djangosaml2 icon indicating copy to clipboard operation
djangosaml2 copied to clipboard

Published 20 hours ago verified publisher icon IdentityPython

Include Extensions in AuthnRequest

Open tyctor opened this issue 2 years ago • 2 comments

hi

i cannot find documentation/example how to include <samlp:Extensions> in <samlp:AuthnRequest> is it possible to do it? could you please point me to some example?

tyctor avatar Jun 28 '23 11:06 tyctor

We don't have support for this but I can show you how you can contribute to this project and have another release with your desidered feature

here https://github.com/IdentityPython/djangosaml2/blob/master/djangosaml2/views.py#L331C58-L331C58 we should add the extentions optional attribute or, better, add in the sso_args dictionary the key extensions with your desidered ones

this will pass the desidered extentions here: https://github.com/IdentityPython/pysaml2/blob/a9fe345ba1bb4ef516673b1acbd01db80ccdf658/src/saml2/client.py#L39

peppelinux avatar Jul 05 '23 22:07 peppelinux

i found, that this can be put into sp settings as list of dicts in key requested_attributes, for example:

"requested_attributes": [
    {
        "name": "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier",
        "name_format": "urn:oasis:names:tc:SAML:2.0:attrname-format:uri",
        "required": "true",
    },
]

will create:

<samlp:Extensions>
  <ns3:RequestedAttributes>
    <ns3:RequestedAttribute Name="http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
  </ns3:RequestedAttributes>
</samlp:Extensions>

tyctor avatar Jul 19 '23 10:07 tyctor