Class: OmniAuth::Strategies::SAML_RSTR::AuthRequest

Inherits:
Object
  • Object
show all
Defined in:
lib/omniauth/strategies/saml-rstr/auth_request.rb

Instance Method Summary collapse

Instance Method Details

#create(settings, params = {}) ⇒ Object



11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
# File 'lib/omniauth/strategies/saml-rstr/auth_request.rb', line 11

def create(settings, params = {})
  uuid = "_" + UUID.new.generate
  time = Time.now.utc.strftime("%Y-%m-%dT%H:%M:%SZ")

  request =
    "<samlp:AuthnRequest xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\" ID=\"#{uuid}\" Version=\"2.0\" IssueInstant=\"#{time}\" ProtocolBinding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\" AssertionConsumerServiceURL=\"#{settings[:assertion_consumer_service_url]}\">" +
    "<saml:Issuer xmlns:saml=\"urn:oasis:names:tc:SAML:2.0:assertion\">#{settings[:issuer]}</saml:Issuer>\n" +
    "<samlp:NameIDPolicy xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\" Format=\"#{settings[:name_identifier_format]}\" AllowCreate=\"true\"></samlp:NameIDPolicy>\n" +
    "<samlp:RequestedAuthnContext xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\" Comparison=\"exact\">" +
    "<saml:AuthnContextClassRef xmlns:saml=\"urn:oasis:names:tc:SAML:2.0:assertion\">urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml:AuthnContextClassRef></samlp:RequestedAuthnContext>\n" +
    "</samlp:AuthnRequest>"

  deflated_request  = Zlib::Deflate.deflate(request, 9)[2..-5]
  base64_request    = Base64.encode64(deflated_request)
  encoded_request   = CGI.escape(base64_request)
  request_params    = "?SAMLRequest=" + encoded_request

  params.each_pair do |key, value|
    request_params << "&#{key}=#{CGI.escape(value.to_s)}"
  end

  settings[:idp_sso_target_url] + request_params
end