Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
load_backend
def saml_metadata_view(request):
complete_url = reverse('social:complete', args=("saml", ))
saml_backend = load_backend(load_strategy(request), "saml",
complete_url)
metadata, errors = saml_backend.generate_metadata_xml()
if not errors:
return HttpResponse(content=metadata,
content_type='text/xml')
return HttpResponseServerError(content=', '.join(errors))
"""
# python-saml requires us to specify something here even
# though it's not used
idp = DummySAMLIdentityProvider()
config = self.generate_saml_config(idp)
saml_settings = OneLogin_Saml2_Settings(config)
metadata = saml_settings.get_sp_metadata()
errors = saml_settings.validate_metadata(metadata)
return metadata, errors
def _check_python_saml():
if not python_saml_imported:
python_saml_name = 'python3-saml' if sys.version_info >= (3, 0) else 'python-saml'
raise cherrypy.HTTPError(400,
'Required library not found: `{}`'.format(python_saml_name))
try:
OneLogin_Saml2_Settings(mgr.SSO_DB.saml2.onelogin_settings)
except OneLogin_Saml2_Error:
raise cherrypy.HTTPError(400, 'Single Sign-On is not configured.')
def handle_sso_command(cmd):
if cmd['prefix'] not in ['dashboard sso enable saml2',
'dashboard sso disable',
'dashboard sso status',
'dashboard sso show saml2',
'dashboard sso setup saml2']:
return -errno.ENOSYS, '', ''
if not python_saml_imported:
return -errno.EPERM, '', 'Required library not found: `python3-saml`'
if cmd['prefix'] == 'dashboard sso enable saml2':
try:
Saml2Settings(mgr.SSO_DB.saml2.onelogin_settings)
except Saml2Error:
return -errno.EPERM, '', 'Single Sign-On is not configured: ' \
'use `ceph dashboard sso setup saml2`'
mgr.SSO_DB.protocol = 'saml2'
mgr.SSO_DB.save()
return 0, 'SSO is "enabled" with "SAML2" protocol.', ''
if cmd['prefix'] == 'dashboard sso disable':
mgr.SSO_DB.protocol = ''
mgr.SSO_DB.save()
return 0, 'SSO is "disabled".', ''
if cmd['prefix'] == 'dashboard sso status':
if mgr.SSO_DB.protocol == 'saml2':
return 0, 'SSO is "enabled" with "SAML2" protocol.', ''
Example usage (Django):
from ..apps.django_app.utils import load_strategy, \
load_backend
def saml_metadata_view(request):
complete_url = reverse('social:complete', args=("saml", ))
saml_backend = load_backend(load_strategy(request), "saml",
complete_url)
metadata, errors = saml_backend.generate_metadata_xml()
if not errors:
return HttpResponse(content=metadata,
content_type='text/xml')
return HttpResponseServerError(content=', '.join(errors))
"""
config = self.generate_saml_config()
saml_settings = OneLogin_Saml2_Settings(
config,
sp_validation_only=True
)
metadata = saml_settings.get_sp_metadata()
errors = saml_settings.validate_metadata(metadata)
return metadata, errors
def metadata(request):
# req = prepare_django_request(request)
# auth = init_saml_auth(req)
# saml_settings = auth.get_settings()
saml_settings = OneLogin_Saml2_Settings(settings=None, custom_base_path=settings.SAML_FOLDER, sp_validation_only=True)
metadata = saml_settings.get_sp_metadata()
errors = saml_settings.validate_metadata(metadata)
if len(errors) == 0:
resp = HttpResponse(content=metadata, content_type='text/xml')
else:
resp = HttpResponseServerError(content=', '.join(errors))
return resp
def __init__(self, request_data, old_settings=None, custom_base_path=None):
"""
Initializes the SP SAML instance.
:param request_data: Request Data
:type request_data: dict
:param old_settings: Optional. SAML Toolkit Settings
:type old_settings: dict
:param custom_base_path: Optional. Path where are stored the settings file and the cert folder
:type custom_base_path: string
"""
self.__request_data = request_data
if isinstance(old_settings, OneLogin_Saml2_Settings):
self.__settings = old_settings
else:
self.__settings = OneLogin_Saml2_Settings(old_settings, custom_base_path)
self.__attributes = dict()
self.__nameid = None
self.__session_index = None
self.__session_expiration = None
self.__authenticated = False
self.__errors = []
self.__error_reason = None
onelogin_settings = {
self.DEBUG: self._configuration.get_debug(db),
self.STRICT: self._configuration.get_strict(db)
}
identity_provider_settings = self.get_identity_provider_settings(db, idp_entity_id)
service_provider_settings = self.get_service_provider_settings(db)
onelogin_settings.update(identity_provider_settings)
onelogin_settings.update(service_provider_settings)
# We need to use disjunction separately because dict.update just overwrites values
onelogin_settings[self.SECURITY][self.AUTHN_REQUESTS_SIGNED] = \
service_provider_settings[self.SECURITY][self.AUTHN_REQUESTS_SIGNED] or \
service_provider_settings[self.SECURITY][self.AUTHN_REQUESTS_SIGNED]
settings = OneLogin_Saml2_Settings(onelogin_settings)
return {
self.DEBUG: self._configuration.get_debug(db),
self.STRICT: self._configuration.get_strict(db),
self.IDP: settings.get_idp_data(),
self.SP: settings.get_sp_data(),
self.SECURITY: settings.get_security_data()
}
def metadata(self):
Saml2._check_python_saml()
saml_settings = OneLogin_Saml2_Settings(mgr.SSO_DB.saml2.onelogin_settings)
return saml_settings.get_sp_metadata()