fix: Documentation typos

UniversitaDellaCalabria · Jun 18, 2021 · dbc788a · dbc788a
1 parent 37f61d9
commit dbc788a
Show file tree

Hide file tree

Showing 4 changed files with 32 additions and 25 deletions.
diff --git a/docs/contents/attribute_release.rst b/docs/contents/attribute_release.rst
@@ -1,7 +1,7 @@
 Attribute releases
 ^^^^^^^^^^^^^^^^^^
 
-By default IdP will only release required Attributes defined in each SP metadata (isRequired=True), if they are available. Otherwise IdP will release a default attribute map, defined in settings parameters.
+By default IdP will only release required Attributes defined in each SP metadata (isRequired=True or EntityCategories), if they are available. Otherwise the IdP will release a default attribute set, defined in settings parameters.
 It can also force some attribute release by checking ``force_attribute_release`` into each SP configuration.
 
 Every SP can use a specific Attribute Processor, you can even customize a brand new one in an application that can be easily installed into ``django_idp.settingslocal.INSTALLED_APPS``.

diff --git a/docs/contents/management_commands.rst b/docs/contents/management_commands.rst
@@ -19,7 +19,7 @@ This feature will let us check wich attributes will be released to a specified S
 
 ::
 
-    ./manage.py aacli -u joe -e https://sptest.auth.unical.it/saml2
+    ./manage.py aacli -u mario -e https://sptest.auth.unical.it/saml2
 
 
 example output::

diff --git a/docs/contents/migrate_from_shibidp.rst b/docs/contents/migrate_from_shibidp.rst
@@ -4,7 +4,7 @@ Migrate from Shibboleth IdP
 Here a brief description of the general steps to do for migrating an existing Shibboleth IdP to uniAuth, carrying the same configuration.
 We have migrate from Shibboleth IdP 3.4.6 to uniAuth v2.0.0, here the steps we made to achieve this goal:
 
-1. copy SAML2 certificates shibboleth idp SAML, in `credentials/` in your pysaml2 configuration.
+1. copy SAML2 certificates shibboleth idp SAML, from `credentials/` to your pysaml2 configuration.
 2. Standing on Shibboleth metadata, in `metadata/idp-metadata.xml`, place the same Service Endpoints urls to your project's urls file::
 
     if 'uniauth_saml2_idp' in settings.INSTALLED_APPS:
@@ -15,13 +15,14 @@ We have migrate from Shibboleth IdP 3.4.6 to uniAuth v2.0.0, here the steps we m
                     name="saml_login_binding"),
         urlpatterns += path('idp/profile/SAML2/<str:binding>/SLO', LogoutProcessView.as_view(),
                     name="saml_logout_binding"),
+        urlpatterns += path('idp/shibboleth/', metadata, name='saml2_idp_metadata'),
 
         urlpatterns += path(
             'idp/', include((uniauth_saml2_idp.urls, 'uniauth_saml2_idp',))
         ),
 
-3. Configure the same entityID.
+3. Configure the same entityID in your pysaml2 configuration.
 4. Migrate the existing Shibboleth IdP `conf/attribute-filters.xml` (and any other available in `conf/services.xml`) to uniauth SP definitions (ModelAdmin or settings.py).
-5. If you use LDAP: Configure PyMultiLDAP rewrite rules and pattern matching standing on the Attributes defined in `conf/attribute-resolver.xml` (and any other available in `conf/services.xml).
+5. If you use LDAP: Configure PyMultiLDAP rewrite rules and pattern matching, standing on the Attributes defined in `conf/attribute-resolver.xml` (and any other available in `conf/services.xml).
 6. Configure your metadata store (ModelAdmin or settings.py). It's suggested to use a MDQ Server for loading large federation xml files, as to be with eduGain.
 7. Use uniauth `aacli` and `mdquery` commands to check the availability of Entities and the attribute to be released to them.
diff --git a/uniauth_saml2_idp/views.py b/uniauth_saml2_idp/views.py
@@ -165,8 +165,10 @@ def dispatch(self, request, *args, **kwargs):
         # Force Authn check
         if self.saml_request.message.force_authn:
             logout(request)
-            msg = "SSO AuthnRequest [force_authn=True]: {} [{}]".format(self.saml_request.message.issuer.text,
-                                                                        self.saml_request.message.id)
+            msg = "SSO AuthnRequest [force_authn=True]: {} [{}]".format(
+                                    self.saml_request.message.issuer.text,
+                                    self.saml_request.message.id
+            )
             logger.info(msg)
 
