Remove SAML authentication (#15568)

* remove saml * remove license file and management command * update requirements, add migrations * remove unused imports
2026-03-07 19:51:08 -03:30 · 2024-10-02 12:47:08 -04:00
parent bf09b95b61
commit 1ca034b0a7
35 changed files with 76 additions and 2439 deletions
--- a/awx/api/conf.py
+++ b/awx/api/conf.py
@@ -37,7 +37,7 @@ register(
    label=_('Disable the built-in authentication system'),
    help_text=_(
        "Controls whether users are prevented from using the built-in authentication system. "
-        "You probably want to do this if you are using an LDAP or SAML integration."
+        "You probably want to do this if you are using an LDAP integration."
    ),
    category=_('Authentication'),
    category_slug='authentication',
@@ -77,8 +77,8 @@ register(
    default=False,
    label=_('Allow External Users to Create OAuth2 Tokens'),
    help_text=_(
-        'For security reasons, users from external auth providers (LDAP, SAML, '
-        'SSO, and others) are not allowed to create OAuth2 tokens. '
+        'For security reasons, users from external auth providers (LDAP, SSO, '
+        ' and others) are not allowed to create OAuth2 tokens. '
        'To change this behavior, enable this setting. Existing tokens will '
        'not be deleted when this setting is toggled off.'
    ),
--- a/awx/api/views/init.py
+++ b/awx/api/views/init.py
@@ -689,25 +689,15 @@ class AuthView(APIView):
        data = OrderedDict()
        err_backend, err_message = request.session.get('social_auth_error', (None, None))
        auth_backends = list(load_backends(settings.AUTHENTICATION_BACKENDS, force_load=True).items())
-        # Return auth backends in consistent order: oidc, saml.
+        # Return auth backends in consistent order: oidc.
        auth_backends.sort(key=lambda x: x[0])
        for name, backend in auth_backends:
            login_url = reverse('social:begin', args=(name,))
            complete_url = request.build_absolute_uri(reverse('social:complete', args=(name,)))
            backend_data = {'login_url': login_url, 'complete_url': complete_url}
-            if name == 'saml':
-                backend_data['metadata_url'] = reverse('sso:saml_metadata')
-                for idp in sorted(settings.SOCIAL_AUTH_SAML_ENABLED_IDPS.keys()):
-                    saml_backend_data = dict(backend_data.items())
-                    saml_backend_data['login_url'] = '%s?idp=%s' % (login_url, idp)
-                    full_backend_name = '%s:%s' % (name, idp)
-                    if (err_backend == full_backend_name or err_backend == name) and err_message:
-                        saml_backend_data['error'] = err_message
-                    data[full_backend_name] = saml_backend_data
-            else:
-                if err_backend == name and err_message:
-                    backend_data['error'] = err_message
-                data[name] = backend_data
+            if err_backend == name and err_message:
+                backend_data['error'] = err_message
+            data[name] = backend_data
        return Response(data)