def _inner(request, idp_slug, *args, **kwargs):
request.idp = _get_idp_or_404(idp_slug)
request.saml2_request_data = get_request_data(request)
try:
request.saml2_auth = OneLogin_Saml2_Auth(
request.saml2_request_data, get_saml2_config(request.idp)
)
except OneLogin_Saml2_Error as e:
if (request.idp.is_active
and e.code != OneLogin_Saml2_Error.REDIRECT_INVALID_URL):
logger.error(
f"An active Identity Provider {idp_slug} appears to have "
f"an SSO configuration issue. Please look into this "
f"immediately! {str(e)}"
)
elif e.code not in [
OneLogin_Saml2_Error.SETTINGS_INVALID,
OneLogin_Saml2_Error.CERT_NOT_FOUND,
OneLogin_Saml2_Error.REDIRECT_INVALID_URL
]:
logger.error(
f"An inactive Identity Provider {idp_slug} appears to have "
f"an SSO configuration issue. Please take note of this "
f"error if an Enterprise Admin reaches out for support: "
f"error code {e.code}, {str(e)}"
)
return render(request, 'sso/config_errors.html', {
'idp_is_active': request.idp.is_active,
'idp_name': request.idp.name,
'error': e,
'docs_link': get_documentation_url(request.idp),
})
return view_func(request, idp_slug, *args, **kwargs)
def sso_saml_metadata(request, idp_slug):
"""
Returns XML with SAML 2.0 Metadata as the Service Provider (SP).
Often referred to as the SP Identifier or SP Entity ID in the
Identity Provider's Documentation.
"""
saml_settings = OneLogin_Saml2_Settings(get_saml2_config(request.idp))
metadata = saml_settings.get_sp_metadata()
errors = saml_settings.validate_metadata(metadata)
if len(errors) == 0:
resp = HttpResponse(content=metadata, content_type='text/xml')
else:
resp = HttpResponseServerError(content=', '.join(errors))
return resp
def _inner(request, idp_slug, *args, **kwargs):
request.idp = _get_idp_or_404(idp_slug)
request.saml2_request_data = get_request_data(request)
request.saml2_auth = OneLogin_Saml2_Auth(request.saml2_request_data,
get_saml2_config(request.idp))
return view_func(request, idp_slug, *args, **kwargs)