search

mx-moth / flask-saml2

Flask library for building SAML Service Providers and Identity Providers
MIT License
70 stars 61 forks source link

How to ignore ADFS in nameid_format #26

Closed johnwks closed 4 years ago

johnwks commented 4 years ago

Hi, I'm using flask-saml2 in my Flask app as an SP and our company's ADFS as the IDP. I've got to the point of getting the assertion SAML reply back from ADFS but am getting an error with the POST :-

File "/var/opt/venv_python3/lib/python3.6/site-packages/flask_saml2/sp/parser.py", line 51, in nameid_format
    return self._xpath(self.subject, 'saml:NameID/@Format')[0]
IndexError: list index out of rang

This is the function that generated the error :-

https://github.com/timheap/flask-saml2/blob/f22ab443137aee1934a73134e18a3113bbe74f11/flask_saml2/sp/parser.py#L49-L51

It looks like ADFS does not send NameID/@Format in the SAML reply and caused this error.

Is there a way to bypass this or ignore this somehow? The ADFS is not under my control so I can't make any changes there.

Thanks.

johnwks commented 4 years ago

Found a way to bypass this. Had to create an @app.before_request to insert the Format attribute from ADFS response.