20190715141227_saml_auth.rb 2.4 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879
  1. class SamlAuth < ActiveRecord::Migration[5.2]
  2. def up
  3. # return if it's a new setup
  4. return if !Setting.find_by(name: 'system_init_done')
  5. Setting.create_if_not_exists(
  6. title: 'Authentication via %s',
  7. name: 'auth_saml',
  8. area: 'Security::ThirdPartyAuthentication',
  9. description: 'Enables user authentication via %s.',
  10. options: {
  11. form: [
  12. {
  13. display: '',
  14. null: true,
  15. name: 'auth_saml',
  16. tag: 'boolean',
  17. options: {
  18. true => 'yes',
  19. false => 'no',
  20. },
  21. },
  22. ],
  23. },
  24. preferences: {
  25. controller: 'SettingsAreaSwitch',
  26. sub: ['auth_saml_credentials'],
  27. title_i18n: ['SAML'],
  28. description_i18n: ['SAML'],
  29. permission: ['admin.security'],
  30. },
  31. state: false,
  32. frontend: true
  33. )
  34. Setting.create_if_not_exists(
  35. title: 'SAML App Credentials',
  36. name: 'auth_saml_credentials',
  37. area: 'Security::ThirdPartyAuthentication::SAML',
  38. description: 'Enables user authentication via SAML.',
  39. options: {
  40. form: [
  41. {
  42. display: 'IDP SSO target URL',
  43. null: true,
  44. name: 'idp_sso_target_url',
  45. tag: 'input',
  46. placeholder: 'https://capriza.github.io/samling/samling.html',
  47. },
  48. {
  49. display: 'IDP certificate',
  50. null: true,
  51. name: 'idp_cert',
  52. tag: 'input',
  53. placeholder: '-----BEGIN CERTIFICATE-----\n...-----END CERTIFICATE-----',
  54. },
  55. {
  56. display: 'IDP certificate fingerprint',
  57. null: true,
  58. name: 'idp_cert_fingerprint',
  59. tag: 'input',
  60. placeholder: 'E7:91:B2:E1:...',
  61. },
  62. {
  63. display: 'Name Identifier Format',
  64. null: true,
  65. name: 'name_identifier_format',
  66. tag: 'input',
  67. placeholder: 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress',
  68. },
  69. ],
  70. },
  71. state: {},
  72. preferences: {
  73. permission: ['admin.security'],
  74. },
  75. frontend: false
  76. )
  77. end
  78. end