sources/saml: entity_id -> issuer

2020-02-20 17:23:27 +01:00 · 2020-02-20 17:23:27 +01:00 · 84fc54ddaa
parent 0b5caa85f5
commit 84fc54ddaa
5 changed files with 44 additions and 13 deletions
--- a/passbook/sources/saml/migrations/0005_auto_20200220_1621.py
+++ b/passbook/sources/saml/migrations/0005_auto_20200220_1621.py
@ -0,0 +1,26 @@
+# Generated by Django 3.0.3 on 2020-02-20 16:21
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ("passbook_sources_saml", "0004_auto_20200217_1526"),
+    ]
+
+    operations = [
+        migrations.RenameField(
+            model_name="samlsource", old_name="entity_id", new_name="issuer",
+        ),
+        migrations.AlterField(
+            model_name="samlsource",
+            name="issuer",
+            field=models.TextField(
+                blank=True,
+                default=None,
+                help_text="Also known as Entity ID. Defaults the Metadata URL.",
+                verbose_name="Issuer",
+            ),
+        ),
+    ]
--- a/passbook/sources/saml/models.py
+++ b/passbook/sources/saml/models.py
@ -3,14 +3,19 @@ from django.db import models
 from django.urls import reverse_lazy
 from django.utils.translation import gettext_lazy as _

-from passbook.core.types import UILoginButton
 from passbook.core.models import Source
+from passbook.core.types import UILoginButton


 class SAMLSource(Source):
    """SAML Source"""

-    entity_id = models.TextField(blank=True, default=None, verbose_name=_("Entity ID"))
+    issuer = models.TextField(
+        blank=True,
+        default=None,
+        verbose_name=_("Issuer"),
+        help_text=_("Also known as Entity ID. Defaults the Metadata URL."),
+    )

    idp_url = models.URLField(verbose_name=_("IDP URL"))
    idp_logout_url = models.URLField(
--- a/passbook/sources/saml/templates/saml/sp/xml/sp_sso_descriptor.xml
+++ b/passbook/sources/saml/templates/saml/sp/xml/sp_sso_descriptor.xml
@ -1,6 +1,6 @@
 <md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"
  xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
-  xmlns:ds="http://www.w3.org/2000/09/xmldsig#" entityID="{{ entity_id }}">
+  xmlns:ds="http://www.w3.org/2000/09/xmldsig#" entityID="{{ issuer }}">
  <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
    <md:KeyDescriptor use="signing">
      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
--- a/passbook/sources/saml/utils.py
+++ b/passbook/sources/saml/utils.py
@ -6,12 +6,12 @@ from passbook.core.models import User
 from passbook.sources.saml.models import SAMLSource


-def get_entity_id(request: HttpRequest, source: SAMLSource):
-    """Get Source's entity ID, falling back to our Metadata URL if none is set"""
-    entity_id = source.entity_id
-    if entity_id is None:
+def get_issuer(request: HttpRequest, source: SAMLSource) -> str:
+    """Get Source's Issuer, falling back to our Metadata URL if none is set"""
+    issuer = source.issuer
+    if issuer is None:
        return build_full_url("metadata", request, source)
-    return entity_id
+    return issuer


 def build_full_url(view: str, request: HttpRequest, source: SAMLSource) -> str:
--- a/passbook/sources/saml/views.py
+++ b/passbook/sources/saml/views.py
@ -17,7 +17,7 @@ from passbook.sources.saml.models import SAMLSource
 from passbook.sources.saml.utils import (
    _get_user_from_response,
    build_full_url,
-    get_entity_id,
+    get_issuer,
 )
 from passbook.sources.saml.xml_render import get_authnrequest_xml

@ -37,7 +37,7 @@ class InitiateView(View):
            "DESTINATION": source.idp_url,
            "AUTHN_REQUEST_ID": get_random_id(),
            "ISSUE_INSTANT": get_time_string(),
-            "ISSUER": get_entity_id(request, source),
+            "ISSUER": get_issuer(request, source),
        }
        authn_req = get_authnrequest_xml(parameters, signed=False)
        _request = nice64(str.encode(authn_req))
@ -97,16 +97,16 @@ class MetadataView(View):
    def dispatch(self, request: HttpRequest, source_slug: str) -> HttpResponse:
        """Replies with the XML Metadata SPSSODescriptor."""
        source: SAMLSource = get_object_or_404(SAMLSource, slug=source_slug)
-        entity_id = get_entity_id(request, source)
+        issuer = get_issuer(request, source)
        cert_stripped = strip_pem_header(source.signing_cert.replace("\r", "")).replace(
            "\n", ""
        )
        return render_xml(
            request,
-            "saml/sp/xml/spssodescriptor.xml",
+            "saml/sp/xml/sp_sso_descriptor.xml",
            {
                "acs_url": build_full_url("acs", request, source),
-                "entity_id": entity_id,
+                "issuer": issuer,
                "cert_public_key": cert_stripped,
            },
        )