Module: SamlInit

Extended by:

ActiveSupport::Concern

Included in:

User

Defined in:

app/models/concerns/saml_init.rb

Overview

Module for saml based initalization.

The saml_init_email method is used to initialize the email address after a successful SSO sign in. The saml_init_identifier method is used to

Instance Method Summary

• #saml_identifier ⇒ String, Nil

  The saml_identifier of this user, or nil if the user is not from SSO.

• #saml_identifier=(saml_identifier) ⇒ Object
• #saml_init_email ⇒ String, Nil

  This method is added as a fallback to support the Single Logout Service.

• #saml_init_email=(email) ⇒ Object

  Initializes email address, and prevents (re)confirmation in case it is changed.

• #saml_init_email_and_identifier ⇒ String, Nil

  Used in the case that email is the unique identifier from saml.

• #saml_init_email_and_identifier=(email) ⇒ Object

  Used in the case that email is the unique identifier from saml.

• #saml_init_identifier ⇒ String, Nil

  This method is added as a fallback to support the Single Logout Service.

• #saml_init_identifier=(saml_identifier) ⇒ String, Nil

  Sets the saml_identifier to the given saml_identifier upon initialization.

• #saml_init_username_no_update ⇒ String

  This method is added as fallback to support the Single Logout Service.

• #saml_init_username_no_update=(username) ⇒ Object

  Sets the username from SAML in case it was not already set.

Instance Method Details

#saml_identifier ⇒ String, Nil

Returns the saml_identifier of this user, or nil if the user is not from SSO.

Returns:

• (String, Nil) —

  the saml_identifier of this user, or nil if the user is not from SSO

# File 'app/models/concerns/saml_init.rb', line 19

def saml_identifier
  sso_profile&.saml_identifier
end

#saml_identifier=(saml_identifier) ⇒ Object

Parameters:

• saml_identifier (String, Nil) —

  sets (or clears) the saml_identifier of this user

# File 'app/models/concerns/saml_init.rb', line 24

def saml_identifier=(saml_identifier)
  if saml_identifier.nil?
    sso_profile&.destroy
  else
    build_sso_profile if sso_profile.nil?
    sso_profile.saml_identifier = saml_identifier
  end
end

#saml_init_email ⇒ String, Nil

This method is added as a fallback to support the Single Logout Service.

Returns:

• (String, Nil) —

  the email address of this user, or nil if the user is not from SSO

# File 'app/models/concerns/saml_init.rb', line 60

def saml_init_email
  return nil if sso_profile.nil?

  email
end

#saml_init_email=(email) ⇒ Object

Initializes email address, and prevents (re)confirmation in case it is changed.

Parameters:

• email (String) —

  the email address

# File 'app/models/concerns/saml_init.rb', line 69

def saml_init_email=(email)
  self.email = email
  skip_confirmation!
  skip_reconfirmation!
end

#saml_init_email_and_identifier ⇒ String, Nil

Used in the case that email is the unique identifier from saml.

Returns:

• (String, Nil) —

  the email address of the user, or nil in the case the user is not from SSO

# File 'app/models/concerns/saml_init.rb', line 81

def saml_init_email_and_identifier
  return nil if sso_profile.nil?

  email
end

#saml_init_email_and_identifier=(email) ⇒ Object

Used in the case that email is the unique identifier from saml.

Parameters:

• email (String) —

  the email address (and saml identifier)

# File 'app/models/concerns/saml_init.rb', line 90

def saml_init_email_and_identifier=(email)
  self.saml_init_email = email
  self.saml_init_identifier = email
end

#saml_init_identifier ⇒ String, Nil

This method is added as a fallback to support the Single Logout Service.

Returns:

• (String, Nil) —

  the saml_identifier of this user, or nil if the user is not from SSO

See Also:

• #saml_identifier

# File 'app/models/concerns/saml_init.rb', line 37

def saml_init_identifier
  saml_identifier
end

#saml_init_identifier=(saml_identifier) ⇒ String, Nil

Sets the saml_identifier to the given saml_identifier upon initialization. In contrast to #saml_identifier=, this method does not delete the SSO profile in case the saml_identifier is not present (safety in case of SSO issues).

Parameters:

• saml_identifier (String, Nil) —

  the saml_identifier

Returns:

• (String, Nil) —

  the saml_identifier of this user, should never be nil

# File 'app/models/concerns/saml_init.rb', line 47

def saml_init_identifier=(saml_identifier)
  build_sso_profile if sso_profile.nil?

  # Only update if non-empty
  sso_profile.saml_identifier = saml_identifier if saml_identifier.present?
end

#saml_init_username_no_update ⇒ String

This method is added as fallback to support the Single Logout Service.

Returns:

• (String) —

  the username

# File 'app/models/concerns/saml_init.rb', line 101

def saml_init_username_no_update
  username
end

#saml_init_username_no_update=(username) ⇒ Object

Sets the username from SAML in case it was not already set. This prevents overriding the user set username with the one from SAML all the time, while allowing for email updates to be applied.

Parameters:

• username (String) —

  the username to set

# File 'app/models/concerns/saml_init.rb', line 110

def saml_init_username_no_update=(username)
  self.username = username unless self.username.present?
end