问题
I have this one which is I guess is following SAML 1.1, I wanted to know how can I generate a new SP metadata using SAML 2.0 in Rails and share with other users, which will help other team in configuring SAML at IDp(Identity Provider end)?
require 'onelogin/saml'
class Account < ActiveRecord::Base
def get_settings
settings = Onelogin::Saml::Settings.new
settings.issuer = "https://example.com/test"
settings.idp_sso_target_url ="https://testexample.com"
settings.idp_cert_fingerprint ="########"
settings.relying_party_identifier = "knsdfnsdf"
settings.assertion_consumer_service_url = "https://www.example.com/consume?http_referer=https://testexample.com"
settings.idp_confirmation_method = "urn:oasis:names:tc:SAML:1.0:cm:bearer"
settings.asserting_party_id = "23424dfsdf"
settings.referer_url = "https://textexample.com"
settings.groups = ["USER"]
return settings, Onelogin::Saml::Metadata.new
end
end
def saml_metadata
settings, meta = Account.get_settings
render :xml => meta.generate(settings)
end
Is there any way by which I can generate it and share it with the IDp to configure SAML process.
Update:
I am able to get the metadata using the above code now. I just want to be sure that it is SAML 2.0. How can I tell that?
The xml that I get from the above code:
<md:EntityDescriptor entityID="https://example.com/test">
<md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol" AuthnRequestsSigned="false" WantAssertionsSigned="true">
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.example.com/consume?http_referer=https://testexample.com" isDefault="true" index="0"/>
</md:SPSSODescriptor>
</md:EntityDescriptor>
Plese note: the above code will only work if you are using ruby-saml version 0.7.x, as there is a syntax change from 0.8.x onwards.
来源:https://stackoverflow.com/questions/38204139/how-to-generate-and-share-sp-saml-2-0-metadata-in-rails