lib/osso/models/identity_provider.rb in osso-0.0.3.26 vs lib/osso/models/identity_provider.rb in osso-0.0.3.27
- old
+ new
@@ -6,11 +6,15 @@
class IdentityProvider < ActiveRecord::Base
belongs_to :enterprise_account
belongs_to :oauth_client
has_many :users
before_save :set_status
+ validate :sso_cert_valid
+ PEM_HEADER = "-----BEGIN CERTIFICATE-----\n"
+ PEM_FOOTER = "\n-----END CERTIFICATE-----"
+
def name
service.titlecase
end
def saml_options
@@ -50,9 +54,25 @@
def root_url
return "https://#{ENV['HEROKU_APP_NAME']}.herokuapp.com" if ENV['HEROKU_APP_NAME']
ENV.fetch('BASE_URL')
+ end
+
+ def sso_cert_valid
+ return if sso_cert.blank?
+
+ has_header_and_footer = sso_cert.match(/#{PEM_HEADER}(?<cert>.*)#{PEM_FOOTER}/m)
+
+ if has_header_and_footer
+ OpenSSL::X509::Certificate.new(sso_cert)
+ self.sso_cert = has_header_and_footer[:cert]
+ else
+ OpenSSL::X509::Certificate.new([PEM_HEADER, sso_cert, PEM_FOOTER].join)
+ end
+
+ rescue OpenSSL::X509::CertificateError
+ errors.add(:sso_cert, 'x509 Certificate is malformed')
end
end
end
end