Allow SAML AttributeStatements to be optional

2025-06-14 20:16:05 +00:00 · 2022-05-19 14:49:46 -07:00
parent 5b36ad034d
commit 9221d58a1b
2 changed files with 6 additions and 1 deletions
--- a/powerdnsadmin/services/saml.py
+++ b/powerdnsadmin/services/saml.py
@ -163,7 +163,8 @@ class SAML(object):
            'signatureAlgorithm'] = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256'
        settings['security']['wantAssertionsEncrypted'] = current_app.config.get(
            'SAML_ASSERTION_ENCRYPTED', True)
-        settings['security']['wantAttributeStatement'] = True
+        settings['security']['wantAttributeStatement'] = current_app.config.get(
+            'SAML_WANT_ATTRIBUTE_STATEMENT', True)
        settings['security']['wantNameId'] = True
        settings['security']['authnRequestsSigned'] = current_app.config[
            'SAML_SIGN_REQUEST']