示例#1
0
def generate_metadata():
    settings = load_settings()
    settings = OneLogin_Saml2_Settings(settings=settings)
    metadata = settings.get_sp_metadata()
    errors = settings.validate_metadata(metadata)
    if len(errors) > 0:
        print("generate saml metadata failed: {}".format(errors))
        return

    meta_path = "{}/saml_metadata.xml".format(Config.SAML_CONFIG_PATH)
    with open(meta_path, "w") as f:
        f.write(metadata)
示例#2
0
    def init_saml_auth(req, config):
        """Prepare SAML request

        :param req: :class:`microkubes.security.chain.Request`, wrapped HTTP Request.

        :param config: ``dict``, SAML config

        :returns: an instance of OneLogin_Saml2_Auth
        """

        settingsSAML = OneLogin_Saml2_Settings(settings=config)
        auth = OneLogin_Saml2_Auth(req, old_settings=settingsSAML)
        return auth
示例#3
0
    def dispatch(self, request: Request, organization_slug):
        provider = get_provider(organization_slug)
        config = provider.config if provider else {}

        saml_config = build_saml_config(config, organization_slug)
        saml_settings = OneLogin_Saml2_Settings(settings=saml_config, sp_validation_only=True)
        metadata = saml_settings.get_sp_metadata()
        errors = saml_settings.validate_metadata(metadata)

        if len(errors) > 0:
            message = "\n".join(errors)
            return HttpResponseServerError(content=message, content_type="plain/text")

        return HttpResponse(content=metadata, content_type="text/xml")
示例#4
0
    def dispatch(self, request, organization_slug):
        provider = get_provider(organization_slug)

        saml_config = provider.build_saml_config(organization_slug)
        saml_settings = OneLogin_Saml2_Settings(settings=saml_config,
                                                sp_validation_only=True)
        metadata = saml_settings.get_sp_metadata()
        errors = saml_settings.validate_metadata(metadata)

        if len(errors) == 0:
            resp = HttpResponse(content=metadata, content_type='text/xml')
        else:
            resp = HttpResponseServerError(content=', '.join(errors))
        return resp
示例#5
0
    def dispatch(self, request, organization_slug):
        provider = get_provider(organization_slug)
        if provider is None:
            messages.add_message(request, messages.ERROR, ERR_NO_SAML_SSO)
            return self.redirect('/')

        saml_config = build_saml_config(provider.config, organization_slug)
        saml_settings = OneLogin_Saml2_Settings(settings=saml_config, sp_validation_only=True)
        metadata = saml_settings.get_sp_metadata()
        errors = saml_settings.validate_metadata(metadata)

        if len(errors) > 0:
            message = '\n'.join(errors)
            return HttpResponseServerError(content=message, content_type='plain/text')

        return HttpResponse(content=metadata, content_type='text/xml')
示例#6
0
def _prepare_saml_auth(request):
    saml_setting = OneLogin_Saml2_Settings(
        custom_base_path=settings.SAML_FOLDER)
    metadata = saml_setting.get_sp_data()
    saml_server_url = metadata['assertionConsumerService']['url']
    parsed_saml_server_url = urlparse(saml_server_url)
    req = {
        'https': 'on' if parsed_saml_server_url.scheme == 'https' else 'off',
        'http_host': parsed_saml_server_url.hostname,
        'script_name': parsed_saml_server_url.path.split('/')[0],
        'server_port': parsed_saml_server_url.port,
        'get_data': request.GET.copy(),
        'lowercase_urlencoding': True,
        'post_data': request.POST.copy(),
    }
    auth = OneLogin_Saml2_Auth(req, custom_base_path=settings.SAML_FOLDER)
    return auth