diff options
author | Simo Sorce <simo@redhat.com> | 2015-02-16 11:13:29 -0500 |
---|---|---|
committer | Patrick Uiterwijk <puiterwijk@redhat.com> | 2015-02-24 16:37:48 +0100 |
commit | edfd8d4b514a4089108d19026bc38c656f49bbee (patch) | |
tree | bae1811ec9c571151155fb8d0c5ba274caa0af80 /ipsilon/providers/saml2idp.py | |
parent | 7aa8e0744f50e4f94a58b318fa4bfb43f4128a12 (diff) | |
download | ipsilon-edfd8d4b514a4089108d19026bc38c656f49bbee.tar.gz ipsilon-edfd8d4b514a4089108d19026bc38c656f49bbee.tar.xz ipsilon-edfd8d4b514a4089108d19026bc38c656f49bbee.zip |
Add support for attribute policies in samlidp
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
Diffstat (limited to 'ipsilon/providers/saml2idp.py')
-rw-r--r-- | ipsilon/providers/saml2idp.py | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/ipsilon/providers/saml2idp.py b/ipsilon/providers/saml2idp.py index 256fcf9..9fa2fd6 100644 --- a/ipsilon/providers/saml2idp.py +++ b/ipsilon/providers/saml2idp.py @@ -209,6 +209,14 @@ Provides SAML 2.0 authentication infrastructure. """ 'default email domain', 'Used for users missing the email property.', 'example.com'), + pconfig.MappingList( + 'default attribute mapping', + 'Defines how to map attributes before returning them to SPs', + [['*', '*']]), + pconfig.ComplexList( + 'default allowed attributes', + 'Defines a list of allowed attributes, applied after mapping', + ['*']), ) if cherrypy.config.get('debug', False): import logging @@ -253,6 +261,14 @@ Provides SAML 2.0 authentication infrastructure. """ def default_email_domain(self): return self.get_config_value('default email domain') + @property + def default_attribute_mapping(self): + return self.get_config_value('default attribute mapping') + + @property + def default_allowed_attributes(self): + return self.get_config_value('default allowed attributes') + def get_tree(self, site): self.idp = self.init_idp() self.page = SAML2(site, self) |