From 9f8fb7378abbd8274faff921e3bc2505a18b7699 Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Thu, 18 Apr 2019 11:30:21 +0200 Subject: [PATCH] add audience field, switch base processor, better handle processor loading failure --- passbook/saml_idp/base.py | 6 +----- passbook/saml_idp/forms.py | 3 ++- .../migrations/0003_samlprovider_audience.py | 18 ++++++++++++++++++ .../migrations/0004_auto_20190418_0918.py | 18 ++++++++++++++++++ passbook/saml_idp/models.py | 6 +++++- 5 files changed, 44 insertions(+), 7 deletions(-) create mode 100644 passbook/saml_idp/migrations/0003_samlprovider_audience.py create mode 100644 passbook/saml_idp/migrations/0004_auto_20190418_0918.py diff --git a/passbook/saml_idp/base.py b/passbook/saml_idp/base.py index c394a7bfd..5aa21846b 100644 --- a/passbook/saml_idp/base.py +++ b/passbook/saml_idp/base.py @@ -116,11 +116,7 @@ class Processor: def _determine_audience(self): """Determines the _audience.""" - self._audience = self._request_params.get('DESTINATION', None) - - if not self._audience: - self._audience = self._request_params.get('PROVIDER_NAME', None) - + self._audience = self._remote.audience self._logger.info('determined audience') def _determine_response_id(self): diff --git a/passbook/saml_idp/forms.py b/passbook/saml_idp/forms.py index d305b2990..98a17cc32 100644 --- a/passbook/saml_idp/forms.py +++ b/passbook/saml_idp/forms.py @@ -25,7 +25,7 @@ class SAMLProviderForm(forms.ModelForm): class Meta: model = SAMLProvider - fields = ['name', 'property_mappings', 'acs_url', 'processor_path', 'issuer', + fields = ['name', 'property_mappings', 'acs_url', 'audience', 'processor_path', 'issuer', 'assertion_valid_for', 'signing', 'signing_cert', 'signing_key', ] labels = { 'acs_url': 'ACS URL', @@ -33,6 +33,7 @@ class SAMLProviderForm(forms.ModelForm): } widgets = { 'name': forms.TextInput(), + 'audience': forms.TextInput(), 'issuer': forms.TextInput(), 'property_mappings': FilteredSelectMultiple(_('Property Mappings'), False) } diff --git a/passbook/saml_idp/migrations/0003_samlprovider_audience.py b/passbook/saml_idp/migrations/0003_samlprovider_audience.py new file mode 100644 index 000000000..f183d53a8 --- /dev/null +++ b/passbook/saml_idp/migrations/0003_samlprovider_audience.py @@ -0,0 +1,18 @@ +# Generated by Django 2.2 on 2019-04-18 09:09 + +from django.db import migrations, models + + +class Migration(migrations.Migration): + + dependencies = [ + ('passbook_saml_idp', '0002_samlpropertymapping'), + ] + + operations = [ + migrations.AddField( + model_name='samlprovider', + name='audience', + field=models.TextField(blank=True, default=''), + ), + ] diff --git a/passbook/saml_idp/migrations/0004_auto_20190418_0918.py b/passbook/saml_idp/migrations/0004_auto_20190418_0918.py new file mode 100644 index 000000000..a12725415 --- /dev/null +++ b/passbook/saml_idp/migrations/0004_auto_20190418_0918.py @@ -0,0 +1,18 @@ +# Generated by Django 2.2 on 2019-04-18 09:18 + +from django.db import migrations, models + + +class Migration(migrations.Migration): + + dependencies = [ + ('passbook_saml_idp', '0003_samlprovider_audience'), + ] + + operations = [ + migrations.AlterField( + model_name='samlprovider', + name='audience', + field=models.TextField(default=''), + ), + ] diff --git a/passbook/saml_idp/models.py b/passbook/saml_idp/models.py index 4d9d2f400..14a85db2c 100644 --- a/passbook/saml_idp/models.py +++ b/passbook/saml_idp/models.py @@ -15,6 +15,7 @@ class SAMLProvider(Provider): name = models.TextField() acs_url = models.URLField() + audience = models.TextField(default='') processor_path = models.CharField(max_length=255, choices=[]) issuer = models.TextField() assertion_valid_for = models.IntegerField(default=86400) @@ -33,7 +34,10 @@ class SAMLProvider(Provider): def processor(self): """Return selected processor as instance""" if not self._processor: - self._processor = path_to_class(self.processor_path)(self) + try: + self._processor = path_to_class(self.processor_path)(self) + except ModuleNotFoundError: + self._processor = None return self._processor def __str__(self):