From f3049d0b81ad626de7ca80330608b374e0ec8b5b Mon Sep 17 00:00:00 2001 From: Erik Johnston Date: Fri, 10 Jul 2015 10:50:03 +0100 Subject: Small tweaks to SAML2 configuration. - Add saml2 config docs to default config. - Use existence of saml2 config to indicate if saml2 should be enabled. --- synapse/config/saml2.py | 48 ++++++++++++++++++++++++++++++------------------ 1 file changed, 30 insertions(+), 18 deletions(-) (limited to 'synapse/config') diff --git a/synapse/config/saml2.py b/synapse/config/saml2.py index be5176db52..1532036876 100644 --- a/synapse/config/saml2.py +++ b/synapse/config/saml2.py @@ -16,27 +16,39 @@ from ._base import Config -# -# SAML2 Configuration -# Synapse uses pysaml2 libraries for providing SAML2 support -# -# config_path: Path to the sp_conf.py configuration file -# idp_redirect_url: Identity provider URL which will redirect -# the user back to /login/saml2 with proper info. -# -# sp_conf.py file is something like: -# https://github.com/rohe/pysaml2/blob/master/example/sp-repoze/sp_conf.py.example -# -# More information: https://pythonhosted.org/pysaml2/howto/config.html -# class SAML2Config(Config): + """SAML2 Configuration + Synapse uses pysaml2 libraries for providing SAML2 support + + config_path: Path to the sp_conf.py configuration file + idp_redirect_url: Identity provider URL which will redirect + the user back to /login/saml2 with proper info. + + sp_conf.py file is something like: + https://github.com/rohe/pysaml2/blob/master/example/sp-repoze/sp_conf.py.example + + More information: https://pythonhosted.org/pysaml2/howto/config.html + """ + def read_config(self, config): - self.saml2_config = config["saml2_config"] + saml2_config = config.get("saml2_config", None) + if saml2_config: + self.saml2_enabled = True + self.saml2_config_path = saml2_config["config_path"] + self.saml2_idp_redirect_url = saml2_config["idp_redirect_url"] + else: + self.saml2_enabled = False + self.saml2_config_path = None + self.saml2_idp_redirect_url = None def default_config(self, config_dir_path, server_name): return """ - saml2_config: - enabled: false - config_path: "%s/sp_conf.py" - idp_redirect_url: "http://%s/idp" + # Enable SAML2 for registration and login. Uses pysaml2 + # config_path: Path to the sp_conf.py configuration file + # idp_redirect_url: Identity provider URL which will redirect + # the user back to /login/saml2 with proper info. + # See pysaml2 docs for format of config. + #saml2_config: + # config_path: "%s/sp_conf.py" + # idp_redirect_url: "http://%s/idp" """ % (config_dir_path, server_name) -- cgit 1.4.1