From c1b568b01f769b23f4d8eaeb0e550583c22562a9 Mon Sep 17 00:00:00 2001
From: Giuseppe De Marco <giuseppe.demarco@unical.it>
Date: Fri, 20 Dec 2019 00:04:39 +0100
Subject: [PATCH] forceauthn and allow_create support refactored

---
 djangosaml2/views.py | 16 ++++++++++++----
 1 file changed, 12 insertions(+), 4 deletions(-)

diff --git a/djangosaml2/views.py b/djangosaml2/views.py
index 9531c8d8..c12d55ba 100644
--- a/djangosaml2/views.py
+++ b/djangosaml2/views.py
@@ -138,10 +138,18 @@ def login(request,
 
     kwargs = {}
     # pysaml needs a string otherwise: "cannot serialize True (type bool)"
-    if getattr(conf, '_sp_force_authn'):
-        kwargs['force_authn'] = "true"
-    if getattr(conf, '_sp_allow_create', "false"):
-        kwargs['allow_create'] = "true"
+    _false_match_list = [0, False, 'false']
+    if hasattr(conf, '_sp_force_authn'):
+        if conf._sp_force_authn in _false_match_list:
+            kwargs['force_authn'] = "false"
+        else:
+            kwargs['force_authn'] = "true"
+        
+    if hasattr(conf, '_sp_allow_create'):
+        if conf._sp_allow_create in _false_match_list:
+            kwargs['allow_create'] = "false"
+        else:
+            kwargs['allow_create'] = "true"
 
     # is a embedded wayf needed?
     idps = available_idps(conf)