Devise Omniauth-Saml:[“ omniauth.auth”]为零
[英]Devise Omniauth-Saml: [“omniauth.auth”] is nil
问题描述
I'm developing an Rails 4 app. 
我正在开发Rails 4应用程序。 Auth is against an MS ADFS. Auth针对MS ADFS。
I'm using.. 我正在使用..
- https://github.com/plataformatec/devise https://github.com/plataformatec/devise
- https://github.com/omniauth/omniauth-saml https://github.com/omniauth/omniauth-saml
My POC with omniauth-saml (without devise) works fine but in real ... 我的带有omniauth-saml的POC(未设计)可以正常工作,但实际上...
When ADFS send the callback (post) request.env["omniauth.auth"] is nil 当ADFS发送回调(发布) request.env["omniauth.auth"]为零
This is my config/initializers/devise.rb (Only omniauth part) 这是我的config / initializers / devise.rb(仅omniauth部分)
config.omniauth :saml,
issuer: "https://xxx.xxx.xxx",
idp_sso_target_url: "https://yyy.yyy.yyy/adfs/ls",
assertion_consumer_service_url: "https://xxx.xxx.xxx/auth/saml/callback",
name_identifier_format: "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress",
idp_cert: "xxxxxxxxxx"
My omniauth controller 我的omniauth控制器
class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController
#skip_before_action :protect_from_forgery
#protect_from_forgery with: :null_session
#protect_from_forgery except: :sign_in
skip_before_filter :verify_authenticity_token
def saml
auth = request.env["omniauth.auth"]
#auth.uid # Gets the UID value of the user that has just signed in
# Create a session, redirect etc
Rails.logger.debug "========================================"
Rails.logger.debug "AUTH " + auth.inspect
Rails.logger.debug "========================================"
redirect_to root_path, notice: "GOOD "
end
end
My routes (devise part) 我的路线(设计部分)
devise_for :users,
:controllers => {
:omniauth_callbacks => "users/omniauth_callbacks"
},
skip: :registrations
devise_scope :user do
post "/auth/:provider/callback", to: "users/omniauth_callbacks#saml"
end
Rake routes ... 耙道...
user_omniauth_authorize GET|POST /users/auth/:provider(.:format) users/omniauth_callbacks#passthru {:provider=>/saml/}
user_omniauth_callback GET|POST /users/auth/:action/callback(.:format) users/omniauth_callbacks#(?-mix:saml)
POST /auth/:provider/callback(.:format) users/omniauth_callbacks#saml
Auth Provider send the callback to https://xxx.xxx.xxx/auth/saml/callback but omniauth is listening on https://xxx.xxx.xxx/users/auth/:action/callback . 身份验证提供程序将回调发送到https://xxx.xxx.xxx/auth/saml/callback,但是omniauth正在监听https://xxx.xxx.xxx/users/auth/:action/callback 。 I mapped the url to the controller using devise_scope . 我使用devise_scope将网址映射到控制器。 Could this be the problem? 这可能是问题吗?
Seeing this... 看到这个...
user_omniauth_callback GET|POST /users/auth/:action/callback(.:format) users/omniauth_callbacks#(?-mix:saml)
- Which could be the url called by the Auth provider? 哪个可能是Auth提供者调用的网址?
- Which will be the method called inside the controler? 控制器内部将调用哪种方法? (?-mix:saml ???) (?-mix:saml ???)
1 个解决方案
解决方案1
0 2016-12-08 07:35:09
Solved using "path" in my devise_for (and deleting devise _scope ) 在我的devise_for使用“路径”解决了(并deleting devise _scope )
devise_for :users,
:path => '',
:controllers => {
:omniauth_callbacks => 'users/omniauth_callbacks'
},
skip: :registrations
With this, routes change from... 有了这个,路线从...
user_omniauth_authorize GET|POST /users/auth/:provider(.:format) users/omniauth_callbacks#passthru {:provider=>/saml/}
user_omniauth_callback GET|POST /users/auth/:action/callback(.:format) users/omniauth_callbacks#(?-mix:saml)
POST /auth/:provider/callback(.:format)
to ... 至 ...
user_omniauth_authorize GET|POST /auth/:provider(.:format) users/omniauth_callbacks#passthru {:provider=>/saml/}
user_omniauth_callback GET|POST /auth/:action/callback(.:format) users/omniauth_callbacks#(?-mix:saml)
Now, user_omniauth_callback is equal to the url called by my Auth provider. 现在, user_omniauth_callback等于我的Auth提供者调用的url。
Conclusion: in Devise + Omniauth map urls doesn't work. 结论:在Devise + Omniauth中,映射URL不起作用。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.