Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Rebase django-saml2-auth to 2.2.1 #4

Merged
merged 39 commits into from
Aug 6, 2019
Merged

Rebase django-saml2-auth to 2.2.1 #4

merged 39 commits into from
Aug 6, 2019

Conversation

caioariede
Copy link

No description provided.

fang.li and others added 30 commits April 13, 2017 17:22
Version 2.1.0, add DEFAULT_NEXT_URL
2107e3b
@tonymke
Add optional ASSERTION_URL setting
de96027 
We pass the result of `get_current_domain` to pysaml2 to validate
the source of the incoming StatusResponse (the scheme+host of the
request).

This is not viable in a reverse proxy scenario, in particular when the
host, port, and/or scheme of the django server changes with churn.

As a solution, alter `get_current_domain` to just use a setting
variable, `ASSERTION_URL`, instead of the scheme and host of the
incoming SAML request. If the setting is not present, use the
current behavior.
@tonylechner-mitel
Pythonic map value check
f62bb38
@tonymke
Describe ASSERTION_URL in readme
2fffe0b
@fangli
Merge pull request fangli#23 from tonymke/master
f8066f2 
Add optional ASSERTION_URL setting
@fangli
Update AUTHORS.rst
3a33f50
release 2.1.1
e4216c2
Import reverse from django.url for versions >= 2.0
e953ca9
@andreloose
removed local temp file creation
238fd02 
see https://pysaml2.readthedocs.io/en/latest/howto/config.html#metadata
@fangli
Merge pull request fangli#35 from pintor/master
275d56a 
Import reverse from django.url for versions >= 2.0
@fangli
Merge pull request fangli#37 from andreloose/master
633def4 
removed local temp file creation
update version 2.1.2
aabb629
Use Group.set() instead of assignment for Django 2.0 support
c4098e8
unquoting the logout view method reference
bf5e3e6
@fangli
Merge pull request fangli#38 from pintor/master
b9072b6 
Use Group.set() instead of assignment for Django 2.0 support
@fangli
Merge pull request fangli#40 from BaconAndEggs/tiny_readme_logout_typo
8e8f3c3 
unquoting the logout view method reference
adding optional configuration for ADFS SAML compatibility
4d274ab
@fangli
Merge pull request fangli#42 from BaconAndEggs/adfs_idp_support_chang…
7006891 
…e_proposal

adding optional configuration for ADFS SAML compatibility
Merged PRs and did some cleaning
3f7be23
@jberkz
Allow pysaml2 to be a more recent version.
f510751
@jberkz
Merge pull request #1 from jberkz/pysaml2-update
8e6eeee 
Allow pysaml2 to be a more recent version.
@fangli
Merge pull request fangli#55 from jberkz/master
370af21 
Allow installation of newer versions of pysaml2 to resolve vulnerabilities
@fangli
fix django 2 compatibility
90a2409
@mahaffey
Add name to AUTHORS as requested in docs, added djangorestframework-j…
4071492 
…wt dependency, made the User model come from get_user_model method
@mahaffey
Added JWT authentication to views.py through use of a settings file. …
27e2a0e 
…New settings: USE_JWT and FRONTEND_URL. Added django-rest-auth to setup.py
@mahaffey
Better handling of accessing USE_JWT setting in views.py
8df984c
@mahaffey
Added is True check to USE_JWT setting call
7cfeb02
@kevPo
Added support for local metadata file.
df1ab60
@kevPo
Added new user creation setting.
7650fbc
@ayr-ton
Merge pull request fangli#64 from kevPo/create-user-flag
8fe1bab 
Added new user creation setting.
@caioariede caioariede force-pushed the fix/rebase_to_2.2.1_a branch from ae2a315 to 2cce832 Compare August 6, 2019 11:12
@caioariede caioariede requested a review from FabioFleitas August 6, 2019 11:24
@FabioFleitas
Copy link
Member

@caioariede Could we actually split this up into 2 PRs? One with the rebase and another with the single change for us? That way we can easily track via a PR?

@caioariede caioariede force-pushed the fix/rebase_to_2.2.1_a branch from 5dce3b6 to 7914e93 Compare August 6, 2019 17:20
@caioariede
Copy link
Author

@FabioFleitas updated

FabioFleitas
FabioFleitas approved these changes Aug 6, 2019
View reviewed changes
README.rst

# Optional settings
# Optional settings below
'DEFAULT_NEXT_URL': '/admin', # Custom target redirect URL after the user get logged in. Default to /admin if not set. This setting will be overwritten if you have parameter ?next= specificed in the login URL.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Will we need to update this in our settings?

README.rst
# Optional settings
# Optional settings below
'DEFAULT_NEXT_URL': '/admin', # Custom target redirect URL after the user get logged in. Default to /admin if not set. This setting will be overwritten if you have parameter ?next= specificed in the login URL.
'CREATE_USER': 'TRUE', # Create a new Django user when a new user logs in. Defaults to True.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We will likely want to turn this off in our settings as well right?

@caioariede caioariede merged commit 072b806 into master Aug 6, 2019
@caioariede caioariede deleted the fix/rebase_to_2.2.1_a branch August 6, 2019 17:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@FabioFleitas FabioFleitas FabioFleitas approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.