saml_idp: cleanup settings, add was processor

passbook/lib/default.yml

@@ -104,13 +104,11 @@ oauth_client:
     - passbook.oauth_client.source_types.supervisr
     - passbook.oauth_client.source_types.twitter
 saml_idp:
-  signing: true
-  autosubmit: false
   issuer: passbook
-  assertion_valid_for: 86400
   # List of python packages with provider types to load.
   types:
     - passbook.saml_idp.processors.generic
+    - passbook.saml_idp.processors.aws
     - passbook.saml_idp.processors.gitlab
     - passbook.saml_idp.processors.nextcloud
     - passbook.saml_idp.processors.salesforce

passbook/saml_idp/processors/aws.py

@@ -0,0 +1,26 @@
+"""AWS Processor"""
+
+from passbook.saml_idp.base import Processor, xml_render
+
+
+class AWSProcessor(Processor):
+    """AWS Response Handler Processor for testing against django-saml2-sp."""
+
+    def _determine_audience(self):
+        self._audience = 'urn:amazon:webservices'
+
+    def _format_assertion(self):
+        """Formats _assertion_params as _assertion_xml."""
+        self._assertion_params['ATTRIBUTES'] = [
+            {
+                'Name': 'https://aws.amazon.com/SAML/Attributes/RoleSessionName',
+                'Value': self._django_request.user.username,
+            },
+            {
+                'Name': 'https://aws.amazon.com/SAML/Attributes/Role',
+                # 'Value': 'arn:aws:iam::471432361072:saml-provider/passbook_dev,
+                # arn:aws:iam::471432361072:role/saml_role'
+            }
+        ]
+        self._assertion_xml = xml_render.get_assertion_xml(
+            'saml/xml/assertions/generic.xml', self._assertion_params, signed=True)

passbook/saml_idp/processors/generic.py

@@ -5,4 +5,3 @@ from passbook.saml_idp.base import Processor
 
 class GenericProcessor(Processor):
     """Generic Response Handler Processor for testing against django-saml2-sp."""
-    pass