summary refs log tree commit diff
path: root/synapse
diff options
context:
space:
mode:
Diffstat (limited to 'synapse')
-rw-r--r--synapse/config/saml2_config.py19
-rw-r--r--synapse/handlers/saml_handler.py (renamed from synapse/handlers/saml2_handler.py)2
-rw-r--r--synapse/server.py8
3 files changed, 18 insertions, 11 deletions
diff --git a/synapse/config/saml2_config.py b/synapse/config/saml2_config.py
index 965a97837f..6a8161547a 100644
--- a/synapse/config/saml2_config.py
+++ b/synapse/config/saml2_config.py
@@ -83,6 +83,12 @@ class SAML2Config(Config):
         # so it is not normally necessary to specify them unless you need to
         # override them.
         #
+        # Once SAML support is enabled, a metadata file will be exposed at
+        # https://<server>:<port>/_matrix/saml2/metadata.xml, which you may be able to
+        # use to configure your SAML IdP with. Alternatively, you can manually configure
+        # the IdP to use an ACS location of
+        # https://<server>:<port>/_matrix/saml2/authn_response.
+        #
         #saml2_config:
         #  sp_config:
         #    # point this to the IdP's metadata. You can use either a local file or
@@ -93,13 +99,14 @@ class SAML2Config(Config):
         #        - url: https://our_idp/metadata.xml
         #
         #    # By default, the user has to go to our login page first. If you'd like to
-        #    # allow IdP-initiated login, set 'allow_unsolicited: True' in an 'sp'
-        #    # section:
-        #    #
-        #    #sp:
-        #    #  allow_unsolicited: True
+        #    # allow IdP-initiated login, set 'allow_unsolicited: True' in a
+        #    # 'service.sp' section:
         #    #
-        #    # The rest of sp_config is just used to generate our metadata xml, and you
+        #    #service:
+        #    #  sp:
+        #    #    allow_unsolicited: True
+        #
+        #    # The examples below are just used to generate our metadata xml, and you
         #    # may well not need it, depending on your setup. Alternatively you
         #    # may need a whole lot more detail - see the pysaml2 docs!
         #
diff --git a/synapse/handlers/saml2_handler.py b/synapse/handlers/saml_handler.py
index b06d3f172e..03a0ac4384 100644
--- a/synapse/handlers/saml2_handler.py
+++ b/synapse/handlers/saml_handler.py
@@ -25,7 +25,7 @@ from synapse.rest.client.v1.login import SSOAuthHandler
 logger = logging.getLogger(__name__)
 
 
-class Saml2Handler:
+class SamlHandler:
     def __init__(self, hs):
         self._saml_client = Saml2Client(hs.config.saml2_sp_config)
         self._sso_auth_handler = SSOAuthHandler(hs)
diff --git a/synapse/server.py b/synapse/server.py
index 1bc8c08b58..9e28dba2b1 100644
--- a/synapse/server.py
+++ b/synapse/server.py
@@ -194,7 +194,7 @@ class HomeServer(object):
         "sendmail",
         "registration_handler",
         "account_validity_handler",
-        "saml2_handler",
+        "saml_handler",
         "event_client_serializer",
     ]
 
@@ -525,10 +525,10 @@ class HomeServer(object):
     def build_account_validity_handler(self):
         return AccountValidityHandler(self)
 
-    def build_saml2_handler(self):
-        from synapse.handlers.saml2_handler import Saml2Handler
+    def build_saml_handler(self):
+        from synapse.handlers.saml_handler import SamlHandler
 
-        return Saml2Handler(self)
+        return SamlHandler(self)
 
     def build_event_client_serializer(self):
         return EventClientSerializer(self)