providers/saml: use idp-initiated sso flow as launch url

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer 2021-08-08 15:01:52 +02:00
parent f21bb319d0
commit 3367b83368

View file

@ -1,8 +1,8 @@
"""authentik saml_idp Models""" """authentik saml_idp Models"""
from typing import Optional, Type from typing import Optional, Type
from urllib.parse import urlparse
from django.db import models from django.db import models
from django.urls import reverse
from django.utils.translation import gettext_lazy as _ from django.utils.translation import gettext_lazy as _
from rest_framework.serializers import Serializer from rest_framework.serializers import Serializer
from structlog.stdlib import get_logger from structlog.stdlib import get_logger
@ -152,9 +152,15 @@ class SAMLProvider(Provider):
@property @property
def launch_url(self) -> Optional[str]: def launch_url(self) -> Optional[str]:
"""Guess launch_url based on acs URL""" """Use IDP-Initiated SAML flow as launch URL"""
launch_url = urlparse(self.acs_url) try:
return self.acs_url.replace(launch_url.path, "") # pylint: disable=no-member
return reverse(
"authentik_providers_saml:sso-init",
kwargs={"application_slug": self.application.slug},
)
except Provider.application.RelatedObjectDoesNotExist:
return None
@property @property
def serializer(self) -> Type[Serializer]: def serializer(self) -> Type[Serializer]: