lib/omni_auth/strategies/saml.rb


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29

# frozen_string_literal: true

module OmniAuth
  module Strategies
    class SAML
      extend ::Gitlab::Utils::Override

      # NOTE: This method duplicates code from omniauth-saml
      #       so that we can access authn_request to store it
      #       See: https://github.com/omniauth/omniauth-saml/issues/172
      override :request_phase
      def request_phase
        authn_request = OneLogin::RubySaml::Authrequest.new

        store_authn_request_id(authn_request)

        with_settings do |settings|
          redirect(authn_request.create(settings, additional_params_for_authn_request))
        end
      end

      private

      def store_authn_request_id(authn_request)
        Gitlab::Auth::Saml::OriginValidator.new(session).store_origin(authn_request)
      end
    end
  end
end