sources/saml: entity_id -> issuer

passbook/sources/saml/migrations/0005_auto_20200220_1621.py

@@ -0,0 +1,26 @@
+# Generated by Django 3.0.3 on 2020-02-20 16:21
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ("passbook_sources_saml", "0004_auto_20200217_1526"),
+    ]
+
+    operations = [
+        migrations.RenameField(
+            model_name="samlsource", old_name="entity_id", new_name="issuer",
+        ),
+        migrations.AlterField(
+            model_name="samlsource",
+            name="issuer",
+            field=models.TextField(
+                blank=True,
+                default=None,
+                help_text="Also known as Entity ID. Defaults the Metadata URL.",
+                verbose_name="Issuer",
+            ),
+        ),
+    ]

passbook/sources/saml/models.py

@@ -3,14 +3,19 @@ from django.db import models
 from django.urls import reverse_lazy
 from django.utils.translation import gettext_lazy as _
 
-from passbook.core.types import UILoginButton
 from passbook.core.models import Source
+from passbook.core.types import UILoginButton
 
 
 class SAMLSource(Source):
     """SAML Source"""
 
-    entity_id = models.TextField(blank=True, default=None, verbose_name=_("Entity ID"))
+    issuer = models.TextField(
+        blank=True,
+        default=None,
+        verbose_name=_("Issuer"),
+        help_text=_("Also known as Entity ID. Defaults the Metadata URL."),
+    )
 
     idp_url = models.URLField(verbose_name=_("IDP URL"))
     idp_logout_url = models.URLField(

passbook/sources/saml/templates/saml/sp/xml/sp_sso_descriptor.xml

@@ -1,6 +1,6 @@
 <md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"
   xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
-  xmlns:ds="http://www.w3.org/2000/09/xmldsig#" entityID="{{ entity_id }}">
+  xmlns:ds="http://www.w3.org/2000/09/xmldsig#" entityID="{{ issuer }}">
   <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
     <md:KeyDescriptor use="signing">
       <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">

passbook/sources/saml/utils.py

@@ -6,12 +6,12 @@ from passbook.core.models import User
 from passbook.sources.saml.models import SAMLSource
 
 
-def get_entity_id(request: HttpRequest, source: SAMLSource):
+def get_issuer(request: HttpRequest, source: SAMLSource) -> str:
-    """Get Source's entity ID, falling back to our Metadata URL if none is set"""
+    """Get Source's Issuer, falling back to our Metadata URL if none is set"""
-    entity_id = source.entity_id
+    issuer = source.issuer
-    if entity_id is None:
+    if issuer is None:
         return build_full_url("metadata", request, source)
-    return entity_id
+    return issuer
 
 
 def build_full_url(view: str, request: HttpRequest, source: SAMLSource) -> str:

passbook/sources/saml/views.py

@@ -17,7 +17,7 @@ from passbook.sources.saml.models import SAMLSource
 from passbook.sources.saml.utils import (
     _get_user_from_response,
     build_full_url,
-    get_entity_id,
+    get_issuer,
 )
 from passbook.sources.saml.xml_render import get_authnrequest_xml
 
@@ -37,7 +37,7 @@ class InitiateView(View):
             "DESTINATION": source.idp_url,
             "AUTHN_REQUEST_ID": get_random_id(),
             "ISSUE_INSTANT": get_time_string(),
-            "ISSUER": get_entity_id(request, source),
+            "ISSUER": get_issuer(request, source),
         }
         authn_req = get_authnrequest_xml(parameters, signed=False)
         _request = nice64(str.encode(authn_req))
@@ -97,16 +97,16 @@ class MetadataView(View):
     def dispatch(self, request: HttpRequest, source_slug: str) -> HttpResponse:
         """Replies with the XML Metadata SPSSODescriptor."""
         source: SAMLSource = get_object_or_404(SAMLSource, slug=source_slug)
-        entity_id = get_entity_id(request, source)
+        issuer = get_issuer(request, source)
         cert_stripped = strip_pem_header(source.signing_cert.replace("\r", "")).replace(
             "\n", ""
         )
         return render_xml(
             request,
-            "saml/sp/xml/spssodescriptor.xml",
+            "saml/sp/xml/sp_sso_descriptor.xml",
             {
                 "acs_url": build_full_url("acs", request, source),
-                "entity_id": entity_id,
+                "issuer": issuer,
                 "cert_public_key": cert_stripped,
             },
         )