Stop passing server_port to python3-saml #609
Assignees
Comments
|
I'm facing the same issue, any updates on this ? |
shadowbrush
pushed a commit
to shadowbrush/social-core
that referenced
this issue
Mar 2, 2022
server_port has been deprecated by python3-saml, see: SAML-Toolkits/python3-saml#276 If the server application is running behind a load balancer or a reverse proxy the request port might not match the SAML configuration. This will resolve issue python-social-auth#609 - python-social-auth#609
9 tasks
|
Provided a PR for this: #671 |
9 tasks
nijel
pushed a commit
that referenced
this issue
Mar 3, 2022
server_port has been deprecated by python3-saml, see: SAML-Toolkits/python3-saml#276 If the server application is running behind a load balancer or a reverse proxy the request port might not match the SAML configuration. This will resolve issue #609 - #609
1 task
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Expected behaviour
When using python social auth's SAML integration behind a load balancer or reverse proxy, the port used by the intermediary should not be involved when checking that the response from the IdP has arrived at the correct URL.
In the latest release, Python3-saml deprecated the
server_portparameter because it was causing the above problem: SAML-Toolkits/python3-saml#276Actual behaviour
Python-social-auth is still passing the parameter in so the bug is persisting:
social-core/social_core/backends/saml.py
Line 272 in e04cffb
What are the steps to reproduce this issue?
I was able to reproduce it in our app running inside Heroku's environment, but I wasn't able to create a simpler setup to reproduce it locally.
Any other comments?
I was able to fix the issue for our implementation by subclassing
SAMLAuthand overloading_create_saml_authto stop it passingserver_portbut I'm not certain whether there will be other side effects of that change for other users.The text was updated successfully, but these errors were encountered: