@@ -31,9 +31,9 @@ Use the SAML strategy as a middleware in your application:
3131require ' omniauth'
3232use OmniAuth ::Strategies ::SAML ,
3333 :assertion_consumer_service_url => " consumer_service_url"
34- :issuer => " issuer "
35- :idp_sso_target_url => " idp_sso_target_url "
36- :idp_sso_target_url_runtime_params => {:original_request_param => :mapped_idp_param },
34+ :sp_entity_id => " sp_entity_id "
35+ :idp_sso_service_url => " idp_sso_service_url "
36+ :idp_sso_service_url_runtime_params => {:original_request_param => :mapped_idp_param },
3737 :idp_cert => " -----BEGIN CERTIFICATE-----\n ...-----END CERTIFICATE-----"
3838 :idp_cert_multi => {
3939 :signing => [" -----BEGIN CERTIFICATE-----\n ...-----END CERTIFICATE-----" " -----BEGIN CERTIFICATE-----\n ...-----END CERTIFICATE-----"
@@ -58,9 +58,9 @@ and in `config/initializers/omniauth.rb`:
5858Rails .application.config.middleware.use OmniAuth ::Builder do
5959 provider :saml ,
6060 :assertion_consumer_service_url => " consumer_service_url"
61- :issuer => " rails-application"
62- :idp_sso_target_url => " idp_sso_target_url "
63- :idp_sso_target_url_runtime_params => {:original_request_param => :mapped_idp_param },
61+ :sp_entity_id => " rails-application"
62+ :idp_sso_service_url => " idp_sso_service_url "
63+ :idp_sso_service_url_runtime_params => {:original_request_param => :mapped_idp_param },
6464 :idp_cert => " -----BEGIN CERTIFICATE-----\n ...-----END CERTIFICATE-----"
6565 :idp_cert_multi => {
6666 :signing => [" -----BEGIN CERTIFICATE-----\n ...-----END CERTIFICATE-----" " -----BEGIN CERTIFICATE-----\n ...-----END CERTIFICATE-----"
@@ -72,7 +72,7 @@ Rails.application.config.middleware.use OmniAuth::Builder do
7272end
7373```
7474
75- For IdP-initiated SSO, users should directly access the IdP SSO target URL. Set the ` href ` of your application's login link to the value of ` idp_sso_target_url ` . For SP-initiated SSO, link to ` /auth/saml ` .
75+ For IdP-initiated SSO, users should directly access the IdP SSO service URL. Set the ` href ` of your application's login link to the value of ` idp_sso_service_url ` . For SP-initiated SSO, link to ` /auth/saml ` .
7676
7777A ` OneLogin::RubySaml::Response ` object is added to the ` env['omniauth.auth'] ` extra attribute, so we can use it in the controller via ` env['omniauth.auth'].extra.response_object `
7878
@@ -88,13 +88,13 @@ Note that when [integrating with Devise](#devise-integration), the URL path will
8888 received. If not provided, defaults to the OmniAuth callback URL (typically
8989 ` http://example.com/auth/saml/callback ` ). Optional.
9090
91- * ` :issuer ` - The name of your application. Some identity providers might need this
91+ * ` :sp_entity_id ` - The name of your application. Some identity providers might need this
9292 to establish the identity of the service provider requesting the login. ** Required** .
9393
94- * ` :idp_sso_target_url ` - The URL to which the authentication request should be sent.
94+ * ` :idp_sso_service_url ` - The URL to which the authentication request should be sent.
9595 This would be on the identity provider. ** Required** .
9696
97- * ` :idp_slo_target_url ` - The URL to which the single logout request and response should
97+ * ` :idp_slo_service_url ` - The URL to which the single logout request and response should
9898 be sent. This would be on the identity provider. Optional.
9999
100100* ` :idp_slo_session_destroy ` - A proc that accepts up to two parameters (the rack environment, and the session),
@@ -106,7 +106,7 @@ Note that when [integrating with Devise](#devise-integration), the URL path will
106106 instance will be passed to this callable if it has an arity of 1. If the value is a string,
107107 the string will be returned, when the ` RelayState ` is called. Optional.
108108
109- * ` :idp_sso_target_url_runtime_params ` - A dynamic mapping of request params that exist
109+ * ` :idp_sso_service_url_runtime_params ` - A dynamic mapping of request params that exist
110110 during the request phase of OmniAuth that should to be sent to the IdP after a specific
111111 mapping. So for example, a param ` original_request_param ` with value ` original_param_value ` ,
112112 could be sent to the IdP on the login request as ` mapped_idp_param ` with value
@@ -170,7 +170,7 @@ idp_metadata = idp_metadata_parser.parse_remote_to_hash("http://idp.example.com/
170170use OmniAuth ::Strategies ::SAML ,
171171 idp_metadata.merge(
172172 :assertion_consumer_service_url => " consumer_service_url"
173- :issuer => " issuer "
173+ :sp_entity_id => " sp_entity_id "
174174 )
175175```
176176
@@ -186,7 +186,7 @@ In `config/initializers/devise.rb`:
186186Devise .setup do |config |
187187 config.omniauth :saml ,
188188 idp_cert_fingerprint: ' fingerprint'
189- idp_sso_target_url :' target_url '
189+ idp_sso_service_url :' idp_sso_service_url '
190190end
191191```
192192
@@ -196,7 +196,7 @@ Then follow Devise's general [OmniAuth tutorial](https://github.com/plataformate
196196
197197Single Logout can be Service Provider initiated or Identity Provider initiated.
198198
199- For SP initiated logout, the ` idp_slo_target_url ` option must be set to the logout url on the IdP,
199+ For SP initiated logout, the ` idp_slo_service_url ` option must be set to the logout url on the IdP,
200200and users directed to ` user_saml_omniauth_authorize_path + '/spslo' ` after logging out locally. For
201201IdP initiated logout, logout requests from the IdP should go to ` /auth/saml/slo ` (this can be
202202advertised in metadata by setting the ` single_logout_service_url ` config option).
@@ -226,7 +226,7 @@ class SessionsController < Devise::SessionsController
226226 # ...
227227
228228 def after_sign_out_path_for (_ )
229- if session[' saml_uid' && session[' saml_session_index' && SAML_SETTINGS .idp_slo_target_url
229+ if session[' saml_uid' && session[' saml_session_index' && SAML_SETTINGS .idp_slo_service_url
230230 user_saml_omniauth_authorize_path + " /spslo"
231231 else
232232 super
0 commit comments