feat: implement more of the OIDC workflow

author: mo khan <mo@mokhan.ca> 2025-02-28 15:23:06 -0700
committer: mo khan <mo@mokhan.ca> 2025-02-28 15:23:06 -0700
commit: 68f60576334bb0db8c8d9c579b3d60326aaff512 (patch)
tree: d2c8b7e1c085d627b6e1358c4eb32a757c1fb299 /bin/sp
parent: f6f82b707e85eec65e8dbc4066192751fc1f2522 (diff)
1 files changed, 18 insertions, 8 deletions
diff --git a/bin/sp b/bin/sp
index 67cc5e4a..fa22efd0 100755
--- a/bin/sp
+++ b/bin/sp
@@ -59,15 +59,17 @@ class ServiceProvider
       case path
       when "/metadata.xml"
         return metadata
+      when "/openid/new"
+        return redirect_to("http://localhost:8282/oauth/authorize?client_id=service-provider&state=example&redirect_uri=http://localhost:8283/oauth/callback&response_type=code&response_mode=query&scope=openid")
+      when "/oauth/callback"
+        return oauth_callback(Rack::Request.new(env))
       else
-        # TODO Generate a post to the IdP
-        return post_to_idp(Rack::Request.new(env))
+        return saml_post_to_idp(Rack::Request.new(env))
       end
     when 'POST'
       case path
       when "/assertions"
-        # TODO:: Render the SAMLResponse from the IdP
-        return assertions(Rack::Request.new(env))
+        return saml_assertions(Rack::Request.new(env))
       else
         return not_found
       end
@@ -81,7 +83,16 @@ class ServiceProvider
     [404, {}, []]
   end
 
-  def post_to_idp(request)
+  def redirect_to(location)
+    [302, { 'Location' => location }, []]
+  end
+
+  def oauth_callback(request)
+    # TODO:: Exchange grant (authorization_code) for an access token
+    [200, { "Content-Type" => "application/json" }, [JSON.pretty_generate(request.params)]]
+  end
+
+  def saml_post_to_idp(request)
     idp = Saml::Kit.registry.metadata_for('http://localhost:8282/metadata.xml')
     relay_state = Base64.strict_encode64(JSON.generate(redirect_to: '/dashboard'))
 
@@ -107,12 +118,11 @@ class ServiceProvider
         </body>
       </html>
     ERB
-    erb = ERB.new(template, trim_mode: '-')
-    html = erb.result(binding)
+    html = ERB.new(template, trim_mode: '-').result(binding)
     [200, { 'Content-Type' => "text/html" }, [html]]
   end
 
-  def assertions(request)
+  def saml_assertions(request)
     sp = Saml::Kit.registry.metadata_for('http://localhost:8283/metadata.xml')
     saml_binding = sp.assertion_consumer_service_for(binding: :http_post)
     saml_response = saml_binding.deserialize(request.params)
author	mo khan <mo@mokhan.ca>	2025-02-28 15:23:06 -0700
committer	mo khan <mo@mokhan.ca>	2025-02-28 15:23:06 -0700
commit	68f60576334bb0db8c8d9c579b3d60326aaff512 (patch)
tree	d2c8b7e1c085d627b6e1358c4eb32a757c1fb299 /bin/sp
parent	f6f82b707e85eec65e8dbc4066192751fc1f2522 (diff)