diff options
| author | Ioannis Kakavas <ikakavas@noc.grnet.gr> | 2017-08-01 12:46:20 +0300 |
|---|---|---|
| committer | Ioannis Kakavas <ikakavas@noc.grnet.gr> | 2017-08-01 12:46:20 +0300 |
| commit | 5f6b078cdea07623919988daa3e1b5be3ea7309c (patch) | |
| tree | 9173cea081430be377e87f4d81a81ea7063fb2e7 | |
| parent | 5d7f27eeb81f2d4726fa9bd47a20a49564658dc8 (diff) | |
| download | pysaml2-5f6b078cdea07623919988daa3e1b5be3ea7309c.tar.gz | |
Ensure signature checking for SAML Responses is enabled by default
| -rw-r--r-- | src/saml2/client_base.py | 5 | ||||
| -rw-r--r-- | src/saml2/response.py | 2 |
2 files changed, 3 insertions, 4 deletions
diff --git a/src/saml2/client_base.py b/src/saml2/client_base.py index 50b457d1..997e43e4 100644 --- a/src/saml2/client_base.py +++ b/src/saml2/client_base.py @@ -112,10 +112,9 @@ class Base(Entity): self.allow_unsolicited = False self.authn_requests_signed = False self.want_assertions_signed = False - self.want_response_signed = False + self.want_response_signed = True for foo in ["allow_unsolicited", "authn_requests_signed", - "logout_requests_signed", "want_assertions_signed", - "want_response_signed"]: + "logout_requests_signed", "want_assertions_signed"]: v = self.config.getattr(foo, "sp") if v is True or v == 'true': setattr(self, foo, True) diff --git a/src/saml2/response.py b/src/saml2/response.py index 5ca75bf1..3c938e69 100644 --- a/src/saml2/response.py +++ b/src/saml2/response.py @@ -470,7 +470,7 @@ class AuthnResponse(StatusResponse): return_addrs=None, outstanding_queries=None, timeslack=0, asynchop=True, allow_unsolicited=False, test=False, allow_unknown_attributes=False, - want_assertions_signed=False, want_response_signed=False, + want_assertions_signed=False, want_response_signed=True, conv_info=None, **kwargs): StatusResponse.__init__(self, sec_context, return_addrs, timeslack, |