Overridden to use the config from the relevant OrganizationDomain Get the URL to which we must redirect in order to authenticate the user
(self)
| 67 | ) |
| 68 | |
| 69 | def auth_url(self): |
| 70 | """ |
| 71 | Overridden to use the config from the relevant OrganizationDomain |
| 72 | Get the URL to which we must redirect in order to |
| 73 | authenticate the user |
| 74 | """ |
| 75 | email = self.strategy.request_data().get("email") |
| 76 | |
| 77 | if not email: |
| 78 | raise AuthMissingParameter("saml", "email") |
| 79 | |
| 80 | instance = OrganizationDomain.objects.get_verified_for_email_address(email=email) |
| 81 | |
| 82 | if not instance or not instance.has_saml: |
| 83 | raise AuthFailed("saml", "SAML not configured for this user.") |
| 84 | |
| 85 | auth = self._create_saml_auth(idp=self.get_idp(instance)) |
| 86 | # Below, return_to sets the RelayState, which contains the ID of |
| 87 | # the `OrganizationDomain`. We use it to store the specific SAML IdP |
| 88 | # name, since we multiple IdPs share the same auth_complete URL. |
| 89 | return auth.login(return_to=str(instance.id)) |
| 90 | |
| 91 | def _get_attr(self, response_attributes: Dict[str, Any], attribute_names: List[str], optional: bool = False) -> str: |
| 92 | """ |
nothing calls this directly
no test coverage detected