From 64f15eadbdd143bffdec41767782b5b756fe23b6 Mon Sep 17 00:00:00 2001
From: Jens Langhammer <jens.langhammer@beryju.org>
Date: Fri, 28 Feb 2020 10:50:16 +0100
Subject: [PATCH] providers/saml: fix CSRF errors with POST binding

---
 passbook/core/templates/login/base.html | 2 +-
 passbook/providers/saml/views.py        | 4 ++++
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/passbook/core/templates/login/base.html b/passbook/core/templates/login/base.html
index 0d7604bea..ae82cfe3c 100644
--- a/passbook/core/templates/login/base.html
+++ b/passbook/core/templates/login/base.html
@@ -23,7 +23,7 @@
         <header class="pf-c-login__header">
             <img class="pf-c-brand" src="{% static 'passbook/logo.svg' %}" style="height: 60px;"
                 alt="passbook icon" />
-            <img class="pf-c-brand" src="{% static 'passbook/brand.svg' %}" style="height: 80px;"
+            <img class="pf-c-brand" src="{% static 'passbook/brand.svg' %}" style="height: 60px;"
                 alt="passbook branding" />
         </header>
         <main class="pf-c-login__main">
diff --git a/passbook/providers/saml/views.py b/passbook/providers/saml/views.py
index 61c7ca8fb..793cfeab9 100644
--- a/passbook/providers/saml/views.py
+++ b/passbook/providers/saml/views.py
@@ -125,6 +125,10 @@ class LoginBeginView(AccessRequiredView):
             )
         )
 
+    @method_decorator(csrf_exempt)
+    def dispatch(self, *args, **kwargs):
+        return super().dispatch(*args, **kwargs)
+
     @method_decorator(csrf_exempt)
     def get(self, request: HttpRequest, application: str) -> HttpResponse:
         """Handle REDIRECT bindings"""