There is a method of linking different IdP:s to AuthContextClassRef by mapping in config file. If same IdP can be used with multiple AuthContext, there needs to be other mechanisms to set the authContext
Code Version
All versions
Expected Behavior
Use of attributes from IdP to map AuthContext
Current Behavior
Only mapping of authContext and IdP is posible
Possible Solution
In frontend/saml2.py and an if statement. If the attribute "AuthContext", set the class_ref from the attribute.
There is a method of linking different IdP:s to AuthContextClassRef by mapping in config file. If same IdP can be used with multiple AuthContext, there needs to be other mechanisms to set the authContext
Code Version
All versions
Expected Behavior
Use of attributes from IdP to map AuthContext
Current Behavior
Only mapping of authContext and IdP is posible
Possible Solution
In frontend/saml2.py and an if statement. If the attribute "AuthContext", set the class_ref from the attribute.
if attributes.get("AuthContext") : auth_info["class_ref"] = attributes.get("AuthContext") elsif self.acr_mapping: auth_info["class_ref"] = self.acr_mapping.get( internal_response.auth_info.issuer, self.acr_mapping[""]) else: auth_info["class_ref"] = internal_response.auth_info.auth_class_ref
Steps to Reproduce
1. 2. 3. 4.