Compare commits

...

2 Commits

Author SHA1 Message Date
Ben Banfield-Zanin bc45f23102 Update sample config 2020-11-02 13:28:14 +00:00
Ben Banfield-Zanin 705806a560 Specify the IdP entity id outside of sp_config 2020-11-02 13:17:39 +00:00
3 changed files with 19 additions and 1 deletions

View File

@ -1640,6 +1640,14 @@ saml2_config:
# - attribute: department
# value: "sales"
# Most metadata XML only contains a single IdP entity. However if the
# metadata XML contains multiple IdPs Synapse needs to know which IdP to
# redirect users to. `idp_entityid` can be populated with the entity of
# the IdP that should be used. For most deployments, this parameter should
# be omitted.
#
#idp_entityid: 'https://our_idp/entityid'
# OpenID Connect integration. The following settings can be used to make Synapse
# use an OpenID Connect Provider for authentication, instead of its internal

View File

@ -90,6 +90,8 @@ class SAML2Config(Config):
"grandfathered_mxid_source_attribute", "uid"
)
self.saml2_idp_entityid = saml2_config.get("idp_entityid", None)
# user_mapping_provider may be None if the key is present but has no value
ump_dict = saml2_config.get("user_mapping_provider") or {}
@ -350,6 +352,14 @@ class SAML2Config(Config):
# value: "staff"
# - attribute: department
# value: "sales"
# Most metadata XML only contains a single IdP entity. However if the
# metadata XML contains multiple IdPs Synapse needs to know which IdP to
# redirect users to. `idp_entityid` can be populated with the entity of
# the IdP that should be used. For most deployments, this parameter should
# be omitted.
#
#idp_entityid: 'https://our_idp/entityid'
""" % {
"config_dir_path": config_dir_path
}

View File

@ -61,7 +61,7 @@ class SamlHandler:
def __init__(self, hs: "synapse.server.HomeServer"):
self.hs = hs
self._saml_client = Saml2Client(hs.config.saml2_sp_config)
self._saml_idp_entityid = hs.config.saml2_sp_config.getattr("idp")
self._saml_idp_entityid = hs.config.saml2_idp_entityid
self._auth = hs.get_auth()
self._auth_handler = hs.get_auth_handler()
self._registration_handler = hs.get_registration_handler()