module Maestrano
Class to return SP metadata based on the settings requested. Return this XML in a controller, then give that URL to the the IdP administrator. The IdP will poll the URL and your settings will be updated automatically
Only supports SAML 2.0
Constants
- VERSION
Attributes
Public Class Methods
Check that app_id and api_key passed in argument match
# File lib/maestrano.rb, line 71 def self.authenticate(app_id,api_key) self.param(:app_id) == app_id && self.param(:api_key) == api_key end
Maestrano
Configuration
block
# File lib/maestrano.rb, line 62 def self.configure self.config ||= Configuration.new yield(config) self.config.post_initialize return self end
Take a user uid (either real or virtual) and a group id and return the user uid that should be used within the app based on the user_creation_mode parameter: ‘real’: then the real user uid is returned (usr-4d5sfd) ‘virtual’: then the virtual user uid is returned (usr-4d5sfd.cld-g4f5d)
# File lib/maestrano.rb, line 81 def self.mask_user(user_uid,group_uid) sanitized_user_uid = self.unmask_user(user_uid) if Maestrano.param('sso.creation_mode') == 'virtual' return "#{sanitized_user_uid}.#{group_uid}" else return sanitized_user_uid end end
Get configuration parameter value E.g: Maestrano.param
(‘api.key’) Maestrano.param
(:api_key)
# File lib/maestrano.rb, line 100 def self.param(parameter) self.config.param(parameter) end
Return a hash describing the current Maestrano
configuration. The metadata will be remotely fetched by Maestrano
Exclude any info containing an api key
# File lib/maestrano.rb, line 108 def self.to_metadata hash = {} hash['environment'] = self.param('environment') config_groups = ['app','api','sso','webhook'] blacklist = ['api.key','api.token'] config_groups.each do |cgroup_name| cgroup = self.config.send(cgroup_name) attr_list = cgroup.attributes.map(&:to_s) attr_list += Configuration::EVT_CONFIG[hash['environment']].keys.select { |k| k =~ Regexp.new("^#{cgroup_name}\.") }.map { |k| k.gsub(Regexp.new("^#{cgroup_name}\."),'') } attr_list.uniq! attr_list.each do |first_lvl| if cgroup.send(first_lvl).is_a?(OpenStruct) c2group = cgroup.send(first_lvl) c2group.attributes.each do |secnd_lvl| full_param = [cgroup_name,first_lvl,secnd_lvl].join('.') unless blacklist.include?(full_param) hash[cgroup_name.to_s] ||= {} hash[cgroup_name.to_s][first_lvl.to_s] ||= {} hash[cgroup_name.to_s][first_lvl.to_s][secnd_lvl.to_s] = self.param(full_param) end end else full_param = [cgroup_name,first_lvl].join('.') unless blacklist.include?(full_param) hash[cgroup_name.to_s] ||= {} hash[cgroup_name.to_s][first_lvl.to_s] = self.param(full_param) end end end end return hash end
Take a user uid (either real or virtual) and return the real uid part
# File lib/maestrano.rb, line 92 def self.unmask_user(user_uid) user_uid.split(".").first end