diff options
author | Roland Hedberg <roland.hedberg@adm.umu.se> | 2014-11-12 15:10:36 +0100 |
---|---|---|
committer | Roland Hedberg <roland.hedberg@adm.umu.se> | 2014-11-12 15:10:36 +0100 |
commit | 108a38655dc511675a21f8c9e42d640488e7537b (patch) | |
tree | 8f10ba1fd938e6a91d24afadd9ae4f4f509cb16a /example | |
parent | e2a07fa39cbf430e20581bf359a537fc62ceaf2f (diff) | |
download | pysaml2-108a38655dc511675a21f8c9e42d640488e7537b.tar.gz |
Changes in the MetaDataMDX class to allow for entity id transformation.
Diffstat (limited to 'example')
-rwxr-xr-x | example/idp2/idp.py | 33 |
1 files changed, 21 insertions, 12 deletions
diff --git a/example/idp2/idp.py b/example/idp2/idp.py index efa8e92f..940cb49c 100755 --- a/example/idp2/idp.py +++ b/example/idp2/idp.py @@ -135,8 +135,8 @@ class Service(object): saml_msg["RelayState"], encrypt_cert=_encrypt_cert) except KeyError: - # Can live with no relay state - return self.do(saml_msg["SAMLRequest"], binding) + # Can live with no relay state # TODO or can we, for inacademia? + return self.do(saml_msg["SAMLRequest"], binding, saml_msg["RelayState"]) def artifact_operation(self, saml_msg): if not saml_msg: @@ -400,20 +400,29 @@ class SSO(Service): """ logger.info("--- In SSO POST ---") saml_msg = self.unpack_either() - self.req_info = IDP.parse_authn_request( - saml_msg["SAMLRequest"], BINDING_HTTP_POST) - _req = self.req_info.message - if self.user: - if _req.force_authn: + + try: + _key = saml_msg["key"] + saml_msg = IDP.ticket[_key] + self.req_info = saml_msg["req_info"] + del IDP.ticket[_key] + except KeyError: + self.req_info = IDP.parse_authn_request( + saml_msg["SAMLRequest"], BINDING_HTTP_POST) + _req = self.req_info.message + if self.user: + if _req.force_authn: + saml_msg["req_info"] = self.req_info + key = self._store_request(saml_msg) + return self.not_authn(key, _req.requested_authn_context) + else: + return self.operation(saml_msg, BINDING_HTTP_POST) + else: saml_msg["req_info"] = self.req_info key = self._store_request(saml_msg) return self.not_authn(key, _req.requested_authn_context) - else: - return self.operation(saml_msg, BINDING_HTTP_POST) else: - saml_msg["req_info"] = self.req_info - key = self._store_request(saml_msg) - return self.not_authn(key, _req.requested_authn_context) + return self.operation(saml_msg, BINDING_HTTP_POST) # def artifact(self): # # Can be either by HTTP_Redirect or HTTP_POST |