trustchain-oc1-orchestral
/
authentik
Archived
10
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

providers/saml: fix AuthnRequestsSigned and WantAssertionsSigned not loaded correctly

This commit is contained in:
Jens Langhammer 2021-02-16 21:11:14 +01:00
parent baa2ed5ecc
commit 099197ba8c
4 changed files with 10 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
authentik/admin/views/utils.py
View File

@ -18,6 +18,8 @@ from authentik.lib.views import CreateAssignPermView
class DeleteMessageView(SuccessMessageMixin, DeleteView):
"""DeleteView which shows `self.success_message` on successful deletion"""
success_url = "/"
def delete(self, request, *args, **kwargs):
messages.success(self.request, self.success_message)
return super().delete(request, *args, **kwargs)

4
authentik/policies/api.py
View File

@ -118,7 +118,9 @@ class PolicyBindingSerializer(ModelSerializer):
class PolicyBindingViewSet(ModelViewSet):
"""PolicyBinding Viewset"""
queryset = PolicyBinding.objects.all().select_related("policy", "target", "group", "user")
queryset = PolicyBinding.objects.all().select_related(
"policy", "target", "group", "user"
)
serializer_class = PolicyBindingSerializer
filterset_fields = ["policy", "target", "enabled", "order", "timeout"]
search_fields = ["policy__name"]

6
authentik/providers/saml/processors/metadata_parser.py
View File

@ -134,8 +134,10 @@ class ServiceProviderMetadataParser:
# For now we'll only look at the first descriptor.
# Even if multiple descriptors exist, we can only configure one
descriptor = sp_sso_descriptors[0]
auth_n_request_signed = descriptor.attrib["AuthnRequestsSigned"]
assertion_signed = descriptor.attrib["WantAssertionsSigned"]
auth_n_request_signed = (
descriptor.attrib["AuthnRequestsSigned"].lower() == "true"
)
assertion_signed = descriptor.attrib["WantAssertionsSigned"].lower() == "true"
acs_services = descriptor.findall(
f"{{{NS_SAML_METADATA}}}AssertionConsumerService"

2
authentik/providers/saml/views/metadata.py
View File

@ -54,7 +54,7 @@ class MetadataImportView(LoginRequiredMixin, FormView):
form_class = SAMLProviderImportForm
template_name = "providers/saml/import.html"
success_url = ""
success_url = "/"
def dispatch(self, request, *args, **kwargs):
if not request.user.is_superuser: