Skip to content

Commit

Permalink
feat: added the response object to the extra['response_object'], so w…
Browse files Browse the repository at this point in the history
…e can use the raw response object if we want to
  • Loading branch information
Jiongye Li committed Jun 28, 2016
1 parent 146e469 commit 76ed3d6
Show file tree
Hide file tree
Showing 3 changed files with 8 additions and 1 deletion.
2 changes: 2 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -68,6 +68,8 @@ end

For IdP-initiated SSO, users should directly access the IdP SSO target URL. Set the `href` of your application's login link to the value of `idp_sso_target_url`. For SP-initiated SSO, link to `/auth/saml`.

A `OneLogin::RubySaml::Response` object is added to the `env['omniauth.auth']` extra attribute, so we can use it in the controller via `env['omniauth.auth'].extra.response_object`

## Metadata

The service provider metadata used to ease configuration of the SAML SP in the IdP can be retrieved from `http://example.com/auth/saml/metadata`. Send this URL to the administrator of the IdP.
Expand Down
3 changes: 2 additions & 1 deletion lib/omniauth/strategies/saml.rb
Original file line number Diff line number Diff line change
Expand Up @@ -76,6 +76,7 @@ def callback_phase

@name_id = response.name_id
@attributes = response.attributes
@response_object = response

if @name_id.nil? || @name_id.empty?
raise OmniAuth::Strategies::SAML::ValidationError.new("SAML response missing 'name_id'")
Expand Down Expand Up @@ -135,7 +136,7 @@ def other_phase
Hash[found_attributes]
end

extra { { :raw_info => @attributes } }
extra { { :raw_info => @attributes, :response_object => @response_object } }

def find_attribute_by(keys)
keys.each do |key|
Expand Down
4 changes: 4 additions & 0 deletions spec/omniauth/strategies/saml_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -114,6 +114,10 @@ def post_xml(xml=:example_response)
'fingerprint' => saml_options[:idp_cert_fingerprint]
}
end

it "should set the response_object to the response object from ruby_saml response" do
auth_hash['extra']['response_object'].should be_kind_of(OneLogin::RubySaml::Response)
end
end

context "when fingerprint is empty and there's a fingerprint validator" do
Expand Down

0 comments on commit 76ed3d6

Please sign in to comment.