diff options
author | Sigmund Augdal <sigmund.augdal@uninett.no> | 2013-06-03 17:27:38 +0200 |
---|---|---|
committer | Sigmund Augdal <sigmund.augdal@uninett.no> | 2013-06-03 17:27:38 +0200 |
commit | 11b777fb1d6d3513bcce14845aea3f0fe4cf7b9f (patch) | |
tree | 309b953b10ee4c805421cbd487f87bcaca2ed150 /src/saml2/client.py | |
parent | f3ec1cd41d9dcf9b96500165433c9b7d91479bb4 (diff) | |
download | pysaml2-11b777fb1d6d3513bcce14845aea3f0fe4cf7b9f.tar.gz |
Allow graceful handling of auth_tkt cookies outliving saml clients cache
If for some reason the session cookie outlives the saml clients cache,
for instance if the webservice is restarted there could be an
inconsistent state where the user is authenticated but saml attributes
are missing and saml logout requests will fail. By using only saml2sp
as authenticator plugin and repoze.who 2.0 this little check will work
around that and require a new login in this case
Diffstat (limited to 'src/saml2/client.py')
-rw-r--r-- | src/saml2/client.py | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/src/saml2/client.py b/src/saml2/client.py index fcca810f..501bccd6 100644 --- a/src/saml2/client.py +++ b/src/saml2/client.py @@ -216,6 +216,14 @@ class Saml2Client(Base): self.users.remove_person(name_id) return True + def is_logged_in(self, name_id): + """ Check if user is in the cache + + :param name_id: The identifier of the subject + """ + identity = self.users.get_identity(name_id)[0] + return bool(identity) + def handle_logout_response(self, response): """ handles a Logout response |