saml_idp icon indicating copy to clipboard operation
saml_idp copied to clipboard

Published 20 hours ago verified publisher icon saml-idp

[WIP] Configure IdP and SP with configuration object

Open Zogoo opened this issue 2 years ago • 2 comments

The idea of this PR is that Gem should not care about how to store metadata. Because too much involving developer decisions makes this gem harder to maintain. https://github.com/saml-idp/saml_idp/issues/71

Let's drop persistance of metadata and how to refresh it because those implementation could be done with another gem (top of this gem) for different web frameworks. Or even it could be done by developers If we just accept "SamlIdp::IncomingMetadata" (IMO this should be also renamed) for all configuration of IdP.

Zogoo avatar Jul 13 '22 23:07 Zogoo

Makes sense I think. Can much of the same be accomplished without the config? Might be good to document.

Would definitely say this is a change of API to the point that it might be good to place this in a new major version - in which case if we wanted to make a lot of breaking changes, might be good to figure out if we want a branch for vnext and maintain master for bugs until vnext is ready or how to go about managing the branches there.

jphenow avatar Jul 14 '22 16:07 jphenow

Makes sense I think. Can much of the same be accomplished without the config? Might be good to document.

Would definitely say this is a change of API to the point that it might be good to place this in a new major version - in which case if we wanted to make a lot of breaking changes, might be good to figure out if we want a branch for vnext and maintain master for bugs until vnext is ready or how to go about managing the branches there.

Zogoo avatar Jul 16 '22 03:07 Zogoo

@jphenow, @mjobin-mdsol I have almost finished the required code changes and started working on test cases. Could you guys please do a quick review to confirm the changes are okay?

The main change is that the IdpConfig and SpConfig objects allow to configure of the IdP for specific service providers. And it's not a global config because this allows 2 things

  1. Gem users can use it for multiple SPs. This means SP config can be different for different SPs. Like X509 certificate, NameIDFormat etc.
  2. Gem users can make decisions about how they want to manage configs like DB, Global Object, Redis etc.

Zogoo avatar Jan 08 '24 15:01 Zogoo