diff options
author | Johan Lundberg <lundberg@sunet.se> | 2022-12-09 11:11:08 +0100 |
---|---|---|
committer | Johan Lundberg <lundberg@sunet.se> | 2022-12-09 11:11:08 +0100 |
commit | 74b052f55ead3f711c9b346d1dc7564d6023d5a1 (patch) | |
tree | 0919904bbe630a80f79b70080da422fd86780fe3 | |
parent | 2a8dd85ea2cb2631391b3efa3113b9f3f6779028 (diff) | |
download | pysaml2-74b052f55ead3f711c9b346d1dc7564d6023d5a1.tar.gz |
add ability to get required subject id as a RequestedAttribute dict
-rw-r--r-- | src/saml2/mdstore.py | 37 |
1 files changed, 37 insertions, 0 deletions
diff --git a/src/saml2/mdstore.py b/src/saml2/mdstore.py index b2bae0a7..7519a20e 100644 --- a/src/saml2/mdstore.py +++ b/src/saml2/mdstore.py @@ -418,6 +418,17 @@ class MetaData: """ raise NotImplementedError + def subject_id_requirement(self, entity_id): + """ + Returns what subject identifier the SP requires if any + + :param entity_id: The entity id of the SP + :type entity_id: str + :return: RequestedAttribute dict or None + :rtype: Optional[dict] + """ + raise NotImplementedError + def dumps(self): return json.dumps(list(self.items()), indent=2) @@ -1290,6 +1301,32 @@ class MetadataStore(MetaData): if entity_id in _md: return _md.attribute_requirement(entity_id, index) + def subject_id_requirement(self, entity_id): + try: + entity_attributes = self.entity_attributes(entity_id) + except KeyError: + return None + + if "urn:oasis:names:tc:SAML:profiles:subject-id:req" in entity_attributes: + subject_id_req = entity_attributes["urn:oasis:names:tc:SAML:profiles:subject-id:req"][0] + if subject_id_req == "any" or subject_id_req == "pairwise-id": + return { + "__class__": "urn:oasis:names:tc:SAML:2.0:metadata&RequestedAttribute", + "name": "urn:oasis:names:tc:SAML:attribute:pairwise-id", + "name_format": "urn:oasis:names:tc:SAML:2.0:attrname-format:uri", + "friendly_name": "pairwise-id", + "is_required": "true", + } + elif subject_id_req == "subject-id": + return { + "__class__": "urn:oasis:names:tc:SAML:2.0:metadata&RequestedAttribute", + "name": "urn:oasis:names:tc:SAML:attribute:subject-id", + "name_format": "urn:oasis:names:tc:SAML:2.0:attrname-format:uri", + "friendly_name": "subject-id", + "is_required": "true", + } + return None + def keys(self): res = [] for _md in self.metadata.values(): |