Home

Awesome

django-saml-service-provider

Easily let users sign in via SAML 2.0 to your django app. Based on python-saml and comes with a Onelogin.com provider, so you need to do very little work to get started.

Get started

You need to extend the three default views provided by this library and use your own settings. It can be done easily with a single mixin. Consider the following simple example, using the Onelogin provider. You can also do the same with the regular SAMLServiceProvider - you just need to provide all the urls manually.

class SettingsMixin(object):
    def get_onelogin_settings(self):
        return OneloginServiceProviderSettings(
            onelogin_connector_id=1234,
            onelogin_x509_cert="""-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----""",

            sp_metadata_url="http://localhost:8000%s" % reverse("saml_metadata"),
            sp_login_url="http://localhost:8000%s" % reverse("saml_login_complete"),
            sp_logout_url="http://localhost:8000%s" % reverse("logout"),

            debug=settings.DEBUG,
            strict=not settings.DEBUG,

            sp_x509cert="""-----BEGIN CERTIFICATE-----
        -----END CERTIFICATE-----""",
            sp_private_key="""-----BEGIN RSA PRIVATE KEY-----
        -----END RSA PRIVATE KEY-----"""
            ).settings
            
class LoginView(SettingsMixin, InitiateAuthenticationView):
    pass
    
class Authenticateview(SettingsMixin, CompleteAuthenticationView):
    pass
    
class XMLMetadataView(SettingsMixin, MetadataView):
    pass

Django authentication backend

This project conveniently ships with an authentication backend - just add it to AUTHENTICATION_BACKENDS in settings and you're good to go - e.g.:

AUTHENTICATION_BACKENDS = (
    # 'django.contrib.auth.backends.ModelBackend',
    'saml_service_provider.auth_backend.SAMLServiceProviderBackend',
)