2018-12-13 13:39:08 +05:30
|
|
|
# frozen_string_literal: true
|
|
|
|
|
|
2018-03-27 19:54:05 +05:30
|
|
|
module Gitlab
|
|
|
|
|
module Auth
|
|
|
|
|
module Saml
|
|
|
|
|
class AuthHash < Gitlab::Auth::OAuth::AuthHash
|
|
|
|
|
def groups
|
|
|
|
|
Array.wrap(get_raw(Gitlab::Auth::Saml::Config.groups))
|
|
|
|
|
end
|
|
|
|
|
|
2018-11-08 19:23:39 +05:30
|
|
|
def authn_context
|
|
|
|
|
response_object = auth_hash.extra[:response_object]
|
|
|
|
|
return nil if response_object.blank?
|
|
|
|
|
|
|
|
|
|
document = response_object.decrypted_document
|
|
|
|
|
document ||= response_object.document
|
|
|
|
|
return nil if document.blank?
|
|
|
|
|
|
|
|
|
|
extract_authn_context(document)
|
|
|
|
|
end
|
|
|
|
|
|
2018-03-27 19:54:05 +05:30
|
|
|
private
|
|
|
|
|
|
|
|
|
|
def get_raw(key)
|
|
|
|
|
# Needs to call `all` because of https://git.io/vVo4u
|
|
|
|
|
# otherwise just the first value is returned
|
|
|
|
|
auth_hash.extra[:raw_info].all[key]
|
|
|
|
|
end
|
2018-11-08 19:23:39 +05:30
|
|
|
|
|
|
|
|
def extract_authn_context(document)
|
2019-01-03 12:48:30 +05:30
|
|
|
REXML::XPath.first(document, "//saml:AuthnStatement/saml:AuthnContext/saml:AuthnContextClassRef/text()").to_s
|
2018-11-08 19:23:39 +05:30
|
|
|
end
|
2018-03-27 19:54:05 +05:30
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
