module OktaAuthProxy::OktaAuth

Public Class Methods

registered(app) click to toggle source
# File lib/okta-auth-proxy/auth.rb, line 23
def self.registered(app)
  app.helpers OktaAuthProxy::OktaAuth::AuthHelpers
  # Use a wildcard cookie to achieve single sign-on for all subdomains
  app.use Rack::Session::Cookie, secret: ENV['COOKIE_SECRET'] || 'replaceme',
                                 domain: ENV['COOKIE_DOMAIN'] || 'localhost'
  app.use OmniAuth::Builder do
    provider :saml,
    issuer:                             ENV['SSO_ISSUER'],
    idp_sso_target_url:                 ENV['SSO_TARGET_URL'],
    idp_cert:                           File.read( ENV['CERT_PATH'] || 'okta_cert.pem'),
    name_identifier_format:             "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress",
    idp_sso_target_url_runtime_params:  {:redirectUrl => :RelayState}
  end
end