def initialize_session(self, request, callback, **callback_kwargs): config = self.instance.config if not config.get("client_secret"): # PKCE code_challenge, code_verifier = generate_pkce_codes() backend_state = {"code_verifier": code_verifier} else: # client secret code_challenge = None backend_state = None from realms.models import RealmAuthenticationSession ras = RealmAuthenticationSession(realm=self.instance, backend_state=backend_state, callback=callback, callback_kwargs=callback_kwargs) ras.save() # add state to session to prevent CSRF self._add_ras_to_session(request, ras) return build_authorization_code_flow_url(config["discovery_url"], config["client_id"], self.ac_redirect_uri(), config["extra_scopes"], str(ras.pk), code_challenge)
def initialize_session(self, callback, **callback_kwargs): from realms.models import RealmAuthenticationSession ras = RealmAuthenticationSession(realm=self.instance, callback=callback, callback_kwargs=callback_kwargs) ras.save() saml2_client = self.get_saml2_client() _, request_info = saml2_client.prepare_for_authenticate( relay_state=str(ras.pk)) return dict(request_info["headers"])["Location"]
def initialize_session(self, callback, save_password_hash=False, **callback_kwargs): from realms.models import RealmAuthenticationSession ras = RealmAuthenticationSession(realm=self.instance, save_password_hash=save_password_hash, callback=callback, callback_kwargs=callback_kwargs) ras.save() return reverse("realms:ldap_login", args=(ras.realm.pk, ras.pk))
def initialize_session(self, request, callback, **callback_kwargs): from realms.models import RealmAuthenticationSession ras = RealmAuthenticationSession( realm=self.instance, callback=callback, callback_kwargs=remove_null_character(callback_kwargs)) ras.save() saml2_client = self.get_saml2_client() # can throw error # like saml2.s_utils.UnsupportedBinding: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect # if the IdP configuration and thus the metadata is wrong, but these should be caught at creation time # in the realm form. request_id, request_info = saml2_client.prepare_for_authenticate( relay_state=str(ras.pk)) # save request ID in auth session ras.backend_state = {"request_id": request_id} ras.save() return dict(request_info["headers"])["Location"]