Allow graceful handling of auth_tkt cookies outliving saml clients cache

If for some reason the session cookie outlives the saml clients cache, for instance if the webservice is restarted there could be an inconsistent state where the user is authenticated but saml attributes are missing and saml logout requests will fail. By using only saml2sp as authenticator plugin and repoze.who 2.0 this little check will work around that and require a new login in this case
author: Sigmund Augdal <sigmund.augdal@uninett.no> 2013-06-03 17:27:38 +0200
committer: Sigmund Augdal <sigmund.augdal@uninett.no> 2013-06-03 17:27:38 +0200
commit: 11b777fb1d6d3513bcce14845aea3f0fe4cf7b9f (patch)
tree: 309b953b10ee4c805421cbd487f87bcaca2ed150 /src/saml2/client.py
parent: f3ec1cd41d9dcf9b96500165433c9b7d91479bb4 (diff)
download: pysaml2-11b777fb1d6d3513bcce14845aea3f0fe4cf7b9f.tar.gz
1 files changed, 8 insertions, 0 deletions
diff --git a/src/saml2/client.py b/src/saml2/client.py
index fcca810f..501bccd6 100644
--- a/src/saml2/client.py
+++ b/src/saml2/client.py
@@ -216,6 +216,14 @@ class Saml2Client(Base):
         self.users.remove_person(name_id)
         return True
 
+    def is_logged_in(self, name_id):
+        """ Check if user is in the cache
+        
+        :param name_id: The identifier of the subject
+        """
+        identity = self.users.get_identity(name_id)[0]
+        return bool(identity)
+        
     def handle_logout_response(self, response):
         """ handles a Logout response
author	Sigmund Augdal <sigmund.augdal@uninett.no>	2013-06-03 17:27:38 +0200
committer	Sigmund Augdal <sigmund.augdal@uninett.no>	2013-06-03 17:27:38 +0200
commit	11b777fb1d6d3513bcce14845aea3f0fe4cf7b9f (patch)
tree	309b953b10ee4c805421cbd487f87bcaca2ed150 /src/saml2/client.py
parent	f3ec1cd41d9dcf9b96500165433c9b7d91479bb4 (diff)
download	pysaml2-11b777fb1d6d3513bcce14845aea3f0fe4cf7b9f.tar.gz