tariqhamid/FederationMetadata.xml

## FederationMetadata.xml
<?xml version="1.0" encoding="utf-8"?>
<EntityDescriptor ID="_271f377f-78d8-4133-8c46-a73c4936bb1f" entityID="https://example.com" xmlns="urn:oasis:names:tc:SAML:2.0:metadata">
  <RoleDescriptor xsi:type="fed:ApplicationServiceType" xmlns:fed="http://docs.oasis-open.org/wsfed/federation/200706" protocolSupportEnumeration="http://docs.oasis-open.org/wsfed/federation/200706" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
    <fed:TargetScopes>
      <wsa:EndpointReference xmlns:wsa="http://www.w3.org/2005/08/addressing">
        <wsa:Address>https://example.com/</wsa:Address>
      </wsa:EndpointReference>
    </fed:TargetScopes>
    <fed:PassiveRequestorEndpoint>
      <wsa:EndpointReference xmlns:wsa="http://www.w3.org/2005/08/addressing">
        <wsa:Address>https://example.com/</wsa:Address>
      </wsa:EndpointReference>
    </fed:PassiveRequestorEndpoint>
  </RoleDescriptor>
</EntityDescriptor>

## Gemfile
gem 'omniauth'
gem 'omniauth-wsfed', '0.3.2.pre.beta'

## logout.rb
def logout
  reset_session
  redirect_to "https://adfs.example.com/adfs/ls/?wa=wsignout1.0&wreply=https://#{request.host}"
end

## omniauth.rb
Rails.application.config.middleware.use OmniAuth::Builder do
  provider :wsfed,
      :issuer_name           => "http://adfs.example.com/adfs/services/trust",
      :issuer                => "https://adfs.example.com/adfs/ls/",
      :realm                 => "https://myapp.com",
      :reply                 => "https://myapp.com/auth/wsfed/callback",
      :saml_version          => "1",
      :id_claim              => "upn",
      :idp_cert_fingerprint  => "2ds.........."
end

## routes.rb
match '/auth/:provider/callback' => 'sessions#create', via: [:get, :post]
match '/auth/failure' => 'sessions#failure', via: [:get]

## sessions_controller.rb
def create
  auth = request.env["omniauth.auth"]
  auth.uid # Gets the UID value of the user that has just signed in
  # Create a session, redirect etc
end
	<?xml version="1.0" encoding="utf-8"?>
	<EntityDescriptor ID="_271f377f-78d8-4133-8c46-a73c4936bb1f" entityID="https://example.com" xmlns="urn:oasis:names:tc:SAML:2.0:metadata">
	<RoleDescriptor xsi:type="fed:ApplicationServiceType" xmlns:fed="http://docs.oasis-open.org/wsfed/federation/200706" protocolSupportEnumeration="http://docs.oasis-open.org/wsfed/federation/200706" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
	<fed:TargetScopes>
	<wsa:EndpointReference xmlns:wsa="http://www.w3.org/2005/08/addressing">
	<wsa:Address>https://example.com/</wsa:Address>
	</wsa:EndpointReference>
	</fed:TargetScopes>
	<fed:PassiveRequestorEndpoint>
	<wsa:EndpointReference xmlns:wsa="http://www.w3.org/2005/08/addressing">
	<wsa:Address>https://example.com/</wsa:Address>
	</wsa:EndpointReference>
	</fed:PassiveRequestorEndpoint>
	</RoleDescriptor>
	</EntityDescriptor>
	def logout
	reset_session
	redirect_to "https://adfs.example.com/adfs/ls/?wa=wsignout1.0&wreply=https://#{request.host}"
	end
	Rails.application.config.middleware.use OmniAuth::Builder do
	provider :wsfed,
	:issuer_name => "http://adfs.example.com/adfs/services/trust",
	:issuer => "https://adfs.example.com/adfs/ls/",
	:realm => "https://myapp.com",
	:reply => "https://myapp.com/auth/wsfed/callback",
	:saml_version => "1",
	:id_claim => "upn",
	:idp_cert_fingerprint => "2ds.........."
	end
	match '/auth/:provider/callback' => 'sessions#create', via: [:get, :post]
	match '/auth/failure' => 'sessions#failure', via: [:get]
	def create
	auth = request.env["omniauth.auth"]
	auth.uid # Gets the UID value of the user that has just signed in
	# Create a session, redirect etc
	end