omniauth-saml
omniauth-saml copied to clipboard
omniauth
A generic SAML strategy for OmniAuth
After configure, i tried to start the server and said this: ``` Wrong OmniAuth configuration. If you are getting this exception, it means that either: 1) You are manually setting...
I'm using Rails 5.2 with Devise and Azure AD for SSO, Sign in process and SP initiated logout is working fine. For IdP initiated logout, the user is not logged...
Would be great to have support for multiple `:idp_cert_fingerprint`
Using the `origin` parameter as originally documented by OmniAuth causes an error when attempting to authenticate with some IDPs, specifically Google as an IDP via a custom SAML 2.0 app...
It has been added in https://github.com/onelogin/ruby-saml/commit/92d6caf70e47f8e7218cb000b8fa9567eb2158cf (see https://github.com/onelogin/ruby-saml/issues/563). Without specifing that the SAML medatada generated by omniauth-saml violate the [SAML 2.0 specification](https://docs.oasis-open.org/security/saml/v2.0/saml-metadata-2.0-os.pdf) because it doesn't include `validUntil` or `cacheDuration` attribute...
This PR depends on https://github.com/onelogin/ruby-saml/pull/520 being merged and will require binding of omniauth-saml to new version of ruby-saml gem, so I'm pushing the PR for reference and discussion, but don't...
## What Introduces a :store_request_uuid option for later comparison with InResponseTo By default it saves the request uuid in the session as "saml_transaction_id", but also accepts a proc that will...
This PR updates the internals for constructing `OneLogin::RubySaml::Logoutresponse` and `OneLogin::RubySaml::SloLogoutrequest` instances to match the latest recommendations for `ruby-saml`. These changes help avoid character set encoding issues with IdPs using something...
Is it possible to set this in saml.yml? What exactly do I need to do it add this option?
See https://github.com/omniauth/omniauth/pull/809 - about a CSRF vulnerability which affects OmniAuth (designated CVE-2015-9284) What to do?
