trustchain-oc1-orchestral/authentik
Archived
10
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

*/saml: fix MetadataProcessor having generic namespace prefixes

Browse source
This commit is contained in:
Jens Langhammer 2020-07-12 18:40:43 +02:00
parent 47ca566d06
commit f7b9de1261
2 changed files with 5 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
passbook/providers/saml/processors/metadata.py
View file

@ -1,10 +1,9 @@
"""SAML Identity Provider Metadata Processor""" """SAML Identity Provider Metadata Processor"""
from typing import Iterator, Optional from typing import Iterator, Optional
from defusedxml import ElementTree
from django.http import HttpRequest from django.http import HttpRequest
from django.shortcuts import reverse from django.shortcuts import reverse
from lxml.etree import Element, SubElement # nosec from lxml.etree import Element, SubElement, tostring # nosec
from signxml.util import strip_pem_header from signxml.util import strip_pem_header
from passbook.providers.saml.models import SAMLProvider from passbook.providers.saml.models import SAMLProvider
@ -106,4 +105,4 @@ class MetadataProcessor:
for binding in self.get_bindings(): for binding in self.get_bindings():
idp_sso_descriptor.append(binding) idp_sso_descriptor.append(binding)
return ElementTree.tostring(entity_descriptor).decode() return tostring(entity_descriptor).decode()

6
passbook/sources/saml/processors/metadata.py
View file

@ -3,7 +3,7 @@ from typing import Iterator, Optional
from defusedxml import ElementTree from defusedxml import ElementTree
from django.http import HttpRequest from django.http import HttpRequest
from lxml.etree import Element, SubElement # nosec from lxml.etree import Element, SubElement, tostring # nosec
from signxml.util import strip_pem_header from signxml.util import strip_pem_header
from passbook.sources.saml.models import SAMLSource from passbook.sources.saml.models import SAMLSource
@ -75,7 +75,7 @@ class MetadataProcessor:
] = "urn:oasis:names:tc:SAML:2.0:protocol" ] = "urn:oasis:names:tc:SAML:2.0:protocol"
signing_descriptor = self.get_signing_key_descriptor() signing_descriptor = self.get_signing_key_descriptor()
if signing_descriptor: if signing_descriptor is not None:
sp_sso_descriptor.append(signing_descriptor) sp_sso_descriptor.append(signing_descriptor)
for name_id_format in self.get_name_id_formats(): for name_id_format in self.get_name_id_formats():
@ -91,4 +91,4 @@ class MetadataProcessor:
self.http_request self.http_request
) )
return ElementTree.tostring(entity_descriptor).decode() return tostring(entity_descriptor).decode()