imsweb · kadaji · May 24, 2024 · May 24, 2024 · May 29, 2024 · dcwatson
diff --git a/sp/admin.py b/sp/admin.py
@@ -51,6 +51,7 @@ class IdPAdmin(admin.ModelAdmin):
                 "fields": (
                     "contact_name",
                     "contact_email",
+                    "authn_requests_signed",
                     "x509_certificate",
                     "private_key",
                     "certificate_expires",

diff --git a/sp/migrations/0016_idp_authn_requests_signed.py b/sp/migrations/0016_idp_authn_requests_signed.py
@@ -0,0 +1,18 @@
+# Generated by Django 4.2 on 2024-05-24 17:42
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('sp', '0015_idp_logout_request_signed_idp_logout_response_signed'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='idp',
+            name='authn_requests_signed',
+            field=models.BooleanField(default=False, verbose_name='Sign Authentication Request'),
+        ),
+    ]
diff --git a/sp/models.py b/sp/models.py
@@ -44,6 +44,11 @@ class IdP(models.Model):
     )
     contact_name = models.CharField(max_length=100)
     contact_email = models.EmailField(max_length=100)
+
+    authn_requests_signed = models.BooleanField(
+        _("Sign Authentication Request"), default=False
+    )
+
     x509_certificate = models.TextField(blank=True)
     private_key = models.TextField(blank=True)
     certificate_expires = models.DateTimeField(null=True, blank=True)
@@ -217,6 +222,7 @@ def sp_settings(self):
             "security": {
                 "wantAttributeStatement": self.require_attributes,
                 "metadataValidUntil": self.certificate_expires,
+                "authnRequestsSigned": self.authn_requests_signed,
                 "requestedAuthnContextComparison": self.authn_comparison,
                 "requestedAuthnContext": self.authn_context,
                 "logoutRequestSigned": self.logout_request_signed,

diff --git a/sp/views.py b/sp/views.py
@@ -13,6 +13,8 @@
 
 def metadata(request, **kwargs):
     idp = get_request_idp(request, **kwargs)
+    print(idp.sp_settings)
+
     saml_settings = OneLogin_Saml2_Settings(
         settings=idp.sp_settings, sp_validation_only=True
     )