bournerj

bournerj

SAMLY - How often/when should the pre_session_create_pipeline be called?

I am attempting to create a JWT within the pre_session_create_pipeline but, even after having logged out of the IDP (ADFS) to try and start a new session, it appears as though the pipeline isn’t being hit.

Should this be hit every time we come back from the IDP?

I have config like:

identity_providers: [
    %{
      id: "12345-12345-12345",
      sp_id: "ffwefe-ewfew-fwf-ewfw-fewf-ew",
      base_url: "https://my-website.com/sso",
      metadata_file: "priv/idp/metadata.xml",
      pre_session_create_pipeline: MyApp.PreSessionCreatePipeline,
      use_redirect_for_req: true,
      sign_requests: true,
      sign_metadata: true,
      signed_assertion_in_resp: true,
      signed_envelopes_in_resp: false
    }
  ]

Then the pipeline tries to create a JWT from the claims and throw it back as part of the URL. It looks like:

defmodule MyApp.PreSessionCreatePipeline do
  import Plug.Conn

  def init(opts), do: opts

  def call(conn, _opts) do
    IO.inspect "Hello, I'm in the plug..."

    active_assertion = conn.private[:samly_assertion]

    # User's GUID from AD
    resource = %{id: Samly.get_attribute(active_assertion, "objectidentifier")}

    claims = %{
      displayname: Samly.get_attribute(active_assertion, "displayname"),
      email: Samly.get_attribute(active_assertion, "name"),
      role: Samly.get_attribute(active_assertion, "Role Name")
    }

    opts = [ttl: {30, :minutes}]

    {:ok, token, _claims} = MyApp.Guardian.encode_and_sign(resource, claims, opts)

    target_url =
      "https://#{conn.host}/#{token}"
      |> URI.decode_www_form()

    conn
      |> fetch_session()
      |> put_session("target_url", target_url)
  end
end

The text “Hello, I’m…” is never displayed…

Thanks in advance

Rich

Most Liked

bournerj

bournerj

Wow.

I have to apologise - coming back at this with a fresh head, I noticed that the file I had merrily been uploading to my server (with the IO.inspect in) was named pre_session_pipline.ex - which obviously didn’t overwrite pre_session_pipeline.ex.

It works as expected :man_facepalming::man_facepalming::man_facepalming:

Where Next?

Popular in Questions Top

chrisalley
ExUnit now has describe blocks which is a welcome addition coming from RSpec. In the docs, it states that nested hierarchies of describe ...
New
gshaw
What is the idiomatic way of matching for not nil in Elixir? E.g., First way: defp halt_if_not_signed_in(conn, signed_in_account) when...
New
shahryarjb
Hello, I have map which I want to convert it to string like this: the map: %{last_name: "tavakkoli", name: "shahryar"} the string I ne...
New
vac
Hi, I’m quite new in Elixir and I’m trying to format a string to a PEM format. I have the certificate value like MIIDBTCCAe2...... and I...
New
nobody
How to bind a phoenix app to a specific ip address? could not find anything about that, nowhere, unfortunately, but for me this is quite...
New
vrod
I am using the Starship cross-shell prompt – it seems pretty nice, but I get some errors: [WARN] - (starship::utils): Executing command ...
New
Emily
I have VueJS GUIs with the project generated using Webpack. I have Elixir modules that will need to be used by the VueJS GUIs. I forese...
New
itssasanka
Hi all, Trying to get some more clarity over utc_datetime and naive_datetime for Ecto: The documentation above suggests that while ...
New
shijith.k
I am trying to start a new phoenix project with elixir 1.9, but mix phx.new does not work. It says that ** (Mix) The task "phx.new" could...
New
openscript
Hello! Sorry for this astonishing simple question, but I’m really stuck. I try to set up the intellij-elixir plugin, but I don’t know ho...
New

Other popular topics Top

sen
Hi All, I set a environment variables in dev.exs , like below code. when i start server, how can i set the ${enable} value? thanks. d...
New
jononomo
I am trying to figure out how Mix knows whether the environment is test, dev, or prod – where is this set? Thanks.
New
chrismccord
This release brings a number of exciting features, including integration with the new Phoenix LiveDashboard and Phoenix LiveView. There h...
New
JorisKok
I have a server on AWS, and was running a load test using artillery. When looking at the Phoenix dashboard I see the Ports going to 100% ...
New
sergio_101
I am VERY much an elixir newbie. I have taken one elixir course and one phoenix course on Udemy. During that course, I saw the instructor...
New
fayddelight
I tried installing elixir 1.11.2 erlang 23.3.4 via asdf in my zsh shell. Enabled the versions locally and globally. When I list them ...
New
nobody
Hi! In PHP: $_SERVER[‘SERVER_ADDR’] - in Elixir? Searched the docs for ip address and the web, no good results. Thanks!
New
komlanvi
Hi everyone, I was playing with phoenix liveView but I run into an issue. I have a form and want to validate each input text when the te...
New
PeterCarter
There are pre-rolled solutions for other frameworks that do work. However, Phoenix does not seem to have these. Have people had good expe...
New
svb
Hi! Currently I want to submit a form by pressing the Enter key. However, since my input field is of type “textarea” this is just adds a...
New

We're in Beta

About us Mission Statement