feat: DecideBackedByTarget microservice

Author: peppelinux

example/plugins/microservices/target_based_routing.yaml.example

@@ -0,0 +1,10 @@
+module: satosa.micro_services.custom_routing.DecideBackendByTarget
+name: TargetRouter
+config:
+
+  # the regex that will intercept http requests to be handled with this microservice
+  endpoint_path: ".*/disco"
+
+  target_mapping:
+    "http://idpspid.testunical.it:8088": "spidSaml2" # map SAML entity with entity id 'target_id' to backend name
+    "http://eidas.testunical.it:8081/saml2/metadata": "eidasSaml2"

src/satosa/micro_services/custom_routing.py

@@ -2,6 +2,8 @@
 from base64 import urlsafe_b64encode
 
 from satosa.context import Context
+from satosa.internal import InternalData
+
 from .base import RequestMicroService
 from ..exception import SATOSAConfigurationError
 from ..exception import SATOSAError
@@ -10,6 +12,66 @@
 logger = logging.getLogger(__name__)
 
 
+class DecideBackendByTarget(RequestMicroService):
+    """
+    Select which backend should be used based on who is the SAML IDP
+    """
+
+    def __init__(self, config, *args, **kwargs):
+        """
+        Constructor.
+        :param config: microservice configuration loaded from yaml file
+        :type config: Dict[str, Dict[str, str]]
+        """
+        super().__init__(*args, **kwargs)
+        self.target_mapping = config['target_mapping']
+        self.endpoint_path = config['endpoint_path']
+
+    def register_endpoints(self):
+        """
+        URL mapping of additional endpoints this micro service needs to register for callbacks.
+
+        Example of a mapping from the url path '/callback' to the callback() method of a micro service:
+            reg_endp = [
+                ("^/callback1$", self.callback),
+            ]
+
+        :rtype List[Tuple[str, Callable[[satosa.context.Context, Any], satosa.response.Response]]]
+
+        :return: A list with functions and args bound to a specific endpoint url,
+                 [(regexp, Callable[[satosa.context.Context], satosa.response.Response]), ...]
+        """
+
+        # this intercepts disco response
+        return [
+            (self.endpoint_path , self.backend_by_entityid),
+        ]
+
+    def backend_by_entityid(self, context):
+        entity_id = context.request.get('entityID')
+        tr_backend = self.target_mapping.get(entity_id)
+
+        if not all((context.request,
+                    entity_id,
+                    entity_id in self.target_mapping.keys(),
+                    tr_backend)):
+            return
+
+        context.internal_data['target_entity_id'] = entity_id
+        context.target_frontend = context.state['ROUTER']
+
+        data_serialized = context.state.get(self.name, {}).get("internal", {})
+        data = InternalData.from_dict(data_serialized)
+
+        native_backend = context.target_backend
+        msg = (f'Found DecideBackendByTarget ({self.name} microservice) '
+               f'redirecting {entity_id} from {native_backend} '
+               f'backend to {tr_backend}')
+        logger.info(msg)
+        context.target_backend = tr_backend
+        return super().process(context, data)
+
+
 class DecideBackendByRequester(RequestMicroService):
     """
     Select which backend should be used based on who the requester is.