Added a method that checks any given return URL against what's registered in metadata.

author: Roland Hedberg <roland.hedberg@adm.umu.se> 2014-03-24 12:25:20 +0100
committer: Roland Hedberg <roland.hedberg@adm.umu.se> 2014-03-24 12:25:20 +0100
commit: c5aa4a2adfd7eee02ed4a3c45f6d7730eaa8d6b2 (patch)
tree: 676ae8a8dd0707ad181fe3142b12f57a74861c67 /src/saml2/discovery.py
parent: b6fe85543a64904928761a45dd3365b87236ff72 (diff)
download: pysaml2-c5aa4a2adfd7eee02ed4a3c45f6d7730eaa8d6b2.tar.gz
1 files changed, 12 insertions, 1 deletions
diff --git a/src/saml2/discovery.py b/src/saml2/discovery.py
index 160b3940..20a7e80c 100644
--- a/src/saml2/discovery.py
+++ b/src/saml2/discovery.py
@@ -62,7 +62,8 @@ class DiscoveryServer(Entity):
 
     # -------------------------------------------------------------------------
 
-    def create_discovery_service_response(self, return_url=None,
+    @staticmethod
+    def create_discovery_service_response(return_url=None,
                                           returnIDParam="entityID",
                                           entity_id=None, **kwargs):
         if return_url is None:
@@ -87,3 +88,13 @@ class DiscoveryServer(Entity):
                 return True
 
         return False
+
+    def verify_return(self, entity_id, return_url):
+        for endp in self.metadata.discovery_response(entity_id):
+            try:
+                assert return_url.startswith(endp["location"])
+            except AssertionError:
+                pass
+            else:
+                return True
+        return False
author	Roland Hedberg <roland.hedberg@adm.umu.se>	2014-03-24 12:25:20 +0100
committer	Roland Hedberg <roland.hedberg@adm.umu.se>	2014-03-24 12:25:20 +0100
commit	c5aa4a2adfd7eee02ed4a3c45f6d7730eaa8d6b2 (patch)
tree	676ae8a8dd0707ad181fe3142b12f57a74861c67 /src/saml2/discovery.py
parent	b6fe85543a64904928761a45dd3365b87236ff72 (diff)
download	pysaml2-c5aa4a2adfd7eee02ed4a3c45f6d7730eaa8d6b2.tar.gz