add ability to get required subject id as a RequestedAttribute dict

author: Johan Lundberg <lundberg@sunet.se> 2022-12-09 11:11:08 +0100
committer: Johan Lundberg <lundberg@sunet.se> 2022-12-09 11:11:08 +0100
commit: 74b052f55ead3f711c9b346d1dc7564d6023d5a1 (patch)
tree: 0919904bbe630a80f79b70080da422fd86780fe3
parent: 2a8dd85ea2cb2631391b3efa3113b9f3f6779028 (diff)
download: pysaml2-74b052f55ead3f711c9b346d1dc7564d6023d5a1.tar.gz
1 files changed, 37 insertions, 0 deletions
diff --git a/src/saml2/mdstore.py b/src/saml2/mdstore.py
index b2bae0a7..7519a20e 100644
--- a/src/saml2/mdstore.py
+++ b/src/saml2/mdstore.py
@@ -418,6 +418,17 @@ class MetaData:
         """
         raise NotImplementedError
 
+    def subject_id_requirement(self, entity_id):
+        """
+        Returns what subject identifier the SP requires if any
+
+        :param entity_id: The entity id of the SP
+        :type entity_id: str
+        :return: RequestedAttribute dict or None
+        :rtype: Optional[dict]
+        """
+        raise NotImplementedError
+
     def dumps(self):
         return json.dumps(list(self.items()), indent=2)
 
@@ -1290,6 +1301,32 @@ class MetadataStore(MetaData):
             if entity_id in _md:
                 return _md.attribute_requirement(entity_id, index)
 
+    def subject_id_requirement(self, entity_id):
+        try:
+            entity_attributes = self.entity_attributes(entity_id)
+        except KeyError:
+            return None
+
+        if "urn:oasis:names:tc:SAML:profiles:subject-id:req" in entity_attributes:
+            subject_id_req = entity_attributes["urn:oasis:names:tc:SAML:profiles:subject-id:req"][0]
+            if subject_id_req == "any" or subject_id_req == "pairwise-id":
+                return {
+                    "__class__": "urn:oasis:names:tc:SAML:2.0:metadata&RequestedAttribute",
+                    "name": "urn:oasis:names:tc:SAML:attribute:pairwise-id",
+                    "name_format": "urn:oasis:names:tc:SAML:2.0:attrname-format:uri",
+                    "friendly_name": "pairwise-id",
+                    "is_required": "true",
+                }
+            elif subject_id_req == "subject-id":
+                return {
+                    "__class__": "urn:oasis:names:tc:SAML:2.0:metadata&RequestedAttribute",
+                    "name": "urn:oasis:names:tc:SAML:attribute:subject-id",
+                    "name_format": "urn:oasis:names:tc:SAML:2.0:attrname-format:uri",
+                    "friendly_name": "subject-id",
+                    "is_required": "true",
+                }
+        return None
+
     def keys(self):
         res = []
         for _md in self.metadata.values():
author	Johan Lundberg <lundberg@sunet.se>	2022-12-09 11:11:08 +0100
committer	Johan Lundberg <lundberg@sunet.se>	2022-12-09 11:11:08 +0100
commit	74b052f55ead3f711c9b346d1dc7564d6023d5a1 (patch)
tree	0919904bbe630a80f79b70080da422fd86780fe3
parent	2a8dd85ea2cb2631391b3efa3113b9f3f6779028 (diff)
download	pysaml2-74b052f55ead3f711c9b346d1dc7564d6023d5a1.tar.gz