From c97b946a00657615551a665496c8b92ef27824f5 Mon Sep 17 00:00:00 2001
From: Jens Langhammer <jens.langhammer@beryju.org>
Date: Sat, 20 Jun 2020 22:30:45 +0200
Subject: [PATCH] providers/saml: make SAML provider compatible with consent

---
 .../saml/templates/providers/saml/consent.html     | 14 ++++++++++++++
 passbook/providers/saml/views.py                   |  7 ++++++-
 2 files changed, 20 insertions(+), 1 deletion(-)
 create mode 100644 passbook/providers/saml/templates/providers/saml/consent.html

diff --git a/passbook/providers/saml/templates/providers/saml/consent.html b/passbook/providers/saml/templates/providers/saml/consent.html
new file mode 100644
index 000000000..f998f7119
--- /dev/null
+++ b/passbook/providers/saml/templates/providers/saml/consent.html
@@ -0,0 +1,14 @@
+{% extends 'login/form_with_user.html' %}
+
+{% load i18n %}
+
+{% block beneath_form %}
+<div class="pf-c-form__group">
+    <p>
+        {% blocktrans with name=context.application.name %}
+        You're about to sign into {{ name }}.
+        {% endblocktrans %}
+    </p>
+    {{ hidden_inputs }}
+</div>
+{% endblock %}
diff --git a/passbook/providers/saml/views.py b/passbook/providers/saml/views.py
index 187a012af..adc741475 100644
--- a/passbook/providers/saml/views.py
+++ b/passbook/providers/saml/views.py
@@ -32,6 +32,7 @@ from passbook.policies.engine import PolicyEngine
 from passbook.providers.saml.exceptions import CannotHandleAssertion
 from passbook.providers.saml.models import SAMLBindings, SAMLProvider
 from passbook.providers.saml.processors.types import SAMLResponseParams
+from passbook.stages.consent.stage import PLAN_CONTEXT_CONSENT_TEMPLATE
 
 LOGGER = get_logger()
 URL_VALIDATOR = URLValidator(schemes=("http", "https"))
@@ -87,7 +88,11 @@ class SAMLSSOView(LoginRequiredMixin, SAMLAccessMixin, View):
         planner.allow_empty_flows = True
         plan = planner.plan(
             self.request,
-            {PLAN_CONTEXT_SSO: True, PLAN_CONTEXT_APPLICATION: self.application},
+            {
+                PLAN_CONTEXT_SSO: True,
+                PLAN_CONTEXT_APPLICATION: self.application,
+                PLAN_CONTEXT_CONSENT_TEMPLATE: "providers/saml/consent.html",
+            },
         )
         plan.append(in_memory_stage(SAMLFlowFinalView))
         self.request.session[SESSION_KEY_PLAN] = plan