From def06bee417c1c635c22e9ce7ff0077dfac0e71f Mon Sep 17 00:00:00 2001
From: Attila DEBRECZENI <9527748+Atisom@users.noreply.github.com>
Date: Fri, 3 Apr 2020 13:44:03 +0000
Subject: [PATCH] set SAML wantAssertionsEncrypted from config

---
 powerdnsadmin/services/saml.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/powerdnsadmin/services/saml.py b/powerdnsadmin/services/saml.py
index 2b7ae4f..8fbeb1e 100644
--- a/powerdnsadmin/services/saml.py
+++ b/powerdnsadmin/services/saml.py
@@ -161,7 +161,8 @@ class SAML(object):
         settings['security']['requestedAuthnContext'] = True
         settings['security'][
             'signatureAlgorithm'] = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256'
-        settings['security']['wantAssertionsEncrypted'] = False
+        settings['security']['wantAssertionsEncrypted'] = current_app.config.get(
+            'SAML_ASSERTION_ENCRYPTED', True)
         settings['security']['wantAttributeStatement'] = True
         settings['security']['wantNameId'] = True
         settings['security']['authnRequestsSigned'] = current_app.config[