Commit 78d4ed31 by Omar Khan

Revert "Keep SAML configuration check"

This reverts commit a020464a.
parent a020464a
...@@ -2,6 +2,7 @@ ...@@ -2,6 +2,7 @@
Slightly customized python-social-auth backend for SAML 2.0 support Slightly customized python-social-auth backend for SAML 2.0 support
""" """
import logging import logging
from django.http import Http404
from social.backends.saml import SAMLAuth, OID_EDU_PERSON_ENTITLEMENT from social.backends.saml import SAMLAuth, OID_EDU_PERSON_ENTITLEMENT
from social.exceptions import AuthForbidden, AuthMissingParameter from social.exceptions import AuthForbidden, AuthMissingParameter
...@@ -25,9 +26,6 @@ class SAMLAuthBackend(SAMLAuth): # pylint: disable=abstract-method ...@@ -25,9 +26,6 @@ class SAMLAuthBackend(SAMLAuth): # pylint: disable=abstract-method
if not hasattr(self, '_config'): if not hasattr(self, '_config'):
from .models import SAMLConfiguration from .models import SAMLConfiguration
self._config = SAMLConfiguration.current() # pylint: disable=attribute-defined-outside-init self._config = SAMLConfiguration.current() # pylint: disable=attribute-defined-outside-init
if not self._config.enabled:
from django.core.exceptions import ImproperlyConfigured
raise ImproperlyConfigured("SAML Authentication is not enabled.")
try: try:
return self._config.get_setting(name) return self._config.get_setting(name)
except KeyError: except KeyError:
...@@ -35,14 +33,18 @@ class SAMLAuthBackend(SAMLAuth): # pylint: disable=abstract-method ...@@ -35,14 +33,18 @@ class SAMLAuthBackend(SAMLAuth): # pylint: disable=abstract-method
def auth_url(self): def auth_url(self):
""" """
Check that the request includes an 'idp' parameter before getting the Check that SAML is enabled and that the request includes an 'idp'
URL to which we must redirect in order to authenticate the user. parameter before getting the URL to which we must redirect in order to
authenticate the user.
raise Http404 if SAML is disabled
raise AuthMissingParameter if the 'idp' parameter is missing. raise AuthMissingParameter if the 'idp' parameter is missing.
TODO: remove this method once the fix is merged upstream: TODO: remove this method once the fix is merged upstream:
https://github.com/omab/python-social-auth/pull/821 https://github.com/omab/python-social-auth/pull/821
""" """
if not self._config.enabled:
raise Http404
if 'idp' not in self.strategy.request_data(): if 'idp' not in self.strategy.request_data():
raise AuthMissingParameter(self, 'idp') raise AuthMissingParameter(self, 'idp')
return super(SAMLAuthBackend, self).auth_url() return super(SAMLAuthBackend, self).auth_url()
......
...@@ -2,7 +2,7 @@ ...@@ -2,7 +2,7 @@
from django.conf.urls import include, patterns, url from django.conf.urls import include, patterns, url
from .views import inactive_user_view, saml_metadata_view, lti_login_and_complete_view, post_to_custom_auth_form, login from .views import inactive_user_view, saml_metadata_view, lti_login_and_complete_view, post_to_custom_auth_form
urlpatterns = patterns( urlpatterns = patterns(
'', '',
...@@ -10,6 +10,5 @@ urlpatterns = patterns( ...@@ -10,6 +10,5 @@ urlpatterns = patterns(
url(r'^auth/custom_auth_entry', post_to_custom_auth_form, name='tpa_post_to_custom_auth_form'), url(r'^auth/custom_auth_entry', post_to_custom_auth_form, name='tpa_post_to_custom_auth_form'),
url(r'^auth/saml/metadata.xml', saml_metadata_view), url(r'^auth/saml/metadata.xml', saml_metadata_view),
url(r'^auth/login/(?P<backend>lti)/$', lti_login_and_complete_view), url(r'^auth/login/(?P<backend>lti)/$', lti_login_and_complete_view),
url(r'^auth/login/(?P<backend>[^/]+)/$', login),
url(r'^auth/', include('social.apps.django_app.urls', namespace='social')), url(r'^auth/', include('social.apps.django_app.urls', namespace='social')),
) )
...@@ -7,7 +7,7 @@ from django.http import HttpResponse, HttpResponseServerError, Http404, HttpResp ...@@ -7,7 +7,7 @@ from django.http import HttpResponse, HttpResponseServerError, Http404, HttpResp
from django.shortcuts import redirect, render from django.shortcuts import redirect, render
from django.views.decorators.csrf import csrf_exempt from django.views.decorators.csrf import csrf_exempt
import social import social
from social.apps.django_app.views import auth, complete from social.apps.django_app.views import complete
from social.apps.django_app.utils import load_strategy, load_backend from social.apps.django_app.utils import load_strategy, load_backend
from social.utils import setting_name from social.utils import setting_name
from .models import SAMLConfiguration from .models import SAMLConfiguration
...@@ -61,16 +61,6 @@ def lti_login_and_complete_view(request, backend, *args, **kwargs): ...@@ -61,16 +61,6 @@ def lti_login_and_complete_view(request, backend, *args, **kwargs):
return complete(request, backend, *args, **kwargs) return complete(request, backend, *args, **kwargs)
def login(*args, **kwargs):
"""
Wraps the python social auth login view to return a 404 if third party
auth is disabled.
"""
if not SAMLConfiguration.is_enabled():
raise Http404
return auth(*args, **kwargs)
def post_to_custom_auth_form(request): def post_to_custom_auth_form(request):
""" """
Redirect to a custom login/register page. Redirect to a custom login/register page.
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment