diff options
| author | Richard van der Hoff <1389908+richvdh@users.noreply.github.com> | 2020-01-17 10:33:24 +0000 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-01-17 10:33:24 +0000 |
| commit | 59dc87c618861f9d353657b533f55f7e94c5ab37 (patch) | |
| tree | a4dab2b9adfe77f82899e3714b199c1be01b4852 /synapse/handlers | |
| parent | Delegate remote_user_id mapping to the saml mapping provider (#6723) (diff) | |
| parent | changelog (diff) | |
| download | synapse-59dc87c618861f9d353657b533f55f7e94c5ab37.tar.xz | |
Merge pull request #6724 from matrix-org/rav/log_saml_attributes
Log saml assertions rather than the whole response
Diffstat (limited to 'synapse/handlers')
| -rw-r--r-- | synapse/handlers/saml_handler.py | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/synapse/handlers/saml_handler.py b/synapse/handlers/saml_handler.py index 90e69b49ee..7f411b53b9 100644 --- a/synapse/handlers/saml_handler.py +++ b/synapse/handlers/saml_handler.py @@ -32,6 +32,7 @@ from synapse.types import ( mxid_localpart_allowed_characters, ) from synapse.util.async_helpers import Linearizer +from synapse.util.iterutils import chunk_seq logger = logging.getLogger(__name__) @@ -132,7 +133,17 @@ class SamlHandler: logger.warning("SAML2 response was not signed") raise SynapseError(400, "SAML2 response was not signed") - logger.info("SAML2 response: %s", saml2_auth.origxml) + logger.debug("SAML2 response: %s", saml2_auth.origxml) + for assertion in saml2_auth.assertions: + # kibana limits the length of a log field, whereas this is all rather + # useful, so split it up. + count = 0 + for part in chunk_seq(str(assertion), 10000): + logger.info( + "SAML2 assertion: %s%s", "(%i)..." % (count,) if count else "", part + ) + count += 1 + logger.info("SAML2 mapped attributes: %s", saml2_auth.ava) self._outstanding_requests_dict.pop(saml2_auth.in_response_to, None) |