In the current system with the legacy IAM, we have implemented a class inherited from ModelViewSet
with login and logout functions. In the legacy IAM, it is not compulsory to obtain name_id
and session_index
to logout. Therefore, we can bypass acs
(a.k.a. assertion_consumer_service) to obtain these information and go straight to the logout.
Now, a new IAM system is deployed and we need to extend the current implementation to support both login and logout (along with acs). name_id
and session_index
shall be provided in LogoutRequest
. Given we have different set of URLs for
How can we update the following code to support the callback from acs so that we can save the name_id
and session_index
?
urls.py
router = DefaultRouter()
router.register("saml2/account", Saml2AccountView, basename="account")
urlpatterns = [
url("", include(router.urls)),
]
views.py
class Saml2AccountView(viewsets.ModelViewSet):
@action(detail=False, methods=['get'])
def login(self, request, *args, **kwargs):
# implement the login function
@action(detail=False, methods=['get'])
def logout(self, request, *args, **kwargs):
# implement the logout function
NOTE: We are using https://pypi.org/project/django-saml2-auth/ for the SAML implementation with the login/logout.
Please try to add following method in the Saml2AccountView
class:
class Saml2AccountView(viewsets.ModelViewSet):
@action(detail=False, methods=['get'])
def acs(request, *args, **kwargs):
# implement the acs function
And add the following in urls.py
:
urlpatterns = [
path("saml2/account", Saml2AccountView.acs),
]