Matrix-Mirrors/anonymousland-synapse
1
0
Fork 0
mirror of https://git.anonymousland.org/anonymousland/synapse.git synced 2025-05-05 14:24:56 -04:00
Code Issues Projects Releases Packages Wiki Activity

Log saml assertions rather than the whole response

Browse source 
... since the whole response is huge.

We even need to break up the assertions, since kibana otherwise truncates them.
This commit is contained in:
Richard van der Hoff 2020-01-16 22:26:34 +00:00
parent 14d8f342d5
commit acc7820574
3 changed files with 72 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

13
synapse/handlers/saml_handler.py
View file

@ -32,6 +32,7 @@ from synapse.types import (
mxid_localpart_allowed_characters,
)
from synapse.util.async_helpers import Linearizer
from synapse.util.iterutils import chunk_seq
logger = logging.getLogger(__name__)
@ -132,7 +133,17 @@ class SamlHandler:
logger.warning("SAML2 response was not signed")
raise SynapseError(400, "SAML2 response was not signed")
logger.info("SAML2 response: %s", saml2_auth.origxml)
logger.debug("SAML2 response: %s", saml2_auth.origxml)
for assertion in saml2_auth.assertions:
# kibana limits the length of a log field, whereas this is all rather
# useful, so split it up.
count = 0
for part in chunk_seq(str(assertion), 10000):
logger.info(
"SAML2 assertion: %s%s", "(%i)..." % (count,) if count else "", part
)
count += 1
logger.info("SAML2 mapped attributes: %s", saml2_auth.ava)
try: