diff --git a/passbook/providers/saml/templates/saml/xml/metadata.xml b/passbook/providers/saml/templates/saml/xml/metadata.xml
index a560abb35..b2ee996e1 100644
--- a/passbook/providers/saml/templates/saml/xml/metadata.xml
+++ b/passbook/providers/saml/templates/saml/xml/metadata.xml
@@ -17,6 +17,7 @@
{{ subject_format }}
-
+
+
diff --git a/passbook/providers/saml/views.py b/passbook/providers/saml/views.py
index 8869b6762..2c1931056 100644
--- a/passbook/providers/saml/views.py
+++ b/passbook/providers/saml/views.py
@@ -134,9 +134,7 @@ class LoginProcessView(AccessRequiredView):
try:
# application.skip_authorization is set so we directly redirect the user
if self.provider.application.skip_authorization:
- self.provider.processor.can_handle(request)
- saml_params = self.provider.processor.generate_response()
- return self.handle_redirect(saml_params, True)
+ return self.post(request, application)
self.provider.processor.init_deep_link(request)
params = self.provider.processor.generate_response()
@@ -233,7 +231,7 @@ class DescriptorDownloadView(AccessRequiredView):
kwargs={"application": provider.application.slug},
)
)
- sso_url = request.build_absolute_uri(
+ sso_post_url = request.build_absolute_uri(
reverse(
"passbook_providers_saml:saml-login",
kwargs={"application": provider.application.slug},
@@ -247,7 +245,9 @@ class DescriptorDownloadView(AccessRequiredView):
"entity_id": entity_id,
"cert_public_key": pubkey,
"slo_url": slo_url,
- "sso_url": sso_url,
+ # Currently, the same endpoint accepts POST and REDIRECT
+ "sso_post_url": sso_post_url,
+ "sso_redirect_url": sso_post_url,
"subject_format": subject_format,
}
return render_to_string("saml/xml/metadata.xml", ctx)