From 078cec602ad50ce906f2bbd4f51abf02fe6a3579 Mon Sep 17 00:00:00 2001 From: Cristiano Singulani Date: Wed, 4 Sep 2024 17:22:52 -0300 Subject: [PATCH] Saml2 (#299) * Fixed saml2 auth * Fixed saml2 auth * Fixed saml2 auth * Fixed saml2 auth --- backend/core/saml2.py | 4 ++-- backend/pzserver/settings.py | 16 ++++++++++++---- 2 files changed, 14 insertions(+), 6 deletions(-) diff --git a/backend/core/saml2.py b/backend/core/saml2.py index c1998b0..9257e22 100644 --- a/backend/core/saml2.py +++ b/backend/core/saml2.py @@ -10,8 +10,8 @@ def _update_user(self, user, attributes: dict, attribute_mapping: dict, force_sa log = logging.getLogger("saml") - log.debug("USER: ", user) - log.debug("ATTRIBUTES: ", attributes) + log.debug("USER: %s", user) + log.debug("ATTRIBUTES: %s", attributes) display_name = attributes.get('cn', [""])[0] diff --git a/backend/pzserver/settings.py b/backend/pzserver/settings.py index ecc2516..c13b68f 100644 --- a/backend/pzserver/settings.py +++ b/backend/pzserver/settings.py @@ -13,7 +13,8 @@ import os import saml2 -import saml2.saml + +# import saml2.saml # Build paths inside the project like this: BASE_DIR / 'subdir'. # BASE_DIR = Path(__file__).resolve().parent.parent @@ -29,7 +30,7 @@ SECRET_KEY = os.getenv("SECRET_KEY") # SECURITY WARNING: don't run with debug turned on in production! -DEBUG = int(os.getenv("DEBUG", 1)) +DEBUG = int(os.getenv("DEBUG", "1")) # Application definition @@ -364,6 +365,12 @@ "email": ("email",), } + METADATAS = str(os.getenv("IDP_METADATA")).split(",") + METADATA_URLS = [] + + for metadata in METADATAS: + METADATA_URLS.append({"url": metadata, "cert": None}) + SAML_CONFIG = { # Biblioteca usada para assinatura e criptografia "xmlsec_binary": "/usr/bin/xmlsec1", @@ -411,9 +418,10 @@ }, # Indica onde os metadados podem ser encontrados "metadata": { - "local": [os.getenv("IDP_METADATA")], + "remote": METADATA_URLS, + # "local": [os.getenv("IDP_METADATA")], }, - "debug": os.getenv("DEBUG", 1), + "debug": os.getenv("DEBUG", "1"), # Signature "key_file": SIG_KEY_PEM, # private part "cert_file": SIG_CERT_PEM, # public part