0001-misc-disable-AuthnRequest-eo-next_url-Extensions-by-.patch
mellon/app_settings.py | ||
---|---|---|
13 | 13 |
'NAME_ID_POLICY_FORMAT': None, |
14 | 14 |
'NAME_ID_POLICY_ALLOW_CREATE': True, |
15 | 15 |
'FORCE_AUTHN': False, |
16 |
'ADD_AUTHNREQUEST_NEXT_URL_EXTENSION': False, |
|
16 | 17 |
'ADAPTER': ( |
17 | 18 |
'mellon.adapters.DefaultAdapter', |
18 | 19 |
), |
mellon/views.py | ||
---|---|---|
363 | 363 |
authn_request.requestedAuthnContext = req_authncontext |
364 | 364 |
req_authncontext.authnContextClassRef = authn_classref |
365 | 365 | |
366 |
authn_request.extensions = lasso.Samlp2Extensions() |
|
367 |
authn_request.extensions.setOriginalXmlnode( |
|
368 |
'''<samlp:Extensions |
|
369 |
xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" |
|
370 |
xmlns:eo="https://www.entrouvert.com/"> |
|
371 |
<eo:next_url>%s</eo:next_url> |
|
372 |
</samlp:Extensions>''' % |
|
373 |
escape(request.build_absolute_uri(next_url or '/'))) |
|
366 |
if utils.get_setting(idp, 'ADD_AUTHNREQUEST_NEXT_URL_EXTENSION'): |
|
367 |
authn_request.extensions = lasso.Samlp2Extensions() |
|
368 |
authn_request.extensions.setOriginalXmlnode( |
|
369 |
'''<samlp:Extensions |
|
370 |
xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" |
|
371 |
xmlns:eo="https://www.entrouvert.com/"> |
|
372 |
<eo:next_url>%s</eo:next_url> |
|
373 |
</samlp:Extensions>''' % |
|
374 |
escape(request.build_absolute_uri(next_url or '/'))) |
|
374 | 375 |
self.set_next_url(next_url) |
375 | 376 |
login.buildAuthnRequestMsg() |
376 | 377 |
except lasso.Error, e: |
377 |
- |