-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
👽 [open-formulieren/open-forms#4785] Mark one ACS as default in eHerk…
…enning metadata If multiple assertion consumer services are present in the metadata (which is the case if you do both eherkenning AND eidas), then one MUST be marked as default according to the eherkenning specification: https://afsprakenstelsel.etoegang.nl/Startpagina/v3/dv-metadata-for-hm The implementation of this sucks. python3-saml has no way of providing this and is also not that easy to extend to only override a small bit (it would actually be really useful if everything worked with lxml nodes instead of strings), so our SAML client now dynamically uses a different settings class/namespace from python3-saml, which allows us to use a different metadata class so that we can override the static method that actually generates the XML string, to finally use string replacement to change the element and add an additional attribute. The configuration for this flows from an entirely different place and uses magic configuration dicts that somehow end up all in the same place allowing us to figure out which index needs to be replaced in the XML, because the index value is user-input from the admin interface. And it gets worse, because the method that is overridden here seems to be only present in our fork of the library? Though I suppose that does offer options to solve this in python3-saml rather than this dirty hack, but on the other hand I'd like to not have to maintain a fork at all...
- Loading branch information
1 parent
edeedfd
commit 0d09906
Showing
5 changed files
with
97 additions
and
38 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters