trustchain-oc1-orchestral
/
authentik
Archived
10
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

providers/saml: add WantAssertionsSigned 

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer 2021-08-03 22:40:13 +02:00
parent 9d392931df
commit 36b346662c
1 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
authentik/providers/saml/processors/metadata_parser.py
View File

@ -124,8 +124,13 @@ class ServiceProviderMetadataParser:
# For now we'll only look at the first descriptor.
# Even if multiple descriptors exist, we can only configure one
descriptor = sp_sso_descriptors[0]
auth_n_request_signed = descriptor.attrib["AuthnRequestsSigned"].lower() == "true"
assertion_signed = descriptor.attrib["WantAssertionsSigned"].lower() == "true"
auth_n_request_signed = False
if "AuthnRequestsSigned" in descriptor.attrib:
auth_n_request_signed = descriptor.attrib["AuthnRequestsSigned"].lower() == "true"
assertion_signed = False
if "WantAssertionsSigned" in descriptor.attrib:
assertion_signed = descriptor.attrib["WantAssertionsSigned"].lower() == "true"
acs_services = descriptor.findall(f"{{{NS_SAML_METADATA}}}AssertionConsumerService")
if len(acs_services) < 1: