Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

How do you test your setup of omniauth-saml in your Rails app? #210

Open
epugh opened this issue Sep 12, 2022 · 4 comments
Open

How do you test your setup of omniauth-saml in your Rails app? #210

epugh opened this issue Sep 12, 2022 · 4 comments

Comments

@epugh
Copy link

epugh commented Sep 12, 2022

Hi, I am steward of Quepid (https://github.com/o19s/quepid), a Rails based tool for measuring and improving your search. We use omniauth for authentication, and currently support google oauth, keycloak, and now would like to add https://github.com/omniauth/omniauth-saml.

Normally I try to stand up some sort of "test harness" or "demo setup" to test the integration with Quepid against, however since Quepid is open source and we don't use SAML internally at my company, I'm at a bit of a loss to know how to test this strategy.

Are there any public SAML sites, or a way of configuring a tool like Keycloak to speak SAML that I could use?

Does this question even make any sense ;-).

@suprnova32
Copy link
Member

I believe you can set up an Okta trial account for testing and that will give you access to a SAML service. I used that approach when adding SAML support to GitLab. The only issue is that the trial time is short, so if you want to have a permanent setup for testing you would have to pay for it.

@Wimpje
Copy link

Wimpje commented Sep 15, 2022

If you want to test with an online IDP - go to https://idp.ssocircle.com/sso/UI/Login, create a password, and then go to 'Manage Metadata' and add a new service provider. Copy paste the contents of your metadata into the SAML metadate field and use your localhost url as FDQN, that should do the trick...

@epugh
Copy link
Author

epugh commented Sep 15, 2022

This is two great suggestions... Part of my challenge is that this whole auth realm is kind of new to me, so I don't know what everything means! Going to try both of these ideas.

@ilikepi
Copy link
Contributor

ilikepi commented Sep 15, 2022

Another no-cost option is to sign up for a OneLogin developer account (not affiliated). As far as I can tell, these do not expire; they are just limited with respect to how many users and applications you can connect. They will actively try to upsell you into a paid account of course.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

4 participants