to get in the code to really get it.

I'm available to provide some help if needed.
@ccutrer
Copy link
Contributor

ccutrer commented Sep 10, 2018

I could definitely add those attributes. I'll keep this ticket open for those. As for assertion_consumer_services and attribute_consuming_services... there's no need for them to be directly writeable. They return a mutable array. https://github.com/instructure/canvas-lms is already using the saml2 as a complete replacement for the ruby-saml gem. Our SP metadata generation can be viewed at https://github.com/instructure/canvas-lms/blob/f9809e29b01a7f0706865f174c0af4ba5b3c8a31/app/models/authentication_provider/saml.rb#L262 and https://github.com/instructure/canvas-lms/blob/f9809e29b01a7f0706865f174c0af4ba5b3c8a31/app/models/authentication_provider/saml.rb#L327. Also notice that keys are embedded into the metadata.

@keeguon
Copy link
Contributor Author

keeguon commented Sep 10, 2018

@ccutrer my bad for the mutable arrays, must be Monday. I'll do a pull request for the attributes mentioned as for the keys, I realized after posting that they were in the Role parent class so removed that line from my original comment afterwards.

@keeguon keeguon mentioned this issue Sep 10, 2018
Merged
@jackiejohnston
Copy link

@keeguon Is your IdP example available on GitHub somewhere? I would love to see an example of the SAML config file and your setup.

@keeguon
Copy link
Contributor Author

keeguon commented Apr 29, 2019

@jackiejohnston nothing on GitHub but willing to provide help if needed ;)!

@jackiejohnston
Copy link

@keeguon Thank you so much for the kind offer. We ended up using a different gem instead though.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@ccutrer @keeguon @jackiejohnston