diff options
author | Thomas Knott <tknott@doctorondemand.com> | 2018-08-14 14:51:51 -0700 |
---|---|---|
committer | Ivan Kanakarakis <ivan.kanak@gmail.com> | 2018-08-29 21:42:49 +0300 |
commit | 59a01c96f7985d6f41fcf1f62b6479432f557bc0 (patch) | |
tree | bcd44402a69819ee11c644de97822dcef2f216ae | |
parent | 5a844536d7074b1c2fe111515beaa75557dbc577 (diff) | |
download | pysaml2-59a01c96f7985d6f41fcf1f62b6479432f557bc0.tar.gz |
Multiple AttributeStatement tags per Assertion
This was necessary to implement a real-world SSO integration,
which required handlinge multiple AttributeStatement elements
within a single assertion in a SAML response.
Orginally this change was implemented in a private fork
by Thomas Knott for pysaml 2.2.0, and has been ported
by Sheila Allen for use in pysaml 4.6.0 to hopefully
merge upstream.
There was a similar PR for the same need by pcrownov:
https://github.com/IdentityPython/pysaml2/pull/205/files
-rw-r--r-- | src/saml2/response.py | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/src/saml2/response.py b/src/saml2/response.py index 6de8723b..cb3deac5 100644 --- a/src/saml2/response.py +++ b/src/saml2/response.py @@ -649,7 +649,7 @@ class AuthnResponse(StatusResponse): self.allow_unknown_attributes) def get_identity(self): - """ The assertion can contain zero or one attributeStatements + """ The assertion can contain zero or more attributeStatements """ ava = {} @@ -662,9 +662,11 @@ class AuthnResponse(StatusResponse): ava.update(self.read_attribute_statement( tmp_assertion.attribute_statement[0])) if _assertion.attribute_statement: - assert len(_assertion.attribute_statement) == 1 - _attr_statem = _assertion.attribute_statement[0] - ava.update(self.read_attribute_statement(_attr_statem)) + logger.debug("Assertion contains %s attribute statement(s)", + (len(self.assertion.attribute_statement))) + for _attr_statem in _assertion.attribute_statement: + logger.debug("Attribute Statement: %s" % (_attr_statem,)) + ava.update(self.read_attribute_statement(_attr_statem)) if not ava: logger.debug("Assertion contains no attribute statements") return ava |