diff options
author | Ivan Kanakarakis <ivan.kanak@gmail.com> | 2018-08-02 20:38:55 +0300 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-08-02 20:38:55 +0300 |
commit | 58a3bfd47886762d94b6196a31773b2a08ef0b81 (patch) | |
tree | 56e48cbed422c4bcb67cc7ffa876e8054852fe2a | |
parent | 39a29be6cbff678e2ace31da4999eb8bf84d6966 (diff) | |
parent | 6466c4e562c05ae519eccce19de43ea1a7a93678 (diff) | |
download | pysaml2-58a3bfd47886762d94b6196a31773b2a08ef0b81.tar.gz |
Merge pull request #395 from DataShades/identify-session-info-fix
Initialize session_info before assignment
-rw-r--r-- | src/saml2/s2repoze/plugins/sp.py | 44 |
1 files changed, 21 insertions, 23 deletions
diff --git a/src/saml2/s2repoze/plugins/sp.py b/src/saml2/s2repoze/plugins/sp.py index 3049cd5c..897f31f1 100644 --- a/src/saml2/s2repoze/plugins/sp.py +++ b/src/saml2/s2repoze/plugins/sp.py @@ -445,26 +445,25 @@ class SAML2Plugin(object): """ #logger = environ.get('repoze.who.logger', '') - query = parse_dict_querystring(environ) - if ("CONTENT_LENGTH" not in environ or not environ[ - "CONTENT_LENGTH"]) and \ - "SAMLResponse" not in query and "SAMLRequest" not in \ - query: - logger.debug('[identify] get or empty post') - return None - - # if logger: - # logger.info("ENVIRON: %s", environ) - # logger.info("self: %s", self.__dict__) + session_info = None uri = environ.get('REQUEST_URI', construct_url(environ)) + query = parse_dict_querystring(environ) logger.debug('[sp.identify] uri: %s', uri) - - query = parse_dict_querystring(environ) logger.debug('[sp.identify] query: %s', query) - if "SAMLResponse" in query or "SAMLRequest" in query: + is_request = "SAMLRequest" in query + is_response = "SAMLResponse" in query + has_content_length = \ + "CONTENT_LENGTH" in environ \ + or environ["CONTENT_LENGTH"] + + if not has_content_length and not is_request and not is_response: + logger.debug('[identify] get or empty post') + return None + + if is_request or is_response: post = query binding = BINDING_HTTP_REDIRECT else: @@ -482,7 +481,7 @@ class SAML2Plugin(object): if path in self.logout_endpoints: logout = True - if logout and "SAMLRequest" in post: + if logout and is_request: print("logout request received") if binding == BINDING_HTTP_REDIRECT: saml_request = post["SAMLRequest"] @@ -498,10 +497,9 @@ class SAML2Plugin(object): import traceback traceback.print_exc() - elif "SAMLResponse" not in post: + elif not is_response: logger.info("[sp.identify] --- NOT SAMLResponse ---") - # Not for me, put the post back where next in line can - # find it + # Not for me, put the post back where next in line can find it environ["post.fieldstorage"] = post # restore wsgi.input incase that is needed # only of s2repoze.body is present @@ -511,12 +509,11 @@ class SAML2Plugin(object): else: logger.info("[sp.identify] --- SAMLResponse ---") # check for SAML2 authN response - #if self.debug: try: if logout: response = \ self.saml_client.parse_logout_request_response( - post["SAMLResponse"][0], binding) + post["SAMLResponse"][0], binding) if response: action = self.saml_client.handle_logout_response( response) @@ -524,7 +521,6 @@ class SAML2Plugin(object): if type(action) == dict: request = self._handle_logout(action) else: - #logout complete request = HTTPSeeOther(headers=[ ('Location', "/")]) if request: @@ -555,9 +551,11 @@ class SAML2Plugin(object): if session_info: environ["s2repoze.sessioninfo"] = session_info - return self._construct_identity(session_info) + identity_info = self._construct_identity(session_info) else: - return None + identity_info = None + + return identity_info # IMetadataProvider def add_metadata(self, environ, identity): |