-
-
Notifications
You must be signed in to change notification settings - Fork 423
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[IMP] auth_saml: user provisioning on login
- custom message when response is too old - avoid using werkzeug.urls method, they are deprecated - add missing ondelete cascade when user is deleted - attribute mapping is now also duplicated when the provider is duplicated - factorize getting SAML attribute value, allowing using subject.nameId in mapping attributes too
- Loading branch information
1 parent
0beb977
commit 9145615
Showing
10 changed files
with
219 additions
and
62 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,3 +1,12 @@ | ||
## 16.0.1.0.0 | ||
## 17.0.1.1.0 | ||
|
||
Initial migration for 16.0. | ||
- custom message when response is too old | ||
- avoid using werkzeug.urls method, they are deprecated | ||
- add missing ondelete cascade when user is deleted | ||
- attribute mapping is now also duplicated when the provider is duplicated | ||
- factorize getting SAML attribute value, allowing using subject.nameId in mapping attributes too | ||
- allow creating user if not found by copying a template user | ||
|
||
## 17.0.1.0.0 | ||
|
||
Initial migration for 17.0. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -73,13 +73,21 @@ | |
} | ||
|
||
|
||
class DummyNameId: | ||
"""Dummy name id with text value""" | ||
|
||
def __init__(self, text): | ||
self.text = text | ||
|
||
|
||
class DummyResponse: | ||
def __init__(self, status, data, headers=None): | ||
def __init__(self, status, data, headers=None, name_id: str = ""): | ||
self.status_code = status | ||
self.text = data | ||
self.headers = headers or [] | ||
self.content = data | ||
self._identity = {} | ||
self.name_id = DummyNameId(name_id) | ||
|
||
def _unpack(self, ver="SAMLResponse"): | ||
""" | ||
|
@@ -127,6 +135,7 @@ def __init__(self, metadatas=None): | |
config.load(settings) | ||
config.allow_unknown_attributes = True | ||
Server.__init__(self, config=config) | ||
self.mail = "[email protected]" | ||
|
||
def get_metadata(self): | ||
return create_metadata_string( | ||
|
@@ -163,7 +172,7 @@ def authn_request_endpoint(self, req, binding, relay_state): | |
"surName": "Example", | ||
"givenName": "Test", | ||
"title": "Ind", | ||
"mail": "[email protected]", | ||
"mail": self.mail, | ||
} | ||
|
||
resp_args.update({"sign_assertion": True, "sign_response": True}) | ||
|
Oops, something went wrong.