summary refs log tree commit diff
path: root/synapse/python_dependencies.py
diff options
context:
space:
mode:
authorRichard van der Hoff <1389908+richvdh@users.noreply.github.com>2018-12-07 13:11:11 +0100
committerGitHub <noreply@github.com>2018-12-07 13:11:11 +0100
commitc7401a697f1ee3410b860afd8686f8bb012a8dce (patch)
tree5de0676006c902fe90ccebb6856b32371a5bcb76 /synapse/python_dependencies.py
parentFactor SSO success handling out of CAS login (#4264) (diff)
downloadsynapse-c7401a697f1ee3410b860afd8686f8bb012a8dce.tar.xz
Implement SAML2 authentication (#4267)
This implements both a SAML2 metadata endpoint (at
`/_matrix/saml2/metadata.xml`), and a SAML2 response receiver (at
`/_matrix/saml2/authn_response`). If the SAML2 response matches what's been
configured, we complete the SSO login flow by redirecting to the client url
(aka `RelayState` in SAML2 jargon) with a login token.

What we don't yet have is anything to build a SAML2 request and redirect the
user to the identity provider. That is left as an exercise for the reader.
Diffstat (limited to 'synapse/python_dependencies.py')
-rw-r--r--synapse/python_dependencies.py5
1 files changed, 4 insertions, 1 deletions
diff --git a/synapse/python_dependencies.py b/synapse/python_dependencies.py
index 75ba9947cc..db631e0c6c 100644
--- a/synapse/python_dependencies.py
+++ b/synapse/python_dependencies.py
@@ -80,7 +80,10 @@ CONDITIONAL_REQUIREMENTS = {
     },
     "postgres": {
         "psycopg2>=2.6": ["psycopg2"]
-    }
+    },
+    "saml2": {
+        "pysaml2>=4.5.0": ["saml2"],
+    },
 }