providers/saml: add WantAssertionsSigned

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	authentik/providers/saml/processors/metadata_parser.py
This commit is contained in:
Jens Langhammer 2021-08-03 22:40:13 +02:00
parent add7a80fdc
commit 4f1c11c5ef
1 changed files with 12 additions and 4 deletions

View File

@ -134,10 +134,18 @@ class ServiceProviderMetadataParser:
# For now we'll only look at the first descriptor. # For now we'll only look at the first descriptor.
# Even if multiple descriptors exist, we can only configure one # Even if multiple descriptors exist, we can only configure one
descriptor = sp_sso_descriptors[0] descriptor = sp_sso_descriptors[0]
auth_n_request_signed = (
descriptor.attrib["AuthnRequestsSigned"].lower() == "true" auth_n_request_signed = False
) if "AuthnRequestsSigned" in descriptor.attrib:
assertion_signed = descriptor.attrib["WantAssertionsSigned"].lower() == "true" auth_n_request_signed = (
descriptor.attrib["AuthnRequestsSigned"].lower() == "true"
)
assertion_signed = False
if "WantAssertionsSigned" in descriptor.attrib:
assertion_signed = (
descriptor.attrib["WantAssertionsSigned"].lower() == "true"
)
acs_services = descriptor.findall( acs_services = descriptor.findall(
f"{{{NS_SAML_METADATA}}}AssertionConsumerService" f"{{{NS_SAML_METADATA}}}AssertionConsumerService"