Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

IDP dynamic configuration #126

Open
wants to merge 13 commits into
base: master
Choose a base branch
from
Open

IDP dynamic configuration #126

wants to merge 13 commits into from

Conversation

challet
Copy link
Contributor

@challet challet commented Mar 19, 2021
edited
Loading

This PR adds two main dynamic and optional configuration settings :

SAML_IDP_CONF_LOADER : a path to a callable that can adapt the IDP configuration, taking two arguments :

  • static_config : the configuration dict defined by the existing SAML_IDP_CONF setting
  • request : the http request being handled

SAML_IDP_FILTER_SP_QUERYSET : a path to a callable that should return the queryset of SPs available along the request being handled. It takes two arguments :

  • original_queryset : the queryset orginaly used : all active SPs
  • request : the http request being handled

challet
challet commented Mar 19, 2021
View reviewed changes
Copy link
Contributor Author

@challet challet left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Some comments on the changes being done

djangosaml2idp/idp.py


class IDP:
""" Access point for the IDP Server instance
"""
_server_instance: Server = None
_server_instances: Dict[str, Server] = {}
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There are now several instances cached : the keys of this dict are the entityids of the metadata. So it is expected the IDP conf is persistent for one entityid (see the load method)

djangosaml2idp/views.py
@@ -414,18 +435,20 @@ def get(self, request: HttpRequest, *args, **kwargs):
return self.render_response(request, html_response, None)


@method_decorator(never_cache, name="dispatch")
class MetadataView(IdPHandlerViewMixin, View):
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Moved as a class based view for inheriting the dynamic configuration loading method

djangosaml2idp/models.py
@@ -228,14 +228,10 @@ def metadata_path(self) -> str:

@property
def sign_response(self) -> bool:
if self._sign_response is None:
return getattr(IDP.load().config, "sign_response", False)
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No more IDP load in models since their config depends on the http request

@challet challet mentioned this pull request Mar 19, 2021
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@challet