From a84a9dc7b8eb3f9676f816eb723cb1e625e54ee5 Mon Sep 17 00:00:00 2001
From: Muhammad Arslan <arslan.abdulrauf@arbisoft.com>
Date: Thu, 30 Jan 2025 13:52:17 +0500
Subject: [PATCH] chore: remove saml related code from authentication app
---
.secrets.baseline | 8 +-
.../20250109_124247_arslan.abdulrauf.md | 5 +-
.../authentication/settings/touchstone.py | 98 -------------------
.../mitol/authentication/urls/saml.py | 8 --
.../mitol/authentication/views/saml.py | 15 ---
tests/mitol/authentication/views/test_saml.py | 31 ------
tests/testapp/settings/shared.py | 1 -
tests/testapp/urls.py | 1 -
8 files changed, 5 insertions(+), 162 deletions(-)
delete mode 100644 src/authentication/mitol/authentication/settings/touchstone.py
delete mode 100644 src/authentication/mitol/authentication/urls/saml.py
delete mode 100644 src/authentication/mitol/authentication/views/saml.py
delete mode 100644 tests/mitol/authentication/views/test_saml.py
diff --git a/.secrets.baseline b/.secrets.baseline
index 45afc719..3d23e813 100644
--- a/.secrets.baseline
+++ b/.secrets.baseline
@@ -292,21 +292,21 @@
"filename": "tests/testapp/settings/shared.py",
"hashed_secret": "8f2581750096043a1c68bedea8cfa6e13ad1a2e4",
"is_verified": false,
- "line_number": 39
+ "line_number": 38
},
{
"type": "Basic Auth Credentials",
"filename": "tests/testapp/settings/shared.py",
"hashed_secret": "afc848c316af1a89d49826c5ae9d00ed769415f3",
"is_verified": false,
- "line_number": 118
+ "line_number": 117
},
{
"type": "Secret Keyword",
"filename": "tests/testapp/settings/shared.py",
"hashed_secret": "9bc34549d565d9505b287de0cd20ac77be1d3f2c",
"is_verified": false,
- "line_number": 198
+ "line_number": 197
}
],
"tests/testapp/settings/test.py": [
@@ -319,5 +319,5 @@
}
]
},
- "generated_at": "2024-10-18T19:50:41Z"
+ "generated_at": "2025-01-30T08:25:21Z"
}
diff --git a/src/authentication/changelog.d/20250109_124247_arslan.abdulrauf.md b/src/authentication/changelog.d/20250109_124247_arslan.abdulrauf.md
index 4bacf577..a16929b0 100644
--- a/src/authentication/changelog.d/20250109_124247_arslan.abdulrauf.md
+++ b/src/authentication/changelog.d/20250109_124247_arslan.abdulrauf.md
@@ -4,12 +4,10 @@ A new scriv changelog fragment.
Uncomment the section that is right (remove the HTML comment wrapper).
-->
-<!--
### Removed
-- A bullet item for the Removed category.
+- Remove 'python3-saml' from dependencies
--->
<!--
### Added
@@ -38,4 +36,3 @@ Uncomment the section that is right (remove the HTML comment wrapper).
### Security
- Bump djoser to 2.3.1
-- Remove 'python3-saml' from dependencies
diff --git a/src/authentication/mitol/authentication/settings/touchstone.py b/src/authentication/mitol/authentication/settings/touchstone.py
deleted file mode 100644
index 83388b0f..00000000
--- a/src/authentication/mitol/authentication/settings/touchstone.py
+++ /dev/null
@@ -1,98 +0,0 @@
-"""Touchstone configuration settings"""
-
-from urllib.parse import urlparse
-
-from mitol.common.envs import get_bool, get_site_name, get_string
-from mitol.common.settings.base import SITE_BASE_URL
-from mitol.mail.settings.email import EMAIL_SUPPORT
-
-_SITE_NAME = get_site_name()
-
-# SAML settings
-SOCIAL_AUTH_SAML_SP_ENTITY_ID = get_string(
- name="SOCIAL_AUTH_SAML_SP_ENTITY_ID", default=SITE_BASE_URL, description=""
-)
-SOCIAL_AUTH_SAML_SP_PUBLIC_CERT = get_string(
- name="SOCIAL_AUTH_SAML_SP_PUBLIC_CERT",
- default=None,
- description="The SAML public certificate",
-)
-SOCIAL_AUTH_SAML_SP_PRIVATE_KEY = get_string(
- name="SOCIAL_AUTH_SAML_SP_PRIVATE_KEY",
- default=None,
- description="The SAML private key",
-)
-SOCIAL_AUTH_SAML_ORG_DISPLAYNAME = get_string(
- name="SOCIAL_AUTH_SAML_ORG_DISPLAYNAME",
- default=_SITE_NAME,
- description="The SAML Organization display name",
-)
-SOCIAL_AUTH_SAML_CONTACT_NAME = get_string(
- name="SOCIAL_AUTH_SAML_CONTACT_NAME",
- default=f"{_SITE_NAME} Support",
- description="The SAML contact name for our app",
-)
-SOCIAL_AUTH_SAML_IDP_ENTITY_ID = get_string(
- name="SOCIAL_AUTH_SAML_IDP_ENTITY_ID",
- default=None,
- description="The SAML IDP entity ID",
-)
-SOCIAL_AUTH_SAML_IDP_URL = get_string(
- name="SOCIAL_AUTH_SAML_IDP_URL", default=None, description="The SAML IDP URL"
-)
-SOCIAL_AUTH_SAML_IDP_X509 = get_string(
- name="SOCIAL_AUTH_SAML_IDP_X509",
- default=False,
- description="The SAML IDP x509 certificate",
-)
-SOCIAL_AUTH_SAML_IDP_ATTRIBUTE_PERM_ID = get_string(
- name="SOCIAL_AUTH_SAML_IDP_ATTRIBUTE_PERM_ID",
- default=None,
- description="The IDP attribute for the user's immutable ID",
-)
-SOCIAL_AUTH_SAML_IDP_ATTRIBUTE_NAME = get_string(
- name="SOCIAL_AUTH_SAML_IDP_ATTRIBUTE_NAME",
- default=None,
- description="The IDP attribute for the user's name",
-)
-SOCIAL_AUTH_SAML_IDP_ATTRIBUTE_EMAIL = get_string(
- name="SOCIAL_AUTH_SAML_IDP_ATTRIBUTE_EMAIL",
- default=None,
- description="The IDP attribute for the user's email",
-)
-SOCIAL_AUTH_SAML_SECURITY_ENCRYPTED = get_bool(
- name="SOCIAL_AUTH_SAML_SECURITY_ENCRYPTED",
- default=False,
- description="If True, SMAL assertions should be encrypted",
-)
-
-SOCIAL_AUTH_SAML_ORG_INFO = {
- "en-US": {
- "name": urlparse(SITE_BASE_URL).netloc,
- "displayname": SOCIAL_AUTH_SAML_ORG_DISPLAYNAME,
- "url": SITE_BASE_URL,
- }
-}
-SOCIAL_AUTH_SAML_TECHNICAL_CONTACT = {
- "givenName": SOCIAL_AUTH_SAML_CONTACT_NAME,
- "emailAddress": EMAIL_SUPPORT,
-}
-SOCIAL_AUTH_SAML_SUPPORT_CONTACT = SOCIAL_AUTH_SAML_TECHNICAL_CONTACT
-SOCIAL_AUTH_DEFAULT_IDP_KEY = "default"
-SOCIAL_AUTH_SAML_ENABLED_IDPS = {
- SOCIAL_AUTH_DEFAULT_IDP_KEY: {
- "entity_id": SOCIAL_AUTH_SAML_IDP_ENTITY_ID,
- "url": SOCIAL_AUTH_SAML_IDP_URL,
- "attr_user_permanent_id": SOCIAL_AUTH_SAML_IDP_ATTRIBUTE_PERM_ID,
- "attr_username": SOCIAL_AUTH_SAML_IDP_ATTRIBUTE_PERM_ID,
- "attr_email": SOCIAL_AUTH_SAML_IDP_ATTRIBUTE_EMAIL,
- "attr_full_name": SOCIAL_AUTH_SAML_IDP_ATTRIBUTE_NAME,
- "x509cert": SOCIAL_AUTH_SAML_IDP_X509,
- }
-}
-
-
-SOCIAL_AUTH_SAML_SECURITY_CONFIG = {
- "wantAssertionsEncrypted": SOCIAL_AUTH_SAML_SECURITY_ENCRYPTED,
- "requestedAuthnContext": False,
-}
diff --git a/src/authentication/mitol/authentication/urls/saml.py b/src/authentication/mitol/authentication/urls/saml.py
deleted file mode 100644
index 6289aa79..00000000
--- a/src/authentication/mitol/authentication/urls/saml.py
+++ /dev/null
@@ -1,8 +0,0 @@
-"""URL configurations for authentication"""
-
-from django.urls import path
-from mitol.authentication.views.saml import saml_metadata
-
-urlpatterns = [
- path("saml/metadata/", saml_metadata, name="saml-metadata"),
-]
diff --git a/src/authentication/mitol/authentication/views/saml.py b/src/authentication/mitol/authentication/views/saml.py
deleted file mode 100644
index c9bdd502..00000000
--- a/src/authentication/mitol/authentication/views/saml.py
+++ /dev/null
@@ -1,15 +0,0 @@
-"""SAML-specific auth views"""
-
-from django.http import HttpRequest, HttpResponse
-from django.urls import reverse
-from social_django.utils import load_backend, load_strategy
-
-
-def saml_metadata(request: HttpRequest):
- """Display SAML configuration metadata as XML"""
- complete_url = reverse("social:complete", args=("saml",))
- saml_backend = load_backend(
- load_strategy(request), "saml", redirect_uri=complete_url
- )
- metadata, _ = saml_backend.generate_metadata_xml()
- return HttpResponse(content=metadata, content_type="text/xml")
diff --git a/tests/mitol/authentication/views/test_saml.py b/tests/mitol/authentication/views/test_saml.py
deleted file mode 100644
index 316cb21a..00000000
--- a/tests/mitol/authentication/views/test_saml.py
+++ /dev/null
@@ -1,31 +0,0 @@
-"""SAML view tests"""
-
-from xml.etree import ElementTree
-
-from django.urls import reverse
-
-
-def test_saml_metadata(settings, client):
- """Test that SAML metadata page renders XML"""
- settings.SOCIAL_AUTH_SAML_SP_ENTITY_ID = "http://mit.edu"
- settings.SOCIAL_AUTH_SAML_SP_PUBLIC_CERT = ""
- settings.SOCIAL_AUTH_SAML_SP_PRIVATE_KEY = ""
- settings.SOCIAL_AUTH_SAML_ORG_INFO = {
- "en-US": {"name": "MIT", "displayname": "MIT", "url": "http://mit.edu"}
- }
- settings.SOCIAL_AUTH_SAML_TECHNICAL_CONTACT = {
- "givenName": "TestName",
- "emailAddress": "test@example.com",
- }
- settings.SOCIAL_AUTH_SAML_SUPPORT_CONTACT = {
- "givenName": "TestName",
- "emailAddress": "test@example.com",
- }
- settings.SOCIAL_AUTH_SAML_SP_EXTRA = {
- "assertionConsumerService": {"url": "http://mit.edu"}
- }
- response = client.get(reverse("saml-metadata"))
-
- root = ElementTree.fromstring(response.content) # noqa: S314
- assert root.tag == "{urn:oasis:names:tc:SAML:2.0:metadata}EntityDescriptor"
- assert response.status_code == 200 # noqa: PLR2004
diff --git a/tests/testapp/settings/shared.py b/tests/testapp/settings/shared.py
index a6b6a12b..8a53fb08 100644
--- a/tests/testapp/settings/shared.py
+++ b/tests/testapp/settings/shared.py
@@ -20,7 +20,6 @@
"mitol.common.settings.base",
"mitol.common.settings.webpack",
"mitol.mail.settings.email",
- "mitol.authentication.settings.touchstone",
"mitol.authentication.settings.djoser_settings",
"mitol.payment_gateway.settings.cybersource",
"mitol.google_sheets.settings.google_sheets",
diff --git a/tests/testapp/urls.py b/tests/testapp/urls.py
index 14e9917c..8c9f7621 100644
--- a/tests/testapp/urls.py
+++ b/tests/testapp/urls.py
@@ -15,7 +15,6 @@
path("api/", include("mitol.digitalcredentials.urls")),
path("api/", include("mitol.google_sheets.urls")),
path("api/", include("mitol.mail.urls")),
- path("", include("mitol.authentication.urls.saml")),
path("", include("mitol.authentication.urls.djoser_urls")),
path("", include("social_django.urls", namespace="social")),
path(