From fc35bf1ab821445b71daf4fb25f303e29866d46b Mon Sep 17 00:00:00 2001
From: mo khan <mo@mokhan.ca>
Date: Thu, 27 Feb 2025 11:39:38 -0700
Subject: Complete the first portion of a saml transaction

---
 src/idp/main.rb | 57 ++++++++++++---------------------------------------------
 1 file changed, 12 insertions(+), 45 deletions(-)

(limited to 'src/idp/main.rb')

diff --git a/src/idp/main.rb b/src/idp/main.rb
index 1b18f54c..daa15cc6 100755
--- a/src/idp/main.rb
+++ b/src/idp/main.rb
@@ -8,40 +8,12 @@ require "bundler/inline"
 gemfile do
   source "https://rubygems.org"
 
+  gem "erb", "~> 4.0"
   gem "rack", "~> 3.0"
   gem "rackup", "~> 2.0"
   gem "saml-kit", "~> 1.0"
   gem "webrick", "~> 1.0"
 end
-require "erb"
-
-class Configuration
-  def initialize
-    @config = YAML.safe_load(read_from("config.yml"))
-  end
-
-  def [](key)
-    @config.fetch(key.to_s)
-  end
-
-  def private_key
-    @private_key ||= read_from('insecure-key.pem')
-  end
-
-  def certificate
-    @certificate ||= read_from('cert.pem')
-  end
-
-  private
-
-  def base_dir
-    @base_dir ||= Pathname.new(__FILE__).parent
-  end
-
-  def read_from(file)
-    base_dir.join(file).read
-  end
-end
 
 class User
   def initialize(attributes)
@@ -49,7 +21,7 @@ class User
   end
 
   def name_id_for(name_id_format)
-    @attributes.fetch(:email)
+    @attributes[:email]
   end
 
   def assertion_attributes_for(request)
@@ -61,22 +33,18 @@ end
 
 class OnDemandRegistry < Saml::Kit::DefaultRegistry
   def metadata_for(entity_id)
-    puts entity_id.inspect
+    found = super(entity_id)
+    return found if found
+
+    register_url(entity_id, verify_ssl: false)
     super(entity_id)
   end
 end
 
-$config = Configuration.new
-
 Saml::Kit.configure do |x|
-  x.entity_id = "https://#{$config[:host]}/metadata.xml"
+  x.entity_id = "http://localhost:8282/metadata.xml"
   x.registry = OnDemandRegistry.new
   x.logger = Logger.new("/dev/stderr")
-  x.add_key_pair(
-    $config.certificate,
-    $config.private_key,
-    use: :signing
-  )
 end
 
 class IdentityProvider
@@ -89,12 +57,11 @@ class IdentityProvider
   # GET /metadata.xml
   def metadata
     xml = Saml::Kit::Metadata.build_xml do |builder|
-      builder.embed_signature = false
       builder.contact_email = 'hi@example.com'
       builder.organization_name = "Acme, Inc"
       builder.organization_url = "https://example.com"
       builder.build_identity_provider do |x|
-        x.add_single_sign_on_service("https://#{$config[:host]}/sessions/new", binding: :http_post)
+        x.add_single_sign_on_service("http://localhost:8282/sessions/new", binding: :http_post)
         x.name_id_formats = [Saml::Kit::Namespaces::EMAIL_ADDRESS]
         x.attributes << :Username
       end
@@ -133,7 +100,7 @@ class IdentityProvider
     saml_request = binding_for(request).deserialize(params)
     @builder = nil
     url, saml_params = saml_request.response_for(
-      User.new($config),
+      User.new({ email: "example@example.com" }),
       binding: :http_post,
       relay_state: params[:RelayState]
     ) do |builder|
@@ -145,10 +112,10 @@ class IdentityProvider
       <html>
         <head><title></title></head>
         <body>
-          <h2>SAML Request</h2>
+          <h2>Recieved SAML Request</h2>
           <textarea readonly="readonly" disabled="disabled" cols=225 rows=6><%=- saml_request.to_xml(pretty: true) -%></textarea>
 
-          <h2>SAML Response</h2>
+          <h2>Sending SAML Response (IdP -> SP)</h2>
           <textarea readonly="readonly" disabled="disabled" cols=225 rows=30><%=- @builder.build.to_xml(pretty: true) -%></textarea>
           <form action="<%= url %>" method="post">
             <%- saml_params.each do |(key, value)| -%>
@@ -183,7 +150,7 @@ class IdentityProvider
   end
 
   def binding_for(request)
-    location = "#{$config[:host]}/sessions/new"
+    location = "http://localhost:8282/sessions/new"
     if request.post?
       Saml::Kit::Bindings::HttpPost
         .new(location: location)
-- 
cgit v1.2.3