module Maestrano

Class to return SP metadata based on the settings requested. Return this XML in a controller, then give that URL to the the IdP administrator. The IdP will poll the URL and your settings will be updated automatically

Only supports SAML 2.0

Constants

VERSION

Attributes

config[RW]

Public Class Methods

authenticate(app_id,api_key) click to toggle source

Check that app_id and api_key passed in argument match

# File lib/maestrano.rb, line 71
def self.authenticate(app_id,api_key)
  self.param(:app_id) == app_id && self.param(:api_key) == api_key
end
configure() { |config| ... } click to toggle source

Maestrano Configuration block

# File lib/maestrano.rb, line 62
def self.configure
  self.config ||= Configuration.new
  yield(config)
  self.config.post_initialize
  return self
end
mask_user(user_uid,group_uid) click to toggle source

Take a user uid (either real or virtual) and a group id and return the user uid that should be used within the app based on the user_creation_mode parameter: ‘real’: then the real user uid is returned (usr-4d5sfd) ‘virtual’: then the virtual user uid is returned (usr-4d5sfd.cld-g4f5d)

# File lib/maestrano.rb, line 81
def self.mask_user(user_uid,group_uid)
  sanitized_user_uid = self.unmask_user(user_uid)
  if Maestrano.param('sso.creation_mode') == 'virtual'
    return "#{sanitized_user_uid}.#{group_uid}"
  else
    return sanitized_user_uid
  end
end
param(parameter) click to toggle source

Get configuration parameter value E.g: Maestrano.param(‘api.key’) Maestrano.param(:api_key)

# File lib/maestrano.rb, line 100
def self.param(parameter)
  self.config.param(parameter)
end
to_metadata() click to toggle source

Return a hash describing the current Maestrano configuration. The metadata will be remotely fetched by Maestrano Exclude any info containing an api key

# File lib/maestrano.rb, line 108
def self.to_metadata
  hash = {}
  hash['environment'] = self.param('environment')
  
  config_groups = ['app','api','sso','webhook']
  blacklist = ['api.key','api.token']
  
  config_groups.each do |cgroup_name|
    cgroup = self.config.send(cgroup_name)
    
    attr_list = cgroup.attributes.map(&:to_s)
    attr_list += Configuration::EVT_CONFIG[hash['environment']].keys.select { |k| k =~ Regexp.new("^#{cgroup_name}\.") }.map { |k| k.gsub(Regexp.new("^#{cgroup_name}\."),'') }
    attr_list.uniq!
    
    attr_list.each do |first_lvl|
      if cgroup.send(first_lvl).is_a?(OpenStruct)
        c2group = cgroup.send(first_lvl)
        c2group.attributes.each do |secnd_lvl|
          full_param = [cgroup_name,first_lvl,secnd_lvl].join('.')
          unless blacklist.include?(full_param)
            hash[cgroup_name.to_s] ||= {}
            hash[cgroup_name.to_s][first_lvl.to_s] ||= {}
            hash[cgroup_name.to_s][first_lvl.to_s][secnd_lvl.to_s] = self.param(full_param)
          end
        end
      else
        full_param = [cgroup_name,first_lvl].join('.')
        unless blacklist.include?(full_param)
          hash[cgroup_name.to_s] ||= {}
          hash[cgroup_name.to_s][first_lvl.to_s] = self.param(full_param)
        end
      end
    end
  end
  
  return hash
end
unmask_user(user_uid) click to toggle source

Take a user uid (either real or virtual) and return the real uid part

# File lib/maestrano.rb, line 92
def self.unmask_user(user_uid)
  user_uid.split(".").first
end