feat: Trigger to get custom frontend URLs (#350)

henryh9n · web-flow · commit 5b19d9c62442 · 2024-11-08T16:22:03.000+01:00
* feat: Trgger to get custom frontend URLs
* Fix the typing
* Try parallel coveralls
diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
@@ -50,11 +50,21 @@ jobs:
       - name: Test Django ${{ matrix.versions.djangoVersion }} with coverage 🧪
         run: poetry run coverage run --source=django_saml2_auth -m pytest . && poetry run coverage lcov -o coverage.lcov
       - name: Submit coverage report to Coveralls 📈
-        if: ${{ success() }}  && ${{ matrix.versions.pythonVersion }} == '3.10' && ${{ matrix.versions.djangoVersion }} == '4.2.16'
         uses: coverallsapp/github-action@v2
         with:
           github-token: ${{ secrets.GITHUB_TOKEN }}
           path-to-lcov: ./coverage.lcov
+          flag-name: run-${{ join(matrix.versions.*, '-') }}
+          parallel: true
+  finish:
+    needs: test
+    if: ${{ always() }}
+    runs-on: ubuntu-latest
+    steps:
+      - name: Coveralls Finished
+        uses: coverallsapp/github-action@v2
+        with:
+          parallel-finished: true
   build:
     name: Build and Push django-saml2-auth to PyPI
     runs-on: ubuntu-latest
diff --git a/README.md b/README.md
@@ -189,6 +189,8 @@ python setup.py install
             'GET_METADATA_AUTO_CONF_URLS': 'path.to.your.get.metadata.conf.hook.method',
             # This will override ASSERTION_URL to allow more dynamic assertion URLs
             'GET_CUSTOM_ASSERTION_URL': 'path.to.your.get.custom.assertion.url.hook.method',
+            # This will override FRONTEND_URL for more dynamic URLs
+            'GET_CUSTOM_FRONTEND_URL': 'path.to.your.get.custom.frontend.url.hook.method',
         },
         'ASSERTION_URL': 'https://mysite.com',  # Custom URL to validate incoming SAML requests against
         'ENTITY_ID': 'https://mysite.com/sso/acs/',  # Populates the Issuer element in authn request
@@ -260,6 +262,7 @@ Some of the following settings are related to how this module operates. The rest
 | **TRIGGER.CUSTOM\_CREATE\_JWT**             | A hook function to create a custom JWT for the user. This method will be called instead of the `create_jwt_token` default function and should return the token. This method accepts one parameter: `user`.                                                                                                                                                                                                                                                  | `str`            | `None`                                                                                                                                   | `my_app.models.users.create_custom_token`                                               |
 | **TRIGGER.CUSTOM\_TOKEN\_QUERY**            | A hook function to create a custom query params with the JWT for the user. This method will be called after `CUSTOM_CREATE_JWT` to populate a query and attach it to a URL; should return the query params containing the token (e.g., `?token=encoded.jwt.token`). This method accepts one parameter: `token`.                                                                                                                                             | `str`            | `None`                                                                                                                                   | `my_app.models.users.get_custom_token_query`                                            |
 | **TRIGGER.GET\_CUSTOM\_ASSERTION\_URL**     | A hook function to get the assertion URL dynamically. Useful when you have dynamic routing, multi-tenant setup and etc. Overrides `ASSERTION_URL`.                                                                                                                                                                                                                                                                                                          | `str`            | `None`                                                                                                                                   | `my_app.utils.get_custom_assertion_url`                                                 |
+| **TRIGGER.GET\_CUSTOM\_FRONTEND\_URL**      | A hook function to get a dynamic `FRONTEND_URL` dynamically (see below for more details). Overrides `FRONTEND_URL`. Acceots one parameter: `relay_state`.                                                                                                                                                                                                                                                                                                   | `str`            | `None`                                                                                                                                   | `my_app.utils.get_custom_frontend_url`                                                  |
 | **ASSERTION\_URL**                          | A URL to validate incoming SAML responses against. By default, `django-saml2-auth` will validate the SAML response's Service Provider address against the actual HTTP request's host and scheme. If this value is set, it will validate against `ASSERTION_URL` instead - perfect for when Django is running behind a reverse proxy. This will only allow to customize the domain part of the URL, for more customization use `GET_CUSTOM_ASSERTION_URL`.   | `str`            | `None`                                                                                                                                   | `https://example.com`                                                                   |
 | **ENTITY\_ID**                              | The optional entity ID string to be passed in the 'Issuer' element of authentication request, if required by the IDP.                                                                                                                                                                                                                                                                                                                                       | `str`            | `None`                                                                                                                                   | `https://exmaple.com/sso/acs`                                                           |
 | **NAME\_ID\_FORMAT**                        | Set to the string `'None'`, to exclude sending the `'Format'` property of the `'NameIDPolicy'` element in authentication requests.                                                                                                                                                                                                                                                                                                                          | `str`            | `<urn:oasis:names:tc:SAML:2.0:nameid-format:transient>`                                                                                  |                                                                                         |
diff --git a/django_saml2_auth/views.py b/django_saml2_auth/views.py
@@ -161,6 +161,9 @@ def acs(request: HttpRequest):
 
         # Use JWT auth to send token to frontend
         frontend_url = dictor(saml2_auth_settings, "FRONTEND_URL", next_url)
+        custom_frontend_url_trigger = dictor(saml2_auth_settings, "TRIGGER.GET_CUSTOM_FRONTEND_URL")
+        if custom_frontend_url_trigger:
+            frontend_url = run_hook(custom_frontend_url_trigger, relay_state)  # type: ignore
 
         return HttpResponseRedirect(frontend_url + query)
 
