Merge pull request #47 from its-dirg/publish-metadata

Remove broken 'publish_metadata' SAML plugin config param.

Author: RebeckaG

example/plugins/backends/saml2_backend.yaml.example

@@ -24,5 +24,4 @@ config:
           - [<base_url>/<name>/disco, 'urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol']
         name_id_format: 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient'
   # disco_srv must be defined if there is more than one IdP in the metadata specified above
-  disco_srv: http://disco.example.com
-  publish_metadata: <base_url>/<name>/metadata
+  disco_srv: http://disco.example.com

example/plugins/frontends/saml2_frontend.yaml.example

@@ -28,7 +28,6 @@ config:
     "": default-LoA
     "https://accounts.google.com": LoA1
 
-  publish_metadata: <base_url>/<name>/metadata
   endpoints:
     single_sign_on_service: {'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST': sso/post,
       'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect': sso/redirect}

src/satosa/backends/saml2.py

@@ -231,10 +231,6 @@ def register_endpoints(self):
             parsed_endp = urlparse(endp)
             url_map.append(("^%s$" % parsed_endp.path[1:], functools.partial(self.authn_response, binding=binding)))
 
-        if "publish_metadata" in self.config:
-            metadata_path = urlparse(self.config["publish_metadata"])
-            url_map.append(("^%s$" % metadata_path.path[1:], self._metadata_endpoint))
-
         if self.discosrv:
             for endp, binding in sp_endpoints["discovery_response"]:
                 parsed_endp = urlparse(endp)

src/satosa/frontends/saml2.py

@@ -348,10 +348,6 @@ def _register_endpoints(self, providers):
                 url_map.append(("%s/%s$" % (valid_providers, parsed_endp.path),
                                 functools.partial(self.handle_authn_request, binding_in=binding)))
 
-        if "publish_metadata" in self.config:
-            metadata_path = urlparse(self.config["publish_metadata"])
-            url_map.append(("^%s$" % metadata_path.path[1:], self._metadata_endpoint))
-
         return url_map
 
     def _build_idp_config_endpoints(self, config, providers):

tests/satosa/backends/test_saml2.py

@@ -28,7 +28,6 @@
     }
 }
 
-METADATA_URL = "http://example.com/SAML2IDP/metadata"
 DISCOSRV_URL = "https://my.dicso.com/role/idp.ds"
 
 
@@ -72,8 +71,7 @@ def setup_test_config(self, sp_conf, idp_conf):
     def create_backend(self, sp_conf, idp_conf):
         self.setup_test_config(sp_conf, idp_conf)
         self.samlbackend = SAMLBackend(Mock(), INTERNAL_ATTRIBUTES, {"sp_config": sp_conf,
-                                                                     "disco_srv": DISCOSRV_URL,
-                                                                     "publish_metadata": METADATA_URL},
+                                                                     "disco_srv": DISCOSRV_URL},
                                        "base_url",
                                        "samlbackend")
 
@@ -91,8 +89,6 @@ def get_path_from_url(url):
         for endp in all_sp_endpoints:
             assert any(p.match(endp) for p in compiled_regex)
 
-        assert any(p.match(get_path_from_url(METADATA_URL)) for p in compiled_regex)
-
     def test_start_auth_defaults_to_redirecting_to_discovery_server(self, context, sp_conf):
         resp = self.samlbackend.start_auth(context, InternalRequest(None, None))
         self.assert_redirect_to_discovery_server(resp, sp_conf)
@@ -241,4 +237,3 @@ def test_get_metadata_desc_with_logo_without_lang(self, sp_conf, idp_conf):
         assert ui_info["display_name"] == expected_ui_info["display_name"]
         assert ui_info["description"] == expected_ui_info["description"]
         assert ui_info["logo"] == expected_ui_info["logo"]
-

tests/satosa/frontends/test_saml2.py

@@ -116,9 +116,7 @@ def test_register_endpoints(self, idp_conf):
         def get_path_from_url(url):
             return urlparse(url).path.lstrip("/")
 
-        metadata_url = "http://example.com/SAML2IDP/metadata"
-        config = {"idp_config": idp_conf, "endpoints": ENDPOINTS,
-                  "publish_metadata": metadata_url}
+        config = {"idp_config": idp_conf, "endpoints": ENDPOINTS}
 
         base_url = self.construct_base_url_from_entity_id(idp_conf["entityid"])
         samlfrontend = SAMLFrontend(lambda context, internal_req: (context, internal_req),
@@ -131,8 +129,6 @@ def get_path_from_url(url):
         for endp in all_idp_endpoints:
             assert any(p.match(endp) for p in compiled_regex)
 
-        assert any(p.match(get_path_from_url(metadata_url)) for p in compiled_regex)
-
     def test_handle_authn_request(self, context, idp_conf, sp_conf, internal_response):
         samlfrontend = self.setup_for_authn_req(context, idp_conf, sp_conf)
         _, internal_req = samlfrontend.handle_authn_request(context, BINDING_HTTP_REDIRECT)