saml2: remove ECP support (#39086)
This commit is contained in:
parent
be5b007d47
commit
9aa6749598
|
@ -105,8 +105,8 @@ def get_remote_provider_cfg(profile):
|
|||
|
||||
class Saml2Directory(Directory):
|
||||
_q_exports = ['login',
|
||||
'singleSignOnArtifact', 'singleSignOnPost', 'singleSignOnSOAP', 'singleSignOnRedirect',
|
||||
'assertionConsumerArtifact', 'assertionConsumerPost', 'assertionConsumerSOAP', 'assertionConsumerRedirect',
|
||||
'singleSignOnArtifact', 'singleSignOnPost', 'singleSignOnRedirect',
|
||||
'assertionConsumerArtifact', 'assertionConsumerPost', 'assertionConsumerRedirect',
|
||||
'singleLogout', 'singleLogoutReturn', 'singleLogoutSOAP',
|
||||
'metadata', ('metadata.xml', 'metadata'), 'public_key']
|
||||
|
||||
|
@ -150,30 +150,6 @@ class Saml2Directory(Directory):
|
|||
</html>
|
||||
""" % { 'url': url, 'body': body}
|
||||
|
||||
@soap_endpoint
|
||||
def assertionConsumerSOAP(self):
|
||||
request = get_request()
|
||||
server = misc.get_lasso_server()
|
||||
if not server:
|
||||
return error_page(_('SAML 2.0 support not yet configured.'))
|
||||
login = lasso.Login(server)
|
||||
paos_message = self.get_soap_message()
|
||||
try:
|
||||
login.processPaosResponseMsg(paos_message)
|
||||
except lasso.Error as error:
|
||||
if error[0] == lasso.LOGIN_ERROR_STATUS_NOT_SUCCESS:
|
||||
response = get_response()
|
||||
response.set_status(401)
|
||||
return 'Authentication failure: %s' % saml2_status_summary(login.response)
|
||||
raise
|
||||
login.acceptSso()
|
||||
|
||||
return self.success_ecp()
|
||||
|
||||
def success_ecp(self):
|
||||
template.html_top()
|
||||
return 'ECP Authentication succeeded.'
|
||||
|
||||
def login(self):
|
||||
return self.perform_login()
|
||||
|
||||
|
@ -787,5 +763,4 @@ class Saml2Directory(Directory):
|
|||
# retain compatibility with old metadatas
|
||||
singleSignOnArtifact = assertionConsumerArtifact
|
||||
singleSignOnPost = assertionConsumerPost
|
||||
singleSignOnSOAP = assertionConsumerSOAP
|
||||
singleSignOnRedirect = assertionConsumerRedirect
|
||||
|
|
|
@ -121,9 +121,6 @@ class Metadata(object):
|
|||
<AssertionConsumerService index="1"
|
||||
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
|
||||
Location="%(saml2_base_url)s/%(ac)sPost" />
|
||||
<AssertionConsumerService index="2"
|
||||
Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS"
|
||||
Location="%(saml2_base_url)s/%(ac)sSOAP" />
|
||||
<AssertionConsumerService index="3"
|
||||
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
|
||||
Location="%(saml2_base_url)s/%(ac)sRedirect" />
|
||||
|
|
Loading…
Reference in New Issue