diff options
author | Andrew Wason <rectalogic@rectalogic.com> | 2021-09-10 17:24:29 -0400 |
---|---|---|
committer | Andrew Wason <rectalogic@rectalogic.com> | 2021-09-10 17:57:14 -0400 |
commit | d83525262ec7f573abc852c7a0d33a968caaddd5 (patch) | |
tree | 25e9bffe6b26e14197181f7afd2b6d856adc005b | |
parent | f0a6d63c315e5ec0a47419d28720f25ceb359212 (diff) | |
download | pysaml2-d83525262ec7f573abc852c7a0d33a968caaddd5.tar.gz |
Handle KeyError when retrieving SessionIndex
This was broken in commit b69e92585
Fixes https://github.com/IdentityPython/pysaml2/issues/826
-rw-r--r-- | src/saml2/client.py | 9 | ||||
-rw-r--r-- | tests/test_51_client.py | 24 |
2 files changed, 30 insertions, 3 deletions
diff --git a/src/saml2/client.py b/src/saml2/client.py index 61d81502..aa0bd0c9 100644 --- a/src/saml2/client.py +++ b/src/saml2/client.py @@ -294,9 +294,12 @@ class Saml2Client(Base): ) continue - session_info = self.users.get_info_from(name_id, entity_id, False) - session_index = session_info.get('session_index') - session_indexes = [session_index] if session_index else None + try: + session_info = self.users.get_info_from(name_id, entity_id, False) + session_index = session_info.get('session_index') + session_indexes = [session_index] if session_index else None + except KeyError: + session_indexes = None sign = sign if sign is not None else self.logout_requests_signed sign_post = sign and ( diff --git a/tests/test_51_client.py b/tests/test_51_client.py index c82917cd..0fbf63f8 100644 --- a/tests/test_51_client.py +++ b/tests/test_51_client.py @@ -1594,6 +1594,30 @@ class TestClient: BINDING_HTTP_POST) assert b'<ns0:SessionIndex>_foo</ns0:SessionIndex>' in res.xmlstr + def test_do_logout_redirect_no_cache(self): + conf = config.SPConfig() + conf.load_file("sp_slo_redirect_conf") + client = Saml2Client(conf) + + entity_ids = ["urn:mace:example.com:saml:roland:idp"] + resp = client.do_logout(nid, entity_ids, "urn:oasis:names:tc:SAML:2.0:logout:user", + in_a_while(minutes=5), + expected_binding=BINDING_HTTP_REDIRECT) + assert resp + assert len(resp) == 1 + assert list(resp.keys()) == entity_ids + binding, info = resp[entity_ids[0]] + assert binding == BINDING_HTTP_REDIRECT + + loc = info["headers"][0][1] + _, _, _, _, qs, _ = parse.urlparse(loc) + qs = parse.parse_qs(qs) + assert _leq(qs.keys(), ['SAMLRequest', 'RelayState']) + + res = self.server.parse_logout_request(qs["SAMLRequest"][0], + BINDING_HTTP_REDIRECT) + assert res.subject_id() == nid + def test_do_logout_session_expired(self): # information about the user from an IdP session_info = { |