When handling logout try each binding from the top level

Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
author: Ivan Kanakarakis <ivan.kanak@gmail.com> 2022-09-23 14:46:18 +0300
committer: Ivan Kanakarakis <ivan.kanak@gmail.com> 2022-09-23 14:53:50 +0300
commit: 71c94d542d437861df57d3e777c93a6bdcf74498 (patch)
tree: 0a977944528d027e7a170392f5ce27ac9885163f
parent: 84aa0e3ed36b0dbe6dcf7db6ab2cc2919303f83e (diff)
download: pysaml2-71c94d542d437861df57d3e777c93a6bdcf74498.tar.gz
1 files changed, 31 insertions, 20 deletions
diff --git a/src/saml2/client.py b/src/saml2/client.py
index 1eebf31d..ee773d3b 100644
--- a/src/saml2/client.py
+++ b/src/saml2/client.py
@@ -698,27 +698,38 @@ class Saml2Client(Base):
             BINDING_SOAP: [BINDING_SOAP],
             BINDING_HTTP_POST: [BINDING_HTTP_POST, BINDING_HTTP_REDIRECT],
             BINDING_HTTP_REDIRECT: [BINDING_HTTP_REDIRECT, BINDING_HTTP_POST],
-        }.get(binding)
+        }.get(binding, [])
 
         if sign is None:
             sign = self.logout_responses_signed
 
-        response = self.create_logout_response(
-            _req.message,
-            bindings=response_bindings,
-            status=status,
-            sign=sign,
-            sign_alg=sign_alg,
-            digest_alg=digest_alg,
-        )
-        rinfo = self.response_args(_req.message, response_bindings)
-
-        return self.apply_binding(
-            rinfo["binding"],
-            response,
-            rinfo["destination"],
-            relay_state,
-            response=True,
-            sign=sign,
-            sigalg=sign_alg,
-        )
+        for response_binding in response_bindings:
+            try:
+                response = self.create_logout_response(
+                    _req.message,
+                    bindings=[response_binding],
+                    status=status,
+                    sign=sign,
+                    sign_alg=sign_alg,
+                    digest_alg=digest_alg,
+                )
+                rinfo = self.response_args(_req.message, [response_binding])
+
+                return self.apply_binding(
+                    rinfo["binding"],
+                    response,
+                    rinfo["destination"],
+                    relay_state,
+                    response=True,
+                    sign=sign,
+                    sigalg=sign_alg,
+                )
+            except Exception:
+                continue
+
+        log_ctx = {
+            "message": "No supported bindings found to create LogoutResponse",
+            "issuer": _req.issuer.text,
+            "response_bindings": response_bindings,
+        }
+        raise SAMLError(log_ctx)
author	Ivan Kanakarakis <ivan.kanak@gmail.com>	2022-09-23 14:46:18 +0300
committer	Ivan Kanakarakis <ivan.kanak@gmail.com>	2022-09-23 14:53:50 +0300
commit	71c94d542d437861df57d3e777c93a6bdcf74498 (patch)
tree	0a977944528d027e7a170392f5ce27ac9885163f
parent	84aa0e3ed36b0dbe6dcf7db6ab2cc2919303f83e (diff)
download	pysaml2-71c94d542d437861df57d3e777c93a6bdcf74498.tar.gz