47 lines
1.8 KiB
Django/Jinja
47 lines
1.8 KiB
Django/Jinja
# frozen_string_literal: true
|
|
|
|
require Rails.root.join('plugins/redmine_saml/lib/redmine_saml')
|
|
require Rails.root.join('plugins/redmine_saml/lib/redmine_saml/base')
|
|
|
|
RedmineSaml::Base.configure do |config|
|
|
config.saml = {
|
|
sp_entity_id: '{{ rm_saml_entity_id }}',
|
|
# Redmine callback URL
|
|
assertion_consumer_service_url: '{{ rm_saml_assertion_consumer_service_url }}',
|
|
# The issuer name / entity ID. Must be an URI as per SAML 2.0 spec.
|
|
issuer: '{{ rm_saml_issuer }}',
|
|
# The SLS (logout) callback URL
|
|
single_logout_service_url: '{{ rm_saml_single_logout_service_url }}',
|
|
# SSO login endpoint
|
|
idp_sso_target_url: '{{ rm_saml_idp_sso_target_url }}',
|
|
idp_cert: '{{ rm_saml_idp_cert }}',
|
|
# name_identifier_format: 'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent',
|
|
name_identifier_format: '{{ rm_saml_name_identifier_format }}',
|
|
# Optional signout URL, not supported by all identity providers
|
|
signout_url: '{{ rm_saml_signout_url }}',
|
|
idp_slo_target_url: '{{ rm_saml_idp_slo_target_url }}',
|
|
# Which redmine field is used as name_identifier_value for SAML logout
|
|
name_identifier_value: 'mail',
|
|
# overwrite mapping seperator, if required
|
|
# attribute_mapping_sep: '|',
|
|
attribute_mapping: {
|
|
# How will we map attributes from SSO to redmine attributes
|
|
# using either urn:oid:identifier, or friendly names, e.g.
|
|
# mail: 'extra|raw_info|urn:oid:0.9.2342.19200300.100.1.3'
|
|
# or
|
|
# mail: 'extra|raw_info|email'
|
|
#
|
|
# Edit defaults below to match your attributes
|
|
{% for map in rm_saml_attribute_mapping %}
|
|
{{ map.name}}: '{{ map.value}}'{% if not loop.last %},{% endif %}
|
|
|
|
{% endfor %}
|
|
|
|
}
|
|
}
|
|
|
|
config.on_login do |omniauth_hash, user|
|
|
# Implement any hook you want here
|
|
end
|
|
end
|