diff --git a/passbook/sources/saml/forms.py b/passbook/sources/saml/forms.py index 3aa5258d3..e79b32ff0 100644 --- a/passbook/sources/saml/forms.py +++ b/passbook/sources/saml/forms.py @@ -16,6 +16,7 @@ class SAMLSourceForm(forms.ModelForm): model = SAMLSource fields = SOURCE_FORM_FIELDS + [ "issuer", + "binding_type", "idp_url", "idp_logout_url", "auto_logout", diff --git a/passbook/sources/saml/processors/base.py b/passbook/sources/saml/processors/base.py index 285a77c5a..f0cf7ff94 100644 --- a/passbook/sources/saml/processors/base.py +++ b/passbook/sources/saml/processors/base.py @@ -68,8 +68,9 @@ class Processor: email@example.com + SPNameQualifier=""> + email@example.com + """ assertion = self._root.find("{urn:oasis:names:tc:SAML:2.0:assertion}Assertion") subject = assertion.find("{urn:oasis:names:tc:SAML:2.0:assertion}Subject") diff --git a/passbook/sources/saml/views.py b/passbook/sources/saml/views.py index d23524e81..18c0912c6 100644 --- a/passbook/sources/saml/views.py +++ b/passbook/sources/saml/views.py @@ -6,6 +6,7 @@ from django.utils.decorators import method_decorator from django.utils.http import urlencode from django.views import View from django.views.decorators.csrf import csrf_exempt +from signxml import InvalidSignature from signxml.util import strip_pem_header from passbook.lib.views import bad_request_message @@ -71,6 +72,8 @@ class ACSView(View): processor.parse(request) except MissingSAMLResponse as exc: return bad_request_message(request, str(exc)) + except InvalidSignature as exc: + return bad_request_message(request, str(exc)) try: return processor.prepare_flow(request)