diff options
author | Ivan Kanakarakis <ivan.kanak@gmail.com> | 2020-09-29 12:27:22 +0300 |
---|---|---|
committer | Ivan Kanakarakis <ivan.kanak@gmail.com> | 2020-10-28 00:01:45 +0200 |
commit | 59913a155ce06c6fe4e43ea1b15586e3d59bafb3 (patch) | |
tree | 8accb74f2350925b0593a806c481b767bd432203 /src/saml2/entity.py | |
parent | 524b70d3ef4523b40b999ee2cd0008f41a31c437 (diff) | |
download | pysaml2-feature-logout-response-location.tar.gz |
Return the ResponseLocation before falling back to Locationfeature-logout-response-location
ResponseLocation [Optional]
Optionally specifies a different location to which response messages sent as part of
the protocol or profile should be sent. The allowable syntax of this URI depends on
the protocol binding.
The ResponseLocation attribute is used to enable different endpoints to be specified for
receiving request and response messages associated with a protocol or profile, not as a
means of load-balancing or redundancy (multiple elements of this type can be included
for this purpose). When a role contains an element of this type pertaining to a protocol
or profile for which only a single type of message (request or response) is applicable,
then the ResponseLocation attribute is unused. [E41]If the ResponseLocation attribute is
omitted, any response messages associated with a protocol or profile may be assumed to
be handled at the URI indicated by the Location attribute.
ArtifactResolutionService, SingleSignOnService and NameIDMappingService MUST omit the
ResponseLocation attribute. This is enforced here, but metadata with such service
declarations and such attributes should not have been part of the metadata store in the
first place.
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
Diffstat (limited to 'src/saml2/entity.py')
-rw-r--r-- | src/saml2/entity.py | 20 |
1 files changed, 9 insertions, 11 deletions
diff --git a/src/saml2/entity.py b/src/saml2/entity.py index fad9326a..c9572aef 100644 --- a/src/saml2/entity.py +++ b/src/saml2/entity.py @@ -53,7 +53,7 @@ from saml2.samlp import ArtifactResponse from saml2.samlp import Artifact from saml2.samlp import LogoutRequest from saml2.samlp import AttributeQuery -from saml2.mdstore import destinations, response_destinations +from saml2.mdstore import all_locations from saml2 import BINDING_HTTP_POST from saml2 import BINDING_HTTP_REDIRECT from saml2 import BINDING_SOAP @@ -249,8 +249,9 @@ class Entity(HTTPBase): return info - def pick_binding(self, service, bindings=None, descr_type="", request=None, - entity_id="", response=False): + def pick_binding( + self, service, bindings=None, descr_type="", request=None, entity_id="" + ): if request and not entity_id: entity_id = request.issuer.text.strip() @@ -284,10 +285,8 @@ class Entity(HTTPBase): if srv["index"] == _index: return binding, srv["location"] else: - if response: - return binding, response_destinations(srvs)[0] - else: - return binding, destinations(srvs)[0] + destination = next(all_locations(srvs), None) + return binding, destination except UnsupportedBinding: pass @@ -352,10 +351,9 @@ class Entity(HTTPBase): else: descr_type = "spsso" - binding, destination = self.pick_binding(rsrv, bindings, - descr_type=descr_type, - request=message, - response=True) + binding, destination = self.pick_binding( + rsrv, bindings, descr_type=descr_type, request=message + ) info["binding"] = binding info["destination"] = destination |