feat(settings): Add SAML auth

2024-10-06 14:43:41 +02:00 · 2024-10-06 14:43:41 +02:00 · 9c4413faa1
commit 9c4413faa1
parent 3fa4591665
1 changed files with 45 additions and 0 deletions
--- a/src/app/settings.py
+++ b/src/app/settings.py
@ -48,6 +48,7 @@ INSTALLED_APPS = [
    "allauth.account",
    "allauth.socialaccount",
    "allauth.socialaccount.providers.openid_connect",
    "allauth.socialaccount.providers.saml",
    "allauth_cas",
    "shared.cas",
    # Main app
@ -178,6 +179,50 @@ SOCIALACCOUNT_PROVIDERS = {
            "settings": {"color": "danger"},
        },
    },
    "saml": {
        "APPS": [
            {
                "provider_id": "ens_saml",
                "name": "SSO ENS",
                "client_id": "ens",
                "settings": {
                    "color": "info",
                    "idp": {
                        "entity_id": "https://federation-test.ens.psl.eu/idp/shibboleth",
                        "metadata_url": "https://federation-test.ens.psl.eu/idp/shibboleth",
                    },
                    # Our configuration
                    "sp": {
                        "entity_id": "https://profil.dgnum.eu/accounts/saml/ens/metadata",
                    },
                    "advanced": {
                        "authn_request_signed": True,
                        "metadata_signed": True,
                        "private_key": credentials["X509_KEY"],
                        "x509cert": credentials["X509_CERT"],
                        "want_assertion_encrypted": True,
                    },
                    "organization": {
                        "en": {
                            "name": "Délégation Générale Numérique",
                            "displayname": "Délégation Générale Numérique",
                            "url": "https://dgnum.eu",
                        },
                    },
                    "contact_person": {
                        "technical": {
                            "givenName": "Tom Hubrecht",
                            "emailAddress": "admins@dgnum.eu",
                        },
                        "administrative": {
                            "givenName": "Jean-Marc Gailis",
                            "emailAddress": "bureau@dgnum.eu",
                        },
                    },
                },
            }
        ],
    },
 }
 SOCIALACCOUNT_ONLY = True