diff options
| author | Hans Hörberg <hans.horberg@umu.se> | 2014-02-28 08:30:18 +0100 |
|---|---|---|
| committer | Hans Hörberg <hans.horberg@umu.se> | 2014-02-28 08:30:18 +0100 |
| commit | 535acbafaa709363bf5847d0b08cb8b7142ce6eb (patch) | |
| tree | ca84bd0a96e2429e03d138bedb0d5ee4b81e445b | |
| parent | bc9a7bc0eb6975097ab1274b0246cf44dda8d384 (diff) | |
| download | pysaml2-535acbafaa709363bf5847d0b08cb8b7142ce6eb.tar.gz | |
Added code to retrieve certificate.
| -rw-r--r-- | .gitignore | 2 | ||||
| -rw-r--r-- | src/saml2/authn_context/__init__.py | 2 | ||||
| -rw-r--r-- | src/saml2/server.py | 5 | ||||
| -rw-r--r-- | src/saml2/sigver.py | 2 |
4 files changed, 10 insertions, 1 deletions
@@ -147,3 +147,5 @@ example/sp/sp_nocert.xml example/sp/sp_nocert2.xml example/sp/test.py + +example/sp/sp_conf.py diff --git a/src/saml2/authn_context/__init__.py b/src/saml2/authn_context/__init__.py index b75a857a..d1cc4202 100644 --- a/src/saml2/authn_context/__init__.py +++ b/src/saml2/authn_context/__init__.py @@ -136,7 +136,7 @@ class AuthnBroker(object): res = [] for ref in _refs[1:]: - item = self.db[ref] + item = self.db["info"][ref] res.append((item["method"], ref)) if func(_level, item["level"]): _level = item["level"] diff --git a/src/saml2/server.py b/src/saml2/server.py index 73622e8e..de9695f4 100644 --- a/src/saml2/server.py +++ b/src/saml2/server.py @@ -83,6 +83,11 @@ class Server(Entity): self.iv = os.urandom(16) self.lock = threading.Lock() + def getvalid_certificate_str(self): + if self.sec.cert_handler is not None: + return self.sec.cert_handler._last_validated_cert + return None + def support_AssertionIDRequest(self): return True diff --git a/src/saml2/sigver.py b/src/saml2/sigver.py index 36ba5423..11ea5245 100644 --- a/src/saml2/sigver.py +++ b/src/saml2/sigver.py @@ -964,6 +964,7 @@ class CertHandler(object): """ self._verify_cert = False self._generate_cert = False + self._last_cert_verified = None #This cert do not have to be valid, it is just the last cert to be validated. if cert_type == "pem" and key_type == "pem": self._verify_cert = verify_cert is True self._security_context = security_context @@ -993,6 +994,7 @@ class CertHandler(object): def verify_cert(self, cert_file): if self._verify_cert: cert_str = self._osw.read_str_from_file(cert_file, "pem") + self._last_validated_cert = cert_str if self._cert_handler_extra_class is not None and self._cert_handler_extra_class.use_validate_cert_func(): self._cert_handler_extra_class.validate_cert(cert_str, self._cert_str, self._key_str) else: |