From 027a64fad2d174cbcd26350d6cd80c3bc2908f5c Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Thu, 20 Feb 2020 17:37:09 +0100 Subject: [PATCH] providers/saml: change default NameID Format to emailAddress --- passbook/providers/saml/processors/base.py | 2 +- .../saml/templates/saml/xml/metadata.xml | 20 +------------------ passbook/providers/saml/views.py | 2 ++ 3 files changed, 4 insertions(+), 20 deletions(-) diff --git a/passbook/providers/saml/processors/base.py b/passbook/providers/saml/processors/base.py index 4c660a17b..b3361234d 100644 --- a/passbook/providers/saml/processors/base.py +++ b/passbook/providers/saml/processors/base.py @@ -40,7 +40,7 @@ class Processor: @property def subject_format(self) -> str: """Get subject Format""" - return "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" + return "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress" def __init__(self, remote: "SAMLProvider"): self.name = remote.name diff --git a/passbook/providers/saml/templates/saml/xml/metadata.xml b/passbook/providers/saml/templates/saml/xml/metadata.xml index 2eff8fe23..a560abb35 100644 --- a/passbook/providers/saml/templates/saml/xml/metadata.xml +++ b/passbook/providers/saml/templates/saml/xml/metadata.xml @@ -15,26 +15,8 @@ + {{ subject_format }} - urn:oasis:names:tc:SAML:2.0:nameid-format:persistent -{% comment %} - -{# if org #} - - {{ org.name }} - {{ org.display_name }} - {{ org.url }} - -{# endif #} - -{# for contact in contacts #} - - {{ contact.given_name }} - {{ contact.sur_name }} - {{ contact.email }} - -{# endfor #} -{% endcomment %} diff --git a/passbook/providers/saml/views.py b/passbook/providers/saml/views.py index d9ca9e580..8869b6762 100644 --- a/passbook/providers/saml/views.py +++ b/passbook/providers/saml/views.py @@ -242,11 +242,13 @@ class DescriptorDownloadView(AccessRequiredView): pubkey = strip_pem_header(provider.signing_cert.replace("\r", "")).replace( "\n", "" ) + subject_format = provider.processor.subject_format ctx = { "entity_id": entity_id, "cert_public_key": pubkey, "slo_url": slo_url, "sso_url": sso_url, + "subject_format": subject_format, } return render_to_string("saml/xml/metadata.xml", ctx)