Commit 3e315e7

mo <mo@mokhan.ca>
2017-11-22 02:31:14
render errors and include acs_url in request.
1 parent 041e852
Changed files (2)
airport
app
controllers
assertions_controller.rb
sessions_controller.rb
airport/app/controllers/assertions_controller.rb
@@ -4,10 +4,10 @@ class AssertionsController < ApplicationController
 
   def create
     saml_binding = sp.assertion_consumer_service_for(binding: :post)
-    saml_response = saml_binding.deserialize(params)
-    return render :error, status: :forbidden if saml_response.invalid?
+    @saml_response = saml_binding.deserialize(params)
+    return render :error, status: :forbidden if @saml_response.invalid?
 
-    session[:user] = { id: saml_response.name_id }.merge(saml_response.attributes)
+    session[:user] = { id: @saml_response.name_id }.merge(@saml_response.attributes)
     redirect_to dashboard_path
   end
airport/app/controllers/sessions_controller.rb
@@ -35,7 +35,9 @@ class SessionsController < ApplicationController
   def builder_for(type)
     case type
     when :login
-      Saml::Kit::AuthenticationRequest::Builder.new
+      builder = Saml::Kit::AuthenticationRequest::Builder.new
+      builder.acs_url = Sp.default(request).assertion_consumer_service_for(binding: :post).location
+      builder
     when :logout
       Saml::Kit::LogoutRequest::Builder.new(current_user)
     end