trustchain-oc1-orchestral
/
authentik
Archived
10
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix IDP-Initiated SAML Login

This commit is contained in:
Jens Langhammer 2019-04-29 21:39:41 +02:00
parent 7033ec0ab9
commit e0a3ec033f
3 changed files with 12 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
passbook/saml_idp/base.py
View File

@ -33,6 +33,8 @@ class Processor:
"""Base SAML 2.0 AuthnRequest to Response Processor. """Base SAML 2.0 AuthnRequest to Response Processor.
Sub-classes should provide Service Provider-specific functionality.""" Sub-classes should provide Service Provider-specific functionality."""
is_idp_initiated = False
_audience = '' _audience = ''
_assertion_params = None _assertion_params = None
_assertion_xml = None _assertion_xml = None
@ -291,7 +293,10 @@ class Processor:
def generate_response(self): def generate_response(self):
"""Processes request and returns template variables suitable for a response.""" """Processes request and returns template variables suitable for a response."""
# Build the assertion and response. # Build the assertion and response.
self.can_handle(self._django_request) # Only call can_handle if SP initiated Request, otherwise we have no Request
if not self.is_idp_initiated:
self.can_handle(self._django_request)
self._validate_user() self._validate_user()
self._build_assertion() self._build_assertion()
self._format_assertion() self._format_assertion()

6
passbook/saml_idp/models.py
View File

@ -1,4 +1,5 @@
"""passbook saml_idp Models""" """passbook saml_idp Models"""
from logging import getLogger
from django.contrib.postgres.fields import ArrayField from django.contrib.postgres.fields import ArrayField
from django.db import models from django.db import models
@ -9,6 +10,8 @@ from passbook.core.models import PropertyMapping, Provider
from passbook.lib.utils.reflection import class_to_path, path_to_class from passbook.lib.utils.reflection import class_to_path, path_to_class
from passbook.saml_idp.base import Processor from passbook.saml_idp.base import Processor
LOGGER = getLogger(__name__)
class SAMLProvider(Provider): class SAMLProvider(Provider):
"""Model to save information about a Remote SAML Endpoint""" """Model to save information about a Remote SAML Endpoint"""
@ -36,7 +39,8 @@ class SAMLProvider(Provider):
if not self._processor: if not self._processor:
try: try:
self._processor = path_to_class(self.processor_path)(self) self._processor = path_to_class(self.processor_path)(self)
except ModuleNotFoundError: except ModuleNotFoundError as exc:
LOGGER.warning(exc)
self._processor = None self._processor = None
return self._processor return self._processor

1
passbook/saml_idp/views.py
View File

@ -231,4 +231,5 @@ class InitiateLoginView(AccessRequiredView):
def get(self, request, application): def get(self, request, application):
"""Initiates an IdP-initiated link to a simple SP resource/target URL.""" """Initiates an IdP-initiated link to a simple SP resource/target URL."""
self.provider.processor.init_deep_link(request, '') self.provider.processor.init_deep_link(request, '')
self.provider.processor.is_idp_initiated = True
return _generate_response(request, self.provider) return _generate_response(request, self.provider)