Merge "Add a PAOS endpoint to support ECP"

2019-12-20 10:03:04 +00:00 · 2019-12-20 10:03:04 +00:00 · 5ec1bc10f9
parent 6f7395f887 b1b4ff3253
commit 5ec1bc10f9
2 changed files with 6 additions and 0 deletions
--- a/src/lib/charm/openstack/keystone_saml_mellon.py
+++ b/src/lib/charm/openstack/keystone_saml_mellon.py
@ -111,6 +111,10 @@ class KeystoneSAMLMellonConfigurationAdapter(
    def sp_post_response_path(self):
        return '{}/postResponse'.format(self.mellon_endpoint_path)
    @property
    def sp_paos_response_path(self):
        return '{}/paosResponse'.format(self.mellon_endpoint_path)
    @property
    def sp_logout_path(self):
        return '{}/logout'.format(self.mellon_endpoint_path)
--- a/src/templates/mellon-sp-metadata.xml
+++ b/src/templates/mellon-sp-metadata.xml
@ -15,9 +15,11 @@
 		</KeyDescriptor>
 		{% endif %}
 		<SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="{{ keystone_fid_service_provider.base_url }}{{ options.sp_logout_path }}"/>
 		<SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="{{ keystone_fid_service_provider.base_url }}{{ options.sp_logout_path }}"/>
 		{% for format in options.supported_nameid_formats -%}
 		<NameIDFormat>{{ format }}</NameIDFormat>
 		{% endfor -%}
 		<AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="{{ keystone_fid_service_provider.base_url }}{{ options.sp_post_response_path }}" isDefault="true" index="0"/>
 		<AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="{{ keystone_fid_service_provider.base_url }}{{ options.sp_paos_response_path }}" index="1"/>
 	</SPSSODescriptor>
 </EntityDescriptor>