From 5a3b2fdd498bdd82147d7866d83c478e20f1570e Mon Sep 17 00:00:00 2001
From: Jens Langhammer <jens.langhammer@haufe-lexware.com>
Date: Wed, 17 Apr 2019 17:53:15 +0200
Subject: [PATCH] add Rancher SAML processor

---
 passbook/lib/default.yml                |  1 +
 passbook/saml_idp/processors/rancher.py | 11 +++++++++++
 2 files changed, 12 insertions(+)
 create mode 100644 passbook/saml_idp/processors/rancher.py

diff --git a/passbook/lib/default.yml b/passbook/lib/default.yml
index 7e11d089c..33f240d02 100644
--- a/passbook/lib/default.yml
+++ b/passbook/lib/default.yml
@@ -101,3 +101,4 @@ saml_idp:
     - passbook.saml_idp.processors.salesforce
     - passbook.saml_idp.processors.shibboleth
     - passbook.saml_idp.processors.wordpress_orange
+    - passbook.saml_idp.processors.rancher
diff --git a/passbook/saml_idp/processors/rancher.py b/passbook/saml_idp/processors/rancher.py
new file mode 100644
index 000000000..cc889a512
--- /dev/null
+++ b/passbook/saml_idp/processors/rancher.py
@@ -0,0 +1,11 @@
+"""Rancher Processor"""
+from passbook.saml_idp.base import Processor
+
+
+class RancherProcessor(Processor):
+    """Rancher SAML 2.0 AuthnRequest to Response Handler Processor."""
+
+    def _determine_audience(self):
+        # Rancher expects an audience in this format
+        # https://<host>/v1-saml/adfs/saml/acs
+        self._audience = self._remote.acs_url.replace('acs', 'metadata')