main
1# frozen_string_literal: true
2
3class OnDemandRegistry < Saml::Kit::DefaultRegistry
4 def metadata_for(entity_id)
5 found = super(entity_id)
6 return found if found
7
8 register_url(entity_id, verify_ssl: Rails.env.production?)
9 super(entity_id)
10 end
11end
12
13Saml::Kit.configure do |x|
14 x.entity_id = ENV['ISSUER']
15 x.registry = OnDemandRegistry.new
16 x.logger = Rails.logger
17 if ENV['SAML_PRIVATE_KEY'].present? && ENV['SAML_X509_CERTIFICATE'].present?
18 x.add_key_pair(
19 ENV['SAML_X509_CERTIFICATE'],
20 ENV['SAML_PRIVATE_KEY'],
21 use: :signing
22 )
23 else
24 5.times { x.generate_key_pair_for(use: :signing) }
25 end
26end