Commit 7a54910
Changed files (2)
app
controllers
spec
requests
app/controllers/sessions_controller.rb
@@ -19,7 +19,7 @@ class SessionsController < ApplicationController
@saml_request = binding.deserialize(saml_params)
if @saml_request.valid?
session[:saml] = { params: saml_params.to_h, xml: @saml_request.to_xml }
- return post_back(@saml_request, current_user) if current_user?
+ return redirect_to response_path if current_user?
else
render_error(:forbidden, model: @saml_request)
end
@@ -67,17 +67,6 @@ class SessionsController < ApplicationController
private
- def post_back(saml_request, user)
- relay_state = session[:saml][:params][:RelayState]
- @url, @saml_params = saml_request.response_for(
- user, binding: :http_post, relay_state: relay_state
- ) do |builder|
- @saml_response_builder = builder
- end
- login(user)
- render :create
- end
-
def login(user)
saml_data = session[:saml]
reset_session
spec/requests/sessions_spec.rb
@@ -24,6 +24,7 @@ describe SessionsController do
before :each do
url, saml_params = post_binding.serialize(Saml::Kit::AuthenticationRequest.builder)
post url, params: saml_params
+ follow_redirect!
end
specify { expect(response).to have_http_status(:ok) }
@@ -87,6 +88,7 @@ describe SessionsController do
context "when a registered SAML request is provided" do
before { allow(registry).to receive(:metadata_for).with(issuer).and_return(sp_metadata) }
before { get redirect_binding.serialize(Saml::Kit::AuthenticationRequest.builder)[0] }
+ before { follow_redirect! }
specify { expect(response).to have_http_status(:ok) }
specify { expect(response.body).to include("Sending Response to Service Provider") }