sentry-auth-saml2 icon indicating copy to clipboard operation
sentry-auth-saml2 copied to clipboard
verified publisher icon getsentry

Feature request: support advanced SAML configuration

Open ywmail opened this issue 6 years ago • 0 comments

Sentry SAML Provider supports advanced SAML configuration, but this plugin doesn't. see:

  The provider may also bind the `advanced` configuration. This dict
  provides advanced SAML configurations. The dict should match the shape:

  HINT: You *probably* don't need this.

  >>> state.get('advanced')
  {
    'authn_request_signed':     # Sign the authentication request?
    'logout_request_signed':    # Sign the logout request?
    'logout_response_signed':   # Sign the logout response?
    'metadata_signed':          # Sign the metadata?
    'want_message_signed':      # Expect signed message
    'want_assertion_signed':    # Expect signed assertions
    'want_assertion_encrypted': # Expect encrypted assertions
    'signature_algorithm':      # Algorithm used to sign / verify requests / responses
    'digest_algorithm':         # Algorithm used to generate / verify digests
    'x509cert':                 # Public Service Provider key
    'private_key':              # Private Key used for signing / encryption
  }

code here: https://github.com/getsentry/sentry/blob/6ba3b1e63fc442680792ff566e5a2b14632739cd/src/sentry/auth/providers/saml2.py#L230-L248

ywmail avatar Nov 25 '19 11:11 ywmail