From c9445d3c1e4533584d501df9dbbae659db14fbb6 Mon Sep 17 00:00:00 2001 From: Cristiano Singulani Date: Mon, 2 Sep 2024 14:43:15 -0300 Subject: [PATCH 1/4] Fixed saml2 auth --- backend/pzserver/settings.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/backend/pzserver/settings.py b/backend/pzserver/settings.py index ecc2516..2492090 100644 --- a/backend/pzserver/settings.py +++ b/backend/pzserver/settings.py @@ -411,7 +411,8 @@ }, # Indica onde os metadados podem ser encontrados "metadata": { - "local": [os.getenv("IDP_METADATA")], + "remote": [{"url": os.getenv("IDP_METADATA"), "cert": None}], + # "local": [os.getenv("IDP_METADATA")], }, "debug": os.getenv("DEBUG", 1), # Signature From 65c410417863a722fce0824c3746caeb6ba5c5b7 Mon Sep 17 00:00:00 2001 From: Cristiano Singulani Date: Tue, 3 Sep 2024 11:47:31 -0300 Subject: [PATCH 2/4] Fixed saml2 auth --- backend/pzserver/settings.py | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/backend/pzserver/settings.py b/backend/pzserver/settings.py index 2492090..98cf897 100644 --- a/backend/pzserver/settings.py +++ b/backend/pzserver/settings.py @@ -364,6 +364,12 @@ "email": ("email",), } + METADATAS = str(os.getenv("IDP_METADATA")).split(",") + METADATA_URLS = [] + + for metadata in METADATAS: + METADATA_URLS.append({"url": metadata, "cert": None}) + SAML_CONFIG = { # Biblioteca usada para assinatura e criptografia "xmlsec_binary": "/usr/bin/xmlsec1", @@ -411,10 +417,10 @@ }, # Indica onde os metadados podem ser encontrados "metadata": { - "remote": [{"url": os.getenv("IDP_METADATA"), "cert": None}], + "remote": METADATA_URLS, # "local": [os.getenv("IDP_METADATA")], }, - "debug": os.getenv("DEBUG", 1), + "debug": os.getenv("DEBUG", "1"), # Signature "key_file": SIG_KEY_PEM, # private part "cert_file": SIG_CERT_PEM, # public part From bfad3a81527b425da6e609e1cd60a9725d536857 Mon Sep 17 00:00:00 2001 From: Cristiano Singulani Date: Wed, 4 Sep 2024 14:20:47 -0300 Subject: [PATCH 3/4] Fixed saml2 auth --- backend/pzserver/settings.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/backend/pzserver/settings.py b/backend/pzserver/settings.py index 98cf897..c13b68f 100644 --- a/backend/pzserver/settings.py +++ b/backend/pzserver/settings.py @@ -13,7 +13,8 @@ import os import saml2 -import saml2.saml + +# import saml2.saml # Build paths inside the project like this: BASE_DIR / 'subdir'. # BASE_DIR = Path(__file__).resolve().parent.parent @@ -29,7 +30,7 @@ SECRET_KEY = os.getenv("SECRET_KEY") # SECURITY WARNING: don't run with debug turned on in production! -DEBUG = int(os.getenv("DEBUG", 1)) +DEBUG = int(os.getenv("DEBUG", "1")) # Application definition From d35e009f0f1ff8d8c481da6acb797ea32c6918a2 Mon Sep 17 00:00:00 2001 From: Cristiano Singulani Date: Wed, 4 Sep 2024 17:18:22 -0300 Subject: [PATCH 4/4] Fixed saml2 auth --- backend/core/saml2.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/backend/core/saml2.py b/backend/core/saml2.py index c1998b0..9257e22 100644 --- a/backend/core/saml2.py +++ b/backend/core/saml2.py @@ -10,8 +10,8 @@ def _update_user(self, user, attributes: dict, attribute_mapping: dict, force_sa log = logging.getLogger("saml") - log.debug("USER: ", user) - log.debug("ATTRIBUTES: ", attributes) + log.debug("USER: %s", user) + log.debug("ATTRIBUTES: %s", attributes) display_name = attributes.get('cn', [""])[0]