         request.saml_session['message_id'] = self.saml_request.message.id
@@ -476,14 +478,14 @@ def build_authn_response(self, user, authn, resp_args):
         # talking logs
         msg = (
             'SSO AuthnResponse [{}] to {} [{}]: {} attrs ({}) on {} filtered by policy')
-        self.request.saml_session['authn_log'] = msg.format(name_id.format,
-                                                            self.sp['id'],
-                                                            self.request.saml_session.get(
-                                                                'message_id'),
-                                                            len(ava),
-                                                            ','.join(
-                                                                ava.keys()),
-                                                            len(identity))
+        self.request.saml_session['authn_log'] = msg.format(
+                                        name_id.format,
+                                        self.sp['id'],
+                                        self.request.saml_session.get('message_id'),
+                                        len(ava),
+                                        ','.join(ava.keys()),
+                                        len(identity)
+        )
         logger.info(self.request.saml_session['authn_log'])
 
         self.request.saml_session['identity'] = ava
@@ -510,7 +512,7 @@ def build_authn_response(self, user, authn, resp_args):
                 resp_args['encrypt_cert_assertion'] = sp_enc_cert[0]
                 resp_args['encrypt_cert_advice'] = sp_enc_cert[0]
 
-                # PREFIM won't work with shibboleth
+                # PREFIM here won't work with shibboleth
                 # WARN Shibboleth.AttributeResolver.Query [4] [default]: no SAML 2 AttributeAuthority role found in metadata
                 # resp_args['pefim'] = 1
         # END ENCRYPTED ASSERTION
@@ -589,9 +591,10 @@ def render_response(self, request, html_response):
         request.saml_session['sp_entity_id'] = self.sp['id']
 
         # Conditions for showing user agreement screen
-        user_agreement_enabled_for_sp = self.sp['config'].get('show_user_agreement_screen',
-                                                              getattr(settings,
-                                                                      "SAML_IDP_SHOW_USER_AGREEMENT_SCREEN"))
+        user_agreement_enabled_for_sp = self.sp['config'].get(
+                        'show_user_agreement_screen',
+                        getattr(settings, "SAML_IDP_SHOW_USER_AGREEMENT_SCREEN")
+        )
 
         agreement_for_sp = AgreementRecord.objects.filter(user=request.user,
                                                           sp_entity_id=self.sp['id']).first()
@@ -648,18 +651,21 @@ def form_valid(self, form):
         authn_issue_instant = self.request.saml_session['issue_instant']
         for tformat in settings.SAML2_DATETIME_FORMATS:
             try:
-                issue_instant = timezone.datetime.strptime(authn_issue_instant,
-                                                           tformat)
+                issue_instant = timezone.datetime.strptime(
+                                    authn_issue_instant, tformat
+                )
                 break
             except Exception as e:
-                logger.debug('{} not parseable with {}: {}'.format(authn_issue_instant,
-                                                                   tformat, e))
+                logger.debug('{} not parseable with {}: {}'.format(
+                                        authn_issue_instant, tformat, e)
+                )
         # end check
         mins = getattr(settings, 'SESSION_COOKIE_AGE', 600)
         dt_check = None
         try:
-            dt_check = issue_instant < timezone.make_naive((now - datetime.timedelta(minutes=mins)),
-                                                           timezone.get_current_timezone())
+            dt_check = issue_instant < timezone.make_naive(
+                                (now - datetime.timedelta(minutes=mins)),
+                                 timezone.get_current_timezone())
         except Exception as e:
             logger.error('Issue instant time comparison failed: {}'.format(e))
         if dt_check:
-Original file line number
+Diff line change
@@ Expand Up @@
     ::
-        ./manage.py aacli -u joe -e https://sptest.auth.unical.it/saml2
+        ./manage.py aacli -u mario -e https://sptest.auth.unical.it/saml2
     example output::
@@ Expand Down @@