Update djangosaml dependency

Using version 0.17.1 which depends on pysaml 4.5.0, what doesnt have the vulnerability. Add an option to saml sp, to not require signed response.

Update djangosaml dependency
Using version 0.17.1 which depends on pysaml 4.5.0, what doesnt have the vulnerability. Add an option to saml sp, to not require signed response.
ba8c44de · Chif Gergő · 69f2f207 · ba8c44de · ba8c44de
Commit ba8c44de authored Feb 18, 2019 by Chif Gergő
Show whitespace changes
Inline Side-by-side

Showing with 2 additions and 1 deletions

circle/circle/settings/base.py
+1 -0

requirements/base.txt
+1 -1

No files found.
--- a/circle/circle/settings/base.py
+++ b/circle/circle/settings/base.py
@@ -495,6 +495,7 @@ if get_env_variable('DJANGO_SAML', 'FALSE') == 'TRUE':
                },
                'required_attributes': required_attrs,
                'optional_attributes': optional_attrs,
+                'want_response_signed': False,
            },
        },
        'metadata': {'local': [remote_metadata], },

--- a/requirements/base.txt
+++ b/requirements/base.txt
@@ -16,7 +16,7 @@ django-sizefield==0.9.1
 django-statici18n==1.4.0
 django-tables2==1.10.0
 django-taggit==0.22.1
-djangosaml2==0.16.10
+djangosaml2==0.17.1
 git+https://git.ik.bme.hu/circle/django-sshkey.git
 docutils==0.12
 Jinja2==2.7.3