feat: saml2协议单点登录支持在页面上配置saml2协议的高级配置 (#7362)

2021-12-13 10:54:14 +08:00 · 2021-12-13 10:54:14 +08:00 · c5013dcbd6
parent 84924bc3f6
commit c5013dcbd6
4 changed files with 10 additions and 10 deletions
--- a/apps/authentication/backends/saml2/views.py
+++ b/apps/authentication/backends/saml2/views.py
@ -92,14 +92,11 @@ class PrepareRequestMixin:

    @staticmethod
    def get_advanced_settings():
-        other_settings = {}
-        other_settings_path = settings.SAML2_OTHER_SETTINGS_PATH
-        if os.path.exists(other_settings_path):
-            with open(other_settings_path, 'r') as json_data:
-                try:
-                    other_settings = json.loads(json_data.read())
-                except Exception as error:
-                    logger.error('Get other settings error: %s', error)
+        try:
+            other_settings = dict(settings.SAML2_SP_ADVANCED_SETTINGS)
+        except Exception as error:
+            logger.error('Get other settings error: %s', error)
+            other_settings = {}

        default = {
            "organization": {
--- a/apps/jumpserver/conf.py
+++ b/apps/jumpserver/conf.py
@ -234,7 +234,7 @@ class Config(dict):
        'SAML2_LOGOUT_COMPLETELY': True,
        'AUTH_SAML2_ALWAYS_UPDATE_USER': True,
        'SAML2_RENAME_ATTRIBUTES': {'uid': 'username', 'email': 'email'},
-        'SAML2_OTHER_SETTINGS_PATH': '',
+        'SAML2_SP_ADVANCED_SETTINGS': {"organization": {"en": {"name": "JumpServer", "displayname": "JumpServer", "url": "https://jumpserver.org/"}}},
        'SAML2_IDP_METADATA_URL': '',
        'SAML2_IDP_METADATA_XML': '',
        'SAML2_SP_KEY_CONTENT': '',
--- a/apps/jumpserver/settings/auth.py
+++ b/apps/jumpserver/settings/auth.py
@ -129,7 +129,7 @@ AUTH_SAML2_AUTHENTICATION_FAILURE_REDIRECT_URI = CONFIG.AUTH_SAML2_AUTHENTICATIO
 AUTH_SAML2_ALWAYS_UPDATE_USER = CONFIG.AUTH_SAML2_ALWAYS_UPDATE_USER
 SAML2_LOGOUT_COMPLETELY = CONFIG.SAML2_LOGOUT_COMPLETELY
 SAML2_RENAME_ATTRIBUTES = CONFIG.SAML2_RENAME_ATTRIBUTES
-SAML2_OTHER_SETTINGS_PATH = CONFIG.SAML2_OTHER_SETTINGS_PATH
+SAML2_SP_ADVANCED_SETTINGS = CONFIG.SAML2_SP_ADVANCED_SETTINGS
 SAML2_LOGIN_URL_NAME = "authentication:saml2:saml2-login"
 SAML2_LOGOUT_URL_NAME = "authentication:saml2:saml2-logout"

--- a/apps/settings/serializers/auth/saml2.py
+++ b/apps/settings/serializers/auth/saml2.py
@ -17,6 +17,9 @@ class SAML2SettingSerializer(serializers.Serializer):
    SAML2_IDP_METADATA_XML = serializers.CharField(
        allow_blank=True, required=False, label=_('IDP Metadata XML')
    )
+    SAML2_SP_ADVANCED_SETTINGS = serializers.JSONField(
+        required=False, label=_('SP ADVANCED SETTINGS')
+    )
    SAML2_SP_KEY_CONTENT = serializers.CharField(
        allow_blank=True, required=False,
        write_only=True, label=_('SP Private Key')