-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathconfig.py
More file actions
executable file
·54 lines (50 loc) · 1.83 KB
/
config.py
File metadata and controls
executable file
·54 lines (50 loc) · 1.83 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
"""
Configuration settings for SAML authentication
"""
import os
import json
from dotenv import load_dotenv
load_dotenv()
# .env variables
DEBUG = os.getenv("debug", "False")
sp_entityId = os.getenv("sp_entityId")
sp_assertionConsumerService = os.getenv("sp_assertionConsumerService")
sp_singleLogoutService = os.getenv("sp_singleLogoutService")
idp_entityId = os.getenv("idp_entityId")
idp_singleSignOnService = os.getenv("idp_singleSignOnService")
idp_singleLogoutService = os.getenv("idp_singleLogoutService")
idp_x509cert = os.getenv("idp_x509cert")
# apps and associated users
apps_and_users = json.load(open("db/apps_and_users.json"))
SESSION_SECRET_KEY = "your-secret-key-change-in-production"
SAML_SETTINGS = {
"strict": False, # Set to True in production
"debug": True if DEBUG == "True" else False,
"sp": {
"entityId": sp_entityId,
"assertionConsumerService": {
"url": sp_assertionConsumerService,
"binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
},
"singleLogoutService": {
"url": sp_singleLogoutService,
"binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
},
"NameIDFormat": "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified",
"x509cert": "", # Optional: SP certificate
"privateKey": "" # Optional: SP private key
},
"idp": {
# REPLACE THESE WITH YOUR OKTA VALUES
"entityId": idp_entityId,
"singleSignOnService": {
"url": idp_singleSignOnService,
"binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
},
"singleLogoutService": {
"url": idp_singleLogoutService,
"binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
},
"x509cert": idp_x509cert # Get from Okta
}
}