debian-mirror-gitlab/lib/gitlab/auth/saml/auth_hash.rb

37 lines
1.2 KiB
Ruby
Raw Normal View History

2018-12-13 13:39:08 +05:30
# frozen_string_literal: true
2018-03-27 19:54:05 +05:30
module Gitlab
module Auth
module Saml
class AuthHash < Gitlab::Auth::OAuth::AuthHash
def groups
Array.wrap(get_raw(Gitlab::Auth::Saml::Config.groups))
end
2018-11-08 19:23:39 +05:30
def authn_context
response_object = auth_hash.extra[:response_object]
2019-07-07 11:18:12 +05:30
return if response_object.blank?
2018-11-08 19:23:39 +05:30
document = response_object.decrypted_document
document ||= response_object.document
2019-07-07 11:18:12 +05:30
return if document.blank?
2018-11-08 19:23:39 +05:30
extract_authn_context(document)
end
2018-03-27 19:54:05 +05:30
private
def get_raw(key)
# Needs to call `all` because of https://git.io/vVo4u
# otherwise just the first value is returned
auth_hash.extra[:raw_info].all[key]
end
2018-11-08 19:23:39 +05:30
def extract_authn_context(document)
2020-03-13 15:44:24 +05:30
REXML::XPath.first(document, "//*[name()='saml:AuthnStatement' or name()='saml2:AuthnStatement' or name()='AuthnStatement']/*[name()='saml:AuthnContext' or name()='saml2:AuthnContext' or name()='AuthnContext']/*[name()='saml:AuthnContextClassRef' or name()='saml2:AuthnContextClassRef' or name()='AuthnContextClassRef']/text()").to_s
2018-11-08 19:23:39 +05:30
end
2018-03-27 19:54:05 +05:30
end
end
end
end