flask-multipass icon indicating copy to clipboard operation
flask-multipass copied to clipboard

Published 20 hours ago verified publisher icon indico

Support SAML groups via attribute

Open kewisch opened this issue 3 years ago • 1 comments
trafficstars

In the SAML provider, it would be great if Groups were implemented. IIUC, there could be code in the saml identity provider that reads a group membership from the SAML attributes, and the IDP/SP need to be configured to pass on that group membership.

kewisch avatar Oct 11 '22 11:10 kewisch

While implementing it would be possible, you'd need to keep this state around somewhere. And assuming that you use flask-multipass in Indico the problem is that everything there expects to have access to group information on the fly regardless of a login session.

However, feel free to create a custom multipass provider that handles this data and then caches it somehow. For the caching part you could have a look at our flask-multipass-cern repo where we pass a cache object via the config and then use it in the multipass provider.

ThiefMaster avatar Oct 11 '22 11:10 ThiefMaster