You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hi there,
Recently I have been working on a project that uses Django Saml2 Auth for signing on. A while back I was asked to add Single Sign On to the project which should have been very simple to do. However this turned out to be very difficult because Django Saml2 Auth did not have a Single Sign On functionality as far as I could tell. Therefore to get Single Sign on added to the project I had to write my own wrapper classes as follows:
def isc_signin(request):
next_url = request.GET.get("next", "")
# Only permit signin requests where the next_url is a safe URL
if next_url != "" and not is_safe_url(next_url, None):
return HttpResponseRedirect(
get_reverse([denied, "denied", "django_saml2_auth:denied"])
)
# Save the value of the configured relay_state
old_rs = ""
if "relay_state" in settings.SAML2_AUTH["SAML_CLIENT_SETTINGS"]["service"]["sp"]:
old_rs = settings.SAML2_AUTH["SAML_CLIENT_SETTINGS"]["service"]["sp"]["relay_state"]
# Temporarily change the configured relay_state while we call signin().
settings.SAML2_AUTH["SAML_CLIENT_SETTINGS"]["service"]["sp"]["relay_state"] = urllib.parse.quote(next_url)
viewresult = django_saml2_auth.views.signin(request)
# Return the configured relay_state to the saved value
settings.SAML2_AUTH["SAML_CLIENT_SETTINGS"]["service"]["sp"]["relay_state"] = old_rs
return viewresult
@csrf_exempt
def isc_acs(request):
# Recover the next_url from the RelayState POST data.
if request.method == 'POST':
if "RelayState" in request.POST:
next_url = urllib.parse.unquote(request.POST.get("RelayState"))
# Only permit signin requests where the next_url is a safe URL
if not is_safe_url(next_url, None):
return HttpResponseRedirect(
get_reverse([denied, "denied", "django_saml2_auth:denied"])
)
# print("+++++ Got relay_state:", next_url)
request.session["login_next_url"] = next_url
return django_saml2_auth.views.acs(request)
I therefore wanted to ask if it would be possible to add some form of this code to the Django Saml2 Auth project so that I could remove these wrapper functions?
Thanks
The text was updated successfully, but these errors were encountered:
Hi there,
Recently I have been working on a project that uses Django Saml2 Auth for signing on. A while back I was asked to add Single Sign On to the project which should have been very simple to do. However this turned out to be very difficult because Django Saml2 Auth did not have a Single Sign On functionality as far as I could tell. Therefore to get Single Sign on added to the project I had to write my own wrapper classes as follows:
def isc_signin(request):
@csrf_exempt
def isc_acs(request):
I therefore wanted to ask if it would be possible to add some form of this code to the Django Saml2 Auth project so that I could remove these wrapper functions?
Thanks
The text was updated successfully, but these errors were encountered: