search

IdentityPython / SATOSA

Proxy translating between different authentication protocols (SAML2, OpenID Connect and OAuth2)
https://idpy.org
Apache License 2.0
200 stars 123 forks source link

Idp-initiated (unsolicited) requests to frontend? #329

Closed senorkrabs closed 4 years ago

senorkrabs commented 4 years ago

Code Version

latest/master

Expected Behavior

Based on CHANGELOG.md, I'd expect that SAMLUnsolicitedFrontend would be available as a plugin and allow me to make unsolicited SSO requests to the frontend. I'm working with SPs that require this.

Current Behavior

SAMLUnsolicitedFrontend looks like it was committed and then reverted: https://github.com/IdentityPython/SATOSA/pull/231

Changelog shows it was added to 4.0.0 release but I don't see the class in code: https://github.com/IdentityPython/SATOSA/blob/master/CHANGELOG.md#400-2019-07-09

Perhaps I'm just being dense, but it seems like this doesn't exist in the current release.

Possible Solution

Re-implement SAMLUnsolicitedFrontend or provide documentation/examples for making making idp-initiated (unsolicited) requests for novice users like myself.

Steps to Reproduce

c00kiemon5ter commented 4 years ago

Woops, this made it to the changelog but it had been reverted soon after it was introduced. It should be removed from the changelog as it was never in an official release.

Instead, you can use the pysaml2-provided allow_unsolicited configuration option in the existing frontends.