diff options
author | Ivan Kanakarakis <ivan.kanak@gmail.com> | 2022-09-23 14:46:18 +0300 |
---|---|---|
committer | Ivan Kanakarakis <ivan.kanak@gmail.com> | 2022-09-23 14:53:50 +0300 |
commit | 71c94d542d437861df57d3e777c93a6bdcf74498 (patch) | |
tree | 0a977944528d027e7a170392f5ce27ac9885163f | |
parent | 84aa0e3ed36b0dbe6dcf7db6ab2cc2919303f83e (diff) | |
download | pysaml2-71c94d542d437861df57d3e777c93a6bdcf74498.tar.gz |
When handling logout try each binding from the top level
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
-rw-r--r-- | src/saml2/client.py | 51 |
1 files changed, 31 insertions, 20 deletions
diff --git a/src/saml2/client.py b/src/saml2/client.py index 1eebf31d..ee773d3b 100644 --- a/src/saml2/client.py +++ b/src/saml2/client.py @@ -698,27 +698,38 @@ class Saml2Client(Base): BINDING_SOAP: [BINDING_SOAP], BINDING_HTTP_POST: [BINDING_HTTP_POST, BINDING_HTTP_REDIRECT], BINDING_HTTP_REDIRECT: [BINDING_HTTP_REDIRECT, BINDING_HTTP_POST], - }.get(binding) + }.get(binding, []) if sign is None: sign = self.logout_responses_signed - response = self.create_logout_response( - _req.message, - bindings=response_bindings, - status=status, - sign=sign, - sign_alg=sign_alg, - digest_alg=digest_alg, - ) - rinfo = self.response_args(_req.message, response_bindings) - - return self.apply_binding( - rinfo["binding"], - response, - rinfo["destination"], - relay_state, - response=True, - sign=sign, - sigalg=sign_alg, - ) + for response_binding in response_bindings: + try: + response = self.create_logout_response( + _req.message, + bindings=[response_binding], + status=status, + sign=sign, + sign_alg=sign_alg, + digest_alg=digest_alg, + ) + rinfo = self.response_args(_req.message, [response_binding]) + + return self.apply_binding( + rinfo["binding"], + response, + rinfo["destination"], + relay_state, + response=True, + sign=sign, + sigalg=sign_alg, + ) + except Exception: + continue + + log_ctx = { + "message": "No supported bindings found to create LogoutResponse", + "issuer": _req.issuer.text, + "response_bindings": response_bindings, + } + raise SAMLError(log_ctx) |