Add configuration option for entityID.

Sets the entityID in the service provider metadata file.
If not provided, entityID is autogenerated.

Change-Id: I75fc734661575e809f92aea17b75530001b2db73
This commit is contained in:
Camille Rodriguez 2022-04-25 15:52:23 -05:00
parent c1569236c2
commit e707db8952
3 changed files with 17 additions and 1 deletions

View File

@ -5,6 +5,13 @@ options:
description: |
Protocol name to use for URL and generation. Must match the one that
will be configured via OS-FEDERATION API.
entity-id-url:
type: string
default:
description: |
Optional field to provide the entity ID to be used in the service
provider metadata. If set to default (""), entity ID is generated
automatically.
idp-name:
type: string
default: 'myidp'

View File

@ -131,6 +131,15 @@ class KeystoneSAMLMellonConfigurationAdapter(
def supported_nameid_formats(self):
return self.nameid_formats.split(',')
@property
def entity_id(self):
if self.entity_id_url is None:
# Generate entity ID automatically
return '{}{}'.format(self.keystone_fid_service_provider.base_url,
self.sp_auth_path)
else:
return self.entity_id_url
IDP_METADATA_INVALID = ('idp-metadata resource is not a well-formed'
' xml file')
IDP_METADATA_URL_ERROR = ('an error has occurred during idp-metadata-url'

View File

@ -1,5 +1,5 @@
<EntityDescriptor
entityID="{{ keystone_fid_service_provider.base_url }}{{ options.sp_auth_path }}"
entityID="{{ options.entity_id }}"
xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<SPSSODescriptor