SAML changes to the controller
This commit is contained in:
parent
fb65f18b5f
commit
e94db861c5
4 changed files with 37 additions and 31 deletions
|
@ -5,13 +5,11 @@ class DashboardController < ActionController::Base
|
|||
around_action :switch_locale
|
||||
before_action :ensure_installation_onboarding, only: [:index]
|
||||
before_action :redirect_to_custom_domain_page
|
||||
before_action :redirect_to_saml_login
|
||||
|
||||
layout 'vueapp'
|
||||
|
||||
def index
|
||||
request = OneLogin::RubySaml::Authrequest.new
|
||||
redirect_to(request.create(saml_settings))
|
||||
end
|
||||
def index; end
|
||||
|
||||
private
|
||||
|
||||
|
@ -50,6 +48,13 @@ class DashboardController < ActionController::Base
|
|||
redirect_to "/hc/#{portal.slug}"
|
||||
end
|
||||
|
||||
def redirect_to_saml_login
|
||||
# request = OneLogin::RubySaml::Authrequest.new
|
||||
# redirect_to(request.create(saml_settings))
|
||||
# end
|
||||
redirect_to '/saml' and return unless Current.user
|
||||
end
|
||||
|
||||
def app_config
|
||||
{
|
||||
APP_VERSION: Chatwoot.config[:version],
|
||||
|
@ -66,26 +71,25 @@ class DashboardController < ActionController::Base
|
|||
|
||||
settings.assertion_consumer_service_url = "http://#{request.host}/saml/consume"
|
||||
settings.sp_entity_id = "http://#{request.host}/saml/metadata"
|
||||
settings.idp_entity_id = "https://app.onelogin.com/saml/metadata/1835014"
|
||||
settings.idp_sso_target_url = "https://app.onelogin.com/trust/saml2/http-post/sso/1835014"
|
||||
settings.idp_slo_target_url = "https://app.onelogin.com/trust/saml2/http-redirect/slo/1835014"
|
||||
settings.name_identifier_format = "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
|
||||
settings.idp_entity_id = 'https://app.onelogin.com/saml/metadata/1835014'
|
||||
settings.idp_sso_target_url = 'https://app.onelogin.com/trust/saml2/http-post/sso/1835014'
|
||||
settings.idp_slo_target_url = 'https://app.onelogin.com/trust/saml2/http-redirect/slo/1835014'
|
||||
settings.name_identifier_format = 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress'
|
||||
|
||||
# Optional for most SAML IdPs
|
||||
settings.authn_context = "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport"
|
||||
settings.authn_context = 'urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport'
|
||||
# or as an array
|
||||
settings.authn_context = [
|
||||
"urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport",
|
||||
"urn:oasis:names:tc:SAML:2.0:ac:classes:Password"
|
||||
'urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport',
|
||||
'urn:oasis:names:tc:SAML:2.0:ac:classes:Password'
|
||||
]
|
||||
|
||||
# Optional bindings (defaults to Redirect for logout POST for ACS)
|
||||
settings.single_logout_service_binding = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" # or :post, :redirect
|
||||
settings.assertion_consumer_service_binding = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" # or :post, :redirect
|
||||
settings.single_logout_service_binding = 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect' # or :post, :redirect
|
||||
settings.assertion_consumer_service_binding = 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST' # or :post, :redirect
|
||||
|
||||
settings
|
||||
end
|
||||
|
||||
def cosnume
|
||||
end
|
||||
def cosnume; end
|
||||
end
|
||||
|
|
0
app/controllers/saml_controller
Normal file
0
app/controllers/saml_controller
Normal file
|
@ -1,8 +1,9 @@
|
|||
# This controller expects you to use the URLs /saml/init and /saml/consume in your OneLogin application.
|
||||
class SamlController < ApplicationController
|
||||
skip_before_action :verify_authenticity_token, :only => [:consume]
|
||||
# skip_before_action :verify_authenticity_token, :only => [:consume]
|
||||
layout 'vueapp'
|
||||
|
||||
def init
|
||||
def index
|
||||
request = OneLogin::RubySaml::Authrequest.new
|
||||
redirect_to(request.create(saml_settings))
|
||||
end
|
||||
|
@ -17,7 +18,8 @@ class SamlController < ApplicationController
|
|||
session[:userid] = response.nameid
|
||||
session[:attributes] = response.attributes
|
||||
else
|
||||
authorize_failure # This method shows an error message
|
||||
ChatwootExceptionTracker.new(response.errors, account: Account.first).capture_exception # This method shows an error message
|
||||
|
||||
# List of errors is available in response.errors array
|
||||
end
|
||||
end
|
||||
|
@ -29,22 +31,22 @@ class SamlController < ApplicationController
|
|||
|
||||
settings.assertion_consumer_service_url = "http://#{request.host}/saml/consume"
|
||||
settings.sp_entity_id = "http://#{request.host}/saml/metadata"
|
||||
settings.idp_entity_id = "https://app.onelogin.com/saml/metadata/1835014"
|
||||
settings.idp_sso_target_url = "https://app.onelogin.com/trust/saml2/http-post/sso/1835014"
|
||||
settings.idp_slo_target_url = "https://app.onelogin.com/trust/saml2/http-redirect/slo/1835014"
|
||||
settings.name_identifier_format = "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
|
||||
settings.idp_entity_id = 'https://app.onelogin.com/saml/metadata/1835014'
|
||||
settings.idp_sso_target_url = 'https://app.onelogin.com/trust/saml2/http-post/sso/1835014'
|
||||
settings.idp_slo_target_url = 'https://app.onelogin.com/trust/saml2/http-redirect/slo/1835014'
|
||||
settings.name_identifier_format = 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress'
|
||||
|
||||
# Optional for most SAML IdPs
|
||||
settings.authn_context = "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport"
|
||||
settings.authn_context = 'urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport'
|
||||
# or as an array
|
||||
settings.authn_context = [
|
||||
"urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport",
|
||||
"urn:oasis:names:tc:SAML:2.0:ac:classes:Password"
|
||||
'urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport',
|
||||
'urn:oasis:names:tc:SAML:2.0:ac:classes:Password'
|
||||
]
|
||||
|
||||
# Optional bindings (defaults to Redirect for logout POST for ACS)
|
||||
settings.single_logout_service_binding = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" # or :post, :redirect
|
||||
settings.assertion_consumer_service_binding = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" # or :post, :redirect
|
||||
settings.single_logout_service_binding = 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect' # or :post, :redirect
|
||||
settings.assertion_consumer_service_binding = 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST' # or :post, :redirect
|
||||
|
||||
settings
|
||||
end
|
||||
|
|
|
@ -81,7 +81,7 @@
|
|||
</form>
|
||||
<div class="column text-center sigin--footer">
|
||||
<span>{{ $t('REGISTER.HAVE_AN_ACCOUNT') }}</span>
|
||||
<router-link to="/app/login">
|
||||
<router-link to="/saml">
|
||||
{{
|
||||
useInstallationName(
|
||||
$t('LOGIN.TITLE'),
|
||||
|
|
Loading…
Reference in a new issue