Open R1cro opened 3 years ago
Thanks for the detailed question! Do you have an idea of when the validation is occurring? For new users, it seems pretty straightforward: https://github.com/apokalipto/devise_saml_authenticatable/blob/b12a43f9fce077f9e31398a6185be21a9577474a/lib/devise_saml_authenticatable/model.rb#L61-L69.
I'll try to take a look at this myself soon if you don't have a chance.
Ah, the issue is in the custom hook. You need to set the password before calling the original hook:
config.saml_update_resource_hook = ->(user, response, auth_value) {
user.assign_attributes(password: 'SOME_KIND_OF_PASSWORD_GOES_HERE')
Devise.saml_default_update_resource_hook.call(user, response, auth_value)
}
Ah, the issue is in the custom hook. You need to set the password before calling the original hook:
config.saml_update_resource_hook = ->(user, response, auth_value) { user.assign_attributes(password: 'SOME_KIND_OF_PASSWORD_GOES_HERE') Devise.saml_default_update_resource_hook.call(user, response, auth_value) }
It is not working @adamstegman!
I can confirm this does work:
config.saml_update_resource_hook = ->(user, response, auth_value) {
user.password = SecureRandom.uuid
Devise.saml_default_update_resource_hook.call(user, response, auth_value)
}
I had other errors though, in my case it was attribute mapping was off. Once I fixed that users are created even though I have database_authenticatable.
I'll be as short as possible.
Rails: 5.1.4
Ruby: 2.2.3
(The very old shit, but this is work project environment...)I'm working with Devise gem and our project is using
:database_authenticatable
. Now we are going to implement SSO (SAML or OIDC).So, I added the
:saml_authenticatable
. With existing:validatable
devise option unable to authenticate a NEW user via SSO (SAML) - a password is required fromdevise validation
.I've already looked at some of the issues (#132 and #177) here and identified the following:
So, I use this code (/config/initializers/devise.rb):
As mentioned from #177, that user password validation happens before the hook is called.
Also, I saw this guide: https://github.com/apokalipto/devise_saml_authenticatable/wiki/Supporting-multiple-authentication-strategies, but I'm not sure about
Controller
stuff.Anyway, I did this:
/controllers/saml_sessions_controller.rb
/routes.rb
...but my RoR skills are not so good to know is that "patching" thing done correctly by me.
My devise config:
My routes config:
User model:
Any solutions for this validation issue?