Merge pull request #4312 from cchurch/saml-error-handling

SAML error handling fixes

awx/api/views.py

@@ -534,7 +534,7 @@ class AuthView(APIView):
                     saml_backend_data = dict(backend_data.items())
                     saml_backend_data['login_url'] = '%s?idp=%s' % (login_url, idp)
                     full_backend_name = '%s:%s' % (name, idp)
-                    if err_backend == full_backend_name and err_message:
+                    if (err_backend == full_backend_name or err_backend == name) and err_message:
                         saml_backend_data['error'] = err_message
                     data[full_backend_name] = saml_backend_data
             else:

awx/sso/conf.py

@@ -924,13 +924,12 @@ register(
 
 register(
     'SOCIAL_AUTH_SAML_SP_ENTITY_ID',
-    field_class=fields.URLField,
+    field_class=fields.CharField,
-    schemes=('http', 'https'),
     allow_blank=True,
     default='',
     label=_('SAML Service Provider Entity ID'),
-    help_text=_('Set to a URL for a domain name you own (does not need to be a '
+    help_text=_('The application-defined unique identifier used as the '
-                'valid URL; only used as a unique ID).'),
+                'audience of the SAML service provider (SP) configuration.'),
     category=_('SAML'),
     category_slug='saml',
     feature_required='enterprise_auth',

awx/sso/views.py

@@ -83,7 +83,11 @@ class MetadataView(View):
             'saml',
             redirect_uri=complete_url,
         )
-        metadata, errors = saml_backend.generate_metadata_xml()
+        try:
+            metadata, errors = saml_backend.generate_metadata_xml()
+        except Exception as e:
+            logger.exception('unable to generate SAML metadata')
+            errors = e
         if not errors:
             return HttpResponse(content=metadata, content_type='text/xml')
         else: