diff options
| author | Mark Gregson <mark.gregson@linkdigital.com.au> | 2017-03-09 13:59:32 +1100 |
|---|---|---|
| committer | Ivan Kanakarakis <ivan.kanak@gmail.com> | 2018-08-02 20:26:23 +0300 |
| commit | 6466c4e562c05ae519eccce19de43ea1a7a93678 (patch) | |
| tree | dd37ffe623af02878f56d9e1b7f89c2e172d4f79 | |
| parent | b84d55a98c64c9333a02baf8a0ebccf71ac65780 (diff) | |
| download | pysaml2-6466c4e562c05ae519eccce19de43ea1a7a93678.tar.gz | |
Initialize session_info and cleanup code
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
| -rw-r--r-- | src/saml2/s2repoze/plugins/sp.py | 44 |
1 files changed, 21 insertions, 23 deletions
diff --git a/src/saml2/s2repoze/plugins/sp.py b/src/saml2/s2repoze/plugins/sp.py index 7ae7b20a..fecafdd8 100644 --- a/src/saml2/s2repoze/plugins/sp.py +++ b/src/saml2/s2repoze/plugins/sp.py @@ -445,26 +445,25 @@ class SAML2Plugin(object): """ #logger = environ.get('repoze.who.logger', '') - query = parse_dict_querystring(environ) - if ("CONTENT_LENGTH" not in environ or not environ[ - "CONTENT_LENGTH"]) and \ - "SAMLResponse" not in query and "SAMLRequest" not in \ - query: - logger.debug('[identify] get or empty post') - return None - - # if logger: - # logger.info("ENVIRON: %s", environ) - # logger.info("self: %s", self.__dict__) + session_info = None uri = environ.get('REQUEST_URI', construct_url(environ)) + query = parse_dict_querystring(environ) logger.debug('[sp.identify] uri: %s', uri) - - query = parse_dict_querystring(environ) logger.debug('[sp.identify] query: %s', query) - if "SAMLResponse" in query or "SAMLRequest" in query: + is_request = "SAMLRequest" in query + is_response = "SAMLResponse" in query + has_content_length = \ + "CONTENT_LENGTH" in environ \ + or environ["CONTENT_LENGTH"] + + if not has_content_length and not is_request and not is_response: + logger.debug('[identify] get or empty post') + return None + + if is_request or is_response: post = query binding = BINDING_HTTP_REDIRECT else: @@ -482,7 +481,7 @@ class SAML2Plugin(object): if path_info in self.logout_endpoints: logout = True - if logout and "SAMLRequest" in post: + if logout and is_request: print("logout request received") try: response = self.saml_client.handle_logout_request( @@ -494,10 +493,9 @@ class SAML2Plugin(object): import traceback traceback.print_exc() - elif "SAMLResponse" not in post: + elif not is_response: logger.info("[sp.identify] --- NOT SAMLResponse ---") - # Not for me, put the post back where next in line can - # find it + # Not for me, put the post back where next in line can find it environ["post.fieldstorage"] = post # restore wsgi.input incase that is needed # only of s2repoze.body is present @@ -507,12 +505,11 @@ class SAML2Plugin(object): else: logger.info("[sp.identify] --- SAMLResponse ---") # check for SAML2 authN response - #if self.debug: try: if logout: response = \ self.saml_client.parse_logout_request_response( - post["SAMLResponse"][0], binding) + post["SAMLResponse"][0], binding) if response: action = self.saml_client.handle_logout_response( response) @@ -520,7 +517,6 @@ class SAML2Plugin(object): if type(action) == dict: request = self._handle_logout(action) else: - #logout complete request = HTTPSeeOther(headers=[ ('Location', "/")]) if request: @@ -551,9 +547,11 @@ class SAML2Plugin(object): if session_info: environ["s2repoze.sessioninfo"] = session_info - return self._construct_identity(session_info) + identity_info = self._construct_identity(session_info) else: - return None + identity_info = None + + return identity_info # IMetadataProvider def add_metadata(self, environ, identity): |