def generate_metadata():
settings = load_settings()
settings = OneLogin_Saml2_Settings(settings=settings)
metadata = settings.get_sp_metadata()
errors = settings.validate_metadata(metadata)
if len(errors) > 0:
print("generate saml metadata failed: {}".format(errors))
return
meta_path = "{}/saml_metadata.xml".format(Config.SAML_CONFIG_PATH)
with open(meta_path, "w") as f:
f.write(metadata)
def init_saml_auth(req, config):
"""Prepare SAML request
:param req: :class:`microkubes.security.chain.Request`, wrapped HTTP Request.
:param config: ``dict``, SAML config
:returns: an instance of OneLogin_Saml2_Auth
"""
settingsSAML = OneLogin_Saml2_Settings(settings=config)
auth = OneLogin_Saml2_Auth(req, old_settings=settingsSAML)
return auth
def dispatch(self, request: Request, organization_slug):
provider = get_provider(organization_slug)
config = provider.config if provider else {}
saml_config = build_saml_config(config, organization_slug)
saml_settings = OneLogin_Saml2_Settings(settings=saml_config, sp_validation_only=True)
metadata = saml_settings.get_sp_metadata()
errors = saml_settings.validate_metadata(metadata)
if len(errors) > 0:
message = "\n".join(errors)
return HttpResponseServerError(content=message, content_type="plain/text")
return HttpResponse(content=metadata, content_type="text/xml")
def dispatch(self, request, organization_slug):
provider = get_provider(organization_slug)
saml_config = provider.build_saml_config(organization_slug)
saml_settings = OneLogin_Saml2_Settings(settings=saml_config,
sp_validation_only=True)
metadata = saml_settings.get_sp_metadata()
errors = saml_settings.validate_metadata(metadata)
if len(errors) == 0:
resp = HttpResponse(content=metadata, content_type='text/xml')
else:
resp = HttpResponseServerError(content=', '.join(errors))
return resp
def dispatch(self, request, organization_slug):
provider = get_provider(organization_slug)
if provider is None:
messages.add_message(request, messages.ERROR, ERR_NO_SAML_SSO)
return self.redirect('/')
saml_config = build_saml_config(provider.config, organization_slug)
saml_settings = OneLogin_Saml2_Settings(settings=saml_config, sp_validation_only=True)
metadata = saml_settings.get_sp_metadata()
errors = saml_settings.validate_metadata(metadata)
if len(errors) > 0:
message = '\n'.join(errors)
return HttpResponseServerError(content=message, content_type='plain/text')
return HttpResponse(content=metadata, content_type='text/xml')
def _prepare_saml_auth(request):
saml_setting = OneLogin_Saml2_Settings(
custom_base_path=settings.SAML_FOLDER)
metadata = saml_setting.get_sp_data()
saml_server_url = metadata['assertionConsumerService']['url']
parsed_saml_server_url = urlparse(saml_server_url)
req = {
'https': 'on' if parsed_saml_server_url.scheme == 'https' else 'off',
'http_host': parsed_saml_server_url.hostname,
'script_name': parsed_saml_server_url.path.split('/')[0],
'server_port': parsed_saml_server_url.port,
'get_data': request.GET.copy(),
'lowercase_urlencoding': True,
'post_data': request.POST.copy(),
}
auth = OneLogin_Saml2_Auth(req, custom_base_path=settings.SAML_FOLDER)
return auth