From 1a820b6027fc48337f0eb8eb1bb35b0acfaec130 Mon Sep 17 00:00:00 2001 From: Ralf Kistner Date: Wed, 5 Sep 2018 14:13:28 +0200 Subject: [PATCH] Add support for the wfresh option. --- README.md | 1 + lib/omniauth/strategies/wsfed/auth_request.rb | 7 ++++++- spec/omniauth/strategies/wsfed/auth_request_spec.rb | 9 +++++++-- 3 files changed, 14 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 0c177e9..9c824fb 100644 --- a/README.md +++ b/README.md @@ -96,6 +96,7 @@ posted. Defaults to the OmniAuth callback URL. **Optional** * `:saml_version` - The version of SAML tokens. **Defaults to 2**. +* `:wfresh` - Indicates the freshness requirements (the maximum authentication age in minutes). **Optional**. ## Authors and Credits ## diff --git a/lib/omniauth/strategies/wsfed/auth_request.rb b/lib/omniauth/strategies/wsfed/auth_request.rb index d834a15..d2ea197 100644 --- a/lib/omniauth/strategies/wsfed/auth_request.rb +++ b/lib/omniauth/strategies/wsfed/auth_request.rb @@ -32,6 +32,7 @@ def wsfed_signin_request wreply = url_encode(strategy_settings[:reply]) wct = url_encode(Time.now.utc) whr = url_encode(args[:whr]) + wfresh = url_encode(strategy_settings[:wfresh]) query_string = "?wa=#{wa}&wtrealm=#{wtrealm}&wreply=#{wreply}&wctx=#{}&wct=#{wct}" @@ -39,6 +40,10 @@ def wsfed_signin_request query_string = "#{query_string}&whr=#{whr}" end + unless wfresh.nil? or wfresh.empty? + query_string = "#{query_string}&wfresh=#{wfresh}" + end + strategy_settings[:issuer] + query_string end @@ -46,4 +51,4 @@ def wsfed_signin_request end end -end \ No newline at end of file +end diff --git a/spec/omniauth/strategies/wsfed/auth_request_spec.rb b/spec/omniauth/strategies/wsfed/auth_request_spec.rb index a09d70c..811ad22 100644 --- a/spec/omniauth/strategies/wsfed/auth_request_spec.rb +++ b/spec/omniauth/strategies/wsfed/auth_request_spec.rb @@ -8,7 +8,8 @@ :issuer => 'https://c4sc.accesscontrol.windows.net.com/v2/wsfederation', :realm => 'http://c4sc.com/security_realm', :reply => 'http://rp.c4sc.com/auth/wsfed', - :home_realm_discovery_path => 'auth/home_realm_discovery' + :home_realm_discovery_path => 'auth/home_realm_discovery', + :wfresh => 0 } end @@ -85,6 +86,10 @@ request.wsfed_signin_request.should include "wct=#{ERB::Util.url_encode(time)}" end + it 'should include the freshness param [wfresh]' do + request.wsfed_signin_request.should include "wfresh=0" + end + describe 'Url-Encoded Home Realm Parameter [whr]' do let(:home_realm) { 'http://identity.c4sc.com/trust' } @@ -104,4 +109,4 @@ end -end \ No newline at end of file +end