SATOSA

SATOSA copied to clipboard

Add dynamic requested attributes

2

This MR introduces the feature of populating the requested attributes of the SAML backend's request based on the attributes that were requested from the frontend. ### All Submissions: * [x]...

nsklikas

HTTP Redirect page on UnknowError Exception

1

This PR introduces a new proxy_config.yml parameter called UNKNOW_ERROR_REDIRECT_PAGE, a possibility to redirect to that page all the Users that gets UnknowError Exception in the Http Response. - Added a...

peppelinux

Context state keyError Exception message for humans

2

This PR introduces a human readable message to Users when they gets SATOSA_BASE KeyError. Found it usefull to avoid weird Users open assistane tickets when they gets that "ermetic" error...

peppelinux

Config to disable discovery initiated SAMLBackend flows

6

The current SAMLBackend allows a flow to start with the disco_response() endpoint, i.e., a client passing in the entityID of the IdP to be used for authentication. In most deployments...

skoranda

(WIP) enable microservice-based flow to replay AuthnRequest (requires wsgi_app in registered callback)

1

The rationale for this change is a microservice that is replaying the authentication request to the IDP after receiving the response with a signaling attribute that requires some interaction (like...

rhoerbe

make relay_state in IDP response optional

10

Required for redirecturl microservice because the redirect url handler does not have an opportunity to set the backend relay_state. (Remark: IIUC satosa only sets a backend relaystate in the AuthnRequest...

rhoerbe

fix various logging issues

2

do not obfuscate interactive error message by default. (no "Unknown Error") remove redundant logging in SATOSAbase.__call__ issue #256 correction of saml2.InvalidSignature exception (workaround) format debug data of POST parameters with...

rhoerbe

Problem: SATOSA log includes traceback for errors that are sufficiently clear from the error message. Tracebacks are difficult to handle for line-oriented logs and should be eliminated (but this will...

rhoerbe

Refactor config attributes loading

15

- Extends the validation of the mandatory_dict_keys in config by checking that they also have a value. There is no point in having checks for mandatory keys if they are...

ioparaskev

- Renames to more generic variable name `frontend_entity_descriptors` in `_create_merged_entities_descriptors` function - Split and refactor `create_and_write_saml_metadata` function to two different functions (one for metadata processing/creation and one for writing to...

ioparaskev