Summary

Allow overriding SAML settings.

Review Request #14288 — Created Jan. 7, 2025 and submitted Feb. 4, 2025, 8:12 a.m.

Information

Owner

david

Repository

Review Board

Branch

release-7.x

Bugs

Depends On

Reviewers

Groups

reviewboard

People

Description

In some cases, users may need to override those settings. In a recent
report, Windows machines which use x509 to log in require setting some
items in the security key (which we otherwise don't use at all).

This change adds an escape hatch for those situations where admins can
define SAML_CONFIG_ADVANCED in their settings_local.py file,
mimicking the advanced_settings.json file that python3-saml would use if
we were not passing in the config as a dict.

Testing Done

Ran unit tests.

Commits

Summary	ID
Allow overriding SAML settings. The python3-saml library has a bunch of settings that govern its behavior. We have siteconfig keys for the settings that matter (things like binding type, verification keys, URLs, etc), which then gets turned into the dict format that python3-saml wants. In some cases, users may need to override those settings. In a recent report, Windows machines which use x509 to log in require setting some items in the `security` key (which we otherwise don't use at all). This change adds an escape hatch for those situations where admins can define `SAML_CONFIG_ADVANCED` in their `settings_local.py` file, mimicking the advanced_settings.json file that python3-saml would use if we were not passing in the config as a dict. Testing Done: Ran unit tests.	a71d9afc4eb48e469fa851a2bc852656dcf02331

Summary

Allow overriding SAML settings.

The python3-saml library has a bunch of settings that govern its behavior. We have siteconfig keys for the settings that matter (things like binding type, verification keys, URLs, etc), which then gets turned into the dict format that python3-saml wants. In some cases, users may need to override those settings. In a recent report, Windows machines which use x509 to log in require setting some items in the `security` key (which we otherwise don't use at all). This change adds an escape hatch for those situations where admins can define `SAML_CONFIG_ADVANCED` in their `settings_local.py` file, mimicking the advanced_settings.json file that python3-saml would use if we were not passing in the config as a dict. Testing Done: Ran unit tests.

a71d9afc4eb48e469fa851a2bc852656dcf02331

Issues

Description	From	Last Updated
Can you add a Version Added? I know it's less important than API-level modules, but we've been adding these and …	chipx86	Jan. 8, 2025, 9:07 a.m.
Same here.	chipx86	Jan. 8, 2025, 9:07 a.m.

flake8 passed.

JSHint passed.

Ship it!

reviewboard/accounts/tests/test_saml_settings.py (Diff revision 1)

The issue has been resolved. Show all issues

Can you add a Version Added? I know it's less important than API-level modules, but we've been adding these and it's nice to just have that information sometimes when tracing things.

reviewboard/accounts/tests/test_saml_settings.py (Diff revision 1)
The issue has been resolved. Show all issues
```
Same here.
```

Ship it!

```
Ship It!
```

Status:: Completed
Change Summary:: Pushed to release-7.x (7cb0177)