Added method for handling manage nameid request

1 files changed, 34 insertions, 1 deletions

diff --git a/src/saml2/ident.py b/src/saml2/ident.py
index 94982758..be83496e 100644
--- a/src/saml2/ident.py
+++ b/src/saml2/ident.py
@@ -1,8 +1,10 @@
+import copy
 import shelve
 from hashlib import sha256
 from urllib import quote
 from urllib import unquote
 from saml2.s_utils import rndstr
+from saml2.s_utils import PolicyError
 from saml2.saml import NameID
 from saml2.saml import NAMEID_FORMAT_TRANSIENT
 from saml2.saml import NAMEID_FORMAT_EMAILADDRESS
@@ -202,11 +204,42 @@ class IdentDB(object):
                     return _nid
 
         if name_id_policy.allow_create == "false":
-            return None
+            raise PolicyError("Not allowed to create new identifier")
 
         # else create and return a new one
         return self.construct_nameid(_id, name_id_policy=name_id_policy)
 
+    def handle_manage_name_id_request(self, name_id, new_id="",
+                                      new_encrypted_id="", terminate=""):
+        """
+        Requests from the SP is about the SPProvidedID attribute.
+        So this is about adding,replacing and removing said attribute.
+
+        :param name_id:
+        :param new_id:
+        :param new_encrypted_id:
+        :param terminate:
+        :return:
+        """
+        _id = self.find_local_id(name_id)
+
+        orig_name_id = copy.copy(name_id)
+
+        if new_id:
+            name_id.sp_provided_id = new_id
+        elif new_encrypted_id:
+            # TODO
+            pass
+        elif terminate:
+            name_id.sp_provided_id = None
+        else:
+            #NOOP
+            return True
+
+        self.remove_remote(orig_name_id)
+        self.store(id, name_id)
+        return True
+
     def publish(self, userid, name_id, entity_id):
         """
         About userid I have published nameid to entity_id