diff options
| author | mo khan <mo@mokhan.ca> | 2022-04-01 15:59:28 -0600 |
|---|---|---|
| committer | mo khan <mo@mokhan.ca> | 2022-04-01 15:59:33 -0600 |
| commit | d2d6b3f44f62bf12e152170b59366d50e7950a52 (patch) | |
| tree | e8ca121efb356de4e8bca7af06d46593491285b4 | |
| parent | bf3d34a9a4af001ad090887f54a64f75a5099306 (diff) | |
add work around for bug in the TFE SAML implementation
| -rw-r--r-- | src/saml-idp/main.rb | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/src/saml-idp/main.rb b/src/saml-idp/main.rb index 3a1a841..03538c5 100644 --- a/src/saml-idp/main.rb +++ b/src/saml-idp/main.rb @@ -111,7 +111,14 @@ class IdentityProvider User.new, binding: :http_post, relay_state: params[:RelayState] - ) { |builder| @builder = builder } + ) do |builder| + # HACK: The TFE Instance metadata doesn't update the + # WantAssertionsSigned value to true in it's metadata + # but it still validates that there should be a signed assertion. + # To get around this we force the creation of the xmldsig. + builder.embed_signature = true + @builder = builder + end template = <<~ERB <!doctype html> <html> |