Merge pull request #827 from rectalogic/session-index

Handle KeyError when retrieving SessionIndex
author: Ivan Kanakarakis <ivan.kanak@gmail.com> 2021-09-21 11:55:02 +0300
committer: GitHub <noreply@github.com> 2021-09-21 11:55:02 +0300
commit: f12ade09aa89211c42b7dc6ed94728f8aa69cffb (patch)
tree: 4d24b564b6c5d0eb5e687661bc02a10ade2fbdbf
parent: d88ad14d818ade2ea06c9c7823fca32eb878cea9 (diff)
parent: d83525262ec7f573abc852c7a0d33a968caaddd5 (diff)
download: pysaml2-f12ade09aa89211c42b7dc6ed94728f8aa69cffb.tar.gz
2 files changed, 30 insertions, 3 deletions
diff --git a/src/saml2/client.py b/src/saml2/client.py
index 61d81502..aa0bd0c9 100644
--- a/src/saml2/client.py
+++ b/src/saml2/client.py
@@ -294,9 +294,12 @@ class Saml2Client(Base):
                 )
                 continue
 
-            session_info = self.users.get_info_from(name_id, entity_id, False)
-            session_index = session_info.get('session_index')
-            session_indexes = [session_index] if session_index else None
+            try:
+                session_info = self.users.get_info_from(name_id, entity_id, False)
+                session_index = session_info.get('session_index')
+                session_indexes = [session_index] if session_index else None
+            except KeyError:
+                session_indexes = None
 
             sign = sign if sign is not None else self.logout_requests_signed
             sign_post = sign and (
diff --git a/tests/test_51_client.py b/tests/test_51_client.py
index c82917cd..0fbf63f8 100644
--- a/tests/test_51_client.py
+++ b/tests/test_51_client.py
@@ -1594,6 +1594,30 @@ class TestClient:
                                                BINDING_HTTP_POST)
         assert b'<ns0:SessionIndex>_foo</ns0:SessionIndex>' in res.xmlstr
 
+    def test_do_logout_redirect_no_cache(self):
+        conf = config.SPConfig()
+        conf.load_file("sp_slo_redirect_conf")
+        client = Saml2Client(conf)
+
+        entity_ids = ["urn:mace:example.com:saml:roland:idp"]
+        resp = client.do_logout(nid, entity_ids, "urn:oasis:names:tc:SAML:2.0:logout:user",
+                                in_a_while(minutes=5),
+                                expected_binding=BINDING_HTTP_REDIRECT)
+        assert resp
+        assert len(resp) == 1
+        assert list(resp.keys()) == entity_ids
+        binding, info = resp[entity_ids[0]]
+        assert binding == BINDING_HTTP_REDIRECT
+
+        loc = info["headers"][0][1]
+        _, _, _, _, qs, _ = parse.urlparse(loc)
+        qs = parse.parse_qs(qs)
+        assert _leq(qs.keys(), ['SAMLRequest', 'RelayState'])
+
+        res = self.server.parse_logout_request(qs["SAMLRequest"][0],
+                                               BINDING_HTTP_REDIRECT)
+        assert res.subject_id() == nid
+
     def test_do_logout_session_expired(self):
         # information about the user from an IdP
         session_info = {
author	Ivan Kanakarakis <ivan.kanak@gmail.com>	2021-09-21 11:55:02 +0300
committer	GitHub <noreply@github.com>	2021-09-21 11:55:02 +0300
commit	f12ade09aa89211c42b7dc6ed94728f8aa69cffb (patch)
tree	4d24b564b6c5d0eb5e687661bc02a10ade2fbdbf
parent	d88ad14d818ade2ea06c9c7823fca32eb878cea9 (diff)
parent	d83525262ec7f573abc852c7a0d33a968caaddd5 (diff)
download	pysaml2-f12ade09aa89211c42b7dc6ed94728f8aa69cffb.tar.gz