search

chrodriguez / redmine_omniauth_saml

Plugins that adds SAML authentication support for "Redmine"
GNU General Public License v2.0
38 stars 57 forks source link

Redmine KeyCloak #22

Closed triplem closed 7 years ago

triplem commented 7 years ago

I am currently trying to connect Redmine with the KeyCloak Saml Adapter. I do get the following response from keycloak:

#<OmniAuth::AuthHash credentials=#<OmniAuth::AuthHash> 
extra=#<OmniAuth::AuthHash 
  raw_info=#<OneLogin::RubySaml::Attributes:0x007f7280408ae0 
  @attributes={"urn:oid:1.2.840.113549.1.9.1"=>["test@example.com"], 
               "urn:oid:2.5.4.42"=>["Firstname"], 
               "urn:oid:2.5.4.4"=>["Surename"],

What should I define in the attributes mapping? The following does not work correctly:

    :attribute_mapping              => {
    # How will we map attributes from SSO to redmine attributes
      :login      => 'extra.raw_info.attributes["urn:oid:1.2.840.113549.1.9.1"].first',
      :mail       => 'extra.raw_info.attributes["urn:oid:1.2.840.113549.1.9.1"].first',
      :firstname  => 'extra.raw_info.attributes["urn:oid:2.5.4.42"].first',
      :lastname   => 'extra.raw_info.attributes["urn:oid:2.5.4.4"].first'
    }
triplem commented 7 years ago

Correct mapping would be:

    :attribute_mapping              => {
    # How will we map attributes from SSO to redmine attributes
      :login      => 'extra.raw_info["urn:oid:1.2.840.113549.1.9.1"]',
      :mail       => 'extra.raw_info["urn:oid:1.2.840.113549.1.9.1"]',
      :firstname  => 'extra.raw_info["urn:oid:2.5.4.42"]',
      :lastname   => 'extra.raw_info["urn:oid:2.5.4.4"]'
    }

Will try a different mapping on the provider (keycloak) side. This was more of a ruby question i guess. Will close this one.