From bf6b63fb1f3e3e479da3201c6bbf58d2c2df0f15 Mon Sep 17 00:00:00 2001 From: Eskil Varenius Date: Mon, 13 Apr 2020 09:37:36 +0200 Subject: [PATCH] Allow SSO attributes including dots --- lib/redmine_omniauth_saml.rb | 2 +- sample-saml-initializers.rb | 13 +++++++++---- 2 files changed, 10 insertions(+), 5 deletions(-) diff --git a/lib/redmine_omniauth_saml.rb b/lib/redmine_omniauth_saml.rb index cc0dc06..a21c057 100644 --- a/lib/redmine_omniauth_saml.rb +++ b/lib/redmine_omniauth_saml.rb @@ -64,7 +64,7 @@ def user_attributes_from_saml(omniauth) HashWithIndifferentAccess.new.tap do |h| required_attribute_mapping.each do |symbol| key = configured_saml[:attribute_mapping][symbol] - h[symbol] = key.split('.') # Get an array with nested keys: name.first will return [name, first] + h[symbol] = key.split('|') # Get an array with nested keys: name|first will return [name, first] .map {|x| [:[], x]} # Create pair elements being :[] symbol and the key .inject(omniauth) do |hash, params| # For each key, apply method :[] with key as parameter hash.send(*params) diff --git a/sample-saml-initializers.rb b/sample-saml-initializers.rb index 971e61f..02f951e 100644 --- a/sample-saml-initializers.rb +++ b/sample-saml-initializers.rb @@ -13,10 +13,15 @@ :name_identifier_value => "mail", # Which redmine field is used as name_identifier_value for SAML logout :attribute_mapping => { # How will we map attributes from SSO to redmine attributes - :login => 'extra.raw_info.username', - :mail => 'extra.raw_info.email', - :firstname => 'extra.raw_info.firstname', - :lastname => 'extra.raw_info.firstname' + # using either urn:oid:identifier, or friendly names, e.g. + # :mail => 'extra|raw_info|urn:oid:0.9.2342.19200300.100.1.3' + # or + # :mail => 'extra|raw_info|email' + # Edit defaults below to match your attributes + :login => 'extra|raw_info|username', + :mail => 'extra|raw_info|email', + :firstname => 'extra|raw_info|firstname', + :lastname => 'extra|raw_info|firstname' } }