providers/saml: initial SLO implementation (#2346)

* providers/saml: initial SLO implementation Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * providers/saml: add logout request tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * providers/saml: add tests for POST SLO Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * matrix e2e tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix import Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * set e2e matrix name Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix imports Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * separate oidc and oauth tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add basic saml slo e2e tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add better metadata download url Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * kinda prepare release notes Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * sort releases into folders Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add slo urls to website Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix linking Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add api tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * update docs Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2023-01-04 19:45:31 +01:00
parent 1e01e9813d
commit dc1359a763
69 changed files with 3085 additions and 1477 deletions
--- a/website/docs/providers/saml.md
+++ b/website/docs/providers/saml.md
@ -5,12 +5,14 @@ title: SAML Provider
 This provider allows you to integrate enterprise software using the SAML2 Protocol. It supports signed requests and uses [Property Mappings](../property-mappings/#saml-property-mapping) to determine which fields are exposed and what values they return. This makes it possible to expose vendor-specific fields.
 Default fields are exposed through auto-generated Property Mappings, which are prefixed with "authentik default".

-| Endpoint               | URL                                                          |
-| ---------------------- | ------------------------------------------------------------ |
-| SSO (Redirect binding) | `/application/saml/<application slug>/sso/binding/redirect/` |
-| SSO (POST binding)     | `/application/saml/<application slug>/sso/binding/post/`     |
-| IdP-initiated login    | `/application/saml/<application slug>/sso/binding/init/`     |
-| Metadata Download      | `/api/v3/providers/saml/<provider uid>/metadata/?download/`  |
+| Endpoint                  | URL                                                          |
+| ------------------------- | ------------------------------------------------------------ |
+| SSO (Redirect binding)    | `/application/saml/<application slug>/sso/binding/redirect/` |
+| SSO (POST binding)        | `/application/saml/<application slug>/sso/binding/post/`     |
+| SSO (IdP-initiated login) | `/application/saml/<application slug>/sso/binding/init/`     |
+| SLO (Redirect binding)    | `/application/saml/<application slug>/slo/binding/redirect/` |
+| SLO (POST binding)        | `/application/saml/<application slug>/slo/binding/post/`     |
+| Metadata Download         | `/application/saml/<application slug>/metadata/`             |

 You can download the metadata through the Webinterface, this link might be handy if your software wants to download the metadata directly.