0

I am working on Ruby on Rails application. I need to implement Single Sign on / Single Log out (SSO / SLO) using OneLogin.

I used OneLogin-Ruby-Sdk => https://github.com/onelogin/onelogin-ruby-sdk to log user via session token API. It creates a cookie in browser and allows me to login on other apps. But when I logout using log_a_user_out Api. It only logs out of current application but not from all applications. So SLO is not working in this case.

Thereafter, I integrated devise_saml_authenticatable => https://github.com/apokalipto/devise_saml_authenticatable. It works with SSO / SLO perfectly. But it redirects to oneLogin UI to generate SAMLRequest and send back SAMLResponse.

Is there a way I can generate SAMLRequest and SAMLResponse programatically ? Just like we do for OAuth2 where we can generate access token using refresh token again and again.

Basically I want users to signup and login through my app forms and communicate with OneLogin and implement SSO / SLO using API rather than going to oneLogin UI.

Please let me know if more information is required in terms of code which could help in providing answer. I will be more than glad to do so. Any help is hugely appreciated.

farzam azhar
  • 1
  • 1
  • Wouldn't this then defeat one of the primary purposes of delegated / OAuth-style authentication, namely that the user only supplies their credentials to a _trusted_ site (and hence form), and your app is not able to view their credentials? – sellotape Dec 19 '19 at 08:38
  • Since I am implementing SSO for multiple applications which also belongs to same organisation. So my app should be trusted site for them. Moreover OneLogin themselves provides API to `log_user_in_via_session_token_api` https://developers.onelogin.com/api-docs/1/login-page/login-user-via-api. In this case user also provides credentials on our site. It allows me to signin to other SAML configured apps successfully. But when I try to logout using API. It does not logout from other apps. Only logs out from current app. – farzam azhar Dec 19 '19 at 08:46

0 Answers